OTTAWA — Canada’s economic security is under constant attack and our allies will see us as a weak link if we don’t toughen up, Public Safety Canada warned top national security officials last December.

“Canada’s innovation ecosystem is being targeted by hostile foreign states and their non-state proxies to advance their national strategic interests to the detriment of Canada’s national security,” said the first page of a presentation the department prepared for a committee that includes deputy ministers, the heads of intelligence agencies and the chief of the defence staff.

“When Canada fails to address and counter these threats, it risks losing significant technological advantages, diminishes its own economic vitality and begins to lose the trust of close allies and partners by being seen as the ‘weak link’ in the like-minded community.”

The Logic obtained a copy of the presentation through an access-to-information request. Although the released document has numerous redactions, they mainly cover potential solutions; swaths of material describing problems are not censored.

Foreign adversaries are seeking access to Canada’s critical infrastructure, sensitive technologies, data (including personal information) and critical minerals, Public Safety Canada warned. Those economic assets are also national security assets, so threats to them are also national security threats.

Canada’s allies “are moving quickly to address economic security issues,” the presentation said, while this country has taken only “initial actions.”

In Canada, the presentation said, no minister is responsible for economic security; basic research is inadequately protected; national security isn’t properly considered even when the government itself buys things; and the office in the Innovation Department that reviews foreign investments in Canada is under-resourced compared to similar operations in Australia and the United Kingdom.

The proposed law to combat foreign interference that Public Safety Minister Dominic LeBlanc presented May 6 includes action on one problem the department highlighted in December: it gives the Canadian Security Intelligence Service more authority to share information about threats beyond the federal government.

A spokesperson for LeBlanc, Jean-Sébastien Comeau, emphasized that move in response to The Logic’s questions about the worries LeBlanc’s department raised with other government leaders.

“Over the last number of years, our government has put in place a series of measures to protect our critical infrastructure, our natural resources, and our research sector,” Comeau wrote in an email, without addressing the specifics of the questions. “Through Bill C-70, the Countering Foreign Interference Act, we are going further by modernizing the Canadian Security Intelligence Service (CSIS)’s powers, and giving it the ability to share critical information with entities outside the federal government—like private companies. We will continue to build on that work to tackle foreign interference and protect Canada’s national interests.”

Trevor Neiman, the vice-president of policy at the Business Council of Canada, welcomed the part of the bill that deals with CSIS. “Because CSIS’s legislation is so outdated and doesn’t contemplate modern threats to Canadian society, businesses are currently left fending for themselves and that really puts Canadians at risk,” he said.

The council represents some of the largest companies in Canada, from construction to oil to telecom to big banks, in sectors targeted by everything from straightforward foreign takeovers to hacking and industrial espionage.

The group published a report last fall tying economic security to broader national security concerns. The Public Safety presentation noted that report as a sign that “stakeholders are concerned about economic security.”

“Much of the battleground the government needs to contest to protect Canadians lies outside of its direct control,” Neiman said. So, he argued, it has to cooperate with businesses rather than being neutral or indifferent to specific companies. “Whether they like it or not, corporations are increasingly both the objects and instruments of state policy.”

There’s a “slow but growing acknowledgment” of that in the government, Neiman said. CSIS’s recently released annual report for 2023, for instance, talks about economic security—and the business council in particular—in several spots.

The very first paragraph of the report’s introductory message from director David Vigneault talks about working with the council on “the need to do more to protect Canadian businesses from research theft and the need to bolster our collective economic security with better information-sharing practices.”

On other fronts, though, the Public Safety presentation’s outlook is bleak.

Canada has no economic security strategy and no minister directly responsible—instead, responsibility is shared among multiple departments. That’s not unusual among Canada’s international partners, but most are explicitly working economic security into their national security visions, the document said. Canada doesn’t have one.

The federal government has imposed new rules on research partnerships between Canadian scientists and certain institutions in adversarial countries such as China and Russia. Those rules apply only to federal funding, the presentation noted, so Canadian scientists can still share delicate work with autocratic rivals if it’s paid for some other way, and researchers are still targeted by talent-poaching efforts. 

In government purchasing, “contract security and procurement instruments have not evolved to the new threat landscape,” the presentation said. “National security considerations [are] not well captured by existing tools for both commodities and suppliers.”

Canada toughened its scrutiny of foreign investments in Canadian industry with a bill that got royal assent in March; Public Safety warned that new reviews under the Investment Canada Act will increase the workload in a comparatively tiny office. 

The Innovation Department has 13 full-time–equivalent staff to review foreign investments on security grounds, the presentation said. The U.K.’s investment security unit has 80; Australia is expanding its own complement to over 100.

(While the business council supported the bill, Neiman said those reviews can take months.)

There might, the presentation said, be “potential benefit in [a] mapping exercise to identify key logistics and trade infrastructure (i.e., ports, carriers, rail infrastructure).” In other words, the Canadian government doesn’t believe it knows which parts of the goods-moving sectors are most important, and presumably vital to protect.

A recent case suggests that Canada’s oversight of that infrastructure has some gaps.

A pair of U.S. congressional committees reported in March that they had found unexplained cellular modems in port cranes and related equipment from China’s Shanghai Zhenhua Heavy Industries—ZPMC, for short—and labelled them a security threat.

Port cranes are the big apparatus in container terminals that hoist sea cans on and off freighters.

“Based on what we have learned during our joint investigation, the committees assess that ZPMC is fully capable of exploiting its supply chain access to manipulate U.S. maritime equipment and technology at the direction of the [Beijing] government,” the committee chairs wrote in a letter to ZPMC, demanding explanations for the devices.

The company denied that its cranes are cybersecurity threats but its statement didn’t address any specifics.

ZPMC is a major global supplier of port cranes, including in Canada—two new ZPMC cranes arrived at one of Halifax’s container terminals just a few months ago, and West Coast operator DP World installed two in Vancouver in 2022. When The Logic (and others) tried to find out whether the U.S. findings prompted any action in Canada, nobody would say.

Except for one Vancouver operator that told The Globe and Mail it rigorously checks its ZPMC cranes and uses third-party software to operate them, the private companies that run container terminals didn’t respond to inquiries.

Port authorities are public agencies that select the terminal operators but how the operators do business isn’t their concern, spokespeople for the ports of Montreal and Halifax said. (Though, when pressed, Renée Larouche of the Port of Montreal said by email that “there are no Chinese cranes on the territory of the Port of Montreal.”)

Transport Canada oversees ports but Transport Minister Pablo Rodriguez’s spokesperson said no port authorities had reported anything to the department. Try LeBlanc, she suggested. LeBlanc’s spokesman, Comeau, did not respond to repeated inquiries from The Logic about the issue.

Perhaps most broadly, Public Safety Canada worried in December that the government has “no public-facing entity to engage with industry” on economic security, unlike in the United States, United Kingdom, Australia and Japan.

The Business Council desperately wants such a thing, Neiman said. Giving CSIS more power to share threat information is great, he said, but “only the first step that must be taken to strengthen the resiliency of the economy.”