Canada deliberates Bill C-26, focusing on cybersecurity for critical sectors. Concerns arise over government powers and industry collaboration. (IT World Canada)


January 30, 2024

This afternoon marks the commencement of the second phase of the Liberal government's cybersecurity and privacy strategy. The House of Commons Standing Committee on Public Safety and National Security is set to conduct hearings on Bill C-26, a legislation that proposes amendments to the regulations governing telecommunications companies and introduces the Critical Cyber Systems Protection Act (CCSPA).

David Shipley, head of New Brunswick’s Beauceron Security and co-chair of the Canadian Chamber of Commerce’s cyber council, emphasizes the significance of this legislation, calling it one of the most crucial safety and regulatory regimes in a generation. He points out the need to strike the right balance and swiftly implement effective measures. Shipley highlights Canada's lag behind the United States, Australia, and Europe in safeguarding critical infrastructure. He cites a near miss incident last year involving a Russian hacking team targeting a Canadian pipeline, underlining the potential consequences of relying on good fortune rather than robust defenses.

Should C-26 gain approval, it will establish security obligations for "high-risk firms" across six critical infrastructure sectors in Canada. These sectors include telecommunications providers, banks, financial clearing systems, interprovincial energy providers, nuclear energy stations, and transport companies. The legislation aims to designate certain firms as vital to national security, imposing stricter cybersecurity measures and requiring them to share cyber threat information with the Communications Security Establishment (CSE), the government’s IT security, and signals intelligence agency.

Designated firms will be obliged to implement and report on comprehensive cybersecurity programs addressing risks within their organization, third-party services, and supply chains. The government will possess the authority to instruct providers to take necessary actions to secure their systems.

Stakeholders, including industries and external experts, have had nearly two and a half years to assess the proposed legislation. The Canadian Telecommunications Association, representing major telcos like Bell, Rogers, and Telus, expresses concerns about the broad order-making powers granted to the government. The association also highlights the absence of a requirement for government consultation with industry and security experts. Transparency and proportionality in government orders, liability for telecom providers, and the issue of compensation are additional points of concern.

Electricity Canada, representing utilities and power producers, argues in its committee brief that C-26 fails to acknowledge established security standards within the sector and may add redundant regulatory requirements without significantly enhancing security.

Various groups, including the Citizen Lab, the Business Council of Canada, and the Canadian Civil Liberties Association, have already raised criticisms, suggesting amendments to the legislation to address perceived flaws and excessive government powers.

The hearings commence with closed-door testimony from senior officials in the Departments of Industry and Public Safety, followed by an open committee session with officials from these departments and the CSE. Concurrently, the committee continues hearings on the government's broader strategy, including an overhaul of federal private sector privacy legislation to introduce the Consumer Privacy Protection Act (CPPA) and the Artificial Intelligence and Data Act (AIDA).

How useful was this post?

Click on a star to rate it!

Average rating 0 / 5. Vote count: 0

No votes so far! Be the first to rate this post.

You may also like

EV Interest Dips Among Canadians for Third Year Straight

A recent AutoTrader survey reveals that interest in electric vehicles (EVs) among Canadians is steadily declining, despite a noticeable drop....

Nations Boost Digital Defences as Cyber Threats Grow

In a troubling sign of the times, hackers backed by Russia’s government infiltrated a water facility in the small Texas....

Google to Challenge Part of US Court's Ruling in Monopoly Case

Google, part of Alphabet Inc., has announced plans to appeal a portion of the recent court ruling in the ongoing....

Google Faces £5B UK Lawsuit Over Search Engine Control

Google is now facing a massive £5 billion lawsuit in the United Kingdom, accusing the tech giant of using its....

Meta CEO Zuckerberg eyed Instagram split in 2018, email reveals

According to an internal email revealed during an ongoing antitrust trial, Meta CEO Mark Zuckerberg considered splitting Instagram from Facebook....

Meta’s Monopoly Trial Begins: What’s at Stake for Instagram and WhatsApp

In a major legal showdown, Meta CEO Mark Zuckerberg appeared in court on Monday as part of a historic antitrust....

 Future Legislation Must Address AI’s Role in News Compensation

As the media landscape evolves, researchers in Canada suggest future laws aimed at balancing the power between tech giants and....

Ireland Investigates Musk’s X Over AI Data Collection Practices

Ireland’s Data Protection Commission (DPC) has launched a formal investigation into Elon Musk’s platform X, formerly known as Twitter, over....

Google Cuts Prices for U.S. Government to Compete with Microsoft

In a bold move to expand its presence in the public sector, Google is now offering deep discounts on its....

Alphabet Sticks to $75B Spending Plan Amid Tariff Concerns

Alphabet, the parent company of Google, has confirmed its decision to invest a staggering $75 billion in 2025, mainly to....

TSMC Faces Over $1B Fine Over Huawei Chip Link: US Probe

Taiwan’s leading chipmaker, TSMC, may be hit with a fine of over $1 billion after a U.S. investigation revealed one....

Shopify CEO: AI Skills Now a Must for All Employees

Shopify is taking artificial intelligence more seriously than ever before. In a recent internal memo, CEO Tobi Lütke told employees....