STER Committee Report
If you have any questions or comments regarding the accessibility of this publication, please contact us at accessible@parl.gc.ca.
CHAPTER SEVEN:
COMMUNICATIONS SECURITY
ESTABLISHMENT AND THE
CSE COMMISSIONER
BACKGROUND
Established after the Second World War, then renamed and transferred to the Department of National Defence in 1975, the Communications Security Establishment (CSE) was provided with a legislative basis for the first time at section 102 of the Anti-terrorism Act which added Part V.I (sections 273.61 to 273.7) to the National Defence Act. These provisions set out both its (foreign) signals intelligence and information technology security mandates in section 273.64 of the Act.
Under the direction of the Minister of National Defence, the Chief of CSE is responsible for its management and control (section 273.62(2)). The Minister may issue written directions to the Chief of CSE on the carrying-out of that person’s duties and functions (section 273.62(3)). These directions are not subject to the Statutory Instruments Act, which means they do not have to be published in the Canada Gazette or elsewhere.
Because CSE is a foreign signals intelligence agency, the law, until the adoption of the Anti-terrorism Act in 2001, did not allow for it to intercept, retain, and analyze foreign electronic communications originating in, or being sent to, Canada. It was advised by the Department of Justice at that time that such activity would have to be judicially authorized under the electronic surveillance provisions of the Criminal Code. To address this issue, section 273.65 of the National Defence Act allows for the ministerial authorization of the interception, retention, and analysis of such types of communication. Such ministerial authorizations may be in force for renewable periods not to exceed one year in length, and are reviewed by the CSE Commissioner. The Minister of National Defence may also issue directions to the Canadian Forces to provide support to CSE in carrying out these types of activities.
There is also provision in section 273.63 of the
Act for the appointment of a CSE Commissioner. This is the continuation of a
position established in 1996 by order-in-council under the Inquiries Act.
This person reviews CSE’s activities to ensure they are in compliance with the
law, investigates complaints and advises the Minister of National Defence of
any activities not in compliance with the law. The CSE Commissioner has all the
investigation powers of a commissioner appointed under Part II of the Inquiries
Act,
and submits an annual report to the Minister of National Defence which is
tabled in both Houses of Parliament. The CSE Commissioner may also carry out
other duties assigned to the office by other Acts of Parliament or authorized
by the Governor-in-Council.
ISSUES OF CONCERN
Review of the Interception of Private Communications
As mentioned earlier in this chapter, section 273.65 of the National Defence Act allows for the Minister of National Defence to authorize the interception of private communications in Canada where the sole purpose is to obtain foreign intelligence when a person or entity targeted is outside of Canada. The authorized interception of private communication in Canada is incidental to the collection of foreign intelligence outside of the country.
More specifically, section 273.65(2) of the Act provides that the Minister may only authorize the interception of such private communications if satisfied that the interception is directed at foreign entities located outside of Canada, the information to be obtained could not be reasonably obtained by other means, the foreign intelligence value of the information to be obtained by the interception justifies it, and adequate measures are in place to protect the privacy of Canadians and to ensure that private communications will only be used or retained if they are essential to international affairs, defence or security. Similar provisions dealing with CSE’s information technology security mandate can be found at section 273.65(3) and (4) of the Act.
CSE, under section 273.66 of the Act, may only undertake activities that are within its mandate, consistent with ministerial directions, and consistent with ministerial authorizations issued under section 273.65. Finally, section 273.65(8) of the Act requires the CSE Commissioner to review activities carried out under ministerial authorizations to ensure they are authorized and is to report to the Minister.
The Privacy Commissioner has commented on this issue and has by implication said that the review mandate in relation to the authorization of the interception of private communications is too narrow and needs to be more inclusive. More specifically, she has recommended that section 272.65(8) of the National Defence Act should be amended so as to require the CSE Commissioner not only to review activities under ministerial authorizations to ensure they are authorized, but also to ensure that both the activities and the authorizations themselves are in compliance with the Canadian Charter of Rights and Freedoms and the requirements of the Privacy Act.
The Subcommittee agrees with this recommendation. Section 273.65 of the National Defence Act represented a major departure from CSE’s foreign intelligence mandate when it was enacted by Parliament. Prior to the adoption of the Anti-terrorism Act in 2001, CSE would have had to obtain judicial authorization under the Criminal Code before it could intercept private communications in Canada, even for foreign intelligence purposes. This change in the law was made to clarify this aspect of CSE’s activities and to give it a proper legislative basis. It should also be noted that section 273.69 of the National Defence Act excludes the relevant provisions of the Criminal Code dealing with the judicial authorization of the interception of private communications from application to CSE in this context.
Although there are protections within section 273.65 with respect to the ministerial authorization of the interception of private communications, they are not as extensive as those set out in a similar context in the Criminal Code. Consequently, the functions carried out by the CSE Commissioner are essential to ensuring that such ministerial authorizations are only issued when necessary, and both they and the activities carried out under their ambit are consistent with the rule of law, as well as the rights and freedoms of Canadians. Thus, the Commissioner should be required to carry out, in light of the rights and freedoms of Canadians, the review functions assigned to the office when examining the private communication interception activities carried out under ministerial authorization.
RECOMMENDATION 44
The Subcommittee recommends that section 273.65(8) of the National Defence Act be amended to require the Commissioner of the Communications Security Establishment to review the private communication interception activities carried out under ministerial authorization to ensure they comply with the requirements of the Canadian Charter of Rights and Freedoms and the Privacy Act, as well as with the authorization itself (as already required).
Restraints on CSE Activities
The following consequential amendment should also be made to section 273.66 of the National Defence Act so as to extend the principles set out above to the exercise by CSE of the mandate given to it by Parliament. Although, in strict terms of legal interpretation, such an amendment may not be necessary, the Subcommittee believes this guidance from Parliament should be explicit so as to reassure Canadians that the activities of this government agency are subject to the same restraints on its activities as those applicable to other public institutions.
RECOMMENDATION 45
The Subcommittee recommends that section 273.66 of the National Defence Act be amended to require the Communications Security Establishment to only undertake activities consistent with the Canadian Charter of Rights and Freedoms and the Privacy Act, in addition to the restraints on the exercise of its mandate already set out in that section.
Issues Raised in the Latest Annual Report
In his last Annual Report (for the year 2005-2006), former CSE Commissioner Antonio Lamer said that there were ambiguities and uncertainties in the law, particularly in relation to the provisions allowing for the ministerial authorization of the interception of private communications. He went on to say that there was a disagreement between his office and Department of Justice counsel with respect to key provisions that influence the nature of the assurance that his office can provide to Parliament and Canadians.
Without making a specific recommendation in this regard, the Subcommittee urges government counsel and the new Commissioner to resolve these issues as expeditiously as possible, if they have not already done so. As well, the Subcommittee believes the Government, in its response to this report, should, to the extent that it can do so, provide some indication as to what the issues of disagreement are and how they have been resolved, if they have been. Failing this, the new Commissioner should provide these details in his next annual report.
OTHER RECOMMENDED AMENDMENTS
Appointment of a Commissioner
Section 273.63(1) of the National Defence Act allows the Governor in Council to appoint a supernumerary judge or a retired judge of a superior court as Commissioner of the Communications Security Establishment. However, because the entire subsection begins with “The Governor in Council may…,” the provision suggests that, in addition to discretion to appoint a Commissioner, there is also discretion in deciding whether the post is to be filled by a judge. The Subcommittee understands the provision to mean that if the Governor in Council chooses to appoint a Commissioner, he or she must be a supernumerary judge or a retired judge of a superior court. Section 273.63(1) should be amended for clarity.
RECOMMENDATION 46
The Subcommittee recommends that the words “The Governor in Council may appoint a supernumerary judge or a retired judge of a superior court as Commissioner of the Communications Security Establishment” be replaced by the words “The Governor in Council may appoint a Commissioner of the Communications Security Establishment, who shall be a supernumerary judge or a retired judge of a superior court,” in section 273.63(1) of the National Defence Act.
No Activities Directed at Canadians
Paragraph 273.64(2)(a) of the National Defence Act states that certain activities of the Communications Security Establishment, most importantly foreign intelligence gathering, “shall not be directed at Canadians or any person in Canada.” The intent of the provision was to preclude the activities from being directed at Canadians anywhere in the world, although the words may also be interpreted to refer only to Canadians in Canada. For certainty, the paragraph should refer to Canadians “anywhere.”
RECOMMENDATION 47
The Subcommittee recommends that the word “anywhere” be added after the word “Canadians” in paragraph 273.64(2)(a) of the National Defence Act.