- Joined
- Mar 11, 2013
- Messages
- 16,731
- Points
- 113
Arbitrator's decision comes as spy agencies warn critical infrastructure in Canada is vulnerable to attack
Hydro workers perform maintenance on power lines in Renfrew County, Ont., on July 8, 2024. (Sean Kilpatrick/The Canadian Press)
After hiring an alleged ISIS recruiter, Ontario's largest electricity provider tried to bring in a much more intensive security screening process to protect its grid — but a labour arbitrator has found Hydro One's national security background checks were "intrusive" and "unreasonable."
The decision comes as Canada's intelligence agencies have increasingly warned that critical infrastructure in Canada is vulnerable to attack from foreign states, and that private companies need to take national security and insider threats seriously.
But as the decision — issued in late January and made public only recently — shows, there's still a gulf when it comes to balancing those concerns with labour and privacy rights.
"There can be no doubt that Hydro One’s business is highly safety sensitive and is part of Canada’s critical infrastructure," wrote arbitrator John Stout in his decision. "But the issue remains, do the general potential threats identified by Hydro One provide reasonable cause or justification for the intrusive screening of all existing employees? I think not."
The case dates back to 2015 when, according to evidence filed by Hydro One, it was approached separately by the Canadian Security Intelligence Service (CSIS) and the RCMP about an active investigation into a former co-op student "who was acting as a mid-level ISIS recruiter while employed at Hydro One."
CSIS said it won't confirm or deny any specific investigative details.
The individual was subsequently killed in the Middle East, said the arbitration document.
Hydro One then hired Juno Risk Solutions, a consulting firm which specializes in insider risk management and workforce reliability screenings, to investigate. It turned up "red flags" in Hydro One's hiring process, according to the company's evidence.
Chinese, Russian state actors blocked, says Hydro One
The company brought in a new reliability policy around 2022, setting out three tiers of screening depending on an employee's or third-party contractor's access. But even at the lower level, which includes tradespeople such as carpenters, they were required to provide a criminal record check and driver's abstract, and could be subject to other screening tools such as deep internet searches "as needed."Those with access to sensitive electronics, including meter readers and stock-keepers, were also asked to provide a credit check. Stout's decision said 69 per cent of Power Workers' Union (PWU) employees would have had to undergo the highest level of security screening.
To maintain their reliability status, employees had to renew their screenings every seven years, and contractors every three years.
Hydro One argued individuals with even basic access "may serve as initial entry points into the environment, potentially enabling malicious activity."
