Security Intelligence Review Committee

www.sirc-csars.gc.ca

Common menu bar

• Français
• Home
• Contact Us
• Help
• Search
• canada.gc.ca

Breadcrumb

1. Home >
2. Annual Reports >
3. Annual Report 2004-2005 >
4. Section 1.A Reviews of CSIS Security Intelligence Activities

Annual Report 2004-2005 - An Operational Review of CSIS Activities

Section 1 : A Year in Review 2004-2005

A. Reviews of CSIS Security Intelligence Activities

Overview: How SIRC Carries Out its Review Function

The Committee's Role in CSIS's Accountability Structure

The Security Intelligence Review Committee is the only independent, external body equipped with the legal mandate and expertise to review the activities of CSIS. The Committee was established under the CSIS Act (1984) to provide assurance to the Parliament of Canada and to Canadians that CSIS is complying with law, policy and Ministerial Direction in the performance of its duties and functions. In doing so, the Committee seeks to ensure that the fundamental rights and freedoms of Canadians are respected.

To fulfill its mandate, the Committee directs staff to undertake a number of review projects each year. These reviews provide a retrospective examination and assessment of specific CSIS investigations and functions. SIRC has virtually unlimited power to review CSIS's performance of its duties and functions. With the sole exception of Cabinet confidences, SIRC has the absolute authority to examine all information concerning CSIS's activities, no matter how highly classified that information may be.

Each review includes the Committee's findings and recommendations. Upon completion, the report is forwarded to the Director of CSIS and the Inspector General (IG), CSIS.

SIRC is also authorized under Section 54 of the CSIS Act to provide special reports to the Minister of Public Safety and Emergency Preparedness on any matter that Committee Members identify as having special importance.

This review function enables the Committee to inform Parliament and the Canadian public on the activities of CSIS and to assess whether the Service's actions were carried out in accordance with the laws of Canada, directions from the Minister, and CSIS operational policy.

The Committee is but one of several mechanisms designed to ensure CSIS's accountability. The Service also remains accountable for its operations through the existing apparatus of government, specifically the Minister of Public Safety and Emergency Preparedness, the Inspector General of CSIS, central agencies of the federal government, the Auditor General, the Information Commissioner, and the Privacy Commissioner of Canada.

SIRC Reviews in 2004-2005

Review of the Terrorist Entity Listing Process - Report # 2004-03

In 2004-2005, SIRC conducted its first review of a CSIS function engendered by Canada's new Anti-Terrorism Act, specifically the Service's role in the Terrorist Entity Listing (TEL)¹ process.

The Committee's review identified two key issues:

• the authority under which CSIS collects information for the TEL process, and the extent of their collection activity; and
• the constraints on SIRC's ability to reasonably undertake a review of the listing process.

CSIS's Authority for Engaging in the Listing Process

The TEL process is mandated under Section 83.05 of the Criminal Code, as amended by the Anti-Terrorism Act. CSIS's role in the TEL process is the creation of Security Intelligence Reports (or SIRs), considered by the Minister of Public Safety and Emergency Preparedness in her recommendation to the Governor-in-Council concerning whether or not an entity should be listed.

When examining the Service's role in the TEL process, SIRC asked:

• What is the Service's authority to participate in the TEL process?;
• What is the meaning of “threats to the security of Canada,” as defined in Section 2 of the CSIS Act?; and
• Is the definition of “threats to the security of Canada” in the CSIS Act consistent with the definition of “terrorist activity” in the Criminal Code?

These questions were necessary because there are several entities on the Criminal Code list (which included 35 groups as of March 31, 2005) that do not appear to fall within the definition of “threats to the security of Canada” under the CSIS Act. For example, Japan's Aum Shinrikyo cult and Colombia's Autodefensas Unidas de Colombia are each listed as terrorist entities, but neither organization has committed a terrorist act on Canadian soil, nor does either have any obvious presence or support apparatus in Canada.

Section 2 of the CSIS Act is very specific, owing to the importance Parliament has placed on clear, legislative boundaries to the Service's collection activities. The CSIS Act defines “threats to the security of Canada” as activities “against Canada,” or “detrimental to the interests of Canada” (2a); activities “within or relating to Canada” (2b, 2c); or activities “directed toward undermining” the “established system of government in Canada” (2d). Canada and Canadian interests are the common denominator in all four definitions of “threats to the security of Canada.”

In contrast, Section 83.01 of the Criminal Code defines “terrorist activity” as an “act or omission,” corresponding to the listed offences, that is committed “in or outside Canada.” While the CSIS Act specifies a particular relationship to Canada (i.e., “within or relating to Canada”), the Criminal Code definition for terrorist activity may or may not relate to Canada, because it includes activities that may take place “outside Canada,” and that need not specifically relate to Canada. It is not necessary for a terrorist activity to have a clear relationship to Canada for it to meet the definition of “terrorist activity” as defined by the Criminal Code.

As the Department of Justice has noted, the Anti-Terrorism Act was designed to harmonize Canadian legislation with that of its international partners.² But as a result of SIRC's review, the Committee noted that this international dimension of the listing process is not accounted for in the CSIS Act, which was designed to limit the Service's collection activity to national concerns.

What this Means from SIRC's Perspective

The Committee contends that the listing process may require CSIS to collect, retain, and analyze information that does not fall within the definition of “threats to the security of Canada” as defined in the CSIS Act.

As an analogy, CSIS's authority for investigating threats falls within two concentric circles. The inner, smaller, circle represents the Service's activity authorized under Section 12, which is limited to “threats to the security of Canada.” The outer, somewhat larger, circle represents the Service's collection, analysis, retention and advice concerning information and intelligence on “terrorist activity” for the TEL process as mandated under the Criminal Code.

Much of the information in the two circles coincides and falls within the Service's mandate under the CSIS Act. But as a result of SIRC's review, the Committee concluded that there is an area where the two circles do not coincide.

SIRC recognizes that the Service has the statutory authority to collect information and intelligence for the TEL process, pursuant to Ministerial Direction to the Service. However, Ministerial Direction to CSIS cannot expand CSIS's mandate. It can only provide authority to CSIS to act within the limitations already established by the CSIS Act.

Overall, in the Committee's review of the Service's role in the TEL process, SIRC found that the Service's collection of information for the listing process was undertaken in accordance with Ministerial Direction— once this direction was provided³—and according to relevant operational policies. Nevertheless, SIRC concluded that the process required the Service to collect some information that does not fall under the authority set out in the CSIS Act, in regard to “threats to the security of Canada.”

The Committee is concerned by this extension of CSIS's collection activity, and by the lack of clear authority pertaining to that activity. After all, Parliament intended that the Service's collection activity would be precisely defined owing to the extraordinary powers exercised by CSIS.

SIRC's Ability to Review CSIS's Role in the TEL Process

The Special Senate Committee that originally examined Bill C-36 (the Anti-Terrorism Act) expressed concerns that the TEL process lacked adequate provisions for independent review. Senators were especially concerned at CSIS's involvement in the two-year review of the list, noting that, in effect, the list would be reviewed by the same people who created it.⁴ As a result, Senators recommended that an Officer of Parliament position be created to review the TEL process or, alternatively, that SIRC be responsible for its two-year review.⁵

At that time, the Minister of Public Safety and Emergency Preparedness (who was then the Minister of Justice and Attorney General of Canada) argued that existing review mechanisms were sufficient. She stated: “We have ongoing oversight mechanisms that have proved effective, be that SIRC, be that the courts. Therefore, I would be disinclined to think about the creation of a new oversight mechanism that is separate and apart from those that exist.”⁶

In February 2005, Senators raised this concern again with the Minister (as Minister of Public Safety and Emergency Preparedness ) during her address to the Special Senate Committee on the Anti-Terrorism Act. Again, she cited SIRC as one of the “important safeguards and accountability mechanisms” with respect to the Anti-Terrorism Act.⁷

Given that the Minister specifically cited SIRC's ability to review the list as an important safeguard, the Committee believes it is important to note that although it can perform a fairly comprehensive review of the Service's role in the TEL process, SIRC cannot perform a complete review because it cannot see the Security Intelligence Reports upon which the Governor-in-Council's decisions are based, owing to Cabinet confidence. SIRC accepts that Section 39(3) of the CSIS Act prevents the Committee from gaining access to a Cabinet confidence. In the past, however, on the few occasions when SIRC has encountered an issue of Cabinet confidence, SIRC reached agreement with past Solicitors General to satisfy its concerns.

An additional, but lesser, concern in SIRC's review of the TEL process is that another agency, such as the RCMP, could prepare a Security Intelligence Report. The section of the Criminal Code on judicial review of the listing process refers to “any security or criminal intelligence reports considered in listing the applicant” (83.05 [6]a), but does not specify which Canadian department or agency might prepare those reports. The inclusion of the word “criminal” suggests the RCMP could play a role in this process.

In the event that the RCMP were to prepare a Security Intelligence Report for consideration by the Governor-in-Council in the TEL process, SIRC would have no jurisdiction to review the matter, since its mandate is restricted to CSIS's activity.

SIRC's Actions

On the issue of Cabinet confidence, SIRC has raised the issue directly with the Minister when the Committee Members met with her in February 2005. The Committee also summarized its concerns in two letters to the Minister in December 2004 and March 2005. This concern was reinforced by SIRC's April 18, 2005, appearance before the Special Senate Committee on the Anti-Terrorism Act, and on June 8, 2005, before the House Sub-Committee. The Committee is disappointed to note that, at the time of publication of this report, SIRC had still not received a response.

As the Senate Committee noted in their original report on Bill C-36, “the erroneous placement of a person or group on this published list could cause irreparable harm.”⁸ The Committee recognizes the significant civil libertarian issues involved in the TEL process and takes seriously the concerns raised in this review.

Review of CSIS's Investigation of Transnational Criminal Activity - Report # 2004-02

Background

This review assessed CSIS's investigation of transnational criminal activities (TCA) and focussed on the Canadian-based activities of several foreign-based, transnational organized crime groups. This is the second SIRC study on this subject, following Report #107, issued in 1998 (SIRC 1998-01).

In 1995, member states of the G7 (including Canada) agreed to recognize international criminal activity as a national security threat. Since 1996, the Solicitor General of Canada (now the Minister of Public Safety and Emergency Preparedness) has directed CSIS to investigate TCA as part of its annual National Requirements for Security Intelligence. Accordingly, it has been identified as a subject of concern in the Service's annual counter-intelligence (CI) planning since 1995–1996. Investigations are conducted by the Counter Intelligence Branch's TCA Units, which are located in regions across Canada.

The investigations sampled for this review were national in scope and subject to Level II and Level III targeting investigations into suspected threat-related activities as described in Section 2(b) of the CSIS Act. This section of the Act defines the Service's intelligence role in relation to TCA. The previous study by SIRC emphasized the need for the Service to differentiate carefully its national security role from criminal investigations conducted by law enforcement bodies/agencies.⁹ In this review, SIRC was mindful of that finding.

Methodology

The review was undertaken pursuant to SIRC's mandate under Sections 38(b) and 40 of the CSIS Act. SIRC selected an eight-month review period from September 1, 2002, to April 30, 2003, and reviewed a list of the Service's TCA targets to select an issue-based targeting authority and four individual targets. This offered an opportunity to review various targeting processes outlined in operational policy, including the introduction of a new investigation, a renewal and an upgraded (Level II to III) investigation.

The review sought answers to the following questions:

• Did the Service have reasonable grounds to suspect a threat to the security of Canada?
• Was the level and intrusiveness of the investigation proportionate to the seriousness and imminence of the threat?
• Did the Service collect only that information strictly necessary to fulfill its mandate to advise the Government of a threat?
• Was information exchanged with domestic and foreign agencies carried out in accordance with Sections 13 and 17 of the CSIS Act, as well as operational policies?

To respond to these questions, SIRC examined all hard-copy and electronic documentation reported in the review period, and assessed these for compliance with the CSIS Act, Ministerial Direction, National Requirements and operational policy. Specifically, SIRC reviewed:

• targeting decisions and investigations of a sample selection of targets;
• the Request for Targeting Authorities (RTAs) and supporting operational reports; and
• cooperation and exchanges of information with domestic and foreign partners.

Findings

SIRC concluded that CSIS had reason to believe that the activities of the four individual targets were foreign-directed or undertaken on behalf of foreign interests, and generally represented a threat as defined in Section 2(b) of the CSIS Act. In addition, SIRC found that the Service complied fully with Ministerial Direction and operational policy in applying for targeting authorization. It also applied a level of intrusiveness proportionate to the suspected threats.

Overall, the operations reviewed were conducted in accordance with the CSIS Act, Ministerial Direction and operational policy and the techniques employed by the Service were consistent with the approved targeting levels.

Section 12 of the CSIS Act authorizes the collection of information on suspected threats to the security of Canada. The Service then advises the Government of Canada about activities that may be suspected of constituting threats to the security of Canada. SIRC found that the vast majority of information collected by CSIS on TCA within the review period was, indeed, strictly necessary to fulfill its mandate.

However, SIRC did note one instance in which information collected under Section 15 was inappropriately transferred to a Section 12 investigation. Section 15 of the CSIS Act allows the Service to conduct investigations for the purpose of providing security assessments. SIRC was concerned that the transfer of information originally collected as part of a Section 15 interview did not always meet the threshold of “strictly necessary.” In this instance, SIRC believes the Service unnecessarily transferred personal, professional and employment information from a Section 15 interview to the operational reporting for the TCA Section 12 investigation.

Since the subject of the interview was not a target, SIRC concluded that this reporting exceeded reasonable requirements for background data and context. SIRC intends to monitor the operational reporting of information collected in Section 15 interviews to ensure that the Service operates in compliance with the CSIS Act and operational policy.

In its 1998 review, the Committee concluded “that the investigative threshold meant to distinguish strategic from tactical intelligence was [not] adequately defined” and, as a result, CSIS collected and retained information on “tactical, street-level criminal activities that were clearly not within the scope of the Service's strategic objectives.”¹⁰

In this study, the Committee found that the Service's investigative practices in the area of transnational criminal activities have improved considerably and that there were comparatively few cases where tactical information was collected or retained.

Information relevant to criminal investigations was provided to law enforcement agencies consistent with Section 17 of the CSIS Act. Similarly, foreign exchanges were within the scope of established arrangements with those agencies. SIRC found that exchanges of information between the Service and domestic and foreign partners were accompanied by appropriate caveats. Moreover, they complied with operational policy as well as relevant Memoranda of Understanding.

While reviewing the issue-based investigation, the Committee noted a series of events that demonstrated particularly effective use of domestic and foreign arrangements. In this case, the Service assessed that certain information provided to it by another domestic agency was a threat to the life of an individual. Although not obligated to do so, the Service quickly obtained permission from the domestic agency to disclose pertinent information and forwarded it to a foreign partner agency. These actions may have thwarted an attempt on the individual's life.

There were no recommendations arising from this review.

Review of a Counter-Terrorism Investigation - Report # 2004-05

Background

For this study, SIRC examined a CSIS counter-terrorism investigation that had not been the focus of a comprehensive SIRC review in over a decade, yet has remained a high priority of the Counter Terrorism Branch. This investigation was the subject of a Level III targeting authority for suspected threat-related activities as described in Section 2(c) of the CSIS Act.

Methodology

At the outset, SIRC examined lists of all CSIS targets, warrants and human sources related to the Service's investigation. The Committee then selected for in-depth review one issue-based target, one targeted organization, six individual targets, one warrant and six human source operations. For each file, all electronic and hard-copy documentation was reviewed for the period from January 1 to December 31, 2003. To ensure a thorough review, SIRC also examined some documentation that was outside the review period.

As in other reviews of CSIS investigations, SIRC assessed the Service's compliance with the CSIS Act, Ministerial Direction and operational policy by examining key operational activities:

• targeting decisions and investigations;
• acquisition and execution of warrant powers and special operations;
• management of human sources and sensitive operations;
• cooperation and exchanges of information with domestic partners;
• cooperation and exchanges of information with foreign partners; and
• advice to government.

SIRC sought to determine whether:

• CSIS had reasonable grounds to suspect a threat to the security of Canada;
• the level and intrusiveness of the investigation was proportionate to the seriousness and imminence of the threat; and
• the Service collected only information that was strictly necessary to fulfill its mandate to advise the Government of a threat.

Findings

SIRC found that, based on the information in the Service's possession, CSIS had reasonable grounds to suspect that the targets of the investigation posed a threat to the security of Canada. The level and intrusiveness of the Service's investigation were proportionate to the suspected threat.

SIRC did seek clarification as to why an individual remained a target of investigation for several months following his departure from Canada. The Service's explanation satisfied SIRC that the delay in terminating the investigation against this target was reasonable.

Overall, the Service's activities complied with the CSIS Act, Ministerial Direction and operational policy. CSIS collected only the information that was strictly necessary to fulfill its mandate.

The Service met all of the requirements of the CSIS Act and operational policy with respect to warrant acquisition. SIRC found that CSIS had information to support all of the factual statements in the affidavit. Moreover, the affidavit was complete and balanced—the facts and circumstances of the case were fully, fairly and objectively expressed.

SIRC found that the Service, in implementing the powers authorized by the warrant, complied with the CSIS Act, operational policy and the conditions imposed by the Federal Court. However, SIRC found that existing operational policy did not provide sufficient guidance concerning certain administrative procedures related to the execution of some warrant powers. The Service advised that new operational policy to address this shortcoming had been approved. SIRC also followed up on an issue of non-compliance with operational policy by a CSIS regional office that was noted in SIRC Study 2003-04, and found no problems of this nature in this investigation.

The human source operations were well managed by the Service and complied fully with Ministerial Direction and operational policy. The administrative and financial files for each operation were in good order. Moreover, SIRC found that CSIS appropriately managed the relationships with sources used in sensitive areas.

SIRC also assessed, against the backdrop of evolving legislation, the adequacy of the Service's human source operations policies, and found that current policies were sufficient. The Committee will continue to monitor this operational activity closely in future reviews.

The Committee found no problems or issues of concern with respect to the Service's dealings with domestic and foreign partners. Exchanges of information with these agencies complied with the CSIS Act, Ministerial Direction and operational policy. SIRC brought to the Service's attention a small number of administrative errors or omissions in operational reporting, which the Service has subsequently corrected.

Finally, SIRC pursued an issue raised in SIRC Study 2003-02 concerning the implications of the Anti-Terrorism Act. This study raised concerns regarding the payment of human sources. SIRC asked the Service if it had reviewed its policies or guidelines concerning source compensation. In reply, the Service informed the Committee that it had received legal advice which indicated that its approach was appropriate.

In future reviews, SIRC intends to monitor the Service's human source operations involving listed terrorist entities, to identify any issues of concern and to re-evaluate the adequacy of operational policy in this area. There were no recommendations arising from this study.

Review of Activities and Investigations in a CSIS Regional Office - Report # 2004-04

Background

SIRC endeavours each year to undertake a comprehensive review of CSIS's activities in a particular region of Canada. This type of review looks across the board at the targeting of individuals, implementation of warrant powers, use of human sources, as well as cooperation and exchanges of information with Canadian and foreign partners. It provides unique insights into the ways CSIS employs various investigative tools at its disposal—in addition to the standard assessment of CSIS's compliance with the CSIS Act, Ministerial Direction and operational policies.

Methodology

SIRC selected a regional office, examining its activities for the period April 1, 2002–March 31, 2003. As a first step, the Committee examined preliminary data on all active investigations in 2002–2003. Based on this examination, it decided to focus its review on a specific counter-terrorism investigation, which became a counter-proliferation investigation in July 2002.

SIRC reviewed all hard-copy and electronic documentation during the review period, pertaining to five types of CSIS operational activities:

• the targeting of individuals suspected of engaging in threat-related activities, as well as the targeting approval process;
• the implementation of warrant powers against authorized targets;
• special operations enabling the execution of warrant powers;
• the direction of human sources against authorized targets; and
• exchanges of information with other domestic and foreign law-enforcement and security intelligence agencies.

SIRC also reviewed CSIS's internal security measures for the region, as well as any security violations and breaches between April 1, 2000 and March 31, 2003.

As in all reviews, SIRC sought to answer three key questions:

• whether CSIS had reasonable grounds to suspect a threat to the security of Canada;
• whether the level of targeting authority was proportionate to the threat; and
• whether the Service only collected information strictly necessary for its investigation.

SIRC conducted an on-site visit to gain a better understanding of the nature of regional operations and of the unique challenges that Service investigators face in the region under review.

Findings

Overall, the region's investigative activities during the review period complied with the CSIS Act, Ministerial Direction and operational policy. SIRC found that CSIS had reasonable grounds to suspect that the authorized targets of investigation posed a threat to the security of Canada, and that the intrusiveness of the techniques used were proportionate to the suspected threat these targets posed.

Warrant powers, such as telephone intercepts, are the most intrusive investigative techniques available to CSIS. These powers are granted by the Federal Court of Canada. SIRC found that CSIS complied with the terms of the Federal Court warrant in executing warrant powers, as well as conducting special operations during the review period. CSIS only used warrant powers that were necessary to further its investigation. It did not renew them where the other powers available through the targeting authority were sufficient. The Service also acted appropriately and within the law in directing human sources, as well as in exchanging information with other agencies.

Section 12 of the CSIS Act restricts CSIS to collecting information that is “strictly necessary” for its investigations of threat-related activities. SIRC found that, in general, CSIS had collected only that information that was strictly necessary to its investigation. In one instance, however, the Committee believes CSIS collected and reported personal information that approached the limit of what is allowed under the Act.

During the review, SIRC's attention was drawn to the involvement of certain targets in a local organization—one that had multiple functions. CSIS assessed that certain activities taking place were not a significant aspect of the organization, believing that it served primarily one purpose.

SIRC carefully examined all documentation referring to the organization. It also looked at information on file from a previous review of the same investigation. Based on this, the Committee found that the organization had a dual function.

SIRC believes operational policy governing certain types of investigations should apply to this organization. CSIS disagreed with this finding.

The Committee recognizes that in such situations, it can be difficult to determine which operational policy is applicable. Accordingly, SIRC recommended that CSIS define one particular term in its operational policy.

The Committee also found one instance in which CSIS did not fully comply with operational policy. CSIS did not agree with this finding. Apart from these issues, SIRC noted a few administrative errors in CSIS's implementation of warrant powers, use of human sources, and exchanges of information. These errors were minor and did not affect CSIS's investigations. Further, the Committee was informed that CSIS has made changes to prevent their reoccurrence.

Also of note, SIRC reviewed security practices and procedures that had been in use in the region under review since 2000. There was one breach of security, which gave rise to a related complaint that was investigated by SIRC under Section 42 of the CSIS Act.¹¹

Review of a Counter-Proliferation Investigation - Report # 2004-09

Background

In July 2002, the Canadian Security Intelligence Service created the Counter Proliferation (CP) Branch, bringing together elements of investigations that were previously the responsibility of the Counter Terrorism (CT) and Counter Intelligence (CI) Branches. In 2004, SIRC undertook a review of this branch—its first opportunity to examine the Service's counter-proliferation activities under the new organizational structure.

Methodology

This study examined the Service's investigation, between January 1, 1999, and December 31, 2003, of the threat to Canadian security posed by activities related to the proliferation of weapons of mass destruction by persons or organizations linked to a certain country. To ensure a thorough review, SIRC also examined some material outside the scope of the review period.

The Committee reviewed the Service's issue-based investigation. In addition, SIRC staff met with officials from the Service's CP Branch to discuss certain aspects of this investigation.

As with all reviews of this nature, SIRC assessed the Service's compliance with the CSIS Act, Ministerial Direction and operational policy by examining the following key operational activities:

• targeting decisions;
• investigative activities and operational reporting;
• cooperation and exchanges of information with domestic partners;
• cooperation and exchanges of information with foreign partners; and
• advice to the federal government.

SIRC sought to determine whether:

• CSIS had reasonable grounds to suspect a threat to the security of Canada;
• the level and intrusiveness of CSIS's investigation was proportionate to the seriousness and imminence of the threat; and
• the Service collected only information strictly necessary to fulfill its mandate to advise the federal government of a threat.

Findings

SIRC found that the Service complied fully with Ministerial Direction and operational policy with respect to the applications for targeting authorization. The statements made in the applications were supported by the Service's operational reporting. Based on the information in the Service's possession, SIRC concluded that the Service had reasonable grounds to suspect that each of the authorized targets of investigation posed a threat to the security of Canada.

The level and intrusiveness of the Service's investigation was proportionate to the suspected threat. CSIS collected only information strictly necessary to fulfill its mandate to advise the federal government of a threat.

SIRC endorsed the Service's approach of engaging relevant private-sector entities, undertaken via the Liaison Awareness and exchanges of information with Program (LAP). Providing CP briefings to the private sector not only assists the Service domestic and foreign partners in meeting its operational requirements, but also provides a potentially valuable service to recipients who might be vulnerable to targeting by foreign entities. The LAP has provided leads in a number of cases and has fostered a cooperative spirit among industry representatives.

Overall, the Service's cooperation and exchanges of information with domestic and foreign partners complied with operational policy. SIRC found no problems or issues of concern with respect to the Service's cooperation with its domestic or foreign partners.

There were no recommendations arising from this review.

Review of CSIS's Information Operations Centre - Report # 2004-07

Background

In today's information age, hostile actors (e.g., extremists, terrorist groups, foreign intelligence services or armed forces) no longer need direct access to a computer to copy, destroy or manipulate data. Rather, a variety of techniques and software tools can be used to gain unauthorized remote access to exploit a targeted system. This type of activity is called an “information operation,” and in some cases it can pose a threat to national security. Canada's critical infrastructure¹²—which is dependent on computer networks—must be vigilant regarding such attacks. CSIS investigates the activities of those who are suspected of using information operations to threaten the security of Canada as defined under Section 2 of the CSIS Act.

Two thresholds must be met before CSIS begins investigating a suspected information operation:

1. there must be reasonable grounds to suspect that the activity is sponsored by a foreign state (or one of its agents), a terrorist group, or politically motivated extremists; and
2. the purpose of the attack must relate to espionage, sabotage, terrorism, foreign influenced activity or violence to achieve political, ideological or religious objectives.

In February 2002, to counter the threat posed by cyber-based attacks, CSIS established an Information Operations Centre (IOC), which is responsible for developing and using specialized investigative techniques.

Methodology

In 2004, SIRC undertook its first-ever review of CSIS's investigation of threats against Canada's critical information infrastructure. It did so with two objectives. First, SIRC reviewed the role of the IOC in investigating threats against Canada's critical information infrastructure. Second, the Committee reviewed the IOC's operations, examining one counter-intelligence investigation of an information operation for compliance with the CSIS Act, Ministerial Direction and Service operational policies.

The review covered the period between January 1, 2000 and December 31, 2003.

Findings

Notwithstanding two concerns identified below, SIRC found that in carrying out its duties and functions, the Service complied with the CSIS Act, Ministerial Direction and CSIS operational policies.

SIRC's first concern was that operational policy keep pace with the matter reviewed. The Committee recommended that the Service review its operational policies regarding Section 12 targeting in this area.

SIRC recommends that the Service review operational policy to ensure that it clearly incorporates certain matters in relation to Section 12 targeting.

The Committee's second concern was related to administrative errors. SIRC found four such errors. While three of these were minor, the fourth involved the Service's operational reporting—which could potentially affect the role of the targeting approval process as a mechanism for internal accountability. SIRC recommended that the Service review operational reporting policies to prevent a reoccurrence of this error.

SIRC recommends that the Service review operational policy to ensure that if it is necessary to cross-reference operational database reports recorded under one file number with reports recorded under another file number, this should be noted in the “Investigator's Comments” section of the reports.

The Service has indicated that it will be examining ways to ensure the cross referencing operational database messages when they are transferred from one investigative file to another.

Review of CSIS's Exchanges of Information with Close Allies - Report # 2004-08

Background

In January 2004, the federal government created the Commission of Inquiry into the Actions of Canadian Officials in Relation to Maher Arar (O'Connor Commission). Former CSIS Director, Ward Elcock, defended CSIS's information-sharing practices, noting that SIRC had not made any criticism of the appropriateness or inappropriateness of any information CSIS had shared with any foreign agency in any cases it had reviewed since September 11, 2001.¹³

The case of Mr. Arar did, however, focus public attention on the use of information that may have been collected in Canada and then shared with Canada's foreign partners.

While SIRC has examined CSIS's information-sharing practices in the context of several past reviews, the Committee decided to undertake its first in-depth examination of CSIS's exchanges of information with close allied partners.

Methodology

Drawing on one of the Service's counter-terrorism investigations, SIRC chose to review CSIS's information exchanges with four allied agencies as the focus of the detailed review. This review covered the period June 1, 2003–December 31, 2003, but for thoroughness it also examined certain documentation that fell outside the review period. SIRC examined all relevant electronic and hard-copy documentation related to the investigation to determine if these exchanges about threats to the security of Canada were in accordance with the respective foreign arrangements for the four allied agencies and complied with the CSIS Act, Ministerial Direction and operational policy.

SIRC looked at:

• the scope of the foreign arrangement;
• the consent or approval required to disclose such information;
• any special conditions or limitations placed on the use of this information; and
• the nature of the information being shared.

Findings

In the context of the investigation that was reviewed, SIRC found that the Service's exchanges of information with allied agencies were in accordance with respective foreign arrangements and complied with the CSIS Act, Ministerial Direction and operational policy. The Committee also found that the Service exercised due diligence in exchanging information about targets of investigation.

While the Service obtained appropriate approval prior to disclosing information to selected allied agencies, SIRC recommended that CSIS amend operational policy to indicate clearly the managerial level accountable for disclosures to foreign agencies. However, it was CSIS's position that ultimate accountability is clearly defined in policy.

SIRC recommended that CSIS amend operational policy to indicate clearly the managerial level accountable for disclosures to foreign agencies.

In this study, SIRC also examined how human rights were addressed within the context of foreign arrangements.

When CSIS initiates the process to enter into a new arrangement with a foreign agency, it informs Foreign Affairs Canada and the Minister of Public Safety and Emergency Preparedness that it will “closely scrutinize the content of the information provided to, or received from, a foreign agency in order to ensure [our emphasis] that none of the information sent to, or received from, that agency is used in the commission of, or was obtained as a result of, acts that could be regarded as human rights violations.”

SIRC took note of two issues arising from this statement.

First, the use of the term “ensure” implies that CSIS will make certain that the information shared does not lead to—or result from—acts that could be regarded as human rights violations. However, the Committee concluded that CSIS was not in a position to provide such an absolute assurance. As Mr. Elcock told the Commission of Inquiry into the Actions of Canadian Officials in Relation to Maher Arar, CSIS would not necessarily reject information that might have been obtained as a result of human rights violations. He explained that CSIS ”[is] there to collect information... that may reflect on a threat to the security of Canada and we will look at information from any source in order to secure some information about threats to the security of Canada.”¹⁴

Second, while CSIS is cautious when sharing information with foreign agencies, it cannot determine in all cases how that information is used by the recipient agency. Similarly, the Service is rarely in a position to determine how information received from a foreign agency was obtained. As Mr. Elcock stated to the O'Connor Commission, when it comes to information that may have been the product of torture, “the reality is in most cases we would have no knowledge that it was derived from torture. You may suspect that it was derived from torture, but that is about as far as one will get in most circumstances.”¹⁵

In response to this study, the Service took the position that all correspondence between CSIS and the Minister of Public Safety and Emergency Preparedness reflects an ongoing monitoring of the situation. According to the Service, they advise the Minister that exchanges of information with an allied agency will be commensurate with the degree of trust established over a period of time and reflective of the political and human rights climate within a country.

SIRC acknowledges that CSIS must rely on information received from its foreign partners to fulfill its mandate, and that the exchange of information between security intelligence agencies is an essential investigative tool. However, the Committee found that CSIS's assurance to the Minister could be misinterpreted as it is rarely in a position to determine how information that went to a foreign agency is used, or how information it receives was obtained.

SIRC recommended that CSIS revise the content of the letters to Foreign Affairs Canada and the Minister of Public Safety and Emergency Preparedness to avoid leaving any impression that it can guarantee that information sent to, or received from, a foreign agency was not used in the commission, nor was obtained as a result of, acts that could be regarded as human rights violations.

Review of a Counter-Intelligence Investigation - Report # 2004-06

Background

In this review, SIRC examined a CSIS investigation of a foreign intelligence service.

Methodology

SIRC examined this counter-intelligence investigation for the period January 1, 2003 to December 31, 2003. The objective was to assess the Service's compliance with the CSIS Act, Ministerial Direction and all relevant operational policies.

SIRC reviewed hard-copy and electronic documentation that pertained to the following CSIS operational activities:

• targeting of individuals suspected of engaging in threat-related activities, as well as the targeting approval process;
• application for a Federal Court warrant;
• implementation of warrant powers against authorized targets;
• direction of human sources against authorized targets; and
• selected advice to government departments.

As in all reviews, SIRC sought to answer three key questions:

• whether CSIS had reasonable grounds to suspect a threat to the security of Canada;
• whether the level of targeting authority was proportionate to the threat; and
• whether the Service only collected information that was strictly necessary for its investigation.

Findings

Overall, the counter-intelligence investigation was in compliance with the CSIS Act, Ministerial Direction and operational policy during the review period. SIRC found that CSIS had reasonable grounds to suspect that the authorized targets of investigation posed a threat to the security of Canada. Moreover, the Committee found that the intrusiveness of the techniques used were proportionate to the suspected threat that these targets posed. CSIS investigators only collected information that was strictly necessary for the investigation. They also acted appropriately and within the law in their use of human sources.

SIRC found that the Service's description of threat-related activities in the warrant affidavit accurately reflected the information that CSIS held. The Service complied with all applicable operational policies in applying for the warrant, as well as conditions imposed by the Federal Court when the warrant was approved. SIRC also found that CSIS complied with the terms of the Federal Court warrant in executing authorized warrant powers and in conducting special operations.

The Committee observed, however, that the scope of the warrant was overly ambitious. Two CSIS regions identified human resource shortages that affected their ability to analyze certain information collected. SIRC also noted that CSIS introduced a new information collection technique during the review period, which will be monitored in future reviews.

Throughout the review, SIRC paid particular attention to CSIS's investigation of interference activities. To ensure compliance with the CSIS Act, the Service was careful to develop strict guidelines to manage this aspect of its investigation. However, SIRC found that CSIS's operational policies covering these types of situations were incomplete. Because of this, the Committee recommended that:

CSIS review and amend, where appropriate, its operational policies relating to specific institutions to ensure that they cover all aspects of a given process.

Also of note, while SIRC found that CSIS acted appropriately in providing advice to Government of Canada officials on the foreign intelligence service's activities, the Committee nevertheless believes that the Service was overly cautious in deciding not to share information with one federal department. CSIS disagreed with this finding and believes that given the sensitivity of the investigation, the Service took a judicious approach in the dissemination of any information.

Terrorist Financing Activities in Canada - Report # 2004-10

Background

Since September 11, 2001, the international community has increased its efforts to combat terrorist financing. In December 2001, the United Nations Security Council passed Resolution 1373, calling on member states to freeze the assets of those who commit or facilitate terrorist acts, and to adopt measures to prevent and suppress the financing of terrorism. In response, the Government of Canada passed the United Nations Suppression of Terrorism Regulations (UNSTR) and the Anti-Terrorism Act.

Traditionally, CSIS had examined terrorist financing through the lens of its counter-terrorism investigations, but the growing international focus since September 11, 2001, necessitated the development of a dedicated level of expertise. In 2002, CSIS created the Terrorist Financing Unit within its Counter Terrorism Branch to identify and track the financial structures that support terrorist organizations. That same year, the Minister's National Requirements for Security Intelligence specifically directed CSIS, for the first time, to investigate and advise the Government of Canada about the threat arising from terrorist financing.

Methodology

The objective of this study was to examine CSIS's investigation of terrorist financing activities in Canada for in-depth review. SIRC selected one issue-based target, and five specific targets. In each case, the Committee assessed the Service's compliance with the CSIS Act, Ministerial Direction and operational policy by examining the following operational activities:

• targeting decisions;
• investigative activities and operational reporting;
• cooperation and exchanges of information with domestic agencies; and
• cooperation and exchanges of information with foreign agencies.

SIRC's review period was January 1, 2003–July 31, 2004. However, to ensure a thorough review, the Committee also examined select documents that fell outside this period.

Findings

The Committee concluded that the Service had reasonable grounds to suspect that the activities of targeted individuals and groups posed a threat to the security of Canada. The level and intrusiveness of the Service's investigation were proportionate to the suspected threat, and CSIS collected only that information necessary to fulfill its mandate. The Service's activities complied with the CSIS Act, Ministerial Direction and operational policy.

SIRC also found that the Service complied fully with Ministerial Direction and operational policy with respect to applications for targeting authorizations and renewals. The statements made in the applications were supported by the Service's operational reporting.

Finally, SIRC was satisfied with the degree and nature of the Service's cooperation with domestic and foreign partners. Exchanges of information with these agencies complied with the CSIS Act, Ministerial Direction, and operational policy.

Implementation of the UNSTR

During this review, SIRC learned that the implementation of the UNSTR required CSIS to manage new responsibilities related to the listing of terrorist entities. The Committee did not undertake a comprehensive review of CSIS's involvement in the listing of entities pursuant to the UNSTR, as this was not within the scope of the study. However, SIRC noted that CSIS's involvement in this process raised important legal questions—similar to those identified in the Committee's review of the Terrorist Entity Listing Process.

The criteria for listing under the UNSTR are set out in Section 2 of the legislation, which states that a person or group can be listed when there are reasonable grounds to believe that this entity: (a) has carried out, attempted to carry out, participated in or facilitated the carrying out of a terrorist activity; (b) is controlled directly or indirectly by any person conducting any of the activities set out in paragraph (a); or (c) are acting on behalf of, or at the direction of, or in association with any person conducting any of the activities set out in paragraph (a).

Entities can be listed in two ways. First, they can be placed under a UN Security Council resolution, in which case they are then automatically included as a listed entity under the United Nations Afghanistan Regulations (UNAR). Second, the Governor-in-Council, on the recommendation of the Minister of Foreign Affairs, can decide to place an entity on the UNSTR list. In such cases, Foreign Affairs Canada (FAC) convenes an interdepartmental meeting to discuss the proposed listing. If CSIS has security intelligence on the entity, it prepares an assessment for its Director, indicating whether there are reasonable grounds to support the listing. This assessment is provided to FAC, who may use the information, along with input from many other federal departments and agencies, to support its recommendation to the Governor-in-Council.

The Service told SIRC that it engages in the listing of entities pursuant to the UNSTR under Section 12 of the CSIS Act, which limits the Service's collection activity to threats to the security of Canada. However, SIRC noted that the Service's involvement in the listing process requires it to determine whether an entity meets the definition of a listed person under the UNSTR, which has no such geographic restriction. As a result— similar to SIRC's study on the Terrorist Entity Listing Process—it is possible that the Service may be required to collect and analyze information regarding an entity that meets the definition of a listed person or group under the UNSTR, but does not represent a threat to the security of Canada. SIRC found evidence of this problem in its review of operational reports.

In response to SIRC's concern relating to the UNSTR listing process, CSIS stated that they are only collecting and analyzing open information. The Service does not agree that the collection and retention of open information that is available to the public is an extension of the Service's mandate. Further, SIRC noted that the UNSTR does not specifically direct the Service to participate in the listing process, nor has the Minister of Public Safety and Emergency Preparedness provided CSIS with specific direction to that effect. Indeed, the National Requirements for Security Intelligence 2003–2004 only made reference to the Criminal Code listing process, requiring that CSIS continue to conduct research and analysis in support of the listing of terrorist entities pursuant to the Anti-Terrorism Act.

SIRC will continue to monitor this issue. As always, it will continue to examine the implications of new legislation on the Service's operational activities. There were no recommendations arising from this study.

CSIS Liaison with Foreign Agencies: Review of a Security Liaison Post - Report # 2004-01

Background

Security liaison posts are located strategically to meet the needs of the Service most effectively. CSIS's Foreign Liaison and Visits (FLV) Branch, which oversees the security liaison posts abroad, bases its operations on the principle of reciprocity. The Service must be prepared to share information with foreign security and intelligence agencies to receive information in return. Activities and exchanges of this nature are generally handled by the Service's security liaison posts. With the exception of Paris, Washington, and London, the locations of these posts are classified.

At the direction of the FLV branch, Security Liaison Officers (SLO):

• carry out regular liaison with foreign security and intelligence agencies;
• provide security screening services in support of the immigration program;
• oversee the exchange of security intelligence information with approved agencies;
• provide advice to senior staff of the Canadian Mission or Embassy; and
• are accountable to the Director General of FLV, to HQ operational managers, and to the Head of Mission for the SLO's geographical area of responsibility.

SIRC regularly reviews the Service's security liaison posts, as required under Section 38(a)(iii) of the CSIS Act. This year, SIRC chose to review a recently established security liaison post.

Methodology

In its review, SIRC sought to determine whether exchanges of information from this post with foreign agencies were within the scope of the government-approved liaison agreements in place. The Committee also assessed the operations at the security liaison post in relation to the CSIS Act, Ministerial Direction, and the Service's operational policies and procedures.

SIRC conducted this study by reviewing documents at CSIS Headquarters and through an on-site visit to the security liaison post. For context, SIRC also reviewed this post's operations, and evaluated them against issues raised in SIRC's ongoing statutory reviews of CSIS's Foreign Arrangements. Moreover, the report considered trends identified in SIRC's SLO studies over the previous five years.

The review concentrated on two main issues: security screening workload and security at the post.

Findings

a) Compliance and Effectiveness

There were not enough exchanges during the review period for SIRC to assess definitively whether the Service's exchanges with foreign agencies at the Post were in accordance with the CSIS Act, Ministerial Direction and the Service's operational policies. However, SIRC's review of the exchanges that did take place suggests that the Service has approached its new liaison relationship with appropriate caution.

However, the lack of updated CSIS documents to assess the liaison relationships at the post did cause SIRC some concern. While there are written guidelines for the creation, submission and updating of these documents, there are no formal CSIS policies governing this activity. Owing to the situation SIRC observed at this post, and the Service's growing exchanges with foreign organizations, the Committee made the following recommendation:

The Committee recommended that the Service create policies for the preparation, updating and annual submission of CSIS documents used to assess exchanges with foreign agencies.

The Committee also recommended that the written guidelines the FLV prepares concerning procedures at security liaison posts be updated to reflect actual Service practices.

b) Security Screening

One of the functions of an SLO is to assist Citizenship and Immigration Canada and the Canadian Border Services Agency to screen potential immigrants to Canada. If the employees of either of these organizations responsible for immigration screening at a security liaison post have security-related concerns, they may refer the case to the SLO, who investigates the matter.

SIRC notes that the SLO's security screening workload has been raised as a concern in each of its SLO studies over the past five years. In its most recent report, SIRC again raised concerns related to security screening workload and suggested the Service adopt numeric benchmarks for tracking and addressing security screening workload issues.

c) Security at the Post

SIRC examined the environment in which the post operated. The Committee concluded that the SLOs at the post acted in accordance with CSIS security procedures.

Review of Foreign Arrangements

Background

Under Section 17(1) of the CSIS Act, the Service may enter into an arrangement with the government of a foreign state, or an international organization of states (or an institution thereof), for the purpose of performing its duties and functions. While Ministerial Direction and Service operational policy outline the principles regarding the establishment and management of such arrangements, the foreign arrangement determines the nature and extent of the Service's cooperation and exchanges with a foreign agency. The arrangement identifies the specific types of information sharing that can occur.

Section 38(a)(iii) directs SIRC to review all such arrangements. The Committee examines both the establishment and enhancement of arrangements entered into between CSIS and foreign intelligence agencies.

As noted in previous reports, a Ministerial Direction Compendium came into effect on March 1, 2001. This gives the Director of CSIS more freedom to manage the Service's activities. For example, the Director can approve the expansion of an existing foreign arrangement (one that has previously been approved by both the Minister of Public Safety and Emergency Preparedness and the Minister of Foreign Affairs). CSIS does not need to consult with the Department of Foreign Affairs nor does it need to request the Minister's approval to do so. As a result, the Director has greater discretion in this area of Service activity.

Reviews During 2004-2005

During 2004-2005, SIRC undertook its first comprehensive review of the expansion process—a first since the Ministerial Direction Compendium came into effect. SIRC focussed on the ten arrangements that were expanded between April 1, 2002 and March 31, 2003, to determine whether these complied with Ministerial Direction and operational policy. An enhancement or expansion occurs when the Service changes an existing arrangement. This defines the subject matter and extent of authorized exchanges.

For each foreign arrangement, SIRC staff examined:

• the rationale for requesting an expansion;
• Canada's national security interests;
• the request to expand the arrangement;
• the approval to expand the arrangement; and
• the Service's assessment of the agency (i.e., respect of the third-party rule, reliability, human rights issues, internal stability concerns, etc.)

Staff reviewed:

• all documentation on the establishment of the arrangement, as per Section 17 of the CSIS Act and Ministerial Direction;
• all documentation on the expansion of the arrangement;
• the cooperation file with the organization;
• the most recent agency assessment;
• the most recent post profile prepared by the Security Liaison Officer; and
• any other information related to the arrangement and its enhancement.

Findings

SIRC found that CSIS complied with the conditions set out in Ministerial Direction and operational policy regarding the expansion of the ten existing foreign arrangements.

With respect to expansion approvals, SIRC noted that the Service has no operational policy on what type of information must be contained in the request submitted to the Director. The Committee also noted that the assessment of agencies with whom the Service has arrangements were not always submitted on a yearly basis as required in the Foreign Liaison Post Procedures Manual—and, in some cases, were seriously outdated. The matter of agency assessments was the subject of a recommendation under study # 2004-01.

Of greater concern to SIRC, however, was that one agency assessment did not provide an adequate analysis of potential human rights issues. As these expansions involve an increased level of cooperation with a foreign agency, SIRC believes that a comprehensive re-evaluation of the agency in question should be required at the time of expansion to ensure that arrangements continue to undergo rigorous scrutiny—particularly in the area of human rights.

It is CSIS's position that when consideration is being given to expanding the arrangement, FLV provides the requisite information so that the Director can make an informed decision as to whether a given arrangement should be expanded. According to the Service, the absence of an up to date Agency Assessment does not mean that a review of the arrangement has not been prepared for the Director.

Primary navigation (left column)

Date Modified:

2010-10-14