SECU Public Safety and National Security - Thursday, June 9, 2022 - Assessment of Canada’s Security Posture in Relation to Russia
Meeting 29
Thursday, June 9, 2022






House of Commons Emblem

Standing Committee on Public Safety and National Security


NUMBER 029 
l
1st SESSION 
l
44th PARLIAMENT 

EVIDENCE

Thursday, June 9, 2022

[Recorded by Electronic Apparatus]

  (1105)  

[English]

     Good morning, everyone. I call this meeting to order. Welcome to meeting number 29 of the House of Commons Standing Committee on Public Safety and National Security.
    I will start by acknowledging that I am joining you from Treaty 1 territory and the homeland of the Métis people.
    Today’s meeting is taking place in a hybrid format, pursuant to the House order of November 25, 2021. Members are attending in person in the room and remotely using the Zoom application.
    Pursuant to Standing Order 108(2) and the motions adopted by the committee on Thursday, March 3, 2022, the committee is resuming its study of the assessment of Canada’s security posture in relation to Russia.
    Appearing is the Honourable Marco Mendicino, P.C., M.P., Minister of Public Safety, and he will be supported by representatives from the Canada Border Services Agency, the Canadian Security Intelligence Service, the Department of Public Safety and Emergency Preparedness, and the Royal Canadian Mounted Police.
     Welcome to you all.
    I now invite Minister Mendicino to make an opening statement.
    Thank you very much, Chair.
    Good morning, colleagues. Just as we begin, I will endeavour to introduce quickly my colleagues who are here also to provide this committee with information and testimony, as the case may require. We have, from the RCMP, Denis Beaudoin and Michael Duheme; my deputy minister, Rob Stewart; president of the CBSA John Ossowski, and, of course, Michelle Tessier from the Canadian Security Intelligence Service.
    Members of the committee, it's my pleasure to join you today as you undertake your study assessing Canada's security posture in relation to Russia. I would like to begin with an acknowledgement of the shock I know we are all feeling about what is happening in Ukraine. No words can truly describe the horrors of war and devastation across the country and the desperation of those who are still alive and those who are struggling in the face of brutal attacks.
    On May 4 I had the pleasure of meeting the ambassador designate of Ukraine to Canada, Ms. Yulia Kovaliv, to hear her concerns and to explore how Canada can further support her country. We also spoke about the need to counter Russian disinformation and foreign interference. Russia's illegal invasion into Ukraine will have deep and long-term geopolitical consequences, and it directly threatens the rules-based international order.
    The situation has reinforced the fact that the international community is strongest when it acts together in defence of our shared values. It has also underlined that we are not immune from threats to our own security posture here in Canada. Hostile activities by foreign state actors like Russia pose a significant risk to Canada's national security. These activities are malicious cyber-activity, including cyber-attacks, among others; threats to our critical infrastructure, like our borders, bridges and power stations; the spread of mis- and disinformation; and espionage and foreign interference.

[Translation]

    Canada takes all those threats very seriously, and the Public Safety portfolio is well equipped to deal with them in times of peace or in times of war, even though the number of threats and their complexity have increased in recent years. Within the Public Safety portfolio, CSIS, the RCMP, the CBSA and Public Safety Canada all play an important role.
    CSIS investigates threats, advises the government and, as needed, takes steps to reduce threats to Canada's security.
    The RCMP is also an important player in Canada's efforts to counter hostile activities by state actors. It investigates criminal offences related to foreign interference, as well as cybercrime and allegations of war crimes.

[English]

     The CBSA works around the clock to ensure our borders are safe from a variety of threats. It also supports the government's commitment to provide eligible Ukrainian nationals with access to an expedited immigration process. The CBSA will also play a key role in enforcing the legislation I announced last week to ban sanctioned Russians from entering Canada. They shall have no safe haven here.
    The CBSA works closely with CSIS and other partners to conduct security screenings and to mobilize liaison officers overseas to support where needed. Both the CBSA and RCMP play an important role in the sanctions framework to ensure we hold those complicit in Russia's invasion to account.
    As members know, Canada has already introduced sanctions against 700 individuals and entities this year and adopted measures targeting specific goods and sectors, all in close coordination with the international community.
    Mr. Chair, I want to touch briefly on how we're equipped to respond to some specific threats, namely, those to our cybersecurity and critical infrastructure. Malicious cyber-activities that target the systems underpinning our critical infrastructure are a constant concern. They impact businesses, individuals, our economy and all levels of government. We've known for a long time that Russia has significant cyber-capabilities and a demonstrated history of using them recklessly and irresponsibly.
     Public Safety Canada works with other government departments and agencies as well as international allies to attribute malicious cyber-activity to state or state-sponsored actors when it can, with confidence, link the malicious activity to a particular actor. In Canada, we're fortunate to have a national cybersecurity strategy to protect Canadians. That has already led to the establishment of the Canadian Centre for Cyber Security, a single authoritative source for expert technical advice and support for Canada and Canadians.
    The centre provides public advisories, including on the Russian threat, and shares valuable cyber-threat information with Canadian critical infrastructure owners and operators. The cyber-strategy has also led to the creation of the national cyber coordination unit within the RCMP. That unit coordinates police operations against cybercriminals, including internationally, and works closely with law enforcement partners to address borderless cybercrime threats.
    In light of Russia's invasion of Ukraine, the government has enhanced engagements with critical infrastructure sectors. In fact, just a few weeks ago, we held a multi-sector network meeting with critical infrastructure stakeholders to discuss threats and mitigation measures for Canadian industry.
    Mr. Chair, all of these efforts are bolstered by budget 2022, funding of nearly $700 million over five years, to support how we fight cybercrime and defend critical government and private sector systems and increase our collective resilience. We remain steadfastly committed to combatting foreign interference by any foreign state seeking to harm Canada.
    We will continue to condemn Russia's invasion; we will continue to support the people of Ukraine, and we will continue to partner with allies around the world who share our commitment to peace, democracy and the rules-based international order.
    Thank you.

  (1110)  

    Thank you very much, Minister. I appreciate your attention to the clock, as always.
    Now we move into our first round of questions. The first six-minute block goes to Ms. Dancho.
    Thank you, Mr. Chair.
    Thank you to the Minister for being here today and to all of those who came with you as well. Thank you for working so hard to keep us safe.
    Minister, you went over a lot about cybersecurity. I'm going to get to that.
    I first want to ask you a bit about the Prime Minister visiting the NORAD command centre in Colorado. Of course, you are the Minister of Public Safety, so that's border security, as you mentioned, CSIS and the like, but of course, I think you would acknowledge that, given the threat of Russian aggression, your department, in essence, overlaps a bit with Minister Anand's Ministry of Defence. I'm sure you've had discussions of how to keep Canada safe should the worst happen—a cyber-attack or something much more scary, like a missile attack.
    I want to ask you about that, because it's the first time that the Prime Minister of Canada has visited that command centre in decades. I think that sends a clear signal of how seriously your government may be taking NORAD upgrades.
    Is that correct?
    I think that's a very fair assessment, Ms. Dancho. I also would echo the concerns within the premise of your question around the current state of geopolitical affairs.
    I want to thank you and the other members of this committee for studying Russia's illegal invasion into Ukraine and, I think, looking at some of the post-WWII multilateral international platforms, including NORAD and NATO. It is extremely important as we not only help to support the people of Ukraine in defending their own state sovereignty but also stand up for democracies around the world. The Prime Minister's trip to NORAD, as you pointed out, is one in some considerable time and is a reflection of that commitment.
     We're seeing other countries around the world take their defence spending and their national security very seriously in light of the invasion. We've seen Germany announce that it's going to meet its 2% commitment with $140 billion in military spending. Sweden and Finland are joining NATO.
     As people are moving forward, do you think that Canada should spend the $15 billion to upgrade our NORAD defences?
    Ms. Dancho, I think our government is very much seized with the need to ensure that the Canadian Armed Forces and the Department of National Defence, including the community of agencies that are here within the public safety and national security apparatus, are properly resourced to defend Canadian interests both here and abroad—

  (1115)  

    Do you feel that they are properly resourced right now?
    We make a very strong case in budget 2022 to ensure that they continue to have the tools they need, so the $700 million, for example, that will go to defend our cyber-critical infrastructure, as I pointed out in my remarks, is among many other investments that we're making. There are additional resources for both the RCMP and the CBSA, as well as my department, which touch directly on the subject you're studying.
     Those are important investments in cybersecurity, and I'm going to get to that, but of course, as I'm sure you've heard, just the other day the U.S. ambassador, David Cohen, criticized your government's recent budget for failing to make the necessary investments in military spending and defence.
    Can you comment on whether we should be spending more, and do you agree that we should meet the 2% target?
    First, I've had the opportunity to engage with Ambassador Cohen, and I think his posting is the latest in a long line of ambassadors to Canada that reflects the very strong relationship that exists between our two countries.
    I think that as we continue to ensure we're giving our members of CAF, as well as our national security agencies, the resources that we need to, we're very transparent about how those resources will be put to good use. Supporting NORAD and supporting the work we're doing to ensure that we're protecting our critical infrastructure, including cybersecurity, is imperative, and we're putting investments in the budget to do that.
    He has been quite critical of your government's investments or lack thereof in terms of what he thinks is acceptable to ensure our defence relationship of North America is strong.
    We've also heard from witnesses that although Canada is a strong contributor to intelligence with the Five Eyes, we could be doing more. In essence, it was explained to me that you get out what you put in, and that we're not putting in nearly enough, which is why we weren't invited to join AUKUS, for example, as I'm sure you're aware.
    Can you comment on the conversations you've had with CSIS? Have you contributed more to their budget? Do you think that more should be done so that we can be bigger players at the table when it comes to contributing intelligence to the Five Eyes and the like?
    Let me say two things very quickly, because I think there were two parts to your question.
    First, with regard to our co-operation with the United States, as well as other allies, we have exceptionally strong relationships with the United States, particularly in intelligence, and I think it is critical, whether it's in the Five Eyes forum or other forums, that we maintain that, particularly in light of the evolving threats to our national security.
    Again, I commend the members of this committee for studying the particular threats that are posed by Russia as a result of its invasion of Ukraine.
    Thank you, Minister.
    The AUKUS agreement with Australia, the U.K. and the U.S. is a collaboration in military procurement and intelligence sharing. Of course, you're in charge of CSIS—or you're the elected official in charge of CSIS. Can you explain why we were left out of that agreement? You've said that you're quite confident in our contribution, yet we were left out of that agreement by the U.S.
    Without wanting to comment on behalf of other countries and the multilateral or bilateral relationships they may choose to enter into, I would just reiterate that we have exceptionally strong relationships, not only with the United States. For example, I had the chance to meet very recently with some of our Australian counterparts, who visited this country to talk about the robust collaboration that exists when it comes to intelligence.
     We also have, in addition to the Five Eyes forum, very strong bilateral relationships with other countries and like-minded democracies to ensure that we are meeting the new threats that emerge geopolitically—
    I'm sorry. Thank you.
     For my last question, we've been hearing from cybersecurity experts that we need to invest more money in protecting our small and medium-sized enterprises with cybersecurity: Does any of the new money you announced for cybersecurity help SMEs—
    I'm sorry, Ms. Dancho. We're—
    I'm sorry. It's my last technical question. Can he just answer?
    You have 10 seconds, sir.
    There's a lot there, but very briefly, yes, some of the investments in budget 2022 will obviously accrue to the benefit of the work within the agencies that are represented here, including CSIS and the CBSA. Cybersecurity is a sector that touches on a lot of the different portfolios that are represented at this table.
    Thank you very much.
    I'd now like to turn to Mr. Chiang, who has a six-minute slot.
     The floor is yours, sir.
     Thank you, Mr. Chair, and good morning to the witnesses.
    Good morning, Minister. Thank you for joining us today. It's good to see you again.
    Minister, you outlined the threat posed by Russian disinformation to exploit and amplify divisions that already exist in Canada. In budget 2022, the government proposes to spend “$10 million over five years...to coordinate, develop and implement government-wide measures designed to combat disinformation and protect our democracy.”

  (1120)  

    It does, and if I could be permitted to expand, I'm quite confident that the members of this committee, and all parliamentarians, are seized with the significant risks and threats that are posed by Russia. Its latest invasion into Ukraine is a reflection of the destabilizing campaign that it is embarked upon. It hasn't only had a brutal and profoundly negative impact on the people of Ukraine; it has the potential to be destabilizing elsewhere, including here in Canada.
    For instance, Russia's effort to promote a narrative that it went into Ukraine to de-nazify that country, or that it was in retaliation as a result of Ukrainian and Russian...is flat out false. The proliferation of those narratives online makes its way into the Canadian market, so we have to be very much alive to that.
    Budget 2022 sets out investments that will help to address concerns around disinformation and misinformation, and the agencies that are represented at this table are very much seized with that work.
    Thank you, Minister.
    What has our government done to counter disinformation?
    There are a number of things. I touched on it in my remarks.
    First, I'll say, from the sort of mile-high level, we have a national cybersecurity strategy and a national cyber-action plan, and many of the officials that are on this table are seized with that work.
    For example, the RCMP would be able to investigate and potentially prosecute any foreign interference that spills over into something that could be charged under the Criminal Code. In the work that CSIS does, it is able to detect potential threats to our national security in the form of foreign interference, disinformation or mal-information. The work that CBSA does is about ensuring that, as we are accommodating Ukrainians who have had to flee from their homes because they've been destroyed, we are doing it with integrity and with security.
    That is the policy architecture within which we are coordinating our efforts across government to address the threats that are posed as a result of Russia's illegal incursion into Ukraine.
    Thank you, Minister.
    I will defer the remainder of my time to MP Noormohamed.
    Thank you, Mr. Chiang; thank you, Mr. Chair, and thank you to the witnesses and to the minister for being with us today.
    I would like to introduce a motion, if I might, at this time, and I want to preface this by saying the following.
    This committee has worked extremely well in finding ways to collaborate. When I bring this motion forward, I'm seeking unanimous consent to move the motion. It is in relation to the fact that we have seen a substantial run on the purchase of firearms. This motion is not intended to usurp or replace any of the important debate we need to have on Bill C-21, but I wish to introduce the following motion and will seek unanimous consent from the committee to move it.
    The motion reads as follows:
That the committee report the following to the House: That pursuant to section 118(4)(b)(ii) of the Firearms Act (1998), the Standing Committee on Public Safety and National Security has decided not to conduct inquiries or public hearings into the proposed regulations tabled and referred to the committee on May 30, 2022.
    The translation and the original motion itself have been circulated to the clerk.
    I put this before the committee simply because I believe it's important for us to give unanimous consent to move forward, recognizing how well this committee is working. It really is in response to the alarming run on the purchase of firearms.
    I know that a number of members of all parties have raised this issue. I've had discussions with members of the opposition, as well as others, who have expressed their deep and grave concern about this. I put this forward to the committee and seek everyone's collaboration in getting unanimous consent.
    Thank you, Mr. Chair.
     Okay, colleagues, we have a motion that's been brought forward. It would require unanimous consent to proceed.
    Does the honourable member have unanimous consent to proceed with his motion?

  (1125)  

    Okay, then I gather we take the notice of motion as an advance on the next meeting of this committee, and that we'll then debate the motion.
    Clerk, is that right? It is.
    There's no unanimous consent and time had run out on the previous speaker, so I will move to Ms. Michaud, who has a six-minute block.
    The floor is yours.

[Translation]

    I thank the witnesses for joining us.
    It is nice to see you in person, Minister.
    I would like to ask you a question about the secret orders in council your government has adopted since 2015. We are talking about 72 secret orders in council. That is a marked increase compared with the number of secret orders in council adopted by Stephen Harper's Conservative government. Normally, to justify the adoption of a secret order in council, national or military security must be invoked, or it must be argued that the order in council is related to national security reviews of foreign investments in Canadian companies. More than half of those orders in council have been adopted since early April—

[English]

    Excuse me, Mr. Chair. I have a point of order. I apologize to Madame Michaud, but the bells are going. I'm wondering if we can get unanimous consent to continue through to the end of the first round before we break for the vote.
    Do we have unanimous consent to continue?
    We do, so let's do just that.
    Madame Michaud, you have the floor.

[Translation]

    Thank you, Mr. Chair.
    One of those orders in council was adopted between January 28 and February 1, 2022, and another one was adopted in mid-February, which is around the beginning of the trucker protest.
    Another order in council was adopted when the international community was starting to worry about Russia preparing to invade Ukraine, around February 24. Other orders in council have been adopted since Russia invaded Ukraine.
    In response to this, your government said it was acting openly. If it wanted to act openly, why did it use secret orders in council?
    Since your government has adopted more of those than previous governments, is there reason to believe that real threats to national security exist and that you wish to keep that information confidential?
    Can you tell us more about the application of those orders in council?
    Thank you for the question, Ms. Michaud. This gives me an opportunity to reaffirm the importance of protecting the principle of an open and transparent government. That principle applies to all of our files. However, as you said, we must also apply other principles to protect our interests related to national security issues.
    This decision was made to protect not only the principles, but also all Canadians.
    Are we to understand that some information is kept secret because Canada fears repercussions in relation to what is happening in Ukraine? Russia is carrying out disinformation campaigns and cyber-attacks. Are we to understand that the decision to keep those kinds of orders in council secret is related to this situation?
    The government considers various factors before deciding to apply national security principles. That said, we try to always provide the public with as much information as possible when we decide to use orders in council, so as to respect the important value of having an open and transparent government.
    In late May, a University of Ottawa task force—with contributions from four former national security advisors, two former directors of the Canada Security Information Service, former ambassadors, retired former deputy ministers, as well as academics—carried out a study that concluded that Canada was not ready to address the threats, including the ones from Russia. Those experts said that we were not prepared to face that new world and that we should urgently rethink our national security. One of the conclusions was that the Russian invasion in Ukraine shows direct threats that are affecting Canada's interests. According to them, China could also be a challenge over the long term.
    What is your response to those criticisms from former government experts who are saying that our national security is currently inadequate?

  (1130)  

    I know some of the authors of that study, and I want to thank them for their work and their contribution. I had a chance to look at a number of their recommendations. It is worthwhile to consider other studies and to look for solutions the government can integrate into its strategy. That study is timely because the government is modernizing its cybersecurity strategy. The fact that this study was carried out is a very positive thing. That said, our agencies are also doing a lot of good work.

[English]

     Thank you, Minister.
    I would now like to invite Mr. MacGregor, who will have a six-minute block of questioning.
    Thank you very much, Mr. Chair.
    Welcome again, Minister. It's good to see you back.
    We have heard from a number of witnesses across the spectrum, and from many different experts. We've been very lucky to have their testimony before this committee, regarding the threat posed by cybercrime in the Canadian context. With respect to what's going on in Canada, we have a cybercrime coordination centre with the RCMP, as well as the Communications Security Establishment, which runs the Canadian Centre for Cyber Security.
    Minister, as you know, when dealing with the federal government, it is a massive organization, and we can sometimes fall into siloed thinking. CSE reports to the Minister of Defence. The RCMP's unit reports to Public Safety. As a committee member, I want to know how these two ministries ensure there's harmonization in the work being done between those two agencies, and no duplication of work. Sometimes, things can get missed when you have two different ministries involved.
    Can you give us an update on how those ministries and their respective agencies are working together on this very real problem?
    That's a great question, Mr. MacGregor. To begin, I would emphasize that the national cybersecurity strategy and national cybersecurity action plan are two policy instruments we use to coordinate these efforts. Among other things, my deputy minister, Rob Stewart, is playing a chairing role that brings together different officials across the government, including at DND. That forum, among others, is a way for us to share information, coordinate efforts, identify threats and determine how best to introduce mitigating strategies.
    You're quite right. It's important that these efforts continue, in order to avoid a kind of stovepiping, which can lead to the fracturing of a coordinated response.
    Thank you for that.
    We know the Russian government has close allyship and coordination with several criminal organizations. It has partnered with these criminal organizations to do its dirty work. Often, this has very real consequences around the world, including here in Canada.
    We have heard from witnesses that the federal government and businesses under federal jurisdiction have some pretty top-level security—our national banks, and so on. The concern is for subnational organizations and governments: our provincial health care systems, the cybersecurity of our big cities, and even major businesses.
    First, how are you tackling that problem?
    Second, we've had some witnesses call for mandatory incident reporting. Sometimes, businesses are loath to report they were held hostage by ransomware. They find it's just easier to pay off the person and not report it. There can also be a threat of further damage if they do, in fact, report it to the authorities.
    What steps are you taking with regard to those two questions?

  (1135)  

     Again, I cannot emphasize enough how important it is in the current geopolitical environment within which we find ourselves that we are very much on high alert for potential attacks from hostile state actors, like Russia, which could manifest through cyber-attacks or through ransomware, which looks to identify potentially valuable targets to Canadian interests, like critical infrastructure, but equally subnational targets, different orders of government and other sectors of the economy. A lot of this work is being led by the Canadian Centre for Cyber Security, which falls under the purview of the CSE, where we work with the industry and with leaders within the economy to provide them with practical, common-sense advice on how they can best protect their businesses.
     On the mandatory incident reporting, there is the old adage, “We don't know what we don't know,” and we know, from other studies, that Statistics Canada has gaps in our knowledge of violent crimes that might be committed with firearms. There's definitely some room for improvement there.
    If we don't really know the full scope of the problem, and if some businesses are keeping this in-house, what steps is your government taking to maybe bring in a mandatory reporting requirement when they've been hit by cybercrime?
    I appreciate the follow-up. I was just coming to that as I was talking about how we partner with leaders within the economy and industry to encourage reporting and to encourage it in such a way that they're not concerned about either stereotypes or stigmas.
    “Encourage” is different from “mandatory”.
    That is a true distinction that you're making, and certainly it's something we are reflecting on within government. I would also point out that the CCCS, the Canadian Centre for Cyber Security, also publishes a national cyber-threat assessment, which is another tool that can be used by industry leaders within the economy and other orders of government. Through that particular agency within government, we try to offer support.
    Is mandatory incident reporting on the table?
    I absolutely think it's something that we need to be considering, for sure. It's an option that we're considering very carefully.
    Okay.
    Mr. Chair, I'll donate my last 10 seconds to you.
    Thank you.
    We now move to the second round of questioning.
    The first to lead us off is Mr. Lloyd, with a five-minute slot.
    Clerk, I gather you're keeping your eye on the vote?
    Mr. Chair, on a point of order, we had unanimous consent to finish to the end of the first round, so that we could suspend and go to the vote.
    Yes. If that's the will of the committee, we can do that now and then resume after everyone has had a chance to vote.
    Are members voting remotely, or are they heading into the West Block?
    Both. Then I think the prudent thing to do is to suspend until members have had a chance to vote. We'll resume as soon as members have returned to their seats.
    The meeting is now suspended so members have a chance to vote.
    [Proceedings continue in camera]