SoVote

The Assistant Deputy Speaker (Mrs. Alexandra Mendès)

Mar/6/23 3:43:36 p.m.
Watch

Is that agreed? Some hon. members: Agreed.

7 words

Mar/6/23 3:43:42 p.m.
Watch

Question No. 1134—

Questioner: Blake Desjarlais

With regard to government policies on funding directed towards First Nations, Inuit and Métis people, broken down by department since fiscal year 2015-16: (a) what policies, processes, and protocols exist to validate claims of Indigenous ancestry or Indigenous community; (b) what reviews or audits have been conducted to ensure that government funding has not been delivered to individuals, organizations, or companies that falsely claim an Indigenous identity; (c) is the government aware of any funding that has been allocated to individuals, organizations, or companies that falsely claimed an Indigenous identity; and (d) for each funding allocation in (c), how much funding has been recalled on the basis of false claims of Indigenous identity?

118 words

All Topics

Mr. Kevin Lamoureux

Mar/6/23 3:43:42 p.m.
Watch

Madam Speaker, I would ask that all questions be allowed to stand at this time.

15 words

The Assistant Deputy Speaker (Mrs. Alexandra Mendès)

Mar/6/23 3:43:47 p.m.
Watch

Is that agreed? Some hon. members: Agreed.

7 words

Mr. Kyle Seeback (Dufferin—Caledon, CPC)

Mar/6/23 3:44:10 p.m.
Watch
Re: Bill C-26 Bill C-21 Bill C-11

Madam Speaker, it took eight long years for the Liberal government to recognize that cybersecurity threats exist in this country and around the world. Congratulations to them for coming to the party a little late. The Liberals have now presented a bill to try to address issues of cybersecurity in the country. As I said, it took them eight years to get there, but I have to say I am pleased that the Liberals have decided to finally do something. I look forward to this bill being passed so that it can be extensively studied at committee. There are some things in this bill that are good. I know praising the Liberal government is strange territory for me, but I will say that the bill would give the government some tools to respond quickly to cyber-threats. There is currently no explicit legislative authority in the Telecommunications Act to ensure that telecom providers are suitably prepared for cyber-attacks. This is a good reason why this bill should probably move forward to committee to be studied. The challenge I have, though, includes a whole number of things. My issue with the government is trust. While I do want this legislation to go to committee, I have extraordinary concerns about this bill. Many of these concerns have been raised by many groups across the country, and I do want to speak to some of those in the probably somewhat whimsical hope that the government will listen and take some of these amendments seriously. There has been a very bad track record of the government responding to concerns from the opposition or from outside organizations with respect to legislation. There is a view that the Liberals are going to do what they want to do on pieces of legislation and that they really do not care what other people have to say. I am very concerned that the government is not going to listen to the very serious concerns that have been raised about this bill. I have my own concerns when I look at how the government has behaved with respect to other pieces of legislation. We have to look at Bill C-11. There has been a multitude of organizations that have said the bill needs further amendment. Margaret Atwood has said that she has grave concerns about the legislation, that she supports the intent but has grave concerns about the implementation and how it is going to affect artists and content creators. We have had folks who compete in the YouTube sphere who have raised all kinds of concerns about Bill C-11, and the government's response has been that it does not care what they have to say, and that it is going forward with the legislation as it is. The Senate has made a number of amendments to Bill C-11. I suspect the government's attitude is going to be the same, which is that it does not care what the amendments are and that it is going to proceed with the bill as it sees fit. We also have only to look to Bill C-21 as well. We had the minister clearly not aware of what constituted a hunting rifle and a hunting gun. The Liberals introduced amendments at committee, and it took extraordinary push-back from Canadians from coast to coast to coast to get them to wake up and withdraw those amendments that they had put in at the last minute. What it speaks to is that, despite having at its disposal the entire apparatus of the Canadian government, the Liberals are still unable to get legislation right. It takes an enormous amount of effort and hue and cry across the country saying that this has to stop and that this has to be changed. If there is not a massive uprising, the government tends not to listen to the legitimate concerns of other constituents or other groups when it introduces legislation. With that context, it is why I have real concerns that the government is not going to listen to some of the serious concerns that have been raised with respect to Bill C-26. I am going to go through some of those. The Canadian Civil Liberties Association has some very serious concerns. It has issued a joint letter that says that the bill is deeply problematic and needs fixing, because it risks undermining our privacy rights and the principles of accountable governance and judicial due process. This is a big bell that is going off, and I hope the government is listening. As I have said, I do not have a lot of faith, given other pieces of legislation where thoughtful amendments have been put forward and the government decided not to do anything with them. I want to enumerate a few of the concerns from the Canadian Civil Liberties Association. On increased surveillance, it says that the bill would allow the federal government “to secretly order telecom providers” to “do anything or refrain from doing anything necessary...to secure the Canadian telecommunications system, including against the threat of interference, manipulation or disruption”. That is a pretty broad power. Where is the government putting the guardrails in that would limit the effects of this or protect the privacy rights of Canadians? That is something I think is incredibly concerning. On the termination of essential services, Bill C-26 would allow the government to bar a person or a company from being able to receive specific services and bar any company from offering these services to others by secret government order. Where are we going to have the checks and safety checks on this? Unfortunately, I am not in a position where I think I can trust the government to do the right thing on these things. We have seen it through vaccine mandates, in the legislation on Bill C-21 and in how the Liberals are trying to push through Bill C-11 without listening to reasoned amendments. If reasonable concerns are raised about Bill C-26, I just do not have faith the Liberals are going to take those concerns seriously and make the amendments that are necessary. I really hope they do. On undermining privacy, the bill would provide for the collection of data from designated operators, which would potentially allow the government to obtain identifiable and de-identified personal information and subsequently distribute it to domestic, and perhaps foreign, organizations. When someone takes the de-identified personal information of Canadians and does not say how they are going to deal with it or what protections they have in place to make sure it is not misused, what happens in the event that they take that information and somehow there is a government breach? Where does that information go? These are things I think we should be extraordinarily concerned about. There was also an analysis provided with respect to this by Christopher Parsons, in a report subtitled “A Critical Analysis of Proposed Amendments in Bill C-26 to the Telecommunications Act”. Parsons raises concerns about vague language. The report notes that key terms in the bill, such as “interference”, “manipulation” and “disruption”, which trigger the government's ability to make orders binding on telecom service providers, are unidentified. Where are the guardrails in the legislation to prevent government overreach and therefore protect Canadians? This is something that I think all Canadians should be watching and be very concerned about. They should be letting their voices be heard by the government on this. The report talks about how the minister of industry's scope of power to make orders is also undefined. We would be giving a whole host of undefined powers to the minister and the government that would allow them to have all kinds of sensitive information. These are things that may be necessary, but I do not know. They are highly concerning to me. They should be highly concerning to Canadians, and I hope the government will hear from real experts at committee. Let us not have a two-day committee study where we think Bill C-26 is perfect as it is and bring it back to the House of Commons, bring in time allocation or closure and pass it through. We have seen that story before, and we do not want to see it with the piece of legislation before us. My really big hope is that the government is going to take the time to really consider the seriousness and breadth of Bill C-26 and make sure we have the ways to protect Canadians. I just want to add that the Business Council of Canada has released its own letter to the Minister of Public Safety, expressing its incredibly deep concerns with respect to the bill: there is a lack of a risk-based approach, information sharing is one-way and the legal threshold for issuing directions is too low. There are three reports, right there, that are outlining significant concerns with Bill C-26, and I, for one, just do not believe the government is going to listen or get it right. It does not have the track record of doing so, but I am hoping it will, because cybersecurity is incredibly serious as we move toward a digital economy in so many ways. I really hope the government is going to listen to these things, take them seriously, do the hard work at committee and bring forward whatever amendments need to be brought forward, or, if the amendments are brought forward by the opposition, listen to and implement those amendments.

1614 words

All Topics

Ms. Bonita Zarrillo (Port Moody—Coquitlam, NDP)

Mar/6/23 3:53:54 p.m.
Watch
Re: Bill C-26

Madam Speaker, the NDP sees the growing threat of cybersecurity, and we also see that Canada is far behind. However, we have concerns about transparency, and I know that the NDP member for Cowichan—Malahat—Langford has been instrumental in strengthening and making bills that the Liberals have brought to the floor more appropriate, so I have more than enough confidence that the NDP will ensure Canadians get the transparency and protection they believe in. My question for the member is whether he could speak to the point that the government legislation before us would allow for a complete exemption from the Statutory Instruments Act. That would mean such orders could not be reviewed by Parliament through the scrutiny of the regulations committee. I wonder if I could get some comments on that.

135 words

Mr. Kyle Seeback

Mar/6/23 3:54:49 p.m.
Watch
Re: Bill C-26

Madam Speaker, I would just add that to the list of things I am concerned about with this particular piece of legislation. I am glad and encouraged that the member has stated that New Democrats are going to try to strengthen this piece of legislation. I hope they do that. They talk about wanting transparency and I hope they are going to work really hard for transparency on this. Conservatives would love to see transparency at a different committee, where we are trying to get someone to come and testify. Maybe the New Democrats can bring their love for transparency to that other committee and we can have PMO officials testify there.

112 words

Mr. Randy Hoback (Prince Albert, CPC)

Mar/6/23 3:55:29 p.m.
Watch
Re: Bill C-26

Madam Speaker, one of the things I have heard in talking to universities and different groups is that one of the faults of this piece of legislation is that they have to share this information with the government when they have been attacked, but it is a one-way street. When they see an attack happen, they share it with the government, but there is no information given to other businesses to help them protect against attacks similar to that in nature. Could the member talk about why it is important and what it means to companies when they are attacked and how it can hurt not only their bottom line? Indigo, for instance, would be a good example of what happens when there is a cybersecurity attack.

128 words

Mr. Kyle Seeback

Mar/6/23 3:56:06 p.m.
Watch
Re: Bill C-26

Madam Speaker, everyone here knows how serious cyber-attacks are. I often get a notification from Google that says it believes one of my passwords was exposed in a hack of some other organization and that I should take steps to make sure the password is not used in any other applications. We know that the threat of cyber-attacks exists and we know the damage caused. What I go back to is that we know we need to do something, and I am glad that the government is doing it. It has taken it eight years, but it is finally here trying to deal with this issue. What it has to do is make sure that every voice on this is heard, whether it is industry saying it needs some information back, or whether it is others saying the threshold for some of these things is too low or asking what guardrails are put in place on some of the things. The government has a lot of work to do and I hope it is willing to do it at committee.

182 words

Mr. Don Davies (Vancouver Kingsway, NDP)

Mar/6/23 3:57:09 p.m.
Watch
Re: Bill C-26

Madam Speaker, I think everybody in the House agrees that we need to up our game in this country to protect Canadians and our society from cyber-attacks. My specific question has to do with certain specific vulnerable groups. I am thinking of young people, particularly teenagers between the ages, say, of 13 and 19. Even more particularly I am thinking of young girls and women who may be subject to all sorts of cyber-bullying and other offences, as well as seniors who can be victims of cyber-fraud. I am wondering if my hon. colleague has any thoughts as to how Bill C-26 might impact those particularly vulnerable groups and what suggestions he may have legislatively to help protect them.

123 words

Mr. Kyle Seeback

Mar/6/23 3:57:55 p.m.
Watch
Re: Bill C-26

Madam Speaker, that is a pretty tough question to answer in about two minutes. As the father of a 16-year-old daughter, I am constantly worried about what is going on in the cybersphere for her, whether or not there is an instance of bullying going on. There have certainly been episodes of bullying in her real life. I know that at one point she was eating her lunch in the bathroom because she was being bullied by some folks. Online harassment and bullying are serious problems. I do not know enough about this particular piece of legislation to know if it would actually deal with that, but if not, I really hope that it would. We have a lot of work do for seniors who are vulnerable to these things. This is something the government has to take on. Whether or not it is just waking up to it now as part of this bill, we need to educate seniors. I host events like this with seniors, where we let them know about the threats of cybersecurity and other things. The government needs to pick up the ball on that a little more as well.

197 words

Mr. Doug Shipley (Barrie—Springwater—Oro-Medonte, CPC)

Mar/6/23 3:59:00 p.m.
Watch
Re: Bill C-26

Madam Speaker, I am proud to rise in the House today to speak to this important legislation on behalf of the good people of Barrie—Springwater—Oro-Medonte. I am pleased to see Bill C-26 come forward in the House. Improving the resiliency of our critical infrastructure is of the utmost importance to our national security and the everyday safety of Canadians. This legislation consists of two separate parts. The first portion, among other things, would give the Governor in Council powers to order telecommunications providers to secure their systems against threats and to remove malicious actors from our telecommunications infrastructure. The second portion would create the critical cyber systems protection act, which would establish a cybersecurity compliance framework for federally regulated critical infrastructure operators. This would specifically regulate the sectors of finance, telecommunications, energy and transportation. I believe that in principle, this legislation appears promising. I think we can all agree that we need a robust cybersecurity framework in Canada. However, it is worth noting that under the current government, we have done the least to bolster our resilience to cyber-attacks compared to all other Five Eyes partners. We lag behind our western allies in national security, and as such, Canada has failed to secure our critical infrastructure against complex and ever-evolving cyber-threats in the modern world. Therefore, before I get into the specific merits and deficiencies of this legislation, I want to speak about the emerging threats to our critical infrastructure and the pressing need to protect our national security. Threats to our critical infrastructure are real and imminent. In fact, Caroline Xavier, chief of the Communications Security Establishment, or CSE, recently testified before the public safety and national security committee and stated, “cybercrime is the most prevalent and most pervasive threat to Canadians and Canadian businesses.” She also noted, “Critical infrastructure operators and large enterprises are some of the most lucrative targets.” While there are several forms of cyber-attacks that our critical infrastructure operators are vulnerable to, the Canadian Centre for Cyber Security has noted in its most recent annual national cyber-threat assessment that ransomware is the most disruptive form of cybercrime facing Canadians and that critical infrastructure operators are more likely to pay ransoms to cybercriminals to avoid disruption. For example, in 2018, cybercriminals deployed a malicious software and successfully held the city hall of a municipal government in Ontario hostage, which resulted in that government paying $35,000 to the hackers to avoid disruption. However, this is not always an effective strategy. A survey of Canadian businesses found that only 42% of organizations that paid ransoms to cybercriminals had their data completely restored. In 2021, the CSE stated that it was informed of 304 ransomware incidents against Canadian victims, with over half of them in critical infrastructure. However, it acknowledged that cyber-incidents are significantly under-reported, and the true number of victims is much higher. The enormous economic toll that these cyber-breaches have on Canadian companies is worth noting. According to IBM, in 2022, the average cost of a data breach, which includes but is not limited to ransomware, to Canadian firms was $7 million. There is currently no framework to ensure that companies report when they are victims of these attacks. I will acknowledge that the legislation before us takes steps to address this pervasive issue that Canadians are facing; however, it is certainly an overdue effort. We saw the damage a cyber-attack of this magnitude can cause in May 2021, when a U.S. energy company was subject to a ransomware attack carried out by a Russian-based criminal group that successfully extorted roughly $4.3 million in coin-based currency. As members may remember, this attack disrupted the largest fuel line in the U.S. for five days and led to President Biden calling a national state of emergency. In 2021, at the U.S. Senate committee on homeland security, the CEO of that company testified that he had no emergency preparedness plan in place that specifically mentioned “ransom or action to ransom”. This incident underscores the fact that we as a country must enhance preparedness and improve the resiliency of our critical infrastructure in order to avoid similar incidents. Therefore, I am pleased to see this proposed legislation come forward. However, it is worth noting that this is the first substantive legislative response to this issue during the government’s tenure, despite a steady increase in cyber-threats over the years. The entirety of our federally regulated critical infrastructure is connected to the Internet in some way, and it is extremely important to prevent malicious actors from setting up on our infrastructure and attacking it. Previously, there has been no mechanism for the government to formally remove a company from our telecommunications networks. The clearest example of the need for this mechanism would be the controversy surrounding Huawei, a company that was part of the design of our 5G networks despite glaring national security concerns related to its activities and relationship to the Communist Party in Beijing. It is a significant move that this company will be kicked off our servers, but it is a delayed one. We know that under China's national intelligence law, the CCP has the authority to instruct any company to hand over information to support, assist and co-operate with state intelligence work. Accordingly, we ought to be cautious and avoid contracting with companies that could potentially compromise the security of our critical infrastructure. It is certainly positive that Canada will be able to kick malicious actors such as Huawei off our networks. However, many have noted that we lessened our credibility among the Five Eyes nations due to our delayed response to this issue. Indeed, the United States lobbied Canada for years to exclude Huawei from our 5G mobile networks and warned that it would reconsider intelligence sharing with any countries that use Huawei equipment. In some respects, this legislation is a positive step toward establishing a baseline standard of care for organizations whose functions are integral to our critical infrastructure. As I have previously mentioned, incidents of cyber-attacks often go unreported or under-reported. This legislation's mandatory reporting mechanism, which specifies that a designated operator must immediately report an incident to the CSE and the appropriate regulator, is a welcome step toward addressing this issue. However, the act does not prescribe any timeline or give any other information as to how “immediately” should be interpreted by an operator. As I have just laid out, there are aspects of this legislation that my Conservative colleagues and I fully support. However, I have concerns with several elements of the bill. First and foremost, there is a complete lack of oversight over the sweeping new powers afforded to the cabinet ministers, regulators and government agencies mentioned in this legislation. Alongside a lack of oversight, there is little information on the breadth of what the government might order a telecommunications operator to do. It is evident that this bill draws on much of Australia's legislative model, which was first introduced in 2018 and eventually amended. However, we did not follow suit in terms of the oversight measures Australia included in its critical infrastructure protection act. Notably, Australia introduced political accountability mechanisms alongside its legislation, including a requirement for regular reporting, an independent review and the production of a written report. The Conservatives would like to see annual reporting from the minister on what actions have been taken and a public disclosure of the orders that the government is making under these newly afforded powers. In terms of concerns from the public, we have heard from a number of organizations that are concerned that elements of this legislation undermine the privacy rights of Canadians. In September of last year, several privacy rights organizations signed an open letter to the Minister of Public Safety, which laid out their concerns with Bill C-26. For example, they were concerned about the sweeping new powers this legislation would give to the government over access to the personal data of Canadians and the data of companies. They noted that Bill C-26 “may enable the government to obtain identifiable and de-identified personal information and subsequently distribute it to domestic, and perhaps foreign, organizations.” I think we can all agree that while enacting measures to improve the resilience of our critical infrastructure is of the utmost importance, civil liberties and privacy must be fully respected when drafting those measures. On the other hand, we have heard from stakeholders who are concerned about the regulatory burden this legislation may have on businesses, especially small and medium enterprises. Many stakeholders have noted that the high costs and business impacts of a cyber-incident already incentivize companies to ensure rigorous cybersecurity protocols. Recent statistics released by Statistics Canada found that in 2021, Canadian businesses spent over $10 billion on cybersecurity, a 41% increase compared to 2019. Many stakeholders have noted that the proposed penalties related to this act, which reach up to $15 million and five years of jail time, are touted as being intended to promote compliance rather than to punish. However, I think we can all agree that a $15-million fine would indeed be unduly punitive on a small business that may be subject to this act. Therefore, we must ensure that fines and compliance costs are distributed evenly so as not to stifle competition and endanger the viability of small and medium enterprises in our critical infrastructure sectors. Finally, we face a problem related to definitions and the scope of this bill. Various terms are not defined, including what constitutes a cyber-incident, and it is not immediately clear how the government will determine who is subject to this legislation. I look forward to receiving an explanation from the government to demystify some of the vague language found within it. To conclude, a threat to our critical infrastructure is a threat to our national security. I think all parties agree that the government must take strong and immediate action against cyber-attacks. We support this bill in principle, but we believe that it needs to be amended significantly to ensure greater transparency and accountability from the government and future governments. I look forward to studying and amending this bill at the public safety committee with my colleagues across all parties.

1744 words

Mr. Don Davies (Vancouver Kingsway, NDP)

Mar/6/23 4:09:20 p.m.
Watch
Re: Bill C-26

Madam Speaker, like my colleague, I think we are broadly supportive of the aims and principles of this bill but have some significant concerns about many of the details. This includes that the bill would open the door to new surveillance obligations; would allow the termination of essential services, perhaps without due process; may undermine privacy; lacks guardrails to constrain abuse; and has some relatively disturbing secrecy provisions that would obviate the minister from having to be accountable to Parliament by publishing the measures he takes. Among the many concerns expressed about the bill, which ones does the member find the most troubling that he would like addressed at the committee stage?

112 words

Mr. Doug Shipley

Mar/6/23 4:10:04 p.m.
Watch
Re: Bill C-26

Madam Speaker, all of those are legitimate concerns that we will be addressing at the public safety committee if and when this bill gets there. I do not know if I can rank them today, because I think they are all significant. Everybody has different issues that come to mind based on what is most important to them. Obviously, privacy is one of the most important things to people. What I mentioned in my speech was the ability for companies to still manage themselves once these fines have been imposed. We do not want to put out of business the small and medium-sized companies that have already had cyber-attacks, and then give a fine on top of that. There are many things we need to address in committee. I am looking forward to studying the bill with my colleagues from all sides when it gets there.

148 words

Mr. Simon-Pierre Savard-Tremblay (Saint-Hyacinthe—Bagot, BQ)

Mar/6/23 4:10:49 p.m.
Watch
Re: Bill C-26

Madam Speaker, there has been a lot of talk about TikTok and the fact that it could be used as a tool for interference. In fact, I closed my account at that time and, like everyone else, removed the app from my device. What does my colleague think about apps like WeChat, which are known to be spying platforms? What does he think about the fact that a G7 parliament, like Canada's, has been using Zoom for years, a Chinese app that once interrupted a live meeting of Chinese dissidents? It is disturbing, to say the least.

99 words

Mr. Doug Shipley

Mar/6/23 4:11:30 p.m.
Watch
Re: Bill C-26

Madam Speaker, to be quite candid, I have two teenage boys who are always kidding that I am a bit of a dinosaur when it comes to different social media platforms. I have never had TikTok. I do not know much about it, but I understand there have been a lot of issues with it. I think with all of our social media platforms, we need to stop, review them and look at who is taking information from them, because a lot of information can be gleaned from them. We jumped into this new media method many years ago without knowing the direction and road it was going to take. Now that we are well down it, I think it is time we looked at all these different platforms and realized what information is being taken from them.

138 words

Mr. Tony Van Bynen (Newmarket—Aurora, Lib.)

Mar/6/23 4:12:21 p.m.
Watch
Re: Bill C-26

Madam Speaker, it is with great pleasure that I rise to discuss Bill C-26, an act respecting cybersecurity. I will be addressing elements of the legislation that deal with securing Canada's telecommunications system. As Canadians rely more and more on digital communication, it is critical that our telecommunications system is secure. Let me assure the House that the Government of Canada takes the security of that system seriously. That is why we conducted a review of 5G technology and the associated security and economic considerations. It is clear that 5G technology holds lots of promise for Canadians: advanced telemedicine, connected and autonomous vehicles, smart cities, clean energy, precision agriculture, smart mining, and lots more. However, our security review also made it clear that 5G technology will introduce new security concerns that malicious actors could exploit. Hostile actors have long sought and will continue to seek to exploit vulnerabilities in our telecommunications system. The Canadian Security Intelligence Service recognized this in its most recent public annual report. The report said, “Canada remains a target for malicious cyber-enabled espionage, sabotage, foreign influence, and terrorism related activities, which pose significant threats to Canada’s national security, its interests and its economic stability.” The report said that cyber-actors conduct malicious activities to advance their political, economic, military, security and ideological interests. These actors seek to compromise government and private sector computer systems by manipulating their users or exploiting security vulnerabilities. The CSIS report also highlighted the increasing cyber-threat that ransomware poses. The Communications Security Establishment has similarly raised concerns about threats like ransomware in recent public threat assessments. We have seen how such attacks by criminal actors threaten to publish victims' data or block access to it unless a ransom is paid. It is not just cybercriminals doing this. CSIS has warned that state actors are increasingly using these tactics, often through proxies, to advance their objectives and evade attribution. To be sure, Canadians, industry and government have worked hard to this point to defend our telecom system, but we must always be alert and always be guarding against the next attacks. This has become more important as people are now often working remotely from home office environments, and the challenges are accentuated by the 5G technology. In 5G systems, sensitive functions will become increasingly decentralized to be able to be faster where speed is needed. We all recognize cell towers in our communities and along our highways, and 5G networks will add a multitude of smaller access points in order to increase speeds. The devices the 5G network will connect to will also grow exponentially. Given the greater interconnectedness and interdependence of 5G networks, a breach in this environment could have a more significant impact on the safety of Canadians than with the older technology. Bad actors could have more of an impact on our critical infrastructure than before. The security review we conducted found that, for Canada to reap the benefits of 5G, the government needs to be properly equipped to promote the security of the telecommunications system. We need to be able to adapt to the changing technology and the threat environment. Now, for these reasons, we are proposing amendments to the Telecommunications Act. The amendments would ensure that the security of our telecommunications system remains an overriding objective. This bill would add to the list of objectives set out in section 7 of the Telecommunications Act. It would add the words “to promote the security of the Canadian telecommunications system.” It is important to have these words specified in law. It would mean that the government would be able to exercise its power under the legislation for the purposes of securing Canada's telecommunications system. The amendments also include authorities to prohibit Canadian telecommunication service providers from providing and using products and services from high-risk suppliers in 5G and 4G networks if deemed necessary after consultation with the telecommunications providers and other stakeholders. They would also give the government the authority to require telecommunications service providers to take any other actions to promote the security of the telecom networks, upon which all critical infrastructures depend. We have listened to our security experts, Canadians and our allies, and we are following the right path. We will ensure that our networks and our economy are kept secure. A safe and secure cyberspace is important for Canadian competitiveness, economic stability and long-term prosperity. It is clear that the telecommunications infrastructure has become increasingly essential, and it must be secure and resilient. Telecommunications present an economic opportunity, one that grows our economy and creates jobs. The amendments to the Telecommunications Act accompany the proposed critical cyber systems protection act. This bill will improve designated organizations' ability to prepare, prevent, respond to and recover from all types of cyber incidents, including ransomware. It will designate telecommunications as a vital service. Together, this legislative package will strengthen our ability to defend telecommunications and other critical sectors, such as finance, energy and transportation, that Canadians rely on every single day. The legislation before us today fits with the Government of Canada's telecommunications reliability agenda. Under this agenda, we intend to promote robust networks and systems, strengthen accountability and coordinated planning and preparedness. Canadians depend on telecommunications services in all aspects of their lives, and the security and reliability of the network has never been more crucial. They are fundamental to the safety, prosperity and well-being of Canadians. We will work tirelessly to keep Canadians safe and able to communicate securely. This legislation is an important tool to enable us to do that.

939 words

Ms. Andréanne Larouche (Shefford, BQ)

Mar/6/23 4:20:15 p.m.
Watch
Re: Bill C-26

Madam Speaker, I thank my colleague for his speech. In January, I requested a meeting with the Université de Sherbrooke, which has a research chair in cybercrime. I learned a lot about how behind the times Canada is. This bill is good, but it comes at a time when we are at greater risk than ever before. The federal government does not seem to be taking cybercrime seriously, yet many European countries have other models and have made headway against cybercrime. How can we address the fact that we need to catch up? We have to act faster to protect ourselves from cyber-attacks. There is also the whole issue of Hydro-Québec and the fact that those are interprovincial lines. How are the authorities going to be able to manage all that given the agreements and the importance of respecting Quebec's and the provinces' jurisdiction over certain types of critical infrastructure? It is high time this critical infrastructure was included in a bill to protect it. I would like to hear my colleague's thoughts on that.

182 words

Mr. Tony Van Bynen

Mar/6/23 4:21:23 p.m.
Watch
Re: Bill C-26

Madam Speaker, I share the member's sense of urgency in making sure that we advance opportunities to make the networks safer. The technology has developed very quickly in recent years, so it is important that we stay ahead of that technology. On the relationship between the provinces and the federal government, I think it is important that we develop reliable agreements where appropriate, but telecommunications is the responsibility of the federal government, and we are not going to shirk from our responsibilities in making sure that the network is safe for our citizens.

94 words

Ms. Lindsay Mathyssen (London—Fanshawe, NDP)

Mar/6/23 4:22:03 p.m.
Watch
Re: Bill C-26

Madam Speaker, I too reiterate the thoughts of my Bloc colleague that we are quite behind in this with respect to what other countries are doing. However, my concern has to do with the broad scope of powers being granted to the minister in this bill. It was specifically written so that some of these orders were not published in the Gazette, so I would really love to hear from the hon. member why the bill was crafted specifically to keep that public piece of information out.

87 words

SoVote

House Hansard - 164