Ottawa’s cybersecurity bill has flaws and needs to be revised, new report warns – National

A new research report says federal network security legislation so flawed, it would allow authoritarian governments around the world to justify their own repressive laws.

The report by Christopher Parsons of the University of Toronto’s Citizen Lab makes 29 recommendations to increase transparency and accountability on proposed measures introduced by the Liberal government in June.

The government wants to establish a framework to better protect systems critical to national security and provide authorities with new tools to respond to emerging threats in the air. cyberspace.

Read more:

Experts say Ottawa’s cybersecurity bill has ‘good things’ – but secrecy rules need to be implemented

Under Measure C-26, key businesses in the banking and telecommunications industries would be required to improve cybersecurity and report digital attacks, or could face penalties.

The proposed bill gives authorities the ability to enforce measures through audit powers and fines, and allows criminal penalties in cases of non-compliance.

The story continues below the ad

The report says the powers Ottawa is seeking are not sufficiently binding, come with overly broad terms of secrecy and are likely to limit the ability of private companies to dispute the claims. , order or regulation issued by the government.

Click to play video: 'Registration glitches can be avoided: Cybersecurity expert'

Sign-up problems can be avoided: Cybersecurity expert

The report describes a scenario in which the federal broadcasting regulator could draft a piece of public law through its decisions while “a kind of secret law” is made through orders and regulations. The decision will actually guide the cybersecurity behavior of telecommunications providers.

It says the agencies proposed in Measure C-26 need to be backtracked in some places, essential terms and terms defined, and accountability and transparency requirements defined. “given freely” in an amended version of the law.

Read more:

Amid recession fears, Canadian businesses at risk of cybersecurity: study

The story continues below the ad

The report states: “If the government refuses to meaningfully amend its laws and make itself more accountable and transparent to telecommunications providers and the public, it will inform through a bad law”.

“Authoritarian governments will be able to point to Bill C-26 unamended in the process of justifying their irresponsible ‘security’ laws, secrecy and repression.”

Parsons, a senior research associate at Citizen Labs, which focuses on communications technology, human rights and global security, was among a number of individuals and groups who wrote a joint open letter to the Secretary of State for Security. Public Attorney Marco Mendicino last month expressed concern about the bill.

Click to play video: 'Feds introduces action to require businesses to report ransomware attacks or face penalties'

Feds take action to require businesses to report ransomware attacks or face penalties

He argued that the government owes it to citizens and businesses to justify why they are seeking new powers and the underlying reasons driving the introduction of cybersecurity legislation.

The story continues below the ad

Among his report’s recommendations:

_ The orders of the Council and the Ministry implemented to ensure the safety of the telecommunications system must be necessary, proportionate and reasonable;

_ orders must be published on the Canada Gazette within 180 days of issue, or within 90 days of orders being made;

_ The minister should be forced to make an annual report on the orders issued;

_ the government should explain how it will use information from telecommunications providers and specify the agencies to which the information may be disclosed;

_ relief measures should be taken if the government mishandles private or confidential information; and

_ there should be specified periods of time for how long the government may retain data of telecommunications service providers.

The report warns, the costs associated with complying with government orders could seriously affect telecom providers, including the risk that some companies may not be able to continue providing services. service to all their customers.

Read more:

Suspected Chinese hackers who tampered with Canadian chat show:

The report adds.

The story continues below the ad

“Security can and must be consistent with Canadian democratic principles,” Parsons writes. “Now the government must amend its laws to suit them.”

& copy 2022 Canadian Press


News5s: Update the world's latest breaking news online of the day, breaking news, politics, society today, international mainstream news .Updated news 24/7: Entertainment, the World everyday world. Hot news, images, video clips that are updated quickly and reliably

Related Articles

Back to top button