Overview of 2018–2019 Findings and Recommendations
During the 2018–2019 reporting year, the Commissioner submitted eight classified reports to the Minister on his reviews of CSE activities.
These eight reviews were conducted under the Commissioner's authority under the National Defence Act:
- to ensure CSE activities are in compliance with the law; and
- to ensure CSE activities carried out under a ministerial authorization are authorized.
In a review of CSE's targeting practices in the context of a particular foreign signals collection program that is also subject to a ministerial directive, the Commissioner found discrepancies between requirements in the ministerial directive and CSE practices. This resulted in repeating a recommendation made twice in the past that CSE reconcile these discrepancies either to comply with or amend the ministerial directive.
One review resulted in three of the five recommendations the Commissioner made this year. This review related to CSE's assistance to the Canadian Security Intelligence Service's warranted activities for investigating or reducing a threat to the security of Canada using intrusive means, regardless of where that identified threat is situated in the world.
The review of disclosures of Canadian identity information for 2018–2019 focused on ensuring implementation of a previous recommendation that when a client requests disclosure of Canadian identity information, the client must specify its lawful authority and a robust operational justification to acquire that information.
Besides the review of CSE disclosures of Canadian identity information, the Commissioner also conducted other annual reviews:
- of ministerial authorizations for foreign signals intelligence activities;
- of one-end Canadian communications (including private communications) acquired, used, retained and destroyed by CSE, which was a spot check examination whose results were reported with the annual review of ministerial authorizations related to foreign intelligence;
- of cyber defence activities conducted under ministerial authorization; and
- of CSE incidents and procedural errors related to privacy.
The review of incidents and procedural errors brought to light a privacy incident that demanded deeper examination. This incident was the subject of its own review.
Each year, the Commissioner provides an overall statement on findings about the lawfulness of CSE activities. This past year all CSE activities reviewed complied with the law.
The Commissioner made five recommendations to promote compliance with the law and strengthen privacy protection, including that:
- CSE reconcile discrepancies between requirements in a ministerial directive and CSE practices, either by fulfilling the stipulated administrative obligations or seeking an amendment to the applicable ministerial directive;
- CSE develop, in collaboration with CSIS, a mechanism to provide CSE minimally redacted judicial decisions relevant to understanding CSIS's warrant authorities;
- CSE develop, in collaboration with CSIS, a formal notification mechanism to inform CSE of any changes to the warrant template or of any changes to the underlying interpretations of CSIS warrants in the context of the warranted target activities;
- CSE take measures to ensure that the identification and retrieval of all documentation relevant to a review request are accurate and complete; and
- CSE take measures to ensure its corporate records regarding the disclosure of Canadian identity information contain detailed and complete information describing and documenting the disclosure, and the status of the disclosure.
Business as Usual until Bill C-59 Receives Royal Assent
As of the writing of this annual report, Bill C-59 had not yet been passed. This legislation will eliminate the Office of the CSE Commissioner and move its review functions to the National Security and Intelligence Review Agency. The CSE Commissioner and the staff of the Commissioner's office will take on new duties as part of what will be the Office of the Intelligence Commissioner. Until this legislation is enacted, however, the CSE Commissioner will uphold his commitment to fulfill his mandate under the authority of the National Defence Act. All conclusions and references to follow-up reviews in this annual report are written as if the Office of the CSE Commissioner will continue to operate for the foreseeable future. Regarding review reports completed in and reviews carrying over into the new fiscal year, Bill C-59 states that all reviews not reported on will be transferred to the National Security and Intelligence Review Agency. Bill C-59 requires this agency to include this information in its first annual report. It is also expected that the National Security and Intelligence Review Agency will continue to monitor issues that the CSE Commissioner has identified in the past.
- Date modified: