Ottawa to create new group to oversee all intelligence agencies’ activities

The creation of new Canadian security intelligence review committee that will oversee the activities of all federal security and intelligence agencies is one of the pieces of new national security legislation tabled this morning by the government.

Public Safety Minister Ralph Goodale told reporters in a brief statement that the legislation, the National Security Act Bill C-59, comes after a  public consultation last fall that showed “Canadians unequivocally want accountability, transparency and effectiveness from their security and intelligence agencies. They also expect compliance with the Charter of Rights and Freedoms and respect for privacy.”

As a result the proposed legislation “will modernize and enhance our security and intelligence laws to ensure our agencies have the tools necessary to protect Canada, all within a legal and constitutional framework which safeguards our rights.”

The government has already proposed a committee of members of Parliament in Bill C-22 be created to scrutinize classified broad security and intelligence issues, which brings it in line with a number of other Western countries that have similar political oversight bodies.

The Canadian Security Intelligence (CSIS) already has a security intelligence review committee (SIRC), while activities of the Communications Security Establishment, the country’s electronic spy agency, are currently reviewed by the Office of the Communications Security Establishment Commissioner. Meanwhile the RCMP’s national security activities are watched by the Civilian Review and Complaints Commission (CRCC).

The new  National Security and Intelligence Review Agency (NSIRA), already dubbed a super-SIRC, will take over their responsibilities. It will be a committee of up to seven members, appointed by the Prime Minister in consultation with the leaders in the House of Commons and Senate. It would have complete access to classified information necessary to review all national security activities across 14 federal departments and agencies, including the Canada Border Services Agency, the Defence department, Transport and others.

The NSIRA would provide classified reports of its findings and recommendations to relevant ministers and would produce an annual unclassified public report to Parliament summarizing these findings and recommendations. The NSIRA would be fully independent of government and show the intelligence agencies are accountable to Parliament.

Unlike the parliamentary committee NSIRA will be involved in  “very detailed review and compliance work” over the security and intelligence agencies.

The cross-department oversight committee was the strongest recommendation of policy experts during the public consultation, Goodale said. The parliamentary committee will be a “major advancement,” he said. “But in addition to that you also need an expert review body that is pan-government … that has a security or intelligence function.”

To enhance oversight the government is proposing creation of an Intelligence Commissioner — a retired superior court judge — who would oversee the authorization of certain activities of the CSIS and the Communications Security Establishment (CSE) and would be fully independent of government. The commissioner would review and approve the Public Safety Minister’s decisions regarding classes of Canadian datasets that CSIS could collect (retention of such classes requires authorization from the Federal Court within 90 days); and review and approve authorizations for the retention of foreign datasets and, in the right circumstances, the querying of Canadian datasets.

The commissioner would review and assess ministerial authorizations permitting foreign intelligence and cyber security activities. The commissioner would have to certify that those authorizations are reasonable, necessary, proportionate, and that appropriate privacy protections are in place before the agencies act.

To be clear, the Intelligence Commissioner’s mandate would be to approve authorizations of certain national security and intelligence activities prior to their conduct. The NSIRA would review national security and intelligence activities after they had occurred, or while they were occurring, to assess their value.

The changes announced don’t touch issues raised in the cyber security consultation, which also took place last fall, including police requests for more lawful access to metadata held by telcom providers and enhancing cyber security for critical infrastructure. A Public Safety spokesperson said work on a renewed cyber security strategy is still ongoing.

Kathleen Thompson, who head the enterprise risk services and cyber security division consulting firm MNP and is also chair of the Canadian Advance Technology Alliance’s cyber advisory council, said Goodale’s announcements on are welcome. However, she added, the IT industry is still waiting for the government’s action on a cyber strategy, including dealing with the cyber security skills shortage.

The new legislation announced today also makes good on Liberal promises to make changes to Bill C-51, the anti-terrorism law passed by the Harper government. Goodale said C-59 tightens the definition of terrorist propaganda that will protect the right to legitimate protest and advocacy without criminal sanction.

The new legislation will also somewhat improve procedures for removing names from controversial no-fly airline passenger lists which have inadvertantly prevented young people with similar names to terrorist suspects from boarding Canadian flights. However, Goodale said there still needs to be a new  IT system to make things easier. Eventually people who have trouble will be able to get a clearance number from the government that they can use when booking flights online.

Goodale said C-59 makes it clear the Charter of Rights takes precedence over security concerns. “The legislation says very clearly that if a measure being proposed by a security agency is inconsistent with the Charter in the opinion of the courts, the authority cannot be granted,” he said.

The package also includes data collection and disclosure protection obligations. For example, the new Security of Canada Information Disclosure Act, which covers the transfer of personal data from one federal government agency to another, specifies that data accuracy and reliability has to be assured. In additions departments have to keep records about data transfers.

Goodale stresses that this act doesn’t create new authority for departments to collect personal data.

The CSIS Act, which governs the agency, will require require CSIS to seek authorization from the Federal Court to retain datasets that contain personal information that predominantly relates to Canadians or persons within Canada that are not publically available.

A government official said a new CSE Act the electronic spy agency will be able to “engage in cyber operations that will disrupt the capabilities and activities of adversaries that aim to cause serious harm” to the country. CSE would also be able to help other government agencies that need its intercept capabilities. However, CSE would have to comply with obligations imposed by judicial communications interception warrants on the requesting agency, such as a police department. The act would also make it clear CSE is forbidden from spying on Canadians or anyone inside the country, unless complying with another agency’s court order.

The legislation also imposes what a government official called a “robust framework” on CSIS controlling the collection, retention and use of personal data. Last fall the Federal Court of Appeal criticized CSIS for holding onto telecom metadata longer than legislation allowed. At the time

David Swan, Alberta-based director of cyber intelligence at the Centre for Strategic Cyberspace and Security Science, a security consultancy, found some positive things in the announcements. “I like the idea of oversight committee of professionals,” he said of the NSIRA. “I think that’s important, valuable and overdue.”

However, he’s less enthusiastic about the parliamentary oversight committee. Politicians don’t talk publicly about what foreign governments do here in violating Canadian security, he said, so citizens aren’t well informed. As a result he’s not sure what the value of that committee will be.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now