Ethics Commissioner's Conflict-of-Interest Registry Goes Offline Over Security Concerns

The Office of the Conflict of Interest and Ethics Commissioner shut down its website and public registry on June 16, 2026, after staff discovered a potential security vulnerability, according to The Globe and Mail.

The registry is the main public tool through which the commissioner's office publishes financial and asset disclosure statements filed by Cabinet ministers, ministerial staff, senators and MPs. Think of it as a searchable database that lets journalists, lobbyists and opposition researchers track what elected officials own and how they might benefit from government decisions. The Conflict of Interest Act and the Conflict of Interest Code for Members of the House of Commons require these disclosures to be public.

The commissioner's office has not said what the vulnerability was, how long the site will be down, or whether anyone accessed or copied the data before the shutdown. Those details matter significantly. A misconfigured server that a hacker might have spotted but never actually broke into carries different risks than a breach where someone read the underlying data. Until the office explains what happened, it is hard to judge how serious the problem is.

Why the timing of this is worth watching

The registry is not a static archive. It is live and constantly updated. Disclosures are filed on a rolling basis throughout the year, and the commissioner's office monitors whether politicians are following the rules. An extended outage would interrupt that work, even if the office's internal operations continue. The commissioner's office has faced a structural challenge since the Conflict of Interest Act came into force in 2007. It is an independent Agent of Parliament — it does not answer to the Prime Minister or Cabinet — but its computers and budget operate under the same security rules and procurement systems as the rest of the federal government. When a vulnerability shows up, the office must weigh two duties: keep the public able to see the disclosures, or protect the registry's data from being stolen or corrupted. Shutting the site down is the cautious choice, and it is the right one if the alternative is leaving sensitive financial information exposed.

There is no sign at this point that someone deliberately targeted the commissioner's office. The vulnerability could be a random scan by hackers looking for weak spots in government systems, or a software flaw that affects shared servers across Parliament. That distinction matters. A deliberate attack would raise serious questions about who might gain from blocking public access to conflict-of-interest filings. A routine IT security problem is still serious, but it is a different kind of concern.

The commissioner's office is expected to fix the vulnerability and restore the site once the work is complete. Until then, one of the main tools Canadians and Parliament rely on to track potential conflicts of interest remains offline.