Three Years of Reviewing CSE
On June 19, 1996, the Minister of National Defence appointed me to the position of Communications Security Establishment (CSE) Commissioner for a period of three years, with the mandate to review the activities of CSE to determine whether they are in compliance with the law.
As noted in my earlier reports, CSE provides the Government of Canada with foreign intelligence, which it obtains by gathering and analyzing foreign radio, radar and other electronic emissions. This is called signals intelligence or sigint. CSE also provides technical advice, guidance and service on the means of protecting the security of government telecommunications and aspects of electronic data processing. This is known as Information Technology Security or ITS.
Clearly, the work CSE performs is highly sensitive. The foreign intelligence it collects provides the government with valuable information about foreign and defence policy issues in response to intelligence priorities established by Cabinet.
The three-year term of my first mandate has now ended. In this, my third Annual Report, covering the period to March 31, 1999, I will discuss the activities of the past year but also reflect on the evolution of the review function for CSE since my appointment in 1996.
The knowledge gained and lessons learned during my first mandate will be instrumental in ensuring further progress during my second mandate, which the Minister of National Defence announced on June 15, 1999. The new mandate, which will be in force until June 19, 2002, maintains the elements of the first one and enhances one important element -- the complaints function of my office. I am pleased with this change, which responds to concerns I raised in my past two annual reports. This development and its implications are described below.
As noted in last year's report, I am satisfied with the resources at my disposal and with my access to CSE. In carrying out my review activities, I have the support of two full-time staff people and several experts retained on contract. My views about CSE are based not only on my own observations but also on the hard work of people who know the intelligence community and are familiar with the complex technology that is part of its day-to-day environment.
Looking Back on the First Mandate
My original detailed mandate, established by Order in Counci l in 1996 pursuant to the Inquiries Act, was:
- to review the activities of CSE to determine whether they are in compliance with the law,
- to advise the Minister of National Defence and the Attorney General of Canada of any activity of CSE that I believe may not be in compliance with the law,
- not to review issues for which other avenues of redress are established by statute,
- to submit to the Minister of National Defence a report containing classified information when I consider it advisable, and
- to submit to the Minister an annual report in both official languages on my activities and findings for tabling in Parliament.
A copy of the original Order in Council is appended to this report as Annex A.
As might be expected, I know much more about CSE now than I did when I took on this challenge three years ago. As my staff and I have learned more, we have asked CSE officials for more detailed information. Our questions continue to probe matters related to the lawfulness of CSE's activities in a very penetrating way. In return, we expect and receive increasingly detailed explanations, which we then assess in each instance to determine whether there is logical continuity.
During my first mandate, I reviewed the lawfulness of CSE's activities from several perspectives. Initially I decided to focus on the control and accountability measures in place in CSE. For example, I was pleased to note the presence of legal counsel on CSE's senior management team. These lawyers, assigned to CSE by the Department of Justice, advise on the lawfulness of CSE's existing and planned activities and play an important part in the organization's decision making. I observed as well that CSE is subject to the independent scrutiny of the courts, the Canadian Human Rights Commission, the Privacy Commissioner, the Information Commissioner, the Commissioner of Official Languages, and the Auditor General.
I also examined CSE's reporting relationships. In Parliament, the Minister of National Defence is answerable for all CSE's activities. The Minister is supported by two deputy ministers -- the Deputy Minister of National Defence for administrative matters, and the Deputy Secretary to the Cabinet (Security and Intelligence) in the Privy Council Office for policy and operations.
Next, I examined CSE's internal policies and procedures, the processes for reviewing and improving them, and programs for training employees about them. In an organization such as CSE, which operates without legislation in a very sensitive area, policies and procedures that reinforce lawful behaviour are essential. Equally important are the organization's continuing efforts to improve its policies and procedures and ensure employees know and live up to them.
My staff also developed and refined procedures for examining and testing CSE's information holdings, to ensure that those holdings contain only information that CSE is authorized to retain. This testing program is described in more detail below.
CSE's signals intelligence work depends on sophisticated technology for its success. This presents challenges for the organization. On the one hand, operating in a field where technology is advancing rapidly, CSE must upgrade its technology constantly to meet the government's foreign intelligence requirements. On the other hand, the rapid pace of technological change presents CSE with a particular challenge in protecting the rights of Canadians, since new technologies can expand CSE's capabilities.
The sophistication of CSE's technology has led to speculation about the organization's capability to intercept the communications of Canadians. However, I have observed that CSE's activities are driven not by the capabilities of the technology it deploys but by its mandate to fulfil the foreign intelligence requirements established by the Government of Canada. My review and analysis indicate that CSE is not using its technology to target Canadian communications. In keeping with the policy of the government, CSE goes to considerable effort to avoid collecting Canadian communications.
Technology can, of course, be used to protect privacy. As CSE's technological capabilities progress, its ability to avoid collecting information that does not advance its foreign intelligence mandate increases. New technologies can help CSE improve intelligence collection and support the organization's lawfulness. I will continue to examine carefully CSE's use of technology in the months and years ahead.
The Effect of Review on CSE
In my last report, I cited a generally held view that observation prompts change. In other words, the very presence in an organization of external observers of performance can increase the internal commitment to improve that performance.
In the case of an intelligence agency, effective performance is a function of the professed values of the organization, the activities it undertakes to achieve results, and its commitment to hold itself accountable for both its values and its results.
During my first mandate I observed that the precept that observation prompts change applies to CSE. In my assessments of the agency, I examined not only CSE's activities but also its values, as articulated in its policies and procedures. I can confirm that the presence of a review function is contributing to the momentum for improvement and serves as a reminder to employees of the values that CSE has articulated.
A further benefit of the review function has been that CSE's employees, knowing independent reviewers have informed the public that CSE's activities are lawful, have been able to approach their jobs with more confidence and thus better serve the Government of Canada.
These, I believe, are important arguments in favour of a permanent review mechanism.
- Date modified: