SECD - Standing Committee

National Security, Defence and Veterans Affairs

Past Session: Past Session:
44-1 44th Parliament, 1st Session (November 22, 2021 - January 6, 2025)
Select a different session
Download as PDF

THE STANDING SENATE COMMITTEE ON NATIONAL SECURITY, DEFENCE AND VETERANS AFFAIRS

EVIDENCE

OTTAWA, Monday, December 2, 2024

The Standing Senate Committee on National Security, Defence and Veterans Affairs met with videoconference this day at 4 p.m. [ET] for clause-by-clause consideration of Bill C-26, An Act respecting cyber security, amending the Telecommunications Act and making consequential amendments to other Acts.

Senator Hassan Yussuff (Chair) in the chair.

[English]

The Chair: Good afternoon, honourable senators. Before we begin, I would ask all senators and other persons participating to consult the cards on the table for guidelines to prevent audio feedback incidents. Thank you for your consideration.

Welcome to this meeting of the Standing Senate Committee on National Security, Defence and Veterans Affairs. I am Hassan Yussuff, a senator from Ontario and chair of the committee. I’m joined today by my fellow committee members, who I would welcome to introduce themselves.

Senator Batters: Senator Denise Batters, from Saskatchewan.

Senator Patterson: Senator Rebecca Patterson, from Ontario.

Senator M. Deacon: Welcome. Marty Deacon, Ontario.

Senator Cardozo: Andrew Cardozo, Ontario.

Senator Anderson: Margaret Dawn Anderson, Northwest Territories.

Senator Boehm: Peter Boehm, Ontario.

Senator McNair: John McNair, New Brunswick.

Senator LaBoucane-Benson: Patti LaBoucane-Benson, Treaty 6 territory, Alberta.

Senator Kutcher: Stan Kutcher, Nova Scotia.

Senator Dasko: Donna Dasko, Toronto, Ontario.

The Chair: Thank you, colleagues.

We are also joined by our clerk of the committee, Ericka Paajanen, and Ariel Shapiro and Anne-Marie Therrien-Tremblay, our analysts.

Senator Batters?

Senator Batters: Thank you. I have a topic we need to raise at the start, in camera, please. It is concerning the media article that came out last Friday which dealt, in part, with some in camera discussions that happened at this committee.

(The committee continued in camera.)

(The committee resumed in public.)

The Chair: Thank you, colleagues, and welcome back.

Before we get into our discussion on Bill C-26, I would like to take a moment to discuss the work of the Subcommittee on Veterans Affairs. On October 10, the committee received a government response in relation to the study on emerging treatments for veterans suffering from occupational stress injuries. The subcommittee would like the opportunity to invite Veterans Affairs to speak to their response. To do that, we must delegate this work to the subcommittee.

Is it agreed, colleagues, that the government response to the seventh report of the Standing Senate Committee on National Security, Defence and Veterans Affairs entitled The Time is Now: Granting equitable access to psychedelic-assisted therapies, deposited with the clerk on November 8, 2023, be delegated to the Subcommittee on Veterans Affairs? Agreed?

Hon. Senators: Agreed.

The Chair: Thank you, colleagues.

We now proceed to clause-by-clause consideration of Bill C-26, An Act respecting cyber security, amending the Telecommunications Act and making consequential amendments to other Acts.

We have officials from Public Safety Canada, Innovation, Science and Economic Development Canada and the Communications Security Establishment with us in the room. We welcome you again, for the third time. They are available to assist us with any technical questions that may arise during this process.

Before we begin, I would like to remind senators of a number of points.

If, at any point, a senator is not clear where we are in the bill, please ask for clarification.

When more than one amendment is proposed to be moved in a clause, amendments should be proposed in the order of the lines of a clause. If a senator is opposed to an entire clause, I would remind you that, in committee, the proper process is not to move a motion to delete the entire clause but, rather, to vote against the clause as standing as part of the bill.

I would also like to remind senators that some of the amendments that are moved may have consequential effects on other parts of the bill. Should that be the case, it would be useful if the senator moving an amendment identified to the committee other clauses in this bill where this amendment could have an effect. Otherwise, of course, it would be very difficult for members of the committee to remain consistent in their decision-making. Staff will endeavour to keep track of places where subsequent amendments need to be moved and will draw our attention to them.

If committee members have any questions about the process or about the propriety of anything occurring, they can raise a point of order. As chair, I will listen to the arguments, decide when there has been sufficient discussion of a matter or order and make a ruling. The committee is the ultimate master of its business within the bounds established by the Senate, and a ruling can be appealed to the full committee by asking whether the ruling shall be sustained.

As chair, I will do my best to ensure that all senators wishing to speak have the opportunity to do so. For this, however, I will depend on your cooperation and ask you all to consider other senators by keeping your remarks as concise as possible.

Finally, I wish to remind senators that if there is ever any uncertainty as to the results of a voice vote or a show of hands, the most effective route is to request a roll call vote which, obviously, provides unambiguous results, and senators are aware that any tied vote negates the motion in question.

Are there any questions as to the above?

Senator Batters: Last week, before we had the in camera portion, when we were first going to be starting to deal with this bill, I asked that we have the opportunity to ask questions of a more general nature about this bill to officials. Since we have quite a number of officials here, I ask that we have that opportunity to do that prior to getting into the actual nuts and bolts of the clause-by-clause consideration, since I think some of the questions need to be answered before we get into the actual clause-by-clause consideration.

The Chair: Senator Batters, we are now dealing with clause-by-clause. If you have a specific issue in nature in regard to a specific clause, I think it would be appropriate to ask the officials to comment at that time, but if you are asking to have officials speak of a general nature about the bill, we have already considered that part, and now we will begin our clause-by-clause discussion.

Senator Batters: Chair, we have not yet agreed to go into clause by clause. That’s number one on the script, I think, and we have not done that yet. As I stated last week, there are some general questions, not to hear just discussion with the officials, but some actual questions that we have about the bill that probably don’t fit as neatly into, oh, this particular item or this item, but they are more general questions than that.

The Chair: I find it very unusual, but I will hear from committee members. Does anybody on the committee wish to comment on the request by Senator Batters?

It would be my decision, Senator Batters, that we move to clause by clause and hear from the officials at that point in time, if you have a specific issue in nature that you wish to ask the officials. I think it would be highly appropriate for you to ask them specifically at that moment, as we are going through clause by clause.

Senator Batters: Chair, where do I ask something like, “Where is the GBA full document?” Where do I ask that?

The Chair: Well, we did, of course, have the officials here before when we went through the bill in its entirety and discussed when they were here before this committee. You were here as the critic of the bill. You had an opportunity to ask the officials at that point in time. Today, we are here to deal with clause by clause, so I think it is fair, if at any time during discussion of clause by clause, you want to ask the officials a specific question, by all means, you are entitled to do so.

Senator Batters: I’m new to this particular committee, on this bill, but this is a regular way of proceeding at other committees when they are dealing with bills. They generally have a question session. That was weeks ago that, and we have heard from many witnesses since then. Also since then, Senator McNair, as sponsor, has provided a Q & A for some common questions from the government — responses from the government. Then I went to Professor Matt Malone to get his take on what the government had provided for the answers in that, and there were several areas where there were a lot of things that I need to know what the situation is on those particular issues. They are not anything that fit so neatly into just particular clauses.

The Chair: Colleagues, you’ve heard my recommendation to the committee that we move into clause by clause. Is there any specific — I think what you are asking is highly inappropriate.

[Translation]

Senator Dagenais: I have been a member of this committee for 11 years. We typically do clause by clause, examining one clause after the other. If there are questions, we have the privilege of having officials here to provide explanations, clarifications or additional information. That enables us to make headway and to make corrections. That is the purpose of clause-by-clause consideration. I have never seen this. I agree with you, Mr. Chair, that we are no longer at the stage of meeting with witnesses. We are doing clause-by-clause consideration.

[English]

The Chair: Does anybody else wish to speak before we proceed?

You heard my ruling, colleagues. Is it agreed that the committee will proceed to clause-by-clause consideration of Bill C-26, An Act respecting cyber security, amending the Telecommunications Act and making consequential amendments to other Acts? Agreed?

Some Hon. Senators: Agreed.

The Chair: Honourable colleagues, there has been a request for a recorded quote. I will ask the clerk to name all senators present who are entitled to vote on this bill.

Ericka Paajanen, Clerk of the Committee: The Honourable Senator Yussuff, the Honourable Senator Anderson, the Honourable Senator Batters, the Honourable Senator Boehm, the Honourable Senator Cardozo, the Honourable Senator Dagenais, the Honourable Senator Dasko, the Honourable Senator Deacon (Ontario), the Honourable Senator Kutcher, the Honourable Senator LaBoucane-Benson, the Honourable Senator McNair, the Honourable Senator Patterson and the Honourable Senator Richards.

The Chair: If any member present does not wish to vote, you can withdraw from the table now. The clerk will now call members’ names, beginning with the chair, followed by the remaining members in alphabetical order. Members shall verbally indicate how they wish to vote by saying yea, nay or abstain. The clerk will announce the result of the vote. The chair will then declare whether the motion is carried or defeated.

Ms. Paajanen: The Honourable Senator Yussuff?

The Chair: Yea.

Ms. Paajanen: The Honourable Senator Anderson?

Senator Anderson: Yea.

Ms. Paajanen: The Honourable Senator Batters?

Senator Batters: No.

Ms. Paajanen: The Honourable Senator Boehm?

Senator Boehm: Yea.

Ms. Paajanen: The Honourable Senator Cardozo?

Senator Cardozo: Yea.

Ms. Paajanen: The Honourable Senator Dagenais?

Senator Dagenais: Yes.

Ms. Paajanen: The Honourable Senator Dasko?

Senator Dasko: Yes.

Ms. Paajanen: The Honourable Senator Deacon?

Senator M. Deacon: Yes.

Ms. Paajanen: The Honourable Senator Kutcher?

Senator Kutcher: Yes.

Ms. Paajanen: The Honourable Senator LaBoucane-Benson?

Senator LaBoucane-Benson: Yea.

Ms. Paajanen: The Honourable Senator McNair?

Senator McNair: Yea.

Ms. Paajanen: The Honourable Senator Patterson?

Senator Patterson: Yea.

Ms. Paajanen: The Honourable Senator Richards?

Senator Richards: Nay.

Ms. Paajanen: Yes, 11; no, 2; abstentions, 0.

The Chair: I declare the motion carried.

Shall the title stand?

Hon. Senators: Agreed.

The Chair: Shall clause 1 carry?

Some Hon. Senators: Agreed.

Some Hon. Senators: No.

The Chair: Carried, on division.

Shall clause 2 carry?

Some Hon. Senators: Agreed.

An Hon. Senator: On division.

The Chair: On division.

Shall clause 3 carry?

Some Hon. Senators: Agreed.

An Hon. Senator: On division.

The Chair: Shall clause 4 carry?

Some Hon. Senators: Agreed.

An Hon. Senator: On division.

The Chair: Shall clause 5 carry?

Some Hon. Senators: Agreed.

An Hon. Senator: On division.

The Chair: Shall clause 6 carry?

Hon. Senators: Agreed.

The Chair: Shall clause 7 carry?

Some Hon. Senators: Agreed.

An Hon. Senator: On division.

The Chair: Shall clause 8 carry?

An Hon. Senator: On division.

Some Hon. Senators: Agreed.

The Chair: Shall clause 9 carry?

Some Hon. Senators: Agreed.

An Hon. Senator: On division.

The Chair: Shall clause 10 carry?

Some Hon. Senators: Agreed.

An Hon. Senator: On division.

The Chair: Shall clause 11 carry?

Some Hon. Senators: Agreed.

An Hon. Senator: On division.

The Chair: Shall clause 12 carry?

Senator Batters: That’s where I have my amendment, but isn’t it necessary to deal with the government’s amendment first so that that clause can actually be operative?

The Chair: We are proceeding in the order of the bill, Senator Batters.

Senator Batters: But there is an unusual situation here whereby if we don’t deal with the government’s amendment first — I think it is necessary to make sure this is an operative bill. As it stands, clause 12 doesn’t exist.

The Chair: If the committee is in agreement, my advice from the clerk is that we could postpone clause 12 until the end. Is the committee in agreement to postpone clause 12 until the end?

Hon. Senators: Agreed.

The Chair: Agreed.

Shall clause 13 carry?

Some Hon. Senators: Agreed.

An Hon. Senator: On division.

The Chair: Shall clause 14 carry?

Some Hon. Senators: Agreed.

Senator Batters: Again, I think this is one that we need to have the government amendment dealt with so that it’s an operative part of the bill.

The Chair: Does the committee agree to proceed and postpone clause 14?

Hon. Senators: Agreed.

The Chair: Shall clause 15 carry?

Senator Batters: I have questions about clause 15.

The Chair: Is there a specific official you want to hear from, Senator Batters?

Senator Batters: I don’t know. I can’t pick from the 25 or so . . .

The Chair: Raise your question in general, and the officials are listening and will come forward as appropriate.

Senator Batters: My first question will be about the Gender-based Analysis Plus full document.

The Chair: Please identify who you are, and —

Colin MacSween, Director General, National Cyber Security Directorate, Department of Public Safety and Emergency Preparedness: Thank you very much, senator, for the question.

The GBA Plus that was conducted formed part of the memorandum to cabinet, and it was in confidence. What was provided to the committee was a summary of the analysis that was conducted in the interest of transparency.

Senator Batters: Thank you, but the chair asked you to just identify yourself, and then I would ask the question. What is your position, please?

Kelly-Anne Gibson, Acting Director, National and Cyber Security Branch, Public Safety Canada: We can help you, I think. My name is Kelly Anne Gibson, and I am here with Director General Colin MacSween.

Senator Batters: Thank you.

In my second reading speech and, prior to that, I was asking for the Gender-based Analysis Plus document. This is a document prepared by the government for the last eight or more years, every single time we have a government bill. I have not sat on this committee, as I was saying before, but at Legal Committee, every single time we get a government bill, we get Gender-based Analysis Plus. It is available for the public on the website as part of the documentation that’s available.

When I initially asked about it and asked the sponsor, the answer that came back initially from the government is that it doesn’t exist and that it will be done during the regulation process. That was the initial answer that we got, so that’s what I indicated in my second reading speech in the Senate chamber. Then, the day the ministers came, the very first day that this committee sat to deal with Bill C-26, I asked the officials at that committee meeting about that gender-based analysis documents — the officials were there for the second hour of that meeting — then, all of a sudden, it came out that there was a Gender-based Analysis Plus summary that had been provided to committee members a few hours before, probably when I was still flying in that day.

Later that week, during Question Period, I asked Senator Gold, the government leader, “Okay, there is a summary, so where is the full document? Does it actually exist?” Senator Gold never gave me an answer to that, and I have never heard anything further from the government about that.

Now, today, you come here and tell us that it is actually a cabinet confidential document. Why? I sit as the deputy chair of the Senate Legal Committee, and a lot of government bills come to that committee. For every single one of them, there is a Gender-Based Analysis Plus document. It is not a cabinet confidential document; it is usually posted on the department website so the public can see it. That is part of the government’s commitment to have those documents publicly available.

So why would this document be subject to cabinet confidentiality? What is this reason this one is different than all the other government Gender-based Analysis Plus documents?

Mr. MacSween: Thank you very much, senator, for the question.

I can’t speak to the other documents that have been provided in the past; I’m only aware of what was done in this case. As far as I know, it is standard procedure to produce the gender-based analysis as part of the memorandum to cabinet, which is subject to cabinet confidence.

Senator Batters: Okay.

In the Gender-based Analysis Plus summary that I received, there was a big emphasis on rurality — people living in rural areas. I’m not sure how many of these documents you’ve seen, but I have seen a lot of them, and I do not think I’ve ever seen one that listed rurality as being an issue and something that needs to be dealt with in a Gender-based Analysis Plus document. Why was that included in there, and how does that fit within the general scope of that type of a document?

Mr. MacSween: When the document was initially developed, it is an expansive review. It is done primarily in the role of cybersecurity. I would suggest one of the reasons that the issue of rurality was included was simply because of the geographic nature of Canada.

What we’re talking about in the bill, specifically in Part 2, is the provision of vital services and systems to Canadians. I suppose there are different considerations when you think about people in rural areas as opposed to those in urban areas: connectivity for internet, just even access to 5G, for example, connectivity and telecommunication services. In other parts, too, for people in rural areas, in some cases it is possible they may depend more on the delivery of electronic services. So there are considerations that you would find in a gender-based analysis that would consider those pieces.

Senator Batters: One thing that I also noticed in the Gender‑based Analysis Plus summary, which was a few pages long, is that there were only two lines in that entire document actually about women in a Gender-based Analysis Plus document. Why is that?

Mr. MacSween: Part of it may just be the nature of the summary, but I can’t speak to those exact details now.

Ms. Gibson: It was my team that was responsible for doing the gender-based analysis as part of the Memorandum to Cabinet. It was my team that summarized the document. When it was requested, we provided it. It would not have been just two lines in the Memorandum to Cabinet. It would have been summarized in two lines.

Senator Batters: The document is a few pages, so it is quite surprising to see just a couple of lines out of even a few pages. I will move on from that topic.

I have other questions, because proposed section 15 contains many problematic areas potentially. Another one of those is section 15.4, which is in the document that we received from the government about answering some questions and answers about privacy and other issues that have come up frequently in Bill C-26. I would like to ask about that.

As I was saying earlier, the government provided this document through the sponsor of the bill, Senator McNair, and provided some Q and As to different topics. Then I asked Professor Matt Malone, who is familiar with this bill, to give me his take on it. The committee members have received that information. I would like to ask many more questions here, because this is a big, important bill, and there are many problems with this bill as it exists right now.

One of those issues in the Q and A is when the question was, “Do the privacy and reporting safeguards in Bill C-26 apply to section 15.4?” Part of the answer that the government gave is:

As an example of how section 15.4 may be used, the minister could ask for technical details on a network architecture or what actions an operator has taken to implement an order.

Mr. Malone’s response to that was:

Okay. Fair hypothetical, but despite covenants from the government officials at the CSE that the type of information that would be collected pertains largely to “technical information,” an amendment to restrict the data collection specifically to technical information was explicitly rejected in Parliament, in the House of Commons.

Can you provide more guidance on that? As the example that was used, it seems to not really be answering that particular question.

Mr. MacSween: Thank you, senator, for that question, I will ask the colleagues from ISED to join us as well because they have responsibility for that particular section.

Andre Arbour, Director General, Strategy and Innovation Policy Sector, Innovation, Science and Economic Development Canada: I’m Andre Arbour, and I am the director general of telecommunications and internet policy at ISED.

As a point of clarification, the document you are referring to, my understanding is that is 15.4 of Part 1.

Senator Batters: Okay.

Mr. Arbour: It is not clause 15 of Part 2. To be clear, that is where we are at?

The Chair: Clause 15.4.

Senator Batters: That is how it was referred to in the government Q and A document, 15.4.

Mr. Arbour: Yes, certainly.

The information collection power there is modelled after the existing section 37 of the Telecommunications Act, which allows for authorities to collect information relevant to regulatory making in the telecommunications space. It ensures that that information can be collected relevant to order-making for the security purposes of the act.

There are a number of guardrails that scope its collection. First of all, the authorities can only be used to protect the Canadian telecommunications system as opposed to advanced security or law enforcement authorities writ large. Information can only be collected that’s relevant to making, amending, revoking or verifying compliance with an order.

I find that using a tangible example can be useful in this type of context. The orders are subject to telecommunications service providers. I will use Bell Canada as an example, not to beat up on Bell, but people know who Bell is.

Senator Batters: If we get into that general of a discussion on every particular point, my colleagues will soon lose patience with this. I specifically was asking about the example that was given in the government-provided Q and A, and it was about technical information. My question was specifically related to technical information. Isn’t it correct that an amendment to specifically exclude it was rejected in the House of Commons committee?

Mr. Arbour: I’m actually not sure what that is in reference to.

Senator Batters: I don’t know. I don’t know who prepared this government Q and A document.

Mr. Arbour: I’m not sure what — the reference to an amendment that was rejected wasn’t in a government document.

Senator Batters: No. As I was saying, that is Professor Matt Malone’s response to what the government provided in the Q and A document. He was saying that the technical information amendment that was proposed in the House of Commons was rejected.

Mr. Arbour: Do you know what that is in reference to?

Ms. Gibson: I want to try to make sure I understand what the question is about. In the House of Commons, after the bill went through SECU, there was a removal of an amendment that was made, and it was related to data retention. Is that what you are referring to?

Senator Batters: That is a separate issue yet.

Ms. Gibson: Okay.

Senator Batters: That is later in the Q and A document. What the government wrote — and again, I don’t know. Maybe it is people here or maybe people outside of this room. The government Q and A said:

As an example of how section 15.4 may be used, the minister could ask for technical details on a network architecture or what actions an operator has taken to implement an order.

Professor Malone’s response to that was to point to the fact that to simply brush it off as, oh, that’s technical information, don’t worry, no problem — he points out an amendment to restrict the data collection specifically to technical information was explicitly rejected in Parliament, in the House of Commons.

Mr. Arbour: I recognize the first part which gave the example and spoke to technical information. I’m not sure what Dr. Malone is referring to about an amendment. To the contrary, there were a number of amendments put forward to explicitly protect personal information in response to stakeholder concerns. For instance, amendments were adopted to underscore the applicability of the Privacy Act. An amendment was adopted to have definitions of personal information and de-identified information. A number of those were adopted to protect that.

Senator Batters: He refers in the footnote — it is even footnoted because he’s good that way — to the House of Commons Standing Committee on Public Safety and National Security, April 8, 2024, at 1540, Steve Bolton. I am not sure if we are going to get more clarification on that. Maybe I will move on.

I have another question about proposed section 15.4 in that government Q and A document. The government’s response to it is to say:

Section 15.4 is not intended to capture personal information, nor does it allow for surveillance. The focus is on the network, not on consumers.

That is what the government responded in this document. Professor’s Malone’s response to that is to say that might be the intention, but the ambit of the legislative text is much wider.

This is what the actual provision in the bill says:

The Minister may require any person to provide to the Minister or any person designated by the Minister, within any time and subject to any conditions that the Minister may specify, any information that the Minister believes on reasonable grounds is relevant for the purpose of making, amending or revoking an order under section 15.1 or 15.2 . . .

Professor Malone says that this clearly does include personal information.

What is your response to that? The government point was to say that section is not intended to capture, but, really, you have to look at, of course, the wording of that particular provision, and it seems clearly to capture potentially personal information.

Mr. Arbour: Thank you for the question.

I disagree with Dr. Malone’s assertion that the authority can be used just to collect whatever information is desired. This is because of the grounding in both the policy objective as well as that the information must be reasonably relevant to the making, amending, revoking or ascending compliance with an order. Someone’s personal information is not germane to that activity.

For instance, when issuing an order on what equipment telecom operators can install on their network, someone’s individual data traffic or what have you is not relevant to whether a piece of equipment is secure or not. It is not relevant to whether the duration of a battery backup facility at cell towers is 8 or 24 hours or 48 hours. I could go through other specific examples. The actual browsing history or personal information of an individual is not relevant to the underlying network-management decisions of the telecom service providers and is not relevant to the order-making that would govern the behaviour there.

Senator Batters: Mr. Arbour, Professor Malone goes on to say that the power contained in that provision is only subject to a subjective standard, that being the minister’s opinion that an order is necessary to secure that. Isn’t that correct?

Mr. Arbour: I would respectfully disagree.

We are subject to the Supreme Court, and in the Supreme Court’s Vavilov decision, for instance, it includes detailed, lengthy criteria for what constitutes reasonableness. As an example, the degree of intrusion that the government would be imposing needs to be commensurate with the level of the issue there. The Charter also sets out section 8 provisions, and there is a default presumption from the Supreme Court that a warrantless search involving personal information is unreasonable. There are additional guardrails and criteria that we’re required to follow established by the Supreme Court and by the Charter.

Senator Batters: Right. Just because it exists in the Charter does not necessarily mean that the warrantless provisions — both the Privacy Commissioner and Intelligence Commissioner have come to this committee and said that they likely do contravene the Charter. All of these would, of course, be subject to Charter challenges, and Charter challenges are very possible to be dealt with. Yes, of course, section 8 says that in the Charter, but that doesn’t necessarily mean that the provisions of this bill will be found to comply with it once the courts actually look at it, correct?

Mr. Arbour: There are several decades of precedent using the parallel provision, section 37. I am not aware of a single issue since 1993.

Because it will be used to collect commercial information from carriers and not personal information, frankly, I don’t anticipate any issue regarding Charter compliance within reasonable search and seizure or section 8. However, should there be a minister that abuses the authority in 10 or 20 years, the protections that are provided by the Charter backstop and ensure that Canadians’ rights are respected.

Senator Batters: First of all, it would, of course, only apply to unlawful searches, and Bill C-26 is potentially providing that all of these types of searches would be lawful, not unlawful. That would be one of my points.

I also wonder, what do you think about the very significant concerns that both the Privacy Commissioner and Intelligence Commissioner voiced at this committee a couple of weeks ago about those types of warrantless searches?

Mr. Arbour: First, the information collection needs to be reasonably relevant to be an order-making activity. It can’t just be for no reason at all. It needs to be reasonably linked to an actual order-making activity. We could say, for example, “Bell, we need you to change some aspect of your network, so we are asking for this information.”

Senator Batters: As determined by the minister, right?

Mr. Arbour: Yes.

Senator Batters: Yes.

Mr. Arbour: But reasonably relevant.

Senator Batters: Sure. But the minister believes —

Mr. Arbour: We would need to justify why those things are related, so there is already the protection there.

My apologies, I think that I have forgotten the second part of your question.

Senator Batters: The Privacy and Intelligence Commissioner concerns.

Mr. Arbour: Yes. One thing I have encountered in discussions with the section is individuals who come from a privacy and a law enforcement background who are unfamiliar with administrative law and regulation of commercial activities.

Senator Batters: You are saying that the Intelligence Commissioner and the Privacy Commissioner are unfamiliar?

Mr. Arbour: I don’t know. One thing that I have encountered — I do not know their mindset, but I have —

Senator Batters:  — a federal court judge.

Mr. Arbour: I have encountered surprise when people encounter this provision. They say, “Oh, a warrantless search. That sounds extreme.” However, because it is scoped to the order-making and regulation of commercial activities — and in fact, there is a long precedent of this type of authority for regulating commercial activities — and given the precedent that does exist there, it is why, from our perspective, in addition to the existing privacy controls that have been added for greater certainty, there is adequate protections for the power in question.

The Chair: Senator Batters, do you have more questions for these witnesses on this section?

Senator Batters: When we start to question the Privacy Commissioner and Intelligence Commissioner with —

The Chair: We are not going to relitigate with previous witnesses before the committee. We can ask these witnesses specific questions. It is also fair for the committee to be reasonable in regard to the idea we’re not going to re-examine things we already have examined. We are now in clause-by-clause. If you have a specific issue that they have not answered, I would appreciate you doing so. Otherwise, we need to move on.

Senator Batters: Okay. I have a question in one other area, also in proposed section 15, section 15.2.1, about how the minister is required to table an annual report. I would like to ask whichever official is responsible for that section what would happen if the minister did not provide such a report. What would be the consequences for that?

Mr. Arbour: The authority is between the minister and Parliament. Ultimately, I believe it would be up to Parliament in terms of how or if it wanted to investigate and/or, for instance, call the minister to appear to explain why the report had not been tabled.

[Translation]

Senator Dagenais: We have heard from numerous witnesses on this bill. With all due respect for my colleague, I expect that she also had witnesses who testified. They did not necessarily raise the issues we are discussing today. I do not know if we are now questioning the witnesses again or if we are doing clause-by-clause consideration.

[English]

The Chair: Let me remind you where we are at. Shall clause 15 be carried?

Some Hon. Senators: Agreed.

Senator Batters: Recorded vote, please.

The Chair: Recorded vote.

Ms. Paajanen: The Honourable Senator Yussuff? This is for clause 15 carrying.

Senator Yussuff: Yes.

Ms. Paajanen: The Honourable Senator Anderson?

Senator Anderson: Yea.

Ms. Paajanen: The Honourable Senator Batters?

Senator Batters: No.

Ms. Paajanen: The Honourable Senator Boehm?

Senator Boehm: Yea.

Ms. Paajanen: The Honourable Senator Cardozo?

Senator Cardozo: Yea.

Ms. Paajanen: The Honourable Senator Dagenais?

Senator Dagenais: Yea.

Ms. Paajanen: The Honourable Senator Dasko?

Senator Dasko: Yes.

Ms. Paajanen: The Honourable Senator Deacon, Ontario?

Senator M. Deacon: Yea.

Ms. Paajanen: The Honourable Senator Kutcher?

Senator Kutcher: Yea.

Ms. Paajanen: The Honourable Senator LaBoucane-Benson?

Senator LaBoucane-Benson: Yea.

Ms. Paajanen: The Honourable Senator McNair?

Senator McNair: Yea.

Ms. Paajanen: The Honourable Senator Patterson?

Senator Patterson: Yea.

Ms. Paajanen: The Honourable Senator Richards?

Senator Richards: Nay.

Ms. Paajanen: Yes, 11; no, 2; abstentions, 0.

The Chair: Clause 15 has carried.

We will move now to clause 16. Shall clause 16 carry?

Hon. Senators: Agreed.

The Chair: Shall clause 17 be carried?

Hon. Senators: Agreed.

The Chair: Shall clause 18 be carried?

Hon. Senators: Agreed.

The Chair: Now we have a new clause, Senator LaBoucane-Benson?

Senator LaBoucane-Benson: Thank you, chair.

Colleagues, I will read the amendment first, and then I have a few remarks.

I move:

That Bill C-26 be amended on page 90 by adding the following after line 26:

PART 3

2024, c. 16

Amendment to the Countering Foreign Interference Act

19 Subsections 110(3) to (9) of the Countering Foreign Interference Act are replaced by the following:

(3) If section 11 of the other Act comes into force before section 84 of this Act, then, on the day on which that section 84 comes into force, item 5 of the schedule to the Canada Evidence Act is repealed.

(4) If section 84 of this Act comes into force before section 11 of the other Act, then that section 11 is deemed never to have come into force and is repealed.

(5) If section 11 of the other Act comes into force on the same day as section 84 of this Act, then that section 11 is deemed never to have come into force and is repealed.

(6) On the first day on which section 145 of the Critical Cyber Systems Protection Act, as enacted by section 12 of the other Act, and section 84 of this Act are in force, paragraphs 145(1)(a) to (e) of the Critical Cyber Systems Protection Act are repealed.

(7) If section 13 of the other Act comes into force before section 84 of this Act, then, on the day on which that section 84 comes into force, item 6 of the schedule to the Canada Evidence Act is repealed.

(8) If section 84 of this Act comes into force before section 13 of the other Act, then that section 13 is repealed.

(9) If section 13 of the other Act comes into force on the same day as section 84 of this Act, then that section 13 is deemed never to have come into force and is repealed.

Colleagues, this amendment addresses a drafting error related to the interaction between Bill C-26 and the former Bill C-70, which we passed in June.

Bill C-70 established a new framework for the secure administrative review proceedings which are legal proceedings where certain information needs to be kept confidential for security reasons. As we heard during our study of Bill C-26, these kinds of proceedings have existed in Canada for a long time, but they have been governed by a variety of different statutory frameworks in several different acts. Bill C-70 repeals most of those different frameworks and replaced them with a standardized approach featuring consistent rules and safeguards. These include allowing for the appointment of special counsel to protect the interests of parties to whom certain information is not disclosed.

Bill C-70 also anticipated the possible adoption of Bill C-26, saying in a coordinating amendment that when and if both bills take effect, the standardized framework in Bill C-70 supplants the bespoke regime in Bill C-26. The technical error that has been identified is in the numbering of the clauses in that coordinating amendment in Bill C-70. That’s what my amendment would fix.

In fact, the numbering in Bill C-70 was initially correct. What happened was that the House committee deleted clause 10 of Bill C-26, causing the numbering of all of Bill C-26’s subsequent clauses to shift by one, Clause 11 became clause 10, clause 12 became clause 11 and so forth. As a result, Bill C-70 would end up repealing the wrong clauses of Bill C-26. Quite simply, my amendment would adjust the numbers of the clauses referenced in Bill C-70 so that the right clauses of Bill C-26 get repealed.

This is obviously not a substantive change to the bill, just a technical fix. It would still mean, though, that we have to send Bill C-26 back to the House of Commons before it can get Royal Assent. That would necessarily extend the process and add some degree of uncertainty, which is unfortunate because of how important this legislation is. Canada’s telecommunications systems and critical infrastructure face unprecedented and growing cyber threats from state and non-state actors around the world. Canadians rely on these systems for our well-being. We need to protect them more effectively and as soon as possible. Bill C-26 is a major step towards achieving that objective, and it is vital that we get it adopted before the end of this Parliament.

I encourage you to join me in supporting this amendment so we can send the corrected bill to the House. Hopefully, since this is just a technical fix to legislation MPs have already passed, they will manage to adopt the final version expeditiously.

I will conclude, since I have the floor, by thanking the committee for all of the hard work that you have done on Bill C-26, especially both chairs who have presided over the study, Senators Yussuff and Dean, and Senator Batters for her work as critic and the sponsor Senator McNair for taking on a consequential bill and shepherding it through the legislative process to this point.

The Chair: Thank you.

Senator Batters: I have a number of questions about this. I am not sure which officials are the correct ones to deal with this. You are already seated there? Okay. Thank you. All right.

Could you first start by explaining why the department did not include the correct references in Bill C-70, given that the amendments to Bill C-26 were already known as that Bill C-26 was first introduced in Parliament in 2022?

Mr. MacSween: Thank you, senator, for the question.

As we heard, the issue here is one of timing. Unfortunately, as the legislation was read for the third time, so the updated act that was provided and the legislation was read for the third time, that happened the day before Bill C-70 received Royal Assent. There was insufficient time to catch the numbering error. As pointed out, what was originally in Bill C-70 was actually correct. It was unfortunately due to the amendment in the House committee.

Senator Batters: Why didn’t the department then realize that inconsistency? Obviously they were following the House of Commons committee closely? Why did it take until the very last stage, the Senate committee clause-by-clause, until that error was realized? How did we end up passing Bill C-70, which had incorrect references?

Mr. MacSween: As I mentioned, Bill C-70 received Royal Assent the day after Bill C-26 was read for a third time. Again, it was an issue of timing there. The next opportunity that we had to amend it would have been clause-by-clause in the Senate.

Senator Batters: When you were speaking about third reading, you were meaning House of Commons third reading, right?

Mr. MacSween: Can you repeat that?

Senator Batters: When you said “third reading,” which you were just referring to, that was House of Commons third reading, because Bill C-26 didn’t come to the Senate until the very last day we were sitting in June.

Mr. MacSween: It was June 19, I believe.

Senator Batters: Several months passed in between then and now. This was a coordinating amendment. What is the usual process for managing coordinating amendments between two bills when one is amended during the legislative process? Are there any alert or notification mechanisms to prevent these types of errors? Who is responsible for verifying that type of consistency of references?

Mr. MacSween: Thank you for the question.

On the last point, there would be a number of steps in the process and a number of groups responsible for ensuring that, whether it be the legislative drafters or legislative in-house planning within the Privy Council Office or the Parliamentary Affairs Group within Public Safety itself. The idea is that it would be caught along the way, as was the case here.

With regard to the actual process it goes through, I have to come back to the point that it was an issue with the speed at which Bill C-70 passed. That was fairly unprecedented. Given the timing, I would say that it is quite exceptional for this to happen. Certainly, it is the first time I have experienced it. I would almost consider it a one-off.

Senator Batters: I recall that Bill C-70 was going through the Senate at lightning speed in June. The government was telling us that we had to pass it right away. I’m not even certain if it had a committee, or maybe only Committee of the Whole, I’m not sure, but that’s definitely a reason to have a thorough Senate committee study always.

These drafting errors are particularly concerning, especially given the fact that the acts they are dealing with relate to two very important government bills. One of the coordinating measures here could have ended up repealing the entire section 12 of Bill C-26, which provides for the enactment of the Critical Cyber Systems Protections Act. What would have been the consequences if this bill had actually passed with those errors?

Mr. MacSween: Thank you.

The result would have been the deletion of the provision that would enact the legislation itself. Theoretically, in the process, there would have been an opportunity to correct it one last time before it actually received Royal Assent through another legislative vehicle, if it had somehow made it through without being caught.

Senator Batters: What would that legislative vehicle have been?

Mr. MacSween: It could have been any legislative vehicle.

Senator Batters: Could you give me an example? If we had gone through a clause-by-clause examination last week and it hadn’t been caught there, when do you think it might have been caught?

Mr. MacSween: Sorry, could you please repeat the last part of your question?

Senator Batters: Last week, we could have done the entire clause-by-clause examination and not known about these errors. What process is in place with your department that would have involved having one last look at the bill — does that happen? — prior to it going through third reading in the Senate? How would that have happened?

Mr. MacSween: The clause-by-clause analysis is probably the best place to actually have picked that up, because you are going through each individual clause at the same time and ensuring that coordination is there. Indeed, that’s how the amendment came up.

Obviously, the drafters would have to review it following clause-by-clause analysis. They would have to be prepared for third reading. So, there would be a few points at which it could have been caught again after a clause-by-clause analysis if for some reason it had made it through.

Senator Batters: Regarding clause-by-clause, you have seen today how quickly we passed several pages of clauses. No one was looking closely to check the commas at that stage, so it is very possible. Given this situation, how can we be certain that no other government bills would be affected by this type of error? Are measures being put into place with your department and others to make sure that those types of problems don’t happen again?

Mr. MacSween: When the issue came up, we did a double-check of any related coordinating amendments to make sure there were no other issues, and we have not found anything. As I said, this is a truly unique experience. It is very exceptional. We are looking at lessons learned from this, certainly within our department, to understand what went wrong and in the future how we would determine that. The process is ongoing right now, but we’re trying to learn from this as much as we can.

Senator Batters: No other measure has been put in place yet, mainly because you are thinking that it is kind of a one-off. I will give you another example. We just had Bill C-78. This was in a totally different department, but it passed through the House of Commons in one day. I’m not sure how quickly the government will try to get that bill passed in the Senate. Once in a while, we have these types of bills that the government wants to have passed very quickly, and there is no time for committee study and no time for anything — just get it passed right now. If there isn’t such a measure being developed by the government departments right now, I guess I would highly encourage you to do that, because sometimes one-offs happen more often than you think they would.

Senator McNair: I want to say that I support this amendment completely. I appreciate officials trying to deal with hypothetical questions on hypothetical situations. It is a lesson learned by everyone in this room — everyone around this table. All the officials and all the staff in this room will be looking at coordinating amendments sections of legislation going forward and trying to avoid it ever happening again. This was a highly unusual situation. It is human error. Mistakes are made. Thankfully, staff caught it before it went through enactment. The representative from the Government Representative Office, or GRO, indicated that we have unprecedented cyber threats at this time. This legislation is critical. I thank the staff in the GRO and I thank officials for getting the amendment turned around so quickly so that we could be here today to do the clause-by-clause analysis.

The Chair: Is there anybody else on this?

The Honourable Senator LaBoucane-Benson moved that Bill C-26 be amended on page 90 after line 26 — shall I dispense?

Hon. Senators: Dispense.

The Chair: Is it your pleasure, honourable senators, to adopt the motion in amendment?

Hon. Senators: Agreed.

The Chair: Carried.

Shall the new clause 19, as amended, carry?

Hon. Senators: Agreed.

The Chair: Carried. We return to clause 12 now that we have passed this.

Senator Batters: As critic of this bill, there were many different areas for which I considered bringing amendments forward, but I decided to limit it to the one that I thought was the most significant, which is related to when we had the Privacy Commissioner in front of our committee a couple of weeks ago, on November 18.

First, I will read the amendment, and then I will go into a bit of the background around it. I move the following amendment:

That Bill C-26 be amended in clause 12, on page 28, by adding the following after line 31:

19.1 The Communications Security Establishment must give a copy of any incident report to the Privacy Commissioner, appointed under section 53 of the Privacy Act, if:

(a) the incident resulted or is likely to result in access to or the disclosure of personal information, as defined by the Personal Information Protection and Electronic Documents Act, in contravention of that Act, or the loss of that information; and

(b) it is reasonable in the circumstances to believe that the incident creates a real risk of significant harm to an individual as a result.”.

Now that we have amended this bill, there is not the same critical urgency to not have any amendments because this bill is now already amended and will go back to the House of Commons with the amendment that we just passed to correct the bill. As a result, we have a little bit more free rein.

When the Privacy Commissioner, Philippe Dufresne, appeared before our committee on November 18, 2024, in his opening remarks, he said this:

The bill recognizes the importance of collaboration between domestic and international counterparts to ensure that critical infrastructure is protected against a variety of threats. In order to further enhance this collaboration, my office should also be notified about cyber incidents that may result in a material breach. This could include being notified by the Communications Security Establishment . . . whenever it receives a report of a cyber incident that may pose a real risk of significant harm to an individual.

When I was asking the Privacy Commissioner questions, I said:

Dealing with some important issues here, your office is able to initiate investigations and to review compliance with the Privacy Act, and there are certain sections in Bill C-26 that allow your office to initiate investigations at your discretion, but as you were saying in your opening remarks, you’re recommending that your office should be notified about cybersecurity incidents where a real risk of a privacy breach occurs, because as we’ve heard about this bill, there could be situations where you never know about it. Unless that recommendation is actually put into effect in the bill, how would you know that you need to initiate an investigation? Is that your concern about this?

Mr. Dufresne responded:

Well, it is. To be clear, we have great working relationships with the Communications Security Establishment Canada, but when you’re talking about confidential information or breach reports, there is going to be reluctance to sharing that unless you have legal authority to do so. I would be reluctant to do the same. That’s why in this instance it would be important that the bill be amended to provide this clear authority to our colleagues at the CSE because privacy and cybersecurity have this in common: They’re both built on the principle of safeguarding the information that you have commensurate to the risk and commensurate to the context. So we have a lot to learn from each other. We work very well together, but in this instance, my worry is that we’re not going to know, and CSE is not being to be able to tell us. That is a loss for Canadians because they can’t have this privacy prism on that.

I thought that if the Privacy Commissioner doesn’t know about something, how can he possibly actually know that he should investigate and initiate an investigation, and it seemed to me to be absolutely imperative that when we’re dealing with a bill as important as the cybersecurity act, that the Privacy Commissioner — in an area where many different privacy concerns could be raised, it is very important that he would have that knowledge to be able to know if something is important for him to initiate an investigation or not.

As a result of that, I decided to provide only one amendment — just this amendment was the one that I chose. I consulted with the Privacy Commissioner on that, and once we had the wording for this amendment, given the very direct testimony that we heard from the Privacy Commissioner about that, I am pleased to say that the Privacy Commissioner does endorse this wording of this amendment and believes that this is going to provide what they need. His office said this:

We are supportive of adding a provision to the bill that would add a requirement for the Communications Security Establishment to provide the Office of the Privacy Commissioner with a copy of the incident report with respect to cyber incidents that may entail a privacy breach that presents a real risk of significant harm. We believe this would promote greater regulatory coordination and collaboration and ensure that the Office of the Privacy Commissioner is advised of real or potential breaches that may or may not otherwise be reported by designated operators under PIPEDA.

Especially now that we already have an amended bill, I think it is a good opportunity to put forward this amendment. It is very targeted. It doesn’t provide all information, but simply it limits it to that which would be reasonable in the circumstances to believe that the incident creates a real risk.

It also deals with a bit of an issue that was identified by the legislative drafters when I was working with the Office of the Law Clerk for the Senate about this, that — to make sure that the wording of “personal information” is — that’s why there is that reference in the amendment to say “. . . personal information, as defined by the Personal Information Protection and Electronic Documents Act, . . .” It is specifically put in there to make sure it is clearly defined, because the legislative drafter had advised that it was not clearly defined in the Critical Cyber Systems Protection Act, so this makes absolutely clear what we are talking about here.

I tried to provide a very targeted and important amendment, and I ask for your support.

The Chair: It is moved by Honourable Senator Batters that Bill C-26 be amended on clause 12, page 28, line 31 — shall I dispense?

Hon. Senators: Dispense.

Senator McNair: May I make a comment in response? I wanted to thank Senator Batters for her targeted amendment, the draft language and for her observations with respect to it.

My concern with the amendment is that when I look at section 10.1 of the Personal Information Protection and Electronic Documents Act, or PIPEDA, it already requires:

An organization shall report to the Commissioner any breach of security safeguards involving personal information under its control if it is reasonable in the circumstances to believe that the breach creates a real risk of significant harm to an individual.

So if a cybersecurity incident resulted in the risk of significant harm to an individual, the designated operator would already be required to report the incident to the Privacy Commissioner in accordance with PIPEDA. That means the Privacy Commissioner will know about the breach from the designated operator.

My second concern is that the Office of the Privacy Commissioner specifies the information that entity must report in the event of a privacy breach. Obviously, since cyber incident reporting is designed only to obtain information about the technical threats facing the architecture of the critical cyber systems, these reports are, in my view, unlikely to provide additional assistance in assessing the consequences of a privacy breach for the commissioner.

The third thing to consider is that, importantly, requiring CSE to report to the Privacy Commissioner could arguably undermine its intended role, and its mandate is to provide neutral advice and guidance to both designated operators and regulators. The risk is that CSE could be seen as being more akin to a regulator instead of a neutral adviser, and this could have a negative effect on designated operators’ willingness to provide information. This risk seems to me to be unwarranted given that the incident reports are unlikely to provide significant additional value to a breach assessment by the Privacy Commissioner.

The amendment would create a potential scenario where the Privacy Commissioner would be receiving two reports for the same incident, one from the designated operator and one from CSE. I am of the view that designated operators, not CSE, are best placed to determine whether a cyber incident meets the threshold outlined in PIPEDA.

As I alluded to earlier, the amendment risks CSE being perceived as a regulator rather than a neutral provider of technical advice and guidance to all parties. I think this could result in designated operators being less likely to work with CSE beyond meeting their mandatory requirements to report under Bill C-26, which, I argue, would have a negative impact on the regime and the intent of the legislation as a whole.

For the reasons I have mentioned and outlined, I intend to vote against the amendment.

The Chair: Thank you. Anybody else?

Senator Batters: First of all, yes, as I acknowledged, there are situations which would currently be covered under the existing provisions, but this would be intended to cover those situations but also the situations that are not currently covered. As the Privacy Commissioner stated when he testified, there are situations where he would not be advised about it, and if he doesn’t know about it, how can he possibly do any investigation to ensure that Canadians’ privacy is being properly protected?

Also, the Privacy Commissioner works very well currently with the CSE and wants to continue that. In some additional information that I was provided by the Office of the Privacy Commissioner, they actually said that their office has developed guidance and tools for organizations to assess this real risk of significant harm. The Office of the Privacy Commissioner said they would be pleased to share that information with the CSE to help the organization develop a framework for assessing the real risk of significant harm so that the organization could assess reports consistently. They are very pleased to work with CSE, and they have had a good working relationship with them in the past, but as was stated by Mr. Dufresne when he was in front of our committee, without that clear authority being given to CSE that these breach reports are going to be required to be provided, then they cannot really provide those types of reports. So just to make sure that Canadians’ privacy is being protected, if the Privacy Commissioner does not know about it, he can’t possibly protect Canadians’ privacy.

I’m sure he is not looking for a lot of duplicative work. That’s not a topic that he raised. In fact, the Privacy Commissioner specifically said that he wanted it limited to pose a real risk of significant harm to an individual, and that’s why I included that very wording in the amendment. It was precisely with the Privacy Commissioner’s feedback in mind.

Senator McNair: Thank you for that, Senator Batters.

I just wanted to say that I have spoken to officials, and officials are proud of the working relationship they have with the Privacy Commissioner, and they will continue to use that to the advantage of both individuals as far as the exchange of information, but there is the requirement under 10.1 of PIPEDA that the designated operators will have to advise of a cybersecurity incident. He has the investigatory powers that you mentioned earlier to investigate anything they deem appropriate in the circumstances. The relationship and the discussion will continue, but it’s redundant to have the two processes going at the same time.

Senator Batters: What about designated operators that are not subject to PIPEDA?

Senator McNair: The designated operators that I’m aware of are subject to PIPEDA, private entities.

Senator Batters: Are they all, to the officials?

Mr. MacSween: Yes. To our knowledge, PIPEDA is the counterpart to the Privacy Act legislation, and it applies to entities outside the federal government.

Senator Batters: Sorry, what was that? Are all designated operators subject to PIPEDA or not?

Ms. Gibson: Right now, the way the legislation is set up, we have not yet designated operators. That happens post-Royal Assent, if that should come to fruition. So we don’t technically have a list. However, the designated operators that we would envision who would become designated would be part of it.

Senator Batters: “Envision” is quite a different thing than “currently exists.” I stand to say that yes, we need to have this. The Privacy Commissioner, a widely respected individual in this government, needs to make sure that whatever the regulatory process that might be done in the years to come — and it will probably take a couple of years, is what I have been hearing previously — we need to make sure that all designated operators are covered by this, and I ask my amendment receive support. Thank you.

The Chair: Do any other senators wish to speak on the record on this amendment?

Honourable senators, do you agree to adopt the motion in amendment?

Some Hon. Senators: Yea.

Some Hon. Senators: Nay.

The Chair: We have a request for recorded vote.

Ms. Paajanen: This vote is on the motion in amendment to clause 12.

The Honourable Senator Yussuff?

Senator Yussuff: No.

Ms. Paajanen: The Honourable Senator Anderson.

Senator Anderson: Abstain.

Ms. Paajanen: The Honourable Senator Batters?

Senator Batters: Yes.

Ms. Paajanen: The Honourable Senator Boehm?

Senator Boehm: Nay.

Ms. Paajanen: The Honourable Senator Cardozo?

Senator Cardozo: Nay.

Ms. Paajanen: The Honourable Senator Dagenais?

Senator Dagenais: No.

Ms. Paajanen: The Honourable Senator Dasko?

Senator Dasko: No.

Ms. Paajanen: The Honourable Senator Deacon (Ontario)?

Senator M. Deacon: No.

Ms. Paajanen: The Honourable Senator Kutcher?

Senator Kutcher: No.

Ms. Paajanen: The Honourable Senator LaBoucane-Benson?

Senator LaBoucane-Benson: No.

Ms. Paajanen: The Honourable Senator McNair?

Senator McNair: Nay.

Ms. Paajanen: The Honourable Senator Patterson?

Senator Patterson: Nay.

Ms. Paajanen: The Honourable Senator Richards?

Senator Richards: Yes.

Ms. Paajanen: Yes, 2; no, 10; abstentions, 1.

The Chair: I declare the motion in amendment is defeated.

We move now to the entire clause 12. Shall clause 12 carry?

Some Hon. Senators: Agreed.

An Hon. Senator: On division.

The Chair: On division.

We return to clause 14. Shall clause 14 carry?

Hon. Senators: Agreed.

The Chair: Shall Schedule 1, page 91, carry?

Hon. Senators: Agreed.

The Chair: Shall Schedule 2, page 91, carry?

Senator Batters: On division.

Some Hon. Senators: Agreed.

The Chair: Shall the title carry?

Hon. Senators: Agreed.

The Chair: Shall the bill, as amended, carry?

Hon. Senators: Agreed.

The Chair: Is it agreed that the Law Clerk and Parliamentary Counsel be authorized to make necessary technical, grammatical, or other required non-substantive changes as a result of the amendments adopted by the committee, in both official languages, including updating cross-references and renumbering of provisions?

Hon. Senators: Agreed.

The Chair: Does the committee wish to consider any appending observations?

Senator Kutcher: You all have in front of you the observation that I propose. I will read it into the record:

Your committee heard that there are valid and pressing concerns regarding cyber security protections for health systems and data. Your committee urges the Government of Canada to take steps to work with provincial and territorial governments to address these concerns with a pan-Canadian approach. Your committee also encourages the Government of Canada to consider using its authority under section 6(1) of the proposed Critical Cyber Systems Protection Act to add the health systems within the legislative authority of Parliament to Schedule 1 of the proposed act, which consists of “Vital Services and Vital Systems.”

The Chair: Thank you, Senator Kutcher.

Do we wish to go in camera for this? No? Does any other honourable senator wish to speak to the observation?

Senator Batters: Senator Kutcher, how do you get around the fact that health would be primarily within the jurisdiction of the provinces by this last part of your observation?

Senator Kutcher: It says here clearly, Senator Batters, “health systems within the legislative authority of Parliament,” and as you know, Parliament has legislative authority over the Canadian Armed Forces and Royal Canadian Mounted Police and Indigenous peoples.

Senator Batters: This last part would just be dealing with that part of it?

Senator Kutcher: That’s it.

Senator Batters: And this is just an encouragement to the government to provide some sort of amendment in the future about that?

Senator Kutcher: It encourages them to consider using their ability to modify the section. It asks them to consider doing that.

Senator Batters: Would that need to be an amendment if they were to do that?

Senator Kutcher: I am quite happy to bring it forward as an observation. If you wish to make an amendment, then please go ahead.

Senator Batters: No. I am asking you, if they did it in the future, would it need to be an amendment to the act? Is that required, or is that something that they are able to do in a different fashion?

Senator Kutcher: My understanding is that they can do it in a different fashion.

The Chair: Thank you. Does anyone else wish to address the observation?

Senator McNair: As sponsor, I support the observation.

The Chair: Thank you. We have heard from everybody. Are members in agreement with the observation?

Hon. Senators: Agreed.

The Chair: Is it agreed that the Subcommittee on Agenda and Procedure be empowered to approve the final version of the observation being appended to the report, in both official languages, taking into consideration today’s discussion, with any necessary editorial, grammatical or translation changes as required?

Hon. Senators: Agreed.

The Chair: Is it agreed that I report this bill, as amended, with observation, to the Senate in both official languages?

Hon. Senators: Agreed.

The Chair: Colleagues, this brings us to the end of our deliberations on Bill C-26. We will reconvene next Monday, barring any serious challenges.

(The committee adjourned.)