---

Proceedings of the Standing Senate Committee on
Transport and Communications

Issue No. 13 - Evidence - March 28, 2017

---

OTTAWA, Tuesday, March 28, 2017

The Standing Senate Committee on Transport and Communications met this day at 9:31 a.m., in public and in camera, to continue its study on the regulatory and technical issues related to the deployment of connected and automated vehicles.

Senator Dennis Dawson (Chair) in the chair.

[Translation]

The Chair: Honourable Senators, I call this meeting of the Standing Senate Committee on Transport and Communications to order. This morning the committee is continuing its study on the regulatory and technical issues related to the deployment of connected and automated vehicles. Today's meeting will be divided into three parts.

[English]

In the first part of our meeting, we will welcome Daniel Therrien, Privacy Commissioner of Canada, who is responsible for overseeing compliance with the Privacy Act; and Patricia Kosseim, Senior General Counsel and Director General, Legal Services, Policy, Research and Technology Analysis Branch.

After that, we will have an in camera meeting on the budget, followed by another public meeting to adopt the budget if people agree on it.

[Translation]

Thank you, and I will ask you to begin. Mr. Therrien, you have the floor.

Daniel Therrien, Privacy Commissioner of Canada, Office of the Privacy Commissioner of Canada: Thank you, Mr. Chair, for having invited me to discuss the privacy issues associated with connected and automated vehicles.

Modern cars are more than simply vehicles. They have become smartphones on wheels — mobile sensor networks, capable of gathering information about, and communicating with, their internal systems, other vehicles on the road, and local infrastructure. This information is not strictly about the car; it can be associated with the car's driver and occupants, and use to expose patterns or make inferences about those people for a number of purposes not all related to safe transportation.

The benefits available to Canadians through the arrival of connected and autonomous cars may be significant. However, consumers' trust in these technologies will only take hold when the appropriate balance between information flow and privacy protection is struck.

In order to canvass the privacy issues associated with the connected car, my office has funded two arms-length research projects on the topic through our Contributions Program — the British Columbia Freedom of Information and Privacy Association's "The Connected Car — Who is in the driver's seat,'' and the University of Ontario Institute of Technology's "Paving the way for Intelligent Transport Systems (ITS): The Privacy Implications of Vehicular Infotainment Platforms.'' The committee may find this of interest as it pursues this study — my own comments today have been helpfully informed by both these reports.

There are two primary streams of data in a connected car. The first is "telematics'' — the sensors which capture a broad expanse of information about vehicle systems. From this data, further information can be extrapolated about the vehicle's driver, including how and where they drive.

The second stream comes from "infotainment systems.'' As the name suggests, these are conduits for information related to navigation, traffic, weather, or entertainment, such as streaming audio. These systems can be paired with a driver's phone to enable hands-free communication, giving the system access to the user's contact list, as well as incoming calls, text messages and emails.

[English]

The potentially highly revealing data generated by a connected car raises important privacy questions, including the following.

First, in the face of the complex data flows involving many different players in the connected car ecosystem, we must ask ourselves: Who, ultimately, is accountable for what? More concretely, which company or public sector institution would the average driver contact when they have a privacy problem?

Second, when a person sells their car or returns their rental, is there an easy mechanism to ensure that infotainment systems are thoroughly wiped such that no one has inappropriate access to information about them?

Third, and more fundamentally: How are collections, uses and disclosures of information being communicated to individuals so that they have a real choice in providing consent, or not, to services that are not essential to the functioning of the car?

On this last point, my office is currently examining potential enhancements to the consent process to address many of the challenges raised by the flow of large amounts of data through complex ecosystems, as we can see in the connected car industry and, more broadly, in the Internet of things.

During our consent consultations, we heard that Canadians are greatly concerned about the lack of clarity and accessibility of privacy policies. They claimed that posting a legalistic privacy policy on a website is not an effective means of providing notice, although that appears to be the method chosen by auto makers.

I agree with prior witnesses who spoke of the importance of privacy by design, whereby companies should consider privacy from the outset and from a whole organization perspective when they design new technologies such as the connected car.

But car makers do not have to go about this process alone; there is a benefit to stakeholders coming together to set appropriate standards in order to bring certainty to both industry and consumers. Absent comprehensive legislation, auto makers in the United States came together to develop and commit to a series of privacy principles similar to those found in Canada's federal law, PIPEDA. In Canada, my office will soon be funding, through our contributions program, an arms-length project which aims to develop a code of practice for connected cars.

To the extent that they can ensure compliance with, or even surpass, manufacturers' obligations under PIPEDA, efforts such as these should be encouraged.

In conclusion, though there are challenges, the connected car and privacy protection are not inherently opposed. Done appropriately, Canadians will be more comfortable in adopting the benefits of connected and autonomous cars knowing that their privacy will be protected.

Thank you for your invitation and I look forward to your questions.

The Chair: Thank you. We will begin with Senator Mercer.

Senator Mercer: Thank you for being here and for your presentation. I will try to bunch two or three questions together so I don't take up more time than necessary and then allow my colleagues to have their go.

How do we protect the necessary information that will be exchanged electronically with these various autonomous vehicles and connected cars? The other question is: Who owns the data, and who protects the data? And then the ultimate question, of course, is: What happens when it all goes wrong?

Mr. Therrien: As far as how to protect the information that is collected and shared through cars, the start is Canada's federal privacy legislation, PIPEDA. We have a set of principles in PIPEDA that provide a good starting point — not the end point, but a good starting point — with principles like data should be collected only when necessary for certain purposes.

Data that is necessary for the proper functioning of the car, data that is necessary to ensure road safety, I think is more likely to be necessary than other types of information on non-essential services, such as advertisement or other things.

Before I leave how to protect information, PIPEDA provides the starting point. There are many players in what I have referred to as the "ecosystem.'' There is the manufacturer. There is the dealer who sells the car. There are all kinds of companies who may be involved in receiving information. There may be public institutions, municipalities responsible for systems. The information ultimately could go to companies or public institutions responsible for parking. Don't count on your fingers. There are probably hundreds of players, public or private, that can ultimately receive information from the car. PIPEDA is a good starting point, but all of these companies that are involved in collection or use of data have responsibilities under PIPEDA and must develop privacy management programs for that information. That includes privacy policies that are readable and can meaningfully inform consumers as to what will happen to their information.

I will just add: Codes of practice would also be desirable, and that's why we're funding an exercise to develop a code of practice that would build from PIPEDA and enhance standards, make them more precise in the context of the connected car.

Who owns the data? There can be interesting debates about this, but, under Canadian law, there are obligations for companies and public institutions who collect and use information to respect certain privacy principles that relate to the subject of the data. It's less a question, I think, of owning the data than of who the data relates to. That is the individual, and there may be a number of them in a car.

What happens if something goes wrong? Under current PIPEDA, I can investigate if there is a complaint filed to me. We're essentially in a reactive mode, and that is one of the issues that I've raised with the ETHI committee of the House of Commons, something that is perhaps to be revisited, because, essentially, many things could go wrong in managing data in relation to a car. Is it reasonable to wait until a consumer actually sees a problem — they may not know that there is a problem — before the regulator, the Privacy Commissioner, can investigate, find whether something did go wrong, and make recommendations as to how to make things better in the future?

Senator Runciman: What's happening right now — you mentioned PIPEDA — with respect to this particular industry and the implications with respect to moving forward on this? We're going to see growth in this area; there's no question about it. How do you monitor that now? Is it purely complaint-based? Is that the only way that your office is made aware of issues or concerns?

Mr. Therrien: In terms of compliance, strictly speaking, yes, it is complaint-based. We've had a number of discussions, at a general level, with car associations, with manufacturer associations, at the policy level, but in terms of whether companies comply with PIPEDA or not, it is a complaint-based system.

Senator Runciman: You also keep an eye of security agencies in this country.

Is this a question you've posed to them with respect to — if you want to call this — a "vulnerability''? Is this being utilized or exploited — whatever term you wish to use — by security agencies today, that you're aware of?

Mr. Therrien: I don't recall that we've had a discussion with car manufacturers or the car industry specifically about this, but one of the pieces of information that cars collect, of course, is geolocation, which can be very useful for police and national security agencies. So this is something to be mindful of — geolocation — in relation to law enforcement and national security. I've made comments, in response to the government's green paper in that regard, that would be generally applicable to that data collected in a car.

Senator Runciman: Any use of this at the federal level by security agencies would have to be warrant-based, I assume?

Mr. Therrien: At the core of it, yes. There are issues around voluntary sharing with law enforcement and national security. The Supreme Court decision in Spencer is relevant here in terms of what information could be sent to law enforcement with or without warrant. All of these issues that have arisen in the context of previous debates are totally applicable in the context of the car, with the specificity that the car obviously knows where you are.

Senator Runciman: In the research materials that we had, there was a reference to British Columbia expressing concern about usage-based car insurance, where the rates are adjusted based on driving habits. Are you familiar with that, and how often is that practice being utilized across the country by insurance companies?

Mr. Therrien: The researchers expressed concern about this. Currently, the insurance industry is regulated, in large part, by provincial authorities, and, in at least three provinces, B.C., Alberta, and Quebec, the regulators for the insurance industry require that participation in these programs linking habits to insurance be on a voluntary basis. That is the current situation. It could change in the future, but that's where we are today.

Senator Runciman: I'm just looking at this and wondering about the responsibility on the industry and regulators to inform the public of the information trail they're leaving behind as a result of this technology. I just wonder what your sense is in terms of public awareness. I suspect it's not very high. Perhaps governments, regulators and the industry itself should be making the public more aware of what they might be getting themselves into and the information thrown out there.

Mr. Therrien: Absolutely. I do not think the public is generally aware. There is an obligation for all of the players you mentioned to inform consumers and to inform consumers in a way that is meaningful to the consumer, where they can act on it on a timely basis so that they can exercise meaningful choice. That's a theme that we're looking at in our consent discussions, how to make consent more meaningful under PIPEDA. It applies totally — it is absolutely relevant — to the car industry.

Senator Runciman: In terms of increasing awareness, what role is there for your office to play through encouraging governments, regulators and industry to perhaps play a greater role in making this happen?

Mr. Therrien: We try to participate in conferences, in public meetings, that have a number of populations, elderly or others. We have a website that we try to use. We could probably do more in that respect.

Senator Runciman: Okay. Thanks.

Senator Eggleton: I want to go back to informed consent, which you have flagged as a major concern.

If you want to sign up for something on the Internet, quite frequently, you're faced with agreeing to a set of conditions that are all in legalese, and some of them are several pages. If you are not a lawyer and have not got time to go through several pages of all of this, it's very hard to know what you're agreeing to, so trust comes into a lot of this in terms of people signing on. I'm not sure how trustful people are going to continue to be about this, particularly as the additional applications such as connected vehicles are concerned.

How do we make it easier for people to understand? What role can you play or the government play in helping to make it easier for people to be able to give informed consent without having to look through a lot of legalese over several pages?

Mr. Therrien: One way in which to do this is the code of practice that we will be funding. In order for a consumer to have some sense of the uses that will be made of his or her information, there will be some baseline uses, say, related to the safety of the car and road safety that need to be explained. Perhaps a code of practice that regulates this area — the fundamentals of the working or the functioning of a car — can be in a general set of guidelines, so PIPEDA plus a code of practice, for instance.

But then the question is how to inform consumers meaningfully of other non-essential uses of their information in the context of a car. That's the difficulty of how to make the consent model work properly. I think part of the answer is to focus on what the prime concerns to consumers are: What kind of information are you collecting on me, what use will you make of it and with whom will you share it?

There should be a way of informing consumers that we're going to collect information about you of X nature for the functioning of the car. Most people, I would suggest, will be happy if indeed the information is used for the better functioning of the car.

Then you get into the territory of what goes beyond that. There, consumers should have a greater choice. They should have complete choice as to whether they want to consent to uses that are not related to the proper functioning of the car, road safety, et cetera.

If you narrow the number of uses for which people are consulted as opposed to having a 30-page privacy policy, then people will not be inundated and overwhelmed by the information, and there's a greater chance they will actually exercise control.

Senator Eggleton: Hopefully in plain language, not just legalese.

Is this something PIPEDA could be amended to provide for?

Mr. Therrien: I'm not sure there is a need to amend PIPEDA to get there. PIPEDA has a principle that consent is required and that it needs to be meaningful. I think there are things in PIPEDA that do need to be amended, but around ensuring that consent is meaningful and leads to real decision-making on the part of data subjects, I don't think we need the amend the act. It's a question of how to implement the principles of PIPEDA.

Senator Eggleton: Never mind connected vehicles in the future, this issue exists today. People might not be going through the 30 pages, or not understanding it fully, and agreeing to things that are not in their best interest that involve a vast collection of data about them. Shouldn't we be doing something now and not just wait for connected vehicles?

Mr. Therrien: You're right that these issues arise outside of the car industry. If you're saying "if it's not happening now, do we not need to amend the legislation'' — if that's the gist of your question — I would say that it's a combination of things. In terms of how to inform consumers, personally, I don't think we need to amend PIPEDA. There are ways to do that without amending PIPEDA.

Ensuring you have appropriate enforcement of these rules is a different thing. Maybe we do need amend PIPEDA to ensure that if companies do not comply with these expectations and do not inform consumers in a meaningful non- legalistic way and that there is a better mechanism to inform them they're not acting up to par, that's a different thing and maybe there needs to be changes on that side, among others. But as to whether we need to amend legislation to get to better notices, I don't think so.

Senator Eggleton: If we don't amend the legislation, how do we get movement in this area now? It's only going to become more problematic as we get into connected vehicles, so I would think we should be working on that now. How do we do that, and who does that?

Mr. Therrien: That's essentially the work that we're doing at my office on how to make consent more meaningful. We have engaged in consultations. We are now preparing a set of recommendations on how to improve things. We can implement some of these recommendations without legislative change; others will likely require legislative change.

Senator Eggleton: So we'll hear more from you.

Mr. Therrien: Yes, we're seized with that question.

[Translation]

Senator Saint-Germain: In replying to Senator Eggleton's questions, you answered that you had sponsored a report prepared by the British Columbia Freedom of Information and Privacy Association. One of the recommendations in that report is that regulations be developed on the protection of data in the connected vehicles industry. That regulation would build on the regulatory powers that are already conferred by the Personal Information Protection and Electronic Documents Act (PIPEDA).

First, with regard to what you said about the importance of providing a guide on good practices to consumers so as to inform them and raise their awareness, do you think that such regulation would be relevant? Secondly, do you think it could oblige Canadian automobile makers to harmonize their practices as per legal requirements? Thirdly, what advantage, if any, could be derived from harmonizing our legislation with American legislation and regulations?

Mr. Therrien: As I said in my opening remarks, PIPEDA provides the basis and the fundamental principles. Through its general principles this act has the advantage of applying to all kinds of industries. However, since its principles are general, it does not give any specific indications to consumers who deal with a particular industry on how that industry must manage the information consumers provide to it.

How can we go from basic principles to more specific rules? I don't think there is any magic recipe. However, the association in question did recommend regulation. At the outset, with the tools provided by PIPEDA, we think we will begin with a code of conduct. If that is what you mean by a guide of good practices, there is indeed a voluntary aspect to such a code, but there is also value in general principles that could be made more specific to inform consumers of the use that will be made of their data. That would still be on a voluntary basis, and that is the instrument we have with PIPEDA.

As for possible amendments to the act, should there be regulations that bind companies and require that level of specificity? That is not the nature of the act we have currently.

It is also one of the questions we ask ourselves in the context of consultations on consent, and that is something you could reflect on. I think there is an important advantage in PIPEDA being worded in terms of general principles. The result is that all Canadian industries are governed by the same general privacy protection principles.

Also, there is an advantage to having privacy protection principles applied to all industries, since their aim is to protect a human right that is present in many contexts. We have some good bases that we could make more specific through exemplary practices. Should there be a regulatory power? We are asking ourselves that question. We think we will achieve the same result by and large with the code of conduct.

Senator Saint-Germain: Before giving you the opportunity to answer about harmonization with American legislation, I'd like to go back to a particular issue. Regulatory power would be possible, and you are opening the way for us to come up with an eventual recommendation.

You spoke about the general principles of the law and their application to many industries. However, in the case of connected vehicles, which will belong to a single person, but may go from one person to another — we even saw in our analyses that in some cases those cars will be able to travel 24 hours a day and have a lot of user-clients — do you not think that those are very specific conditions of use, and that that poses a particular risk from the perspective of protecting private data, and its possible abuse?

Mr. Therrien: That is a difficult question. It is entirely true that in the context of connected vehicles, data from several people may be collected in the same car and may be disclosed to several companies. This does raise an obvious issue regarding privacy protection. Other sectors of the industry are facing the same problem; the situation is similar for smartphones, except that in principle they are used by a single individual, although that is not always the case. Certainly, in terms of disclosure of information, there are going to be a lot of players. Yes, we have to be concerned about protecting privacy in the context of connected vehicles. Are the issues there greater than in other industries, without even talking about the information collected by, for instance, the corner convenience store? There are many industries, many companies, that are in a similar situation.

As for harmonization with the United States or other countries, that would be desirable, but Canada must compare itself to several other countries. Obviously, we share a market with the United States, but European, Japanese and Korean cars are also sold in Canada. And so, international harmonization is desirable, but from the privacy perspective, an international treaty containing the same privacy protection rules will not be developed overnight. What we are trying to do at a practical level is harmonize compliance with the regulations. The regulations may be slightly different, although they all subscribe to the same international principles, but that does not constitute a treaty that binds the countries involved. The OECD has developed some principles encouraging countries to bring in regulations. So the rules are not completely different from one country to another, but should they all be the same? I don't think that is realistic, frankly, but there would be some work to do to aim for a certain harmonization of compliance activities among regulatory authorities.

The Chair: If there are no other questions, I would have one for you. What the committee has been trying to do from the outset is to work upstream from the massive arrival of these vehicles, so as to avoid the need for a lot of catch-up work on Canadian legislation. In your area in particular, you are very aware of the fact that too often when it comes to access to information, the government reacts to technological progress; even the cars of today go far beyond the framework of the law which concerns you. We are looking for advice because this issue does not only apply to the Department of Transport or the Department of Industry. Since this question will affect many departments, we are looking for advice from people like you so that we can see the changes coming in our next report, and so that we can act upstream rather than waiting for the arrival on a massive scale of cars that will be shared by several people, as has been mentioned here several times. We have to be able to say that the Canadian government must absolutely — and we can't just wait for the United States, naturally — act proactively in this area. We know that you are examining this topic and that you have followed prior testimony. And so if you have recommendations to make to us as this process unfolds, we will be happy to receive them, especially as concerns your field.

Mr. Therrien: I will say three things, in order to try to be useful to you on this topic. Modern connected and autonomous vehicles are going to develop, and one of the important realities to protect privacy is that we have to give particular attention to the technological context and the business context, in order to choose the proper legal framework. In an area like this one — and there are others, but this is one of them — where the technology and business models will evolve, we have to ensure that the legal framework will be able to manage that evolution. Regulation is one of the matters to be examined, but we have to see to it that it is not so precise that it undermines innovation and that we miss protecting privacy interests, because technology will be elsewhere in 5, 10 or 15 years. And so we have to build in a certain flexibility.

That is why I spoke of PIPEDA. It's a good starting point, but we have to see how we can strengthen it. Should we bring in a code of conduct, or regulations? When you study that question, do so by taking into account a context where technology and business models are going to change. Because of those factors, some of the people who spoke before you referred to the concept of "Privacy by Design.'' It is a concept that was mostly introduced by Ms. Cavoukian, a Toronto privacy expert; it was taken up in European regulations, and is to be found to some degree in the responsibility principle in the Personal Information Protection and Electronic Documents Act. In an industry where technology and business models are changing rapidly, it is important to have a principle that tells companies that when they innovate — which is a good thing — they should be thinking about privacy right from the beginning in the design of new systems. So from the point of view of these upstream working principles, not only for you as legislators, but for the companies that will do that work in the field in the coming years, how can we ensure that these people will give privacy serious thought when they develop these new technologies? "Privacy by Design'' is a good concept. You could think about how to ensure that that principle is applied in a concrete way.

My third point, and I alluded to it a few minutes ago, is compliance. The Personal Information Protection and Electronic Documents Act contains some good principles; they could be improved in various ways. However, the federal law is deficient in my opinion as concerns compliance mechanisms, and the fact that we can only act once there is a complaint. If we could act upstream and in a preventive way instead of a reactive one, I think that would be part of the solution.

[English]

Senator Mercer: Thank you again. My supplementary follows Senator Dawson's questions but, more importantly, your answers.

I am still confused by how you respond or how government responds quickly to a new problem that we have yet to anticipate. This is new technology. This is a new way of interacting with companies, with our cars and with our fellow citizens. This is all brand new, and I don't think any of us have anticipated all of the problems that may arise from that.

What I am concerned about is that we don't have a quick solution. You are right; PIPEDA is a good base from which to begin. But how do you respond quickly and effectively to protect the interests of Canadians when someone finds a way to utilize this data in a manner that none of us have perceived at this point? How do you respond quickly? You know how long it takes to get a piece of legislation through this place; and if you are doing it through regulations, it is not much faster. It can be a little faster, but it doesn't have the process of having parliamentarians oversee it.

Are we anticipating putting in a quick response team on this stuff? I am talking about problems that I haven't anticipated. There may be problems you haven't anticipated. There may be problems that people who will perpetrate those problems haven't dreamt up yet.

Mr. Therrien: I'm afraid I will go back to what I have said. I will add that yes, there are many potential privacy problems with the connected car, but it's one of many contexts in which there may be problems with privacy.

I will mention artificial intelligence. Artificial intelligence is nascent. It is growing. It is something that Canada properly wants to do more of and be a leader in, but artificial intelligence means using data — some of it personal, most of it non-personal — to derive value and draw links and so on. Something may go wrong as you develop an artificial intelligence program, from a privacy perspective.

I will suggest humbly that it is not on a transactional basis that most of the work needs to be done, because the number of problems that may arise is limitless when you look at the connected car, artificial intelligence, big data, et cetera. You need to have the proper legislative framework that is flexible. You need to ensure that corporate players involved in these activities are accountable. We have an accountability principle under PIPEDA. You need to have rules that go beyond the base codes of practice or regulations, and you need a regulator that is able to act quickly, to get to your direct question, if something goes wrong.

In part, I think that means for my office to be able to act on a proactive basis as opposed to on a complaint basis, because most problems will not be identified by individual consumers. We are not ideally placed, but we are better placed than individual consumers to know where the problems are. If we were to have greater authority to act proactively, then we would be closer to being able to act quickly, as you say.

[Translation]

Senator Boisvenu: Mr. Therrien, thank you very much for your presentation, which was very interesting. Ms. Kosseim, welcome to the committee.

Mr. Therrien, I know you played a large part in the past in the negotiations between Canada and the United States on information sharing. You were a very important actor in those discussions.

In future, cars, like individuals, will have fewer and fewer borders. A Canadian will be able to go from one province to another in his car. There are lot of people today who leave Canada to travel to Mexico and even to Central America. When I go to the United States with my cell phone I am always surprised to receive messages from retailers in malls indicating that they have detected my presence. I think the same thing will apply to vehicles; there will be no more borders. Autonomous and semi-autonomous vehicles will have to go through several information networks, and that information will be accessible not only to Canadians but also to Mexicans and Americans. As we know, American privacy protection legislation can vary from one state to another.

Given the vagueness of the regulation, how will we manage to protect consumers who will have a very active life thanks to these vehicles, in several jurisdictions?

Mr. Therrien: There is a principle in the Personal Information Protection and Electronic Documents Act which in my opinion is very helpful, and that is the principle of company responsibility. Obviously, when a vehicle crosses a border, in the United States or elsewhere, the laws that apply to the handling of data will generally be the ones that apply in the vehicle's location. However, in the federal Privacy Protection Act, the principle of company responsibility regarding the handling of data collected on a consumer has a certain extraterritorial scope. The company responsibility principle implies that the automobile manufacturer who makes and sells a car to someone in Canada must ensure that no matter where data is processed, the principles of PIPEDA will apply. In a concrete way, the consent or absence of consent, to advertising for instance, that the consumer gives in Canada is linked to the automobile, because the manufacturer and the vendor must ensure that they respect the consumer's choice if the car goes over a border.

Of course, there are limits to that provision. When the car goes over the border to the United States, American laws regarding access by police forces or national security agencies, perhaps for other purposes, will apply. However, there is an extraterritorial character to some of the decisions made by the consumer when the car crosses a border.

Senator Boisvenu: For those people, the risk will be much greater than for someone who only uses his vehicle within Canadian borders, for instance.

Mr. Therrien: Yes.

Senator Boisvenu: My next question is about terrorism. As we saw in England recently, automobiles are increasingly being used as weapons, which makes police intervention much more difficult. In London we know that a Jeep Cherokee was used to commit the criminal acts. As it happens, that vehicle is one of the most technologically advanced cars, when it comes to the link between the automobile maker, the software manufacturer and the driver. In the United States an experiment was carried out where they managed to stop a driver's car on a roadway by controlling its software.

I'm thinking of the police, which must always be at the cutting edge of this technology if they are to practice prevention. How will we manage to find a balance, when it comes to protecting privacy, between a criminal individual who can use his car as a weapon and an ordinary citizen who uses his car to get around? How will we find a balance to ensure that those people who use their car as a weapon are not too protected, and that the honest driver is not underprotected?

Mr. Therrien: I will give you a preliminary answer, although that is an interesting question, one I have not had the opportunity to think about sufficiently yet. Connected vehicles will be vulnerable, from a technological point of view, to manipulation by other people besides the driver. It could be the state, as you suggested, for the purpose of avoiding an act of terrorism. It could also be a criminal whose intentions are contrary to the interests of the driver, and could cause death.

In the case of vehicles, as for other systems — and other witnesses have spoken to this — it is important to ensure, in addition to respecting privacy, that computer systems will be secure. We have to ensure that there will be extremely strict requirements on manufacturers and other companies regarding the security of data, in order to prevent ill- intentioned individuals from gaining control of vehicles to do harm.

To get to your question about terrorism, we are going to have to reflect on the appropriate legal framework to allow the state, in specific circumstances, to stop a vehicle.

The Chair: Mr. Therrien, Madam Kosseim, thank you very much for your presentation.

[English]

We will break for a few minutes while we ask people to leave. If people agree, we will have the senators' staff stay here.

[Translation]

Once again, thank you for your presence at our meeting. In three minutes we are going to proceed to the in camera meeting to talk about the committee's budget for the coming weeks and months.

[English]

(The committee continued in camera.)

(The committee resumed in public.)

The Chair: Honourable colleagues, is it agreed that the budget application for $87,142 be approved for submission to the Standing Committee on Internal Economy, Budgets and Administration?

Hon. Senators: Agreed.

The Chair: Thank you.

(The committee adjourned.)