Senators amend error in cybersecurity bill that could have cancelled half of it

The federal government’s cybersecurity bill faces further delays after the Senate identified an error that could have nullified a significant portion of the legislation.

On Thursday, the Senate voted to amend the bill to correct what has been described as a human error. While the amendment is largely technical, the bill must now return to the House of Commons, where proceedings are currently stalled, for another vote. This setback prolongs an already lengthy process spanning over two years.

“This is unfortunate, considering the importance of this legislation,” said Senator Patti LaBoucane-Benson while introducing the amendment earlier in the week. She called on both chambers to pass the bill before the current parliamentary session ends.

The legislation, known as Bill C-26, was first introduced in 2022. It proposes new cybersecurity requirements for federally regulated industries and introduces national security measures for Canada’s telecommunications sector.

The bill is divided into two key components. The first amends the Telecommunications Act to grant the federal government explicit authority to restrict Canadian telecommunications companies from using products and services from "high-risk suppliers." This provision is designed to address national security concerns and would ban next-generation mobile networks in Canada from using equipment from Chinese firms Huawei and ZTE.

The second section, the Critical Cyber Systems Protection Act, requires critical sectors such as finance, energy, telecommunications, and transportation to bolster their cybersecurity defenses or face significant penalties.

However, an oversight during the legislative process could have undone much of the bill. A separate law, Bill C-70, aimed at addressing foreign interference, was designed to repeal a small section of Bill C-26. But due to a renumbering of clauses in Bill C-26 during committee review, the new law would have inadvertently annulled the entire second portion of the cybersecurity bill upon becoming law.

“If the error had gone unnoticed, it would have repealed the vast majority of Bill C-26’s operative provisions,” noted Senator Denise Batters. She emphasized the need for safeguards to prevent similar issues in future legislation.

Senator Hassan Yussuff, chair of the Senate’s national security committee, remarked, “Mistakes will happen, but this is an important lesson for improving the process.”

The timeline for addressing the amended bill remains uncertain. The House of Commons has been in a prolonged deadlock, with opposition parties demanding the government release unredacted documents related to a failed green technology initiative.

Despite the impasse, Jennifer O’Connell, parliamentary secretary to the Minister of Public Safety, expressed hope for swift action. “This bill focuses on protecting Canadians, which is why it received unanimous support in the House of Commons,” she said in a statement. “I hope all parties can collaborate to ensure this bill becomes law.”