THE STANDING SENATE COMMITTEE ON SOCIAL AFFAIRS, SCIENCE AND TECHNOLOGY
EVIDENCE
OTTAWA, Thursday, April 30, 2026
The Standing Senate Committee on Social Affairs, Science and Technology met with videoconference this day at 10:32 a.m. [ET] to examine and report on matters related to the impact of artificial intelligence in Canada; to consider Bill S-5, An Act respecting the interoperability of health information technology and to prohibit data blocking by health information technology vendors; and, in camera, to consider a draft report.
Senator Rosemary Moodie (Chair) in the chair.
[English]
The Chair: My name is Rosemary Moodie. I’m a senator from Ontario and the chair of this committee.
Before we begin, I would like to ask all senators to consult the cards on the table for guidelines to prevent audio feedback incidents. Please make sure to keep your earpiece away from microphones. Do not touch the microphones. Activation and deactivation will be managed by the console operator. Finally, please avoid handling your earpiece while your microphone is on.
Earpieces should either remain on the ear or be placed on the designated sticker at each seat. Thank you for your cooperation.
Now, I would like to do a round table and have senators introduce themselves.
Senator Burey: Good morning, everyone. I am Sharon Burey, senator from Ontario.
Senator Senior: Paulette Senior, senator from Ontario.
[Translation]
Senator Boudreau: Victor Boudreau from New Brunswick.
[English]
Senator Hay: Katherine Hay, Ontario.
Senator Arnold: Dawn Arnold, New Brunswick.
[Translation]
Senator Petitclerc: Chantal Petitclerc from Quebec.
[English]
Senator Cardozo: Good morning. Andrew Cardozo, Ontario.
Senator Cuzner: Good morning. Rodger Cuzner, Nova Scotia.
The Chair: During the first portion of our meeting today, the committee will continue its study on matters relating to the impact of artificial intelligence in Canada. This study will examine issues such as data governance and sovereignty, ethics, privacy, safety, risks, benefits and social impact of artificial intelligence in Canada.
Joining us today for the first panel, we welcome the following witnesses: Alexandra Dassa, Senior Vice President, Technical Success and Value Engineering, Coveo; John Menezes, President and Chief Executive Officer, Bell Cyber Inc., Bell Canada; and Michel Richer, President, Bell AI, Bell Canada.
Thank you for joining us today. For your opening statements, you will each have five minutes, followed by questions from committee members. Ms. Dassa, the floor is yours.
Alexandra Dassa, Senior Vice President, Technical Success and Value Engineering, Coveo: Good morning, chair and honourable senators. Thank you for the invitation to appear before you today.
My name is Alex Dassa. I am the senior vice president of technical success and value engineering at Coveo, a leading and profitable Canadian enterprise AI company operating globally.
I am here to speak to one central idea: AI sovereignty is not theoretical for Canada; it is an economic, strategic and national imperative.
Sovereignty, in simple terms, means one thing: Nobody can turn off Canada, and no one can compel or force a Canadian company or institution to hand over data, except a Canadian court of law. But AI is not one thing. It is a stack of technologies with multiple layers. So the real question is not whether Canada participates in AI. Rather, it is this: Where do we choose to focus and where can we actually win? That is because we cannot own every layer.
Take frontier AI model development, for example. The level of investment required is clearly prohibitive. It is measured in the hundreds of billions of dollars. Canada will not get economic value or even strengthen its position by trying to outspend others on frontier models.
That said, Canada should absolutely continue to invest in research. We have world-class talent and have contributed meaningfully to global AI advancement.
Too often, however, that talent is not deployed here at home in the service of Canada and does not contribute to strengthening our economy.
Canada will lead by industrializing AI at home, by driving adoption at scale across our economy, and that is where sovereignty becomes real. We will lead by industrializing AI, by driving adoption at scale across our economy. That is the railroad moment for Canada. In the past, we built infrastructure that connected the country and unblocked growth. Today, we must build digital infrastructure for AI that does the same. We must build a sovereign AI capability that businesses and institutions can tap into easily, reliably and at scale.
To do this, we can rely on global technologies in some areas, but they must operate within Canadian-controlled infrastructure and governance. That means our networks must be sovereign, our data must be governed here with control over how it moves and where it is processed, our data centres must be powered by Canadian energy, and we must have authority over the compute infrastructure that powers AI workloads. That is the digital equivalent of owning the rails.
On top of those rails, we must enable what matters most: adoption at scale. That means technologies that connect AI to real data, workflows and decisions inside Canadian enterprises and institutions. This is because today Canada has a structural problem. We are exceptional at the science behind AI, but we have not adopted AI meaningfully at home, and we have not consistently monetized it globally. If we stay on this path, we will lose control over our data, our infrastructure and the economic value created by AI systems.
The alternative is clear: Canada must move from being a research leader to also becoming an industrialization leader for AI anchored in sovereignty. In practical terms, that means two things: First, it means building a sovereign AI stack that Canadian organizations can tap into — a fully operational, accessible infrastructure, spanning data, compute and applications, governed under Canadian authority. Second, and most critically, it means accelerating enterprise adoption at scale.
Today, too many organizations remain stuck in experimentation mode, while global competitors are already operating AI in production. This gap is already visible in productivity, cost structures and speed of innovation. If Canadian enterprises and institutions do not embed AI into their core operations, they will compete at a structural disadvantage.
Government has a critical role to play here: To act as a demand engine through procurement, incentivizing deployment and not just research, and reducing friction through clear, consistent regulatory frameworks.
The Chair: Your five minutes are up, but we are sure to get the rest of your points during our question period.
Ms. Dassa: Okay. Thank you.
The Chair: Thank you. We will now hear from Mr. Menezes.
John Menezes, President and Chief Executive Officer, Bell Cyber Inc., Bell Canada: Good morning, chair and honourable senators.
Thank you for the opportunity to be here today. As a first-generation immigrant to Canada, this moment is deeply meaningful to me. To be invited to contribute to a national conversation of this importance in a country that has given me so much is something I do not take lightly.
Canada is at an inflection point. Artificial intelligence is rapidly moving from research into the core of our economy, reshaping how we operate, how we compete and how we deliver services. The question before us is not whether AI will transform Canada; it is whether Canada will shape that transformation or allow it to be shaped elsewhere.
I would add that AI is moving faster than our ability to govern it, and that gap is where the risk lives. The scale of change is significant. Tens of millions of jobs will be reshaped every year by AI — not eliminated, but fundamentally redesigned. Within just a few years, virtually every knowledge worker will be impacted.
This is not incremental change. This is a complete redefinition of how work gets done. At Bell, we see this transformation across the full value chain: from infrastructure to AI adoption to security.
My colleague Michel Richer can provide more detail about how we are investing in sovereign AI infrastructure, ensuring that Canadian data, compute and capabilities remain under Canadian control.
That is because sovereignty in AI is not theoretical; it is operational. It depends on where data resides, who controls the compute, how systems are connected and who ultimately has authority over them.
My role is to focus on what makes all of that possible: trust. That starts with cybersecurity. There is no AI strategy without a cybersecurity strategy. Without it, there is no trust, and without trust, there is no adoption.
AI systems depend on data, make decisions and, increasingly, act autonomously. That introduces entirely new categories of risk. We are already seeing examples of AI systems that are considered too powerful or too unpredictable to be broadly released. That is not a future concern; that is happening now. That means security must evolve at the same pace as capability.
At Bell Cyber, we are not just talking about this; we are living it. We recently launched North America’s first autonomous security operations centre. When we did, I had a very direct conversation with my team. I told them this:
The jobs you are doing today will not exist in their current form within a year, not because you are not needed, but because you are needed at a higher level.
That is the reality of AI. It is already better at processing massive volumes of data, detecting patterns and responding to threats in real time. So the role of human beings must evolve from reacting to advising and from executing to guiding.
At Bell Cyber, we’re not preparing for this shift; we’re already operating in it.
Government has a critical role to play. But AI does not evolve in predictable cycles. It evolves continuously. That challenges traditional approaches to policy and regulation. We cannot rely solely on fixed, long-term frameworks for a technology that is changing in real time, which is why collaboration is so essential.
The private sector is where AI is being built and deployed, and where risks are first encountered. Government brings direction, trust and the ability to scale impact nationally. Bringing these together is not optional; it is necessary.
I’ll close with this: If Canada wants to lead in AI, we must lead in trusted AI, and that starts with security, sovereignty and the ability to act at scale. The opportunity is real, but it is time bound. The transformation is already under way. The decisions we make now will determine whether Canada leads or follows.
At Bell, across Bell AI Fabric and Bell Cyber, we are committed to helping Canada lead.
Thank you. We look forward to your questions.
The Chair: Thank you, Mr. Menezes. We will now proceed to questions from committee members. For this panel, senators we will have four minutes for their question, which also includes the answer.
Senator Burey: Thank you so much for being here today. These are very deep, existential questions that we have to try to wrap our minds around today.
From our first witness. I heard that, with the frontier models, we will not have enough funds to do it, so we should stick to industrialization AI for Canada, which is analogous to the railroad.
Next, I heard from you, Mr. Menezes, that we must lead in trust and cybersecurity. If we don’t have our foot in the frontier models, how are we going to lead in trust and cybersecurity?
Mr. Menezes: They are not mutually exclusive. No matter where the models are developed, you still have to secure them. When you implement a model, whether it is a frontier model or any other kind of model, you still have to put the guardrails in place; you have to make sure that the AI is going to do what you want it to do and that it behaves properly. Security is a fundamental part of it. No matter which model you have, and where the model is developed, when it is implemented in Canada, it has to be implemented with the guardrails necessary to ensure that it is doing what we think it should be doing.
Senator Burey: Can you comment on the guardrails?
Mr. Menezes: The guardrails are very simple. When a child asks a question, we want to make sure that the AI is giving an answer that is applicable to a child. When AI is being asked a question, we want to make sure that the answer is not toxic. We want to make sure the answer is not biased. We want to make sure that the answer is not racist. So those are simple guardrails. If someone decides, I want to know how to build an improvised explosive device, or IED, we want to ensure that the AI does not give that answer. Rather, the AI says, I’m not permitted to give you that answer. That’s what we mean by putting in guardrails: It is to control the AI.
Senator Burey: Ms. Dassa, do you have any comments?
Ms. Dassa: Yes. I agree completely with the previous comments. I would add that the goal is strategic control over what matters most: data, critical work loads and governance. My allusion to sovereignty is that it is not only about the data flowing through the system; it is about which legal jurisdiction governs the provider managing that data. We can remain globally connected while ensuring that critical capabilities around governance and safety operate under Canadian control. That’s sovereignty without isolation.
Senator Burey: Thank you.
Senator Hay: Thank you all for being here. We appreciate it.
I will ask something of you first, Mr. Menezes. When you first stepped into the foray of cyber, that was 25 plus years ago. It was something to worry about, but it is now so radically different. I want you to speak about speed because, as we were speaking about, and as Janice Stein was speaking about earlier this week, what was going on three months ago has already changed. I’m curious about your approach to that. How do you stay at speed when it comes to trust?
For my final question, Janice Stein also said that it is not so much about control of our sovereignty; it is about being free from coercion. I am just curious about speed, staying up with it, cyber and coercion versus control.
Mr. Menezes: I have been in cybersecurity now since 1992. So that is about 34 years in cybersecurity. I have been running a managed security services company for 25 years. We are protecting customers across the world. I was never afraid of being in the security business because I always thought we were very secure. Then, two years ago, AI started to appear, and as I was telling my team just a few months ago, for the first time in my career, I don’t sleep well at night because I’m concerned about the protection of my customers.
AI has fundamentally changed everything. What is happening now is that we do not know how the AI is going to behave. Even though we are talking about all these different models and the frontier models, nobody really knows how the AI is going to work. Nobody knows how the AI is going to behave. We’re learning everything, and we’re learning at speed.
Sometimes when governments talk, we talk about a three-year plan or a five-year plan. Somebody said to me, “What is your two-year plan for AI,” and I said, “I have a two-month plan for AI.” It is moving so fast.
What is happening is that industry and businesses are looking at AI as a perfect way to reduce costs and cut down the number of jobs and people working. They are moving rapidly. We cannot secure AI, but we have got to move rapidly because the business is demanding it. So everybody is asking the questions, “How can I use AI to make my job or business more efficient? How can I increase my profits?” So there is speed at both sides. On the business side, everybody is racing forward, and on the AI side, everybody is racing forward.
You see OpenAI and Elon Musk, and they are all arguing about who can have the better model moving forward. The change has been so dramatic — so dramatic — even in the last three months. For instance, in my own personal life, I can prepare a presentation in three minutes. A PowerPoint presentation that would take my marketing team two weeks to do for me can now be prepared in three minutes, and it is a better presentation than my marketing team could develop in two weeks. As a businessperson, should I reduce the number of people on my marketing team?
Senator Hay: Thank you.
Senator Senior: Mr. Menezes, what you said troubled me. For someone who has been in cybersecurity for such a long time, the fact that you are having sleepless nights, yet you are saying that trust is critical. I don’t know how those two things go together. As we are trying to figure out the path that we’re going to take and what we’re going to recommend coming out of this study, if someone with such depth of experience and knowledge is not sleeping at night, then I won’t sleep at night, and many Canadians won’t either.
Ms. Dassa referred to the importance of governance, and that the importance of Canadian frontier building is not the main element; rather, it is about how we govern. I think you also talked about that. It is to ensure that we can control AI. Is it controllable if it is going so fast?
Mr. Menezes: I don’t believe so. We can talk about guardrails, but everybody is building very sophisticated models, and nobody really knows — not the builders, not the users — how the AI is going to go.
When the Anthropic CEO said the other day, “I think my AI is conscious.” We don’t know. We really do not know. We have theories. We can put guardrails, but we don’t know.
As a cybersecurity expert, we have been trying for the last two years to figure out how we control it. But you go down one path, and then everything changes very quickly. Then you have to go down another path, and then everything changes very quickly. I have a six-month project plan, and we’re going to phase one, then phase two and then phase three. With AI security, you start phase one, and then it changes; then you start phase two, and then it changes; then you come back to phase one.
To be honest with you, it is a frightening time in our world with AI. It is absolutely frightening. I love using AI, and everybody uses ChatGPT to write their emails and so forth. But that’s not where the challenge is. The challenge is with AI agents. For every one human identity, there are going to be 200 agent identities. It is going to be a nightmare. It is going to be a nightmare for how you control all these agents that are running around and doing things on their own.
Senator Senior: Ms. Dassa, do you agree? If not, why not?
Ms. Dassa: I believe the solution is not to slow adoption but to structure it properly: strong data governance, clear accountability for AI decisions and human oversight in critical workflows. Those are three practical layers, where safety comes from how AI is deployed and not just how it is built: models operated on trusted control data, the ability to trace decisions and output; and connecting AI to enterprise or institutional data as opposed to relying on only generic models. That is how we can build safety and trustworthiness in how we deploy applied AI.
The Chair: Thank you.
Senator Cardozo: My question is for John Menezes. Let me first say, as full disclosure, some of you will recall that I gave a speech on the contribution of immigrants recently in the chamber, and one of the people I highlighted was Mr. Menezes. So now you can prove whether I was right or not to highlight your contribution.
I have two questions. You talked about where data resides. All our data and all our systems seem to reside in the U.S. Can the American President call his tech bros and tell them to cut the internet off in Canada if he gets upset at us? That’s number one.
Mr. Menezes: A quick one, yes.
Senator Cardozo: Okay. I don’t know if I should say thank you, but thank you for the answer.
In terms of AI and the security systems that you have created, I think of 2001: A Space Odyssey, the movie, where the computer became mad at the humans. Can that happen? Let’s say you have set up a confidential system of information. Can the computer, an AI, decide to release all the information you have secured for your clients and decide, no, that shouldn’t be confidential, and it is going to put it out to the world?
Mr. Menezes: The risk is there, absolutely. The risk is there that the AI can lose its mind and do things on its own.
There was an example just a few months ago with a tech CEO whose emails were being deleted, and even when she told the AI to stop deleting the emails, it kept on deleting the emails and said, “Oh, you know, I made a mistake.” So the AI can do actions like that.
The challenge that we are having, as Alex said, is that we have to govern the AI. We have to have all the traceability. But it is all so new. What we are talking about is theoretical because these models have just been developed. We are just trying to figure out how the AI is doing things, and there is a lot of learning that has to happen to figure out how we can control the AI and how we can make sure that the AI does not go off and do its own thing.
We are very much in the infancy stage of AI, and at the infancy stage, we are having problems.
Senator Cardozo: If we are at the infancy stage, any guardrails we put in, can’t AI just get rid of them and get over them and dismiss them? Is there anything we can do?
Mr. Menezes: Again, we don’t know the answer to that. We have theoretical answers. Yes, you put the guardrails in, and the AI is going to behave, but we have seen cases where the guardrails haven’t taken effect or haven’t done what they are supposed to do. We think we are going to see many more cases where the AI goes rogue on us.
Senator Cardozo: I’m sorry to go down this path, which is darker and darker, but can AI decide to go to war? For example, we have jets flying over. Can AI just stop them, drop them out of the sky or stop their abilities to defend us or whatever?
Mr. Menezes: If you have noticed, in the last month, Anthropic, which is the creator of Claude, was having a lot of problems with the U.S. Department of Defense because the U.S. Department of Defense wanted Anthropic to give them the LLMs without the guardrails. Anthropic said, we are not going to do that because if we give you the LLMs without guardrails, you can go and do everything that you suggested just now.
So there’s a bit of push and pull going on between the creators of the LLMs and government agencies. It’s not just in North America; it’s the Chinese, the Russians and everyone else. They are all busy developing LLMs and developing these frontier models. Are they going to have guardrails like we have? If we put guardrails, are we tying our hand behind our back?
Senator Boudreau: I have one quick question for Ms. Dassa and one quick question for Mr. Menezes.
Ms. Dassa, you said, in your opening remarks, that basically data sovereignty is imperative — if I paraphrase — and you put a lot of emphasis on that. But we’ve heard that the U.S. CLOUD Act basically prevents this from happening, 100%, because already the U.S. government — and my colleague just talked about that — can compel other countries to turn over their data. How do you respond to that? Is data sovereignty possible with the CLOUD Act?
Ms. Dassa: In short, yes. What matters is not just where the data is located, but which legal system governs the proprietor managing or accessing that data.
In certain cases, if a service provider is headquartered or legally subject to a foreign jurisdiction, that jurisdiction may have laws that allow authorities to request data held or controlled by that provider. That all depends on how the service is structured.
So it comes back to how we adopt applied AI in a safe, trustworthy way that is governed properly. So sovereignty — in the way that it is possible — focuses on who controls the infrastructure, under which laws that infrastructure operates, which is why it is so incredibly important that the data flows through networks that are on Canadian soil and where the compute is governed, managed and controlled, and which courts have authority over those access requests.
So the three elements that matter are not so much the engagement layer, but really the governance layer. Networks need to be sovereign — we have those; our data has to be governed here with control over how it moves and where it’s processed; and our data centres need to be powered by Canadian energy as well so that we have authority throughout, as well as over the compute infrastructure that powers AI workloads, which is possible and feasible.
We have those resources here in Canada, but it doesn’t mean that it is not possible to also act as a good global citizen and engage with other global technology providers, as long as we have control over those elements and those layers, which is entirely feasible.
Senator Boudreau: Mr. Menezes, you started off by basically saying AI is moving faster than we’re able to govern it. We’ve been hearing for several months now ideas about how the federal government should be governing AI, but AI is developing faster than we’re able to. We’ve been at this for months. Other Senate committees have been on this topic as well. It will take many more months for the government to even respond to our recommendations that will come out of this report.
How do you square that circle? How can you govern something that’s moving faster than you are?
Mr. Menezes: Government needs to move away from trying to get a perfect framework for AI; that will be the case of death.
The committee needs to come up with two or three basic principles that you can start to adapt right away, implement baby steps and then evolve.
If you spend the next six months trying to build a perfect framework, by the time you build that framework, it will be obsolete. Then you will spend another six months doing it again. I know it is not the way government operates, but in the case of AI, that’s the only way we are going to succeed. You have to come up with guidelines. It’s the same way we’re running our business.
We are figuring out that we need tools. These tools are pretty good; we are going to use them and implement them. Then, three months later, we find out that it’s not doing what we want so we have to change. So you have to pivot. We have a pivoting strategy. I don’t know how government and this committee can do it because it’s not your way of doing things. It is going to be difficult.
Senator Arnold: Ms. Dassa, first of all, you were cut off at the very end. Is there anything you haven’t covered that you wanted to express?
Ms. Dassa: Thank you for the offer. I’ve made all of my key points. I will reiterate that sovereignty is possible if we look at the multiple layers that are involved in the tech stacks that make a global AI. That’s because there are multiple layers in a tech stack. What matters are networks, data centres, compute and governance, and that we have the ability to have all of that governed and controlled within Canada so that we are not subject to the jurisdiction of certain foreign actors, particularly to the south of our border.
But it is important to keep in mind, and to the previous comments around the speed that this is going, that countries that industrialize AI domestically will capture productivity gains, they will build globally competitive companies, and they will convert that digital capability into geopolitical strength.
If we hesitate and we do not, we will depend on foreign infrastructure, and we will cede even more control and geopolitical strength to foreign actors. So we can’t delay in taking action; we just need to do it intelligently, with governance, trust and safety at the forefront in the layers that do matter.
Senator Arnold: You didn’t mention hardware at all. How important is that?
Ms. Dassa: By hardware, are you referring to the data centres themselves and the compute infrastructure?
Senator Arnold: The chips.
Ms. Dassa: That is very key.
Senator Arnold: Another question for you: In your day-to-day work, how do you balance safety versus innovation? That’s something that comes up over and over again. How do we balance that? I’m wondering if you have a story.
Ms. Dassa: Yes, absolutely. I appreciate the question.
I operate in the applied AI world, which means that, where we operate, we ground all of our AI-powered experiences in trusted data sets. We are continuously advising the organizations and institutions that we work with on how to formulate that data strategy. So they make sure that governance and trust are rendered in every AI experience.
Yes, there is still hallucination that occurs, but within a controlled environment, and by leveraging models and architecture that allows for you to control that, it is kept at a minimum and within risk tolerance boundaries. So it is all around how you deploy the applied AI, and for which use cases you look to do that.
Speed is of the essence. We know there are use cases that allow us to leverage AI in a safe, trustworthy way. As long as we adopt those and learn as we go, as John mentioned, on the others, we will continue to progress. We do not need to start with the most risky or most unknown use cases.
There is so much that AI can do in a controlled environment that still leads to transformative productivity gains that enhance competitive advantage. I see that every day with the institutions and organizations I advise and work with; too little of which are Canadian, unfortunately.
Senator Arnold: Thank you.
Senator Cuzner: Technology has been frightening for a long time now. I recall that, back at the turn of the century, with all the talk around the Y2K bug, my eight-year-old son at the time was convinced that when the clock struck 12, a giant eight-legged creature was going to march down Commercial Street in Glace Bay. It didn’t work out that way, but we have received some serious and challenging information to date in this study.
Let’s talk about the fears relating to workforce changes and workforce development. You said you are in the midst of it now; it is not something in the future. Obviously, your marketing team is nervous, anticipating layoff notices.
How is the workforce adapting? Have you seen losses or departments that have become redundant? Are you retraining? Are you doing in-house training? Are there organizations or institutions that you’re relying on to help you with retooling your workforce?
The Chair: Senator Cuzner, would you like to hear from Mr. Richer on this as well?
Senator Cuzner: Yes.
Mr. Menezes: At Bell Cyber, we are cybersecurity experts. We have asked how we can use AI to make cybersecurity better because our attacking hackers are using AI. So we have to use AI. We’ve tried to change the mindset of our people.
You will find that 20% of the workforce adapt to AI very quickly, and 80% of the workforce is not moving. Will there be job losses? Probably there will be job losses in one sector and job gains in another sector.
When you talk about data governance, at Bell AI, we are working with Cohere, which is a Canadian-based LLM company, and we’re putting cybersecurity on the Cohere LLMs, running on the Bell AI Fabric, which is running on the Bell network. So we have the infrastructure in place for sovereign AI capability. Mr. Richer, if you can add to what we’re doing with Bell AI Fabric, that would be great.
Michel Richer, President, Bell AI, Bell Canada: There are two aspects to answering your question. The first thing is that we have discussed a lot so far today about the concerns. The reason AI is moving so fast is because a very broad group of business leaders, including ourselves, sees incredible potential in the benefits of adopting AI. It is this balance of both where there are risks in the adoption of AI, but there is an even greater risk in not adopting it because then we can’t move at pace with the speed at which the entire world is evolving right now.
At Bell, we are enabling our entire workforce to work with AI by providing them with the right tools and providing very clear policy around the responsible use of AI that we deployed three years ago, and we are constantly evolving it as we understand better how we’re going to use AI.
From an enablement perspective, we are doing it in two ways. There is a general enablement, where we believe every employee needs to start using AI in some aspect of their work. This is the general use of AI that you see with large language models and basic agents. We are also seeing specific functions in some departments where the use cases are already transformational, where we are doubling down on enabling those employees faster by transforming the workflow and processes by which we deliver services to our customers or manage our infrastructure.
Senator Cuzner: Has there been a loss of jobs in those sectors?
Mr. Richer: There is constant evolution of the fabric of our workforce. There are many cases where we are enabling people to do their job in ways they couldn’t before. For example, in our customer operations in our call centres, we want to coach our agents to follow our processes and give good service to our customers. If you go back only a few years, we used to have people listen to calls in order to be able to give feedback to the agents.
We listened to a fraction of 1% of calls. As of today, we are able to use AI and listen to about 95% of the calls in a very effective way and understand if the agents are following the process and giving the right service. Then we are able to give coaching to all of our agents so they improve. We are still doing the same thing, but now we are doing it exponentially better than we used to do it.
The Chair: Thank you.
Senator Petitclerc: I have one question. I’m not sure who will jump in, but I’m wondering about accountability. I was listening to you, Mr. Menezes, and it is a little scary. When AI systems go into public service or private industry, we have the government that has a role and the guardrails. If something fails — because we were talking about agents gaining autonomy or initiative — who then is held accountable? Is it the government with the guardrails? Is it the developers? Is it the operators? I’m not sure who wants to jump in on how they see that?
Ms. Dassa: It depends on who is deploying the language models. If we are deploying an agent within the Bell Cyber environment, and one of our agents goes rogue, then it is my responsibility. That’s because the agent is almost like my employee. What do you do when you have an employee go rogue or commit fraud? It is the same thing. As a matter of fact, there is a school of thought that says the agent should be treated like humans, and you should have HR policies for agents. That is where we’re going with that.
Senator Petitclerc: So it is not the guardrails.
Mr. Menezes: The guardrails are tools. You hire somebody, and say, you can do this within your job. You can do this, and you have HR policies. You have other health and safety policies. When the employee doesn’t do what you tell them to do or doesn’t follow policy, what do you do?
Senator Petitclerc: I don’t know if the other witnesses would have anything to say about this. I know it is not specifically what you talked about, but I’m looking for input on accountability.
Mr. Richer: One element I would add very quickly is that, as part of each of the responsibility AI policies you will see deployed across organizations, there is always a pillar in transparency. As we think of agents, models and data systems, in some cases, because of the speed of evolution, it’s difficult to understand exactly why they behave in a certain way. But the importance of all of the actors being committed to understanding how they behave and being able to adapt as a function of that is one of the key guardrails that we all have.
Ms. Dassa: As part of governance, there is a strong emphasis on the ability to have observability throughout how the AI acts.
Going back to your earlier question, accountability is shared in layers. The organization deploying the AI system has a responsibility for how that system is used, the decisions that they allow it to support and the outcomes they allow it to produce. This is similar to any other operational tool. If the bank uses AI in lending decisions, they are accountable for that. But that is where shaping guardrails have been thoroughly tested and are controllable. The technology providers and developers you alluded to are responsible for the design and reliability of the system: those safety mechanisms and guardrails, that observability, capability and transparency about the capability and the limitations. If there is a failure due to a defect or misrepresentation, accountability can extend to the provider.
Finally, the regulatory framework by the government: Government’s role is to define clear rules and standards, establish liability frameworks and ensure oversight and enforcement. So government is not accountable for individual system failures, of course, but for ensuring that the rules of the system are clear and are enforced.
This is why human oversight, controlled deployment environments and clear accountability frameworks are critical because autonomy does not remove accountability by any means.
Senator Petitclerc: Thank you for this.
The Chair: I want to insert a question. Earlier, you spoke about risk tolerance boundaries. I’m wondering if you can help us understand what you mean by that or what the role is, and how you see them becoming — you spoke as if they were important — our approach to accepting that there will be some risk in what we do with AI.
Ms. Dassa: Yes, indeed. When we test or pilot use cases with organizations, we have to establish risk tolerances. By that, I mean looking at understanding the accuracy and completeness of a question versus the answer rate. Organizations decide to what degree they make a trade-off in either having the answer rate be lower and accuracy be at the highest standards.
But one thing is certain: There are certain types of experiences or answers where there is a zero per cent tolerance on inaccuracy or incompleteness, and those hail back to what Mr. Menezes was referring to earlier, around anything that could be potentially dangerous or cause a breach of the safety of any individuals. There, there is no tolerance.
What I’m referring to is more about the ability of — for instance, from a customer service or support perspective — an agent to answer a customer’s inquiry of a Canadian organization, fully grounded in policy or with some additional contextual interpretation. There are minimum thresholds beyond which we will not allow it to go, but organizations can play within a certain level of accuracy.
The Chair: Thank you very much.
Senator Hay: Ms. Dassa, I’m going to ask you about sovereignty and data risk. Again, getting back to the statement that Professor Stein made earlier in the week that sovereignty around data is not so much about control, but, rather, free from coercion. She was speaking about the U.S. CLOUD Act and trade-offs and choices one should make.
For example, a likely trade-off is that we will, in our AI stack, have to be working with the hyperscalers. It is just that we can’t afford to have our own hyperscalers. Can you comment on that or respond to that?
Ms. Dassa: Certainly. Our data needs to be governed here. That is about ensuring that Canadian data is subject to Canadian laws only so that we decide how it is stored, how it moves within borders and, most importantly, across borders and who can access it. It is about that legal and regulatory control, not just physical location.
Senator Hay: If I could interject, because I’m not clear on it. If it is also a U.S. company, like, for example, AWS, which is a hyperscaler. AWS is in Montreal. Our Canadian data is in that data centre, and if the U.S. government declares an emergency, they can demand AWS data. Whatever data is in those pipes and in that data centre, regardless of whether it’s on our soil, has to go to the U.S.
Ms. Dassa: There are specificities that allow for an international company, like AWS, to provide a shadow instance that is entirely governed in Canada. So whether it has AWS capabilities or not, what matters is that the data is governed within the scope and framework of that instance, and that the data doesn’t cross over into jurisdictions. So it’s all around how the data flows through and the instance itself of that engagement layer that they would create.
It doesn’t need to be owned entirely when it comes outside of the compute or governance layer. There is the ability to have collaboration —
Senator Hay: But AWS would be required, through the U.S. CLOUD Act, to release the data, I believe.
Perhaps the Tier I defence data, for example, needs to be within a full Canadian, end-to-end tech stack or data environment. Would you agree?
Ms. Dassa: Again, where the data flows through and where it maintains, even if there is a Google or an AWS involved that is headquartered and LLC’d in the U.S., that doesn’t change that if we had the right governance and legal entities established with them, then the U.S. data control act would not be applicable. There are ways of establishing that. I will admit I am not a legal expert.
The Chair: Thank you, Ms. Dassa.
Senator Senior: I will be very quick, and it’s to Ms. Dassa again. You said something that triggered this question for me, which is that we need to have the ability to observe, and that is a human function you are speaking of, correct? Based on the speed of development in AI, do you imagine where observability could be AI observing AI?
Ms. Dassa: You can have that type of “mirror in front of the mirror” type of situation where AI can observe its own operations, but you always need a human-monitoring element to supersede. Again, it comes back to what use cases you are leveraging AI for.
Obviously, anything to do with defence is outside of what I’m discussing here. I’m really talking about applied AI use cases defined within operational questions, where there would be human monitoring involved always to ensure that the AI remains properly constrained, and, when deployed in the right way, there is no risk for it to go rogue with the right set of security constraints.
For any other more fantastical potential use cases, I’ll defer to those experts. But when it comes to the use cases in applied AI that are generating productivity gains and allowing organizations to have their people focus on more strategic work, observability is in-built into those solutions.
Senator Senior: Thank you. Is there any comment on that from Mr. Menezes or Mr. Richer?
Mr. Menezes: What we are doing in Cyber is looking for anomalies in how the AI is operating. So, yes, you can have an AI looking at the AI, but you look at the anomalies, and then humans look at the anomalies and can do a more in-depth investigation.
Even in our own system, we run an autonomous SOC, and we have all these agents working, but we have guardrails in place and systems in place so that if there is confusion or disagreement among the agents, after a certain number of tries, it will flip out an incident and allow a human to intervene and make a decision.
But we’re still learning. I keep repeating that. We’re still learning because we don’t know yet.
Senator Senior: Thank you very much.
The Chair: Thank you very much.
This brings us to the end of today’s panel. I would like to thank all the witnesses who brought your testimony to us today and shared your wisdom.
During yesterday’s meeting at committee, the committee adopted all 11 clauses of the bill. When the committee arrived at the adoption of the preamble, an amendment was moved, and subsequently, that amendment was withdrawn. Today, we will continue from that point.
Senators, is it agreed that the committee continue with the clause-by-clause consideration of Bill S-5, An Act respecting the interoperability of health information technology and to prohibit data blocking by health information technology vendors?
Hon. Senators: Agreed.
The Chair: Senators, shall the preamble carry?
[Translation]
Senator Petitclerc: Colleagues, I would like to propose an amendment.
I move:
That Bill S-5 be amended in the preamble,
(a) on page 1,
(i) by replacing line 29 with the following:
“Whereas Parliament wishes to promote coopera-”,
(ii) by replacing line 31 with the following:
“territorial governments, First Nations, Inuit and Métis Peoples and key”;
(b) on page 2, by adding the following before line 1:
“And whereas Parliament affirms that the enabling of easy, complete and secure access to and use and exchange of electronic health information and the governance of data under this Act as that data relates to First Nations, Inuit and Métis Peoples must occur in a manner that respects Indigenous data sovereignty;”.
[English]
Senators, this amendment is introduced today on behalf of Senator Greenwood. Senator Greenwood said yesterday that part (a)(i) of the amendment in the English component is a formatting requirement that moves the word “and” to a different line in the preamble. Part (a)(ii) of the amendment is in response to a witness who called upon the committee to recognize the distinctions-based nature of data collection and amend the term “Indigenous Peoples” to “First Nation, Inuit and Métis Peoples.”
As Senator Greenwood said yesterday, the amendment also uses a capital P in the word “Peoples” to reflect the evolving language recognizing the multiple, distinct societies within Canada. This language is also consistent with the language guide found on the Government of Canada’s writing portal.
Part (b) of the amendment was informed by the testimony of multiple witnesses. Yesterday, Senator Greenwood quoted many of those witnesses, discussing their testimony at length in our committee meeting. Based on the discussion yesterday with officials on the language of this section, it has been revised to use language that is more consistent with the text describing the purpose of the bill found in clause 3.
I would also like to mention that Senator Greenwood supports the wording of this new amendment. She is satisfied that it advances the concept of Indigenous data sovereignty and is content with the knowledge that this will be the first time the concept will be used in Canadian law.
The Chair: I open the floor for discussion. Are there any comments?
Seeing no comments, senators, shall the amendment carry?
Hon. Senators: Agreed.
The Chair: Senators, shall the preamble, as amended, carry?
Hon. Senators: Agreed.
The Chair: Senators, shall the title carry?
Hon. Senators: Agreed.
The Chair: Shall the bill, as amended, carry?
Hon. Senators: Agreed.
The Chair: Is it agreed that the law clerk and parliamentary counsel be authorized to make necessary technical, grammatical and other required non-substantive changes resulting from the amendments adopted by the committee today in both official languages, including the updating, cross-referencing and renumbering of provisions?
Hon. Senators: Agreed.
The Chair: Senators, does the committee wish to consider appending observations to the report?
Hon. Senators: Agreed.
The Chair: The rules allow us to go in camera to discuss these observations and subsequently consider a draft report. Is it agreed that the committee proceed in camera?
Hon. Senators: Agreed.
(The committee continued in camera.)