Overview of 2010–2011 Findings and Recommendations

During the 2010–2011 reporting year, I submitted six reports to the Minister of National Defence on my review of CSEC activities.

These reviews were conducted under two areas of my mandate: 

• ensuring CSEC activities are in compliance with the law ─ as set out in paragraph 273.63(2)(a) of the National Defence Act; and
• ensuring CSEC activities under a ministerial authorization are authorized ─ as set out in subsection 273.65(8) of the National Defence Act. 

One review, which is now being done on an annual basis, related to disclosures of information about Canadians to Government of Canada departments and agencies. This review permits me to closely monitor CSEC activities involving Canadian identity information. Performing this review yearly allows me to verify that CSEC complies with the law and maintains measures to protect the privacy of Canadians.

Two reviews were conducted of CSEC information technology security activities conducted under ministerial authorizations.

Three reviews related to foreign signals intelligence activities, and included a review of how CSEC determines that entities of foreign intelligence interest are foreign entities located outside of Canada, as required by the National Defence Act.

The results

Overall, I am able to report that the activities of CSEC examined this year complied with the law. 

My reviews in 2010-2011 also demonstrate that:

• CSEC takes seriously and acts on the Commissioner's recommendations. Over the past year CSECaddressed a number of deficiencies identified in previous reviews. My follow-up of these recommendations determined that CSEC addressed these deficiencies;
• CSEC continued important work to incorporate information management practices into its core programs and has made it part of its employees' daily activities. This is important in enabling CSEC to demonstrate accountability for its activities and decisions; and
• CSEC has mature management, governance and internal oversight structures to guide and direct its operational activities.

In total this past year, I made four recommendations, two of which relate to reporting information to the Minister of National Defence with the objective of providing the Minister with a more complete picture of communications CSEC unintentionally intercepts and involving Canadians or persons in Canada. The other two recommendations strengthen policy guidance for certain foreign signals intelligence activities.

Past reviews of CSEC activities under ministerial authorizations have consistently demonstrated that the proportion of private communications that CSEC unintentionally intercepts is very small. Nevertheless, should there be an instance of non-compliance involving private communications, the potential impact on the privacy of Canadians could be significant, which is why I continue to focus my attention on this particular activity.

See Annex G for information on legislative safeguards for private communications and information about Canadians.