Everyone is rushing to debate whether the Communications Security Establishment’s Canadian airport program was legal. To be sure, this is an important question. It is not, however, the only question that should concern Canadians. We should be concerned about whether our law and our review processes have kept up with technology, including the bulk collection of metadata.
CSEC Commissioner Jean-Pierre Plouffe responded within a day of the story breaking, stating he was “aware of the metadata activities referred to.” Although he did not say whether the airport program was legal, he noted that past commissioners had found metadata collection to be legal. The minister of defence has relied on these findings by the retired judges who have been commissioner to defend CSEC.
The commissioner’s focus on legality follows his mandate to report any activities not authorized by law to both the minister of defence and the attorney general of Canada. A failure to report illegal behaviour might mean that the commissioner, who has a budget of $2.2 million compared to CSEC’s reported budget of $422 million, missed illegal activities.
The minister of defence and the attorney general of Canada would be obliged to take remedial action if the commissioner reported illegalities to them, including perhaps even criminal prosecutions if CSEC invaded privacy without legal authorization. This is one of the reasons why the question of legality has got so much attention.
The former CSEC commissioner’s June 2013 statements, shortly after the first Edward Snowden leaks, that CSEC had acted legally should be evaluated in light of an extraordinary December 2013 decision by Justice Richard Mosley.
Concluding he had been kept in the dark, the Federal Court judge reopened a case in which he had granted warrants to CSIS to conduct surveillance on Canadians outside of Canada. He found that the laws governing both CSIS and CSEC did not authorize CSEC’s actions in this and as many as 35 other cases since 2009 of tasking Five Eye foreign partners to carry out the surveillance of Canadians.
Mosley’s forceful decision demonstrates that much could be gained by increasing the role of the judiciary with respect to CSEC.
At present, the minister of defence, as opposed to an independent judge, authorizes CSEC activities. Increased judicial oversight is one of the aims of an ongoing Charter challenge to CSEC.
Conclusions of legality are only as good as the underlying law. CSEC’s mandate is broad. It includes acquiring information from the global information infrastructure for the purpose of providing foreign intelligence. CSEC’s enabling legislation was rushed into law in the months after 9/11. It employs the somewhat old-fashioned concept of prohibiting surveillance that is directed at Canadians or persons in Canada. It fails to address metadata or the incidental interception of Canadian communications. It refers only to vague and undefined measures to protect Canadian privacy.
The government is committed to its position that CSEC broke no clear law and did not target Canadians. Others disagree because the targeted airport was after all in Canada. It may be difficult to litigate the issue in open court given the secrecy of relevant authorizations and directives from the minister of defence. The underlying issue of privacy, however, is too important to be left to lawyerly sparring.
Canada does not have adequate review mechanisms to ensure the public that its intelligence agencies are adequately doing their job both in protecting security and respecting rights including privacy.
The CSEC Commissioner has a small budget and staff and is restricted by its mandate to focus on questions of legality. Contrary to the Arar commission? s 2006 recommendations, the commissioner cannot share secret information with SIRC even though Mosley’s judgment illustrates how the two agencies work together.
Canada’s review structure no longer commands the confidence it once did. The last two heads of SIRC have resigned amid controversy, the government abolished the inspector general who determined the legality of CSIS’s conduct and parliamentary committees are shut out once information has been classified as secret. Wayne Easter’s private member’s bill would allow parliamentarians to have some access but would give the ministers an unreviewable discretion to say no.
Canadians should not stop at the question of whether CSEC’s airport program was legal or not. They should demand a more fundamental re-assessment of the law that authorizes CSEC’s activities and the mechanisms to review its activities and those of all its national security partners.
