:
Good afternoon. I call this meeting to order.
Welcome, everyone, to meeting number 81 of the House of Commons Standing Committee on Government Operations and Estimates.
Pursuant to Standing Order 108(2) and the motion adopted by the committee on Monday, October 17, 2022, the committee is meeting on the study of the ArriveCAN app.
As a reminder, keep your microphones away from the earpieces, as it causes feedback and potential injury to our valued translators.
I will remind you that, today, we have an absolute hard cap at 5:45 p.m. and not a moment after, colleagues.
We're going to start with statements from our witnesses, Ms. Dutt and Mr. Morv.
Ms. Dutt, please go ahead for five minutes.
:
Mr. Chair and honourable members, thank you for inviting Botler to testify before the Standing Committee on Government Operations and Estimates, which is known as the mighty committee.
[English]
I thought you'd like that.
Botler is a Canadian public safety company focused on misconduct and legal violation detection using artificial intelligence. We believe the law is a public good, and our vision is to empower citizens with equal access to the legal system, in laypersons' terms. Our mission is to fight misconduct one incident at a time.
Botler's original technology was in the form of a chatbot. Today, Botler's technology is built upon GPT-4 and ChatGPT, which I believe you're familiar with.
Any individual who has faced or witnessed misconduct can visit our website at botler.com and get an impartial assessment from our AI for free. Botler educates the user on laws and legal concepts that are specifically applicable to their respective situation in order to empower them to take the next steps to enforce their rights.
In 2017, before AI was the mainstream staple that it is today, Botler was the first company in the world to apply AI to the detection of sexual misconduct, which was inspired by my own harrowing, traumatic experience with a workplace stalker. Our story was covered extensively by national and international media alike, including but not limited to The Globe and Mail, The New York Times, The Washington Post, the BBC and Vice, to name a few, totalling over three billion press impressions.
Botler's work did not go unnoticed by the Government of Canada. In 2018, I was invited by then-minister Navdeep Bains to address the G7 on Botler's innovative work and discuss our approach toward AI and the law. I used the opportunity with the G7 ministers to present Botler's manifesto for a future in which we could provide our AI to every single person so that they would have equal access to the justice system.
In 2019, Botler won a competitive RFP with the legal aid directorate of the Department of Justice Canada. Through this initiative, we became the first regulated AI in the world to provide legal violation detections directly to citizens. In recognition of this momentous achievement, in 2020, I was recognized on the Forbes “30 Under 30” law and policy list. I was the only Canadian on the list.
As two international students who came here with big ambitions, Amir and I have dedicated ourselves to building Botler into a venture that can truly impact our fellow citizens' lives for the better and that can make Canada proud.
While Justice Canada's legal aid directorate were giving us a seat at the table and Botler was going from strength to strength, there was another faction within the Government of Canada that was also noticing us, but for completely different reasons. This small but powerful faction, spearheaded by the Canada Border Services Agency, had identified the perfect rationalization, incentive and opportunity in Botler. If you're familiar with it, you may recognize these three as the components of the triangle of fraud.
With the Auditor General's fall 2019 report on the culture of deeply entrenched workplace harassment at the CBSA, countless sexual harassment cases at the agency and the impending implementation of Bill to prevent harassment in federal workplaces, the CBSA had identified the perfect rationalization to kill three birds with one stone.
With over 300,000 federal public servants covered by Bill and Botler's existing technology as the only solution on the market that was available to provide full compliance with the bill, the CBSA had the perfect incentive to sell Botler's enterprise licences to the entire Government of Canada, using its own procurement vehicles, which would—quote—allow them to add infinite amount of funds to the price, to be executed through their usual suspects.
My personal profile as a female immigrant entrepreneur who refused to be a victim of sexual misconduct and transformed crippling trauma into something that attracted extensive goodwill from Justice Canada, the public and media alike provided the perfect opportunity for an optics operation that could funnel tens of millions of taxpayer dollars. We later learned that this was executed through a set-aside for indigenous business contracts, which is yet another example of monetization and theft using the trauma of marginalized communities.
To seal the deal at the Privy Council, this faction used me and our sacred citizens' initiative with the Department of Justice as its false flag operation. However, it had one fatal flaw in its grand scheme. Botler was there on a mission, which was to prevent, detect and combat misconduct—and that's exactly what we did. We started submitting reports against this very faction.
In response, instead of protecting Canadian taxpayers and their hard-earned dollars, the government machine, including the CBSA, PSPC, TBS and other individuals, including legal services, mobilized to bury our reports and to attempt to obstruct justice—and all in Canada’s name.
In December 2022, during the same time that President O'Gorman said they were debating whether to send our reports to the RCMP, my emails were hacked and every record of an email that Kristian Firth had sent to me was mysteriously deleted.
We watched and waited patiently for someone to do the right thing and act on our reports. Instead, we were heartbroken as they lied. They lied to us. They lied to you at OGGO. They lied to Parliament, and they lied to Canadian taxpayers.
Sitting here today, I can assure you of one thing: Systemic government corruption existed before Botler. This systemic government corruption tried to manifest itself through Botler. Now, because of Botler, systemic government corruption will be annihilated.
Thank you so much.
:
Mr. Chair and honourable committee members, I am a programmer and software architect with a focus on security. As part of my expertise, I study systems to identify vulnerabilities in order to mitigate their potential exploitation.
In November 2019, we were approached by the CBSA through their operative, Kristian Firth of GC Strategies. Since then, I have been closely studying and documenting numerous vulnerabilities that we have uncovered in Canada’s procurement regime. We have also witnessed these vulnerabilities being systematically exploited by the government officials in the highest levels of the public service. From our experience, the primary objective of this exploitation is to funnel tax dollars and public funds into private entities that lie outside of public purview. Professional services contracts, which are currently the subject of several committee studies and will cost taxpayers almost $20 billion this year, are the prime targets of this exploitation.
I refer to one such scheme as “ghost contracting,” which we have observed with Botler and ArriveCAN, which is the current study of the committee. For ArriveCAN, GC Strategies was a prime contractor that received significant commissions to then subcontract the work to third party companies, which were the ghost contractors. Based on documents tabled to this committee, GC Strategies claimed that the employees of these ghost contractors were the individuals named in the tabled task authorizations, TAs. These TAs were used to bill the government. As these ghost contractors are not subject to direct government purview, there is no way to validate that the named individuals actually performed the work or are even aware that they have been named in these task authorizations.
Also, this is assuming, basically, that these are real individuals with valid security clearances and not fake profiles created for these TAs. In Botler's case, there were three levels of contracting. GC Strategies operated as the ghost contractor, and Ritika and I identified personally as sub-subcontractors. Our identities were used without our knowledge or consent by Coradix and Dalian, entities that we have never heard of.
Another critical vulnerability that I would like to bring to your attention is the fact that Botler worked on the CBSA project with no contractual or legal agreement in place with the agency or with any of the subcontractors or contractors that were involved. Despite this, we were freely given access to non-public information by the CBSA, and Botler has full legal rights to all information that we have collected for this misconduct case. Now imagine the exposure that Canada would face if a bad actor is legally given access to sensitive information through similar means. Imagine the dangers that this would pose to our country.
If procurement rules have been respected, any resource named on a project should be aware of it. They should provide their written consent or sign a contractual agreement, and they should sign an NDA. However, the biggest vulnerability that I would like to draw your attention to is the fact that these contractors are openly engaged in various criminal activities. They openly commit frauds on the government by promising influence and requesting material benefit in exchange. One thing that we have consistently observed with both our Department of Justice work and our interactions with Public Safety is that an act of misconduct rarely happens in isolation. It is almost always symptomatic of a larger existence and tolerance of misconduct. Individuals engaged in such conduct are also prime targets of exploitation and extortion.
In our interactions with GC Strategies, Mr. Firth routinely boasted that he and his friends, senior government officials with contracting authorities, have “dirt” on each other, essentially guaranteeing silence through mutually assured destruction. While external contractors are engaged in misconduct and do the actual dirty work, I want to emphasize that their conduct would not be possible without backing from factions within the government. At least in our case, their conduct was fully directed by the faction within the government that we have encountered.
Unfortunately, once we began reporting our findings, the government machine mobilized to bury Botler’s reports and protect this corruption. The most shocking response we received came from Public Services and Procurement Canada with the involvement of its legal services. PSPC stated that Canada has determined that no rules were broken. This is while the same allegations were under RCMP investigation. When the government body that has been entrusted with overseeing and spending our tax dollars decides to selectively enforce its own rules, whether wilfully or through sheer negligence, this is dangerous.
Now, the bigger question is what else PSPC has turned a blind eye to in the expenditure of tens of billions of taxpayer dollars.
Thank you.
:
There were allegations of fraudulent billing and allegations that the terms and rules of basic procurement were broken.
There's a context here that I would like to provide. We haven't had any sort of documentation on what contracting vehicles were used in Botler. The only document that we saw was this contract between GC Strategies and Dalian.
In late August 2021, after months of going back and forth with different teams within the CBSA, everybody was confused about this project because the milestones were completely random and arbitrary. After months of going back and forth, an employee from CBSA had a call with me. During that call, this employee disclosed that they had reviewed the task authorization and they expressed serious concern. At that time, we hadn't seen the task authorization. We didn't know what was in that task authorization.
This employee raised serious concerns and told us that there was a risk for the project to move forward with the current structure, without actually explaining in detail what was there. We technically told the CBSA that there were allegations of fraudulent billing, because parties were being paid for the work that we were conducting but they were not releasing payment to Botler.
Also we raised this huge red flag that there was no contractual relationship between Botler and any of the parties, and we were not really party to any of the contracts that CBSA or other parties may have.
:
Yes, we were threatened.
[English]
When we reported the misconduct, there wasn't just the September 2021 misconduct report. We also reported in December 2021, after which the CBSA responded by cancelling the project. They had asked for us to provide the remainder of the work over to them, which we did. We provided the work in full in February, but they came back in March 2022 and said that, on top of the actual work we did, we would have to hand over every single note, document and record we had that was associated with the project—essentially, that would be the records and evidence of the misconduct we had uncovered—and that those records should be handed over to Coradix and Dalian as the contractor, even though they were fully aware that we had reported numerous times that we had no relationship with Coradix and Dalian. Even if we hypothetically were to have it, why would we hand over reports of evidence to the people whom we had reported misconduct against?
In that instance, Diane Daly, who was in charge of the file at the CBSA, started threatening us in the name of Canada and making demands that we would have to hand over these files. She gave us timelines of, I believe, 24 hours. We were threatened in the name of Canada.
Mr. Chair, I'm shocked by what I'm hearing today. I never would have expected to hear this kind of testimony at a parliamentary committee in Canada.
You, our witnesses, are describing what is horrific systemic corruption in the procurement system. It's systemic government corruption. You're presenting a clear timeline and clear evidence to support those incredibly serious allegations.
Members of the government are saying that this isn't about ArriveCAN. I think it is about ArriveCAN, but it is also much bigger than just ArriveCAN.
I want to say back what I think was your description of it and get you to confirm that I have this right.
You're describing a system in which government contracts go to preferred contractors. They claim to subcontract to others, who they claim did the work. They provide reports on this, but those subcontractors might not be doing the work. They might not know they're being named, and they might not even exist in some cases. This system allows those initial contractors to overbill taxpayers and cash in big. Is that what's going on here?
As I think you know, but just for the benefit of the public, parliamentary committees have significant powers when it comes to requesting information. I think Canadians are looking to us, the government operations committee—the mighty OGGO, as the chair likes to call it—to do all we can to get to the bottom of this. In a moment, I'm going to ask you what documents we should be requesting as a committee to help us further understand and dig into what's going on.
First, you mentioned the breadth of this.
I want to request that the committee ask for all contracts between a government department, agency or Crown corporation and GC Strategies, Dalian or Coradix, over the last eight years. I'd like to request those contracts by Tuesday of next week. Is there agreement for that request?
It's very evident that everyone in this room, including the government, should be concerned as it's very evident that there definitely seems to be some type of systemic problem at play here, and that's absolutely what we have to get to the bottom of with this committee.
In addition to the large amounts my colleagues mentioned, I see that GC Strategies has contracts, in fact, with more than 20 departments across the government. There is no way this is not systemic. We absolutely have to get to the root of what happened not only there but also where else it is happening within the government. That is most definitely the objective here.
Before I move on to my next line of questioning, I want clarify for a final time your communication with Mr. Ossowski. He said initially that he didn't have any meetings with you. Then in the most recent meeting he retracted that. He stated that he had just the Teams meeting with you. Is that accurate?
:
We received an email from Kristian Firth, which was forwarded. It was an email with directions on how to conduct a security clearance. At the bottom of that email there was a very brief, one-line sentence saying that, for any information, just refer to security@coradix.com. That was the first time that we saw the name of Coradix.
We followed that instruction. There was a link on that email. We followed the link and immediately we received an email from the hiring manager, who was Antonio Utano.
At that point we thought that security was probably being conducted by Coradix. The reason we were misled into believing this was that we were never provided any information on the security clearance process. Even at the end when we signed the security briefing forms.... There is a clause on those forms that the organization that holds the security clearances should brief us on what the security clearances mean. I believe they signed that clause, but we were never briefed. We were never provided any information on how the system works or how the security screening works in general.
We weren't even provided with a reference letter or a requesting letter for the security clearances. We were provided verbal instructions to go and conduct our security clearances at a fingerprinting office.
We approached this office. We went to this office and the person who was conducting the security clearance was surprised and told us they had never seen anything like that, where someone comes with a verbal contract for security clearances. At the beginning, they told us that they couldn't really process the request because we didn't have an official document. We showed them the email we had received from Antonio Utano, the hiring manager. We ended up doing the security screening and it went through.
All that time we were thinking that Coradix was an entity that was conducting the background check on us, which is common. We also use the same entities for our own employees.
:
Thank you very much, Mr. Chair.
It still amazes me to see that, for dealing with the aesthetic aspect of the application, 8,190 days of work were billed. I can't get over it; it's blowing me away.
At one time, in the time of handwritten HTML, I created a website from A to Z, and it must have taken me about 80 hours. That was in 1999, so it wasn't very complicated. Of those 80 hours, I billed for 40, but that's another matter.
Whatever the case may be, the situation amazes me.
After you started the disclosure process, did you notice that strange things were happening? After you submitted your document to Erin O'Gorman, for example, did anything really strange happen to you, or did everything continue normally?
Mr. Morv, it seems to me that you were the one doing most of the heavy lifting during the pilot configuration, because you were away for personal reasons. I'm going to summarize, and then I'm going to move away, because I have to ground this for our team when we go back.
There was a good relationship with CBSA and a partnership that goes way back before the actual start sometime in February 2020. You worked well together to configure the system, and the understanding during all this time was that a contract will be formed with CBSA. That's what you believed.
Then you were informed by a contracting person from CBSA that, for your contract, you were now required to go through Dalian. Is that correct?
I'm basically going to make some comments.
Thank you very much, witnesses. What you are telling us today requires a lot of thought and courage. I say courage because you did what needed to be done, which was to identify irregularities in certain situations. As a result, you have been subjected to financial threats, which have materialized, since you have not been paid for all your work. Your identity was stolen and used without your consent. You went through some strange things, at the very least. You noticed that some of your emails were being tracked because of the subject matter. It's really strange. If we were in a less democratic country, I would understand, but we are in Canada, not in one of those countries, which I will not name.
I applaud your determination, which should permeate every public servant. I am talking about the determination to ensure that taxpayers' money is spent properly and responsibly. That is what you did, even though you are outside the machinery of government. Thank you for that. Thank you for keeping your head high and your back straight. It has to continue that way.
That's all for me, Mr. Chair.
It should be evident to everyone in this room, as well as Canadians, that there is systematic corruption within this government. It should be absolutely evident after this meeting and your testimony here today.
Previous to today, we had identified identity theft, fraudulent forged résumés, contractual theft, fraudulent billing, price-fixing and collusion. You've given evidence of all of that today, and you're going to provide further evidence—thank you—with the documents that have been requested.
We saw that these three companies, which we've referred to, received $80.3 million last year alone. If we look at just the “ghost contractors” that you referred to in the first round, for which we determined the definition of and defined GC Strategies, we see that they received $43.6 million in the last three years. Taxpayers were defrauded potentially of $43.6 million. They were defrauded of this huge amount of money.
In my opinion, there is no doubt that systematic corruption exists. My question to you is this: After everything you've been through, why do you think this is happening?