The Canadian election campaign is heating up. While issues of the economy and the environment are taking centre stage, another topic that is concerning to Canadians is cybersecurity and data privacy. So just where do the political parties stand on the issue?
Recently, Conservative leader Andrew Scheer was speaking before the Montreal Chamber of Commerce, where he outlined his party’s stance on cybersecurity. Scheer says, if elected, his government would, create a cabinet committee on cybersecurity and data privacy. To quote Howard Solomon of IT World Canada, Scheer also said “he will set up an expert committee with industry leaders to define binding digital security standards for critical infrastructure sectors and penalties for non-compliance, order periodic penetration testing on all government departments, and establish cybersecurity performance benchmarks for senior public servants.” Scheer also promised “plain language use agreements” be put in place so that companies collecting electronic data must receive informed consent from Canadians. It wasn’t stated how they would do this, but it is assumed they would update the Personal Information Protection and Electronic Documents Act (PIPEDA). Scheer would also like to apply regulatory standards for the ethical and secure use of artificial intelligence and the Internet of Things, as well as create the Canada Cyber Safe brand to ensure that consumers know when products have met rigorous security standards.
While Scheer is quick to attack the Liberals for inaction on Cybersecurity, Howard Solomon writes in the same IT World article that the Liberal government has implemented many changes in the past year. In addition to the updated PIPEDA regulations, “it created the Canadian Centre for Cyber Security, merging several federal functions into one unit under the defence department to be more visible to the public. These include Public Safety Canada’s Canadian Cyber Incident Response Centre (CCIRC) and the Get Cyber Safe public awareness campaign; many functions of the Shared Services Canada’s Security Operations Centre; and the entire IT security branch of the Communications Security Establishment (CSE), which now has responsibility for the centre. Shared Services Canada is a service which operates data centres for much of the federal government.”
The Liberals also added more federal spending for cybersecurity. In August, “the government announced a pilot project to create a certification for small and medium businesses called Cybersecure Canada, and it will see the Standards Council of Canada create a national standard for cybersecurity for SMBs, who, if they can prove they meet certain minimum standards, can carry the Cybersecure Canada brand on their websites.”
And where do the other parties stand? BNN Bloomberg has put together an election platform tracker. The NDP plans to “work with international allies to deal with threats to national security, including cyber crime.” The Green Party plans include: enacting “provisions to protect consumers and investors from fraud and theft in cryptocurrencies” and strengthening “digital privacy laws with measures such as prohibiting warrantless intrusions on Canadians’ communications, banning cyber surveillance programs that use bulk data collection, requiring companies to respect the “right to be forgotten,” and making data breach reporting mandatory for government departments, companies, banks and political parties.” Macleans has a similar platform tracker. They also show that the Green Party would also “increase the powers of the Privacy Commissioner to enforce privacy laws, require companies grant access to all information they hold on an individual and, when requested by that person, delete personal information from company databases and create mandatory data breach reporting for all government departments, companies, banks and political parties.”
It is still possible we will hear more from the parties on their promises to enhance Canada’s cybersecurity posture. One thing is certain, it is an issue becoming increasingly more important to Canadians. While there are many factors to consider before deciding as who to elect as your MP, but it is worth asking the candidates that come to your door, what is their party’s cybersecurity plan?