Annual Report 1995-1996 - An Operational Audit of CSIS Activities

3. CSIS Operations

(a) Arrangements with Other Departments and Governments

(i) Domestic Arrangements

To carry out its mandate, CSIS cooperates with police forces, and federal and provincial departments and agencies. The Service enters into agreements to cooperate with domestic agencies after having received the authorization of the Solicitor General. Cooperation includes exchanging information and intelligence and, less commonly, cooperating in operations.

In fiscal year 1995-96, CSIS did not sign any new agreements or make any amendments to existing agreements with domestic government institutions. According to CSIS, all the agreements are working well, including two signed the previous fiscal year with Environment Canada and Ports Canada Police.

In last year's annual report, we noted that CSIS was discussing with the Province of Alberta the impact of new provincial privacy and access to information legislation, the Freedom of Information and Protection of Privacy Act. According to CSIS, its agreement with the Province of Alberta remained unchanged because it has not noticed any negative impact due to the new legislation. CSIS continues to acquire information from some provincial institutions and Service information passed to the Alberta Government remains protected.

Under section 38, the Committee also monitors the exchanges of information between the Service and government organizations, and police forces. This review is presently underway and we will report the results in next year's annual report.

(ii) Foreign Arrangements

As of 31 March 1996, the Service had a total of 202 arrangements with 123 countries and three international organizations. During fiscal year 1995-96, CSIS established liaison arrangements with a number of foreign agencies in Europe and Africa.

In Europe, the Service has embarked on an active but cautious program to forge liaison arrangements with some former adversaries. These relationships are an attempt, at least in part, to show the foreign agencies that they could benefit more from cooperation with CSIS, than from resorting to espionage in Canada. The new arrangements with these agencies cover information exchanges pertaining to international terrorism, international criminal organizations and proliferation.

In Africa, the human rights records of the predecessors of two of the agencies were abysmal, and the two "replacement" agencies do not yet have a track record on which to assess their performance. The Service has been advised to exercise caution in the development of the relationships.

Another agency is located in a state that is embroiled in significant conflict. There are serious concerns about the potential for attacks against certain groups in a foreign country. One purpose of the arrangement is to prevent the entry of war criminals into Canada through the refugee or immigration process. The Service has established a limited arrangement for the purpose of immigration and visa vetting, and the agreement will be reviewed after a relatively short time. CSIS will not request information on prospective immigrants or refugees currently living in that country. Serious reservations have been expressed in Canadian government circles about the reliability of the organization. We will routinely "monitor the provision of information and intelligence pursuant to those arrangements."²

(b) Exchanges of Information with Foreign and Domestic Agencies

(i) Foreign Exchanges of Information

The Service operates Security Liaison Officer (SLO) posts overseas that are responsible for liaising with the police, security and intelligence agencies in a large number of countries. Consequently, the authorities in the host countries are aware of the presence of the CSIS SLOs, a necessary precondition for cooperation.

SIRC has a mandate to review CSIS' cooperation with foreign agencies under subparagraph 38 (a)(iii) of the CSIS Act. Each year, the Review Committee examines the activities of one or two SLO posts. In fiscal year 1995-96, we began the major task of auditing most of CSIS' posts abroad. We are proceeding in stages and, for this Annual Report, we discuss our findings concerning two CSIS foreign posts in a large and economically important region.

The two posts we reviewed are located in an area of great economic interest to Canada. One issue facing the Service, is what level of representation is required in the region. Since 1990, the Service has closed most of the SLO posts in the area and moved most of the liaison responsibilities to one of the two remaining posts in that region. We found that the distribution of responsibilities between the two posts was unbalanced. One post liaised with twenty-four foreign agencies, while the second post covered only five. CSIS informed us that it intends to re-distribute responsibilities between the two posts in order to produce a more balanced workload. We will review the Service's progress in this area.

The Committee reviewed all of the correspondence that CSIS exchanged during 1994-95 with the foreign agencies covered by the two posts. We conducted the examination of the material with several key questions in mind:

• were the disclosures to foreign agencies properly authorized?
• did the disclosures comply with the conditions of the arrangements that CSIS has with the foreign agencies?
• were the requests for information from the foreign agencies justified under the Service's mandate?
• did CSIS consider the potential end-use of the Service's information, particularly regarding Canadians?

We found that the information exchanged at the two posts was, in general, balanced and accurate. We raised one concern, however, about a direct exchange between a foreign agency and CSIS Headquarters. In that exchange, CSIS provided information to a foreign agency about the family members of a person who was of interest to the Service. Furthermore, the information that CSIS gave to the foreign agency appeared to violate a restriction on the types of data being provided to services in the foreign country. In another exchange, one that involved open information, we concluded that the Service was justified in releasing the material to a foreign agency in a different country.

One of the SLO posts that we reviewed exchanged little information with the foreign agencies in the host country. A significant factor here was that the foreign agencies did not provide the information that CSIS requested from them. Some of the mutual difficulties arose from the language barrier. The Committee agrees with the Service's 1995 decision that all SLOs sent to this post should undergo extensive language training.

We believe that SLOs should be fluent in the language and the customs of the host country.

As part of the accountability and management process, all Security Liaison Officers are to send CSIS Headquarters an annual assessment of the foreign agencies with which the Service cooperates. These Agency Assessments are intended to ensure that CSIS HQ has current information, including those factors that could affect Service decisions on whether to disseminate information to the foreign agencies.

The Committee was not satisfied with the Agency Assessments prepared at one post. We found that:

• the assessment for one agency did not refer to vital CSIS information that cast doubt on the reliability of the agency;
• many of the assessments contained little current information; and
• some assessments failed to comment on factors influencing the dissemination of information, such as the human rights situation in the country and the protection of CSIS information.

One of the posts dealt with the foreign agencies in a country undergoing significant political changes. The political developments there had implications for CSIS' cooperation with the main security agency. We noted the discussions within CSIS concerning the impact of the changes on both the security of Service information and the reliability of the foreign service. As the country is a major source of immigration to Canada, we expressed our concern about the lack of effective immigration vetting for that country. The Service is satisfied that the arrangements currently in place at this location effectively meet its obligations with respect to immigration vetting.

Nonetheless, this and other similar issues will be dealt with in the forthcoming SIRC review of immigration screening.

(c) Warrants and Warrant Statistics

Warrant powers enable the Service to collect information not accessible by other investigative means. As a result, warrant powers also tend to be very intrusive. Section 21 of the CSIS Act allows the Service to submit an application for warrants to the Federal Court. The Service may request such powers as the interception of communications, the opening of mail, and the acquisition of financial information.

The Service provides us with basic statistics concerning the number of new warrants and renewed warrants in a fiscal year. Table 1 below, compares the number of new and renewed/replaced warrants in three consecutive fiscal years.

According to the Service, the number of warrants is levelling off. For the first time since 1991, the number of new warrants has decreased significantly. CSIS states that the decrease is the result of the Service's "more rigorous" approach to warrant acquisitions. Warrants are acquired only as a last resort when other methods of investigation might not succeed.

The warrant statistics are, by their nature, misleading. They do not reflect how many persons are being affected by CSIS warrant powers. For example, a single warrant can involve many individuals. As well, an increase in the number of warrants does not always mean an increase in the number of individuals affected by the warrant powers.

CSIS did not request any warrant powers in new areas of investigation in fiscal year 1995-96; all "new warrants" are in established areas of CSIS investigation. The number of individuals affected by CSIS warrant powers remains approximately constant. Foreign Nationals continue to constitute the majority of individuals subject to warrant powers. The number of Canadians and Landed Immigrants affected has not increased.

There were no regulations issued in fiscal year 1995-96 pursuant to section 28 of the CSIS Act. This section of the Act allows the Governor in Council to issue regulations concerning the forms of warrants that may be issued, the procedures, practices, and security requirements for hearing warrant applications, and the places where hearings may be held.

Warrants can contain one or more conditions specified by a Federal Court Judge. These conditions are generic and use standardized wording. The Service must follow the conditions in the execution of the warrant powers. In 1995-96, there were no new conditions, or revisions made to existing conditions in the warrants.

There have been no recent court decisions that have substantially affected the authorization or execution of warrants.

(d) Counter Terrorism (CT) Branch

The Service's Counter Terrorism Program is the major player in the battle to provide early warning to the government about individuals and groups that threaten the use of, or support the use of, serious violence to achieve their political goals. The CT Branch describes its program as striving to maintain the capability to provide timely forewarning of emerging threats and to provide accurate advice with respect to evolving security intelligence requirements.

For 1995-96, we were informed that there were no significant changes to the Counter Terrorism Program. The situation was not static, however, in that the Service internally reviews the functions and investigations in the CT Branch in the light of the budget reductions arising from the government-wide fiscal restraint program.

We noted that the CT Branch has placed increased emphasis on the coordination function for the collection and authorized disclosure of foreign intelligence pursuant to sections 16(1) and 19(2) of the CSIS Act.

In past years, we have remarked on the research documents or functional analyses issued by the Briefing Unit in the CT Branch. We had commented that these analyses were quite useful in that they allowed CSIS analysts an opportunity to stand back after an important operation and prepare a detailed, often technical, analysis of an important operation that took place in Canada or overseas.

We note with regret that the 1995-96 Counter Terrorism Program no longer requires the preparation of Functional Analysis Studies. We believe that both CSIS and SIRC benefitted from the insights in these retrospective analyses.

(i) Threat Assessments

CSIS employs threat assessments to warn Federal Government departments and agencies about imminent and potential threats to national security. In fiscal year 1995-96, the Threat Assessment Unit in the CT Branch produced 602 threat assessments. A comparison with the two previous years, 691 in 1994-95, and 843 in 1993-94, reveals a decline in the threat assessment numbers.

The Service was unable to point to any specific reason for the reduction. CSIS did note, however, that the production of these documents is governed by the "threat environment", and the varying requirements of the Service's clients.

(e) Counter Intelligence (CI) Branch

The CI Branch continues to focus on traditional espionage threats, but has had to respond to a changing international environment. Externally, CSIS encourages relationships with former adversaries; domestically, the CI Branch promotes positive relationships with Federal departments and agencies. Internally, the CI Branch responds to the changing environment by developing a smaller, but more focused organizational structure.

In 1995-96, the CI Branch set up a Transnational Criminal Activity Unit. According to CSIS, "the Service recognized the threat posed by the 'transnational' nature of organized crime and its connection to hostile intelligence services." The CI Branch's primary role in the transnational crime area is to provide "timely strategic intelligence" concerning the threat to government consumers and policy-makers, and specific "incidental/tactical criminal information" to Canadian law enforcement authorities. Investigation of transnational crime is linked to the development of relationships with former Warsaw Pact adversaries.

(f) Analysis and Production Branch

Few changes took place during 1995-96 in the Analysis and Production Branch (RAP). The Branch is comprised of two general areas, and its mission is to advise government decision-makers about important issues. Its advice is based on the evaluation of publicly available, as well as classified, information. The Strategic Analysis Unit is responsible for developing "comprehensive, policy-relevant intelligence assessments, covering a wide range of vital Canadian interests and future policies."³ The second area deals with operational analysis and combines "tactically assessed intelligence with information from other sources, including government agencies and other intelligence services. The result is a finished evaluation which lends context to and weighs the significance of the original raw information."⁴

In 1995-96, the Branch made a modest change by adding an operational analyst with expertise in transnational crime and information warfare to the Strategic Analysis Unit.

(i) Security Intelligence Reports

The Analysis and Production Branch produces a range of reports, studies, and briefs to aid government decision-makers. In fiscal year 1995-96, Branch staff were responsible for spearheading the preparation of six reports that were disseminated by the Intelligence Advisory Committee of the Privy Council Office. One of these reports dealt with the global terrorism situation and two others focused attention on states that have been plagued by terrorist incidents.

The remaining reports assessed political developments in a state that has been historically hostile to Canada.

During 1995-96, the Branch published 57 CSIS Intelligence Briefs, the majority of which assessed the potential for terrorist activities emanating from foreign states. The studies also reviewed the threat to national security posed by groups in Canada.

(ii) Review of RAP Reports

The Committee does not read and critique all RAP reports in any given year. Rather, we assess those reports that are relevant to the reviews that we undertake in that year, and that would add to our knowledge in these specific areas.

In 1995-96, we reviewed the RAP products associated with the investigation of a foreign intelligence agency's activities in Canada. We were satisfied that the studies produced by RAP were consistent with the information and intelligence amassed during the investigation of the agency.

During our reviews, we have frequently observed that foreign agencies have complimented CSIS about the RAP reports and, indeed, have sought more of them. We will undertake a comprehensive review of RAP reports in the future.

(g) File Management

In our 1994-95 Annual Report, we described the end of the almost seven year odyssey during which the Service reviewed and disposed of the approximately one-half million files that it had inherited from the RCMP Security Service. During fiscal year 1995-96, the CSIS team that conducted the review of the inherited files, the National Archives Requirements Unit (NARU), turned to routine functions.

When we first received the file statistics for 1995-96, we noticed several anomalies in the data and we requested explanations from the Service. CSIS responded that our query had revealed errors in the file count; that discovery prompted an extensive review of the file holdings. The Service found that at the end of their review of the files inherited from the RCMP, errors were made when the file data was transferred to a new automated system. CSIS has implemented a more rigorous monitoring procedure to prevent a recurrence of the problem.

All files held by CSIS are subject to approved retention and disposal schedules. That is, when a file becomes inactive, a clock starts ticking and, after a predetermined period, the file must be reviewed for disposition. NARU decides whether to retain the file, destroy it, or add it to the National Archives' holdings.

For the year under review, NARU examined over 115,000 files whose retention periods were about to expire. As a result of the reviews, ninety-seven percent (97%) of the files were destroyed, almost three percent (3%) were retained, and just over one half of one percent (.6%) were released to the National Archives, based on their historical value.

In contrasting the file statistics for 1994-95 and 1995-96, we observed some interesting developments. We emphasize that a decrease in the number of files does not necessarily presage a reduced threat to national security. It may instead reflect changes in memberships or affiliation, or the Service's concentration on the most dangerous elements in various movements.

A similar caveat applies to the opening of more files on possible threats to national security. Here, the scope may be wider due to the changing nature of the threat or where higher demands for security screening are placed on the government. We noted:

• that there were no changes from the last fiscal year in the number of files pertaining to operational exchanges between the Service, federal and provincial institutions, and law enforcement agencies;
• an increase in the files concerning destabilizing technologies. The change represents a reorganization of the files by specifying the type of technology, such as weapons of mass destruction; and,
• major increases in the number of files on screening, particularly in the categories of citizenship, foreign checks and immigration, though refugee screening files decreased.

(h) Foreign Intelligence

Each year, the Committee examines CSIS assistance to the Departments of National Defence and Foreign Affairs for the collection of foreign intelligence; that is, information concerning foreign states and persons. We review the number of requests, and conduct an annual audit. In the annual audit, we examine requests from Ministers for CSIS assistance, the retention of information by CSIS from section 16 investigations and, specifically, the retention of information concerning Canadian persons or companies. In addition, we scrutinise the retention by CSIS of intelligence provided by Communications Security Establishment (CSE), and any cooperation between CSIS and CSE in the collection of information.

This year, we noted no dramatic increase in the number of approved section 16 operations, though there has been a significant growth over the last few years. The annual audit for fiscal 1995-96 began in June of this year, and will not be finalized until October 1996. We will be reporting on that audit in next year's Annual Report.

(i) Statistics on Operational Activities

Under section 38(a)(vii) of the CSIS Act, the Committee is to "compile and analyse statistics on the operational activities of the Service." We retain and update a small computerized data base of various types of statistics. This includes such areas as warrants, targets, security screenings, person-year usage, and various financial matters. We analyse the statistics using multi-year comparisons, and breakdowns by operational region, Intelligence Requirement, and other categories. We seek an explanation from CSIS about any significant change revealed by the statistical analyses.

The statistics compiled are used in our studies. In the planning stage of reports, representative samples are selected for audits using the section 38 database. In the reports themselves, the statistics provide an evaluation of the extent of resource-use against specific targets. Thus, we can assess whether the extent of an investigation is justified by the severity of the threat posed by a group or individual.

Last year, we mentioned an agreement with CSIS for the provision of information on the number of people subject to investigation, by targeted group. This data had been included in CSIS Annual Reports predating 1992-93 to the Minister. CSIS has now begun publishing classified information on authorized investigations in two charts: a listing of authorized investigations by levels, but with no reference to targets, and a listing of authorizations by Intelligence Requirements (in general the targeted group), but with no indication of investigative level. We will move to a procedure whereby we will receive the detailed information on which the charts are based. This data will be more useful for our review function.

A few years ago, the Service's CI area stopped publishing composite statistics on known and suspected intelligence officers in Canada. Individual desks in CSIS now retain statistics for their own use. In our view, these statistics provided a useful measure of the threat posed to national security by various hostile intelligence services.

We recommend that CSIS begin publishing statistics again on a regular basis.