Work Plan – Reviews Under Way and Planned
The Commissioner uses a three-year work plan, which is updated twice a year. Developing the work plan draws on many sources. An important one consists of regular briefings from CSE on new activities and changes to existing activities. Another is the classified annual report to the Minister from the Chief of CSE on priorities and legal, policy and management issues of significance. To learn more about the Commissioner's risk-based and preventive approach to reviews, please visit the office's website.
Three reviews and one study started in 2015–2016 will be completed in 2016-2017: a focused review of metadata activities by CSE's IT Security section; a review of a particular method of collecting foreign signals intelligence conducted under a ministerial authorization and a ministerial directive; a review of CSE sharing of foreign signals intelligence with non-five eyes recipients, including mistreatment risk assessments; and a study of cooperation and information sharing between CSE's IT Security employees and its foreign signals intelligence employees to defend against cyber threats.
Other reviews planned to commence in 2016–2017 are: a follow-up review of a specific CSE foreign signals intelligence method of collection conducted under ministerial authorization with a focus on CSE targeting activities; a review of other CSE targeting activities conducted under exceptional circumstances; a follow-up review of a certain type of reporting involving Canadians; and a follow-up review of CSE assistance to the Canadian Security Intelligence Service (CSIS) under part (c) of CSE's mandate and sections 12 and 21 of the Canadian Security Intelligence Service Act relating to the interception of the telecommunications of specified Canadians located outside Canada (formerly called Domestic Intercept of Foreign Telecommunications and Search warrants).
In addition, the Commissioner will continue to conduct annual reviews of:
-
foreign signals intelligence and cyber defence ministerial authorizations, including spot check reviews of one-end Canadian communications acquired and recognized by CSE;
-
CSE disclosures of Canadian identity information; and
-
privacy incidents and procedural errors identified by CSE and the measures subsequently taken by CSE to address them.
- Date modified: