Conservative MPs' disruptive maneuvers in cybersecurity hearings spark debate, hindering critical infrastructure legislation progress. (Parliament's public safety and national security committee)
Conservative Members of Parliament (MPs) have once again curtailed the testimony of witnesses during committee meetings focused on proposed cybersecurity legislation for overseeing critical infrastructure providers. This marks the second consecutive meeting where Conservative MPs have used procedural tactics to divert discussions to other matters.
The subject under consideration by the public safety and National Security Committee is Bill C-26. This bill aims to amend the Telecommunications Act and introduce a new Critical Cyber Systems Protection Act (CCSPA). If enacted, these changes would impose additional cybersecurity responsibilities on crucial infrastructure entities such as telecom companies, banks, and energy firms.
During the initial hearings on Monday, the Conservatives disrupted the proceedings by introducing a motion to investigate the rise in carjackings in Canada, diverting attention from questioning Industry and Defence Department witnesses on Bill C-26. The same disruptive tactic was employed on Thursday, interrupting the hearing shortly after two witnesses presented their opening statements.
This time, the motion centered around examining the Liberal cabinet's use of the Emergency Act during last year's Ottawa protests over COVID restrictions, despite another parliamentary committee already addressing the matter.
The actions led to objections from Liberal, NDP, and Bloc Quebecois MPs on the committee, who argued that this diversion was against committee rules. Eventually, the Conservatives agreed to postpone the debate on the second motion, allowing the witness testimonies to proceed.
However, the interruptions consumed nearly an hour of the committee's time, preventing MPs from questioning Trevor Neiman of the Business Council of Canada and Byron Holland, CEO of the Canadian Internet Registry Authority (CIRA). Consequently, these witnesses left, and the committee proceeded to hear from other scheduled witnesses during the second hour.
The proposed legislation, Bill C-26, grants the government authority to designate services and systems crucial to national security or public safety. It also enables the government to identify operators responsible for safeguarding these systems, with mandated reporting of certain cyber incidents.
Notably, concerns arise regarding the expansive powers granted by the bill, such as the Minister of Industry's ability to compel telecom providers to take "anything" necessary to secure the Canadian telecommunications system. Similar powers are extended to the cabinet over designated critical infrastructure providers under the CCSPA. Civil rights groups express apprehension about the potential for unchecked government authority.
Witnesses, including Trevor Neiman and Byron Holland, have proposed amendments to address these concerns. Neiman calls for limitations on the cabinet's power, emphasizing the need for considerations of effectiveness, costs, and impacts on competition. Holland suggests involving key civil servants in examining cabinet orders and limiting the use of cybersecurity data collected from companies. Both emphasize the importance of risk-based methodologies to impose proportionate obligations on low-risk firms with established cybersecurity programs.
Despite the challenges faced during the committee hearings, stakeholders continue to engage in the ongoing discussions around Bill C-26, advocating for amendments to strike a balance between enhancing cybersecurity and safeguarding individual rights and privacy.
