Constrained information sharing for national security purposes between government agencies and departments has always happened, and it has always been necessary to make sure the right people have the right information—but it should only happen when it is required, and should always be done with appropriate privacy protections and safeguards. Individuals are obligated to provide their government with significant amounts of data as a general byproduct of daily life, and shouldn’t have to do so under the fear that the information will later be used against them by their government. Bill C-59 takes a small step towards reining in the excessive and largely unaccountable sharing permitted in Bill C-51, but must go farther to ensure that all sharing is fair, proportionate, and gives due consideration to privacy.
When Bill C-51 introduced the new Security of Canada Information Sharing Act, it vastly expanded the conditions under which 111 government departments and agencies could disclose information to 17 different bodies with national security functions (see here for more information on those changes). CCLA spoke up against the scope of the sharing (and the excessively broad definition of ‘security’ that guided this scope); the lack of safeguards, including privacy protections, and the lack of oversight in this Act. We also included many of these problems in our constitutional challenge.
Bill C-59 changes the concept of information sharing into information disclosure—a distinction intended to underline that no new information is collected by the government, but that previously held information is being disclosed for security purposes. The new reforms seek to provide some privacy protection by limiting the disclosure of personal information to instances that are “reasonably necessary” for security purposes. It also tries to provide a more contained and reasonable definition of “security” and to add some oversight that CCLA pointed out was absent in Bill C-51. However, the reforms do not do enough to limit how much information can flow to security agencies, which should only occur exceptionally. Further, the proposed amendments to what constitutes “activities that undermine the security of Canada” (the “trigger” for information sharing in the first place) do nothing to address the CCLA’s belief that this provision remains overbroad.
Equally problematically, the hard-won exemption for advocacy, protest, dissent or artistic expression is watered down by the addition of the phrase “unless carried on in conjunction with an activity that undermines the security of Canada.” Since one of the potential security-undermining activities involves interference with infrastructure, are anti-pipeline protesters still subjects for information disclosure? Would a website documenting human rights abuses of a Canadian ally affect the security of another state, and therefore justify information sharing about the site’s creator with a foreign government? As C-59 is currently worded, these examples are instances of protest and advocacy that might fall into the broad definition of an activity “that undermines the security of Canada.” In other words, the Security of Canada Disclosure Act (SCIDA) is still overbroad and continues to threaten meaningful and vital democratic participation.
Whether we call it sharing or disclosure, there is still work to be done to ensure that we achieve a regime that promotes security while protecting rights.