Mr. Speaker, I will ask the chamber's indulgence, before I get into the crux of my speech, to just acknowledge the passing of a long-time family friend back in my riding, Marie Christie, who passed away on the 13th of this month in her 97th year.
Her family settled in my neck of the woods, just a few kilometres from my home farm, back in 1856. She was part of the Arran Tara Fall Fair board as a director for over 55 years. She was a 40-plus-year member of the Royal Canadian Legion Ladies Auxiliary and a life member of the Legion Branch 144 (Chesley). Marie's legacy of kindness, love and spark will live on in our memories for generations. A celebration of life is ongoing this afternoon, and I want to pass on my deepest condolences to the whole extended Christie family. Marie made a difference and she will be missed by each and every person that ever had the privilege to meet her.
We are here today to talk about Bill C-22. I am going to primarily focus my speech on why this piece of legislation around lawful access is so important. I am going to then spend a lot of time talking about key concerns around the terminology, especially around the concept of back doors. I am going to do this primarily by leveraging the National Security and Intelligence Committee of Parliamentarians' report on lawful access that was submitted to the Prime Minister back on March 4 last year. Unfortunately, it was not tabled in Parliament until September 15.
Finally, I am going to talk about why I believe the Liberal government is failing on communicating on this important piece of legislation. Bill C-22 has three parts: Part 1 provides new tools for law enforcement to access digital information; part 2 provides a framework that ensures electronic service providers establish and maintain a system capable of providing the information that law enforcement is authorized to access; and part 3 mandates a review of the act three years after the provisions come into force.
For those wanting a good explanation of the breakdown of all three parts, I encourage everyone to review the speeches by my Conservative colleagues for Parkland, Medicine Hat—Cardston—Warner, Kamloops—Thompson—Nicola and Brantford—Brant South—Six Nations, and even the Minister of Justice's intervention on Bill C-22.
Why do we need lawful access in Canada? The NSICOP report, paragraph 198, states:
Lawful access represents one of the most intrusive powers of the state in the protection of national security. Accordingly, Canadians expect strong safeguards for its use, including that it be prescribed by law, serve a legitimate purpose, and be necessary and proportionate. Canadians rightfully want to understand any proposals for new tools and authorities to security and intelligence organizations that have implications for their privacy. However, Canadians also expect security and intelligence organizations to have the tools, policies, and lawful authorities in place to conduct lawful access techniques. The Committee thinks Canadians would be surprised to learn how difficult it actually is for security and intelligence agencies to do so.
Paragraph 200 states:
The Committee is equally concerned that, if left unaddressed, these challenges will undermine Canada’s national security in the long term by increasingly hampering the ability of CSIS and the RCMP to fulfil their respective mandates. The failure to respond to these challenges may also impede Canada’s continued ability to benefit from Five Eyes efforts to detect and respond to security threats if it cannot meaningfully contribute to this partnership.
Paragraph 202 of the report states:
It is critical, however, that the government approach these issues proactively. There are examples internationally of like minded democracies having hurriedly passed controversial lawful access legislation in response to serious national security events. Parliamentarians should have the opportunity to debate new legislation about lawful access with clear eyes and careful consideration, not in a rushed, emotional debate in reaction to a national tragedy. The longer these issues are kept on the backburner, the more the government opens itself up to the risk of following a similar path.
Now I want to get to the idea of intercept capability and the issue of back doors.
Paragraph 104 states:
Policy debates about how to respond to the challenge of encryption have included proposals that the government could require companies to create exceptional access to encryption programs, or backdoors, for security and intelligence organizations. CCCS defines a backdoor as an “undocumented, private, or less detectable-way of gaining remote access to a computer, bypassing authentication measures, and obtaining access to plaintext.” The Citizen Lab states, “[o]nce a backdoor is created, there is no practical guarantee that only state agencies will walk through it. This fundamental flaw makes exceptional access systems an inherent threat to persons who rely on encrypted communications products.” This view is echoed by many cybersecurity experts.
Continuing on in the report:
CSE told the Committee that it also has a concern with backdoors. While it noted that “there are means of creating technical solutions which are currently considered secure,” it stated that it would have a concern with legislation compelling CSPs or software providers to implement backdoors, which could compromise the cybersecurity more generally.
According to the RCMP, backdoors “create vulnerabilities and can weaken the overall security of a network; they create valid security concerns given the potential for these vulnerabilities to be exploited by criminals or other hostile actors. Recognizing the need to protect sensitive information and maintain individuals’ right to privacy, the RCMP does not advocate for the creation of ‘backdoors’ into CSPs’ networks. Instead, it would be safer and more beneficial for law enforcement and national security agencies to be able to leverage the information already accessible by CSPs.”
Some cybersecurity experts and privacy advocates, however, consider lawful intercept capability a backdoor, citing that there is “no such thing as a security backdoor that is only for the ‘good guys.’” Others similarly contend that while it might be argued that “surveillance technology can be built securely and without risk of penetration by hostile forces,” the “track record is not encouraging.”
Neither CSIS or RCMP view intercept capability as a backdoor, because it does not compromise encryption platforms or software. They instead regard the judicially authorized practice of using tools built into a CSP’s system, which are encryption neutral, as using the “front door.”
From paragraph 172, “Importantly, the committee did not hear any government official call for legislation to compel the creation of exceptional access or 'backdoors' to get around encryption.”
Long-winded, but that is all from the report.
This is where I want to get to the issues that I am hearing from constituents and even during debate here in the House, and where the Liberal government is failing.
First off, I talked about this a bit earlier, the Liberals tabled omnibus Bill C-2, which included a few clauses on lawful access. However, the bill was focused on everything from border security and immigration to banning cash transactions, and was doomed to fail from the start. Both Bill C-12 and Bill C-22 are the appropriate compromises as a result. Again, I mentioned this earlier.
Unfortunately, the government's delay of the NSICOP report on lawful access hindered the ability to fully leverage the extensive work done by this bicameral, all-recognized-party committee that only includes findings and recommendations that have unanimous support of all its members. Again, I mentioned this was given to the Prime Minister on March 4, but not tabled here in Parliament until September 15, despite my encouraging a number of the Liberal government ministers to table it back in June.
Here is a key paragraph from the report that will highlight the ongoing challenges around debate. Paragraph 175:
The Committee also observed that privacy and cybersecurity advocates and national security practitioners appear to be talking past one another in debates about encryption and exceptional access for law enforcement and intelligence organizations. As stakeholders debate policy initiatives or legislation, it will be critical for both sides to ensure a common understanding of key concepts. For the government, the Committee suggests that a robust, transparent communication strategy, which explains technical concepts in detail, is fundamental.
Unfortunately, this is where the Liberals' current communications strategy is failing to address this need and needs to be rectified.
In conclusion, Canada absolutely needs updated legislation around lawful access. There have been been calls for this for decades and former governments have tried to, unfortunately, no success.
In my opinion, Bill C-22 is the initial step to get us there. However, I fully believe that Bill C-22 needs full scrutiny at committee and that we, parliamentarians, need to be sure we are talking the same language and addressing the same concerns. In my opinion, the Liberal government is absolutely failing at addressing “a common understanding of key concepts” with respect to Bill C-22. It still has time to fix this.