Work Plan — Reviews Under Way and Planned

Commissioners use a risk-based and preventative approach to reviews. A three-year work plan is updated twice a year. Developing the work plan draws on many sources. Two important ones are regular briefings from CSEC on new activities and changes to existing activities, and the Chief of CSEC's classified annual reports to the Minister of National Defence on CSEC's priorities and legal, policy and management issues of significance.

The results of several reviews currently under way are expected to be reported to the Minister of National Defence in the coming year and included in my successor's 2013–2014 annual report. The subjects of these reviews include: CSEC counter-terrorism activities; a follow-up to this year's review of certain foreign signals intelligence activities; CSEC's policy compliance validation framework and activities; and a review of particular signals intelligence collection activities conducted under ministerial authorizations.

In addition, before the end of my term as Commissioner, I will report to the Minister on my ongoing review of CSEC's foreign signals intelligence sharing with its closest international partners — the United States' National Security Agency, the United Kingdom's Government Communications Headquarters, the Australian Defence Signals Directorate and the New Zealand Government Communications Security Bureau. CSEC and its international partners respect each other's laws by pledging not to direct collection activities at one another's citizens' communications. CSEC is prohibited from requesting an international partner to undertake activities that CSEC itself is legally prohibited from conducting. However, CSEC sharing information with its international partners could affect a Canadian; it is in the international sharing of personal information where the risks are higher than for sharing involving domestic partners. My 2011–2012 annual report contained an update on this review. This year, I continued my in-depth review and consulted my independent counsel on general questions of law relating to this subject.

Some of the reviews planned for 2013–2014, which may carry over to the next year, are: a review of CSEC IT security activities conducted under ministerial authorizations in support of Government of Canada efforts to address cyber threats; a follow-up review of CSEC activities carried out under a ministerial directive for the purposes of identifying new foreign entities believed to be of foreign intelligence interest; and a follow-up review of CSEC efforts to address numerous gaps related to CSEC's dealings with the Canadian Armed Forces, as identified by CSEC internal evaluators. In addition, the office plans to continue the annual reviews of: (1) foreign signals intelligence ministerial authorizations; (2) CSEC disclosures of Canadian identity information; and (3) privacy incidents and procedural errors identified by CSEC and the measures subsequently taken by CSEC to address them. The office will work with my successor to put in place a comprehensive work plan soon after his or her appointment.