Commissioner Plouffe's report is tabled in Parliament - 2014-2015

January 28, 2016 — Ottawa, ON — Office of the CSE Commissioner

Today, the 2014-15 Annual Report of the Communications Security Establishment Commissioner, the Honourable Jean-Pierre Plouffe, CD, was tabled in Parliament.

The Commissioner provides independent external review of the Communications Security Establishment's (CSE) operational activities to determine whether they complied with the law and protected the privacy of Canadians. Mr. Plouffe is a retired judge of the Superior Court of Quebec and the Court Martial Appeal Court of Canada. As CSE Commissioner, he has all the powers of a Commissioner under Part II of the Inquiries Act.

The Commissioner stated: “Each year, I have made public more information about my investigations, to be as transparent as possible.” He added: “I have encouraged CSE to be more forthcoming in what it communicates to the public.”

Report Highlights

With the exception of one review related to metadata, all of the activities of CSE reviewed in 2014–2015 complied with the law.

The Commissioner made eight recommendations, including:

CSE metadata activities

In his annual report, the Commissioner stated that certain CSE metadata activities raised legal questions that he continues to examine and assess. The Commissioner has since completed that legal assessment.

The annual report provides a detailed unclassified summary of the first part of the Commissioner's review on CSE foreign signals intelligence metadata activities. These activities must be carried out in accordance with the NDA, which requires CSE to take measures to protect the privacy of Canadians, and in accordance with the 2011 ministerial directive on CSE's collection and use of metadata.

At the start of the review, CSE discovered on its own that certain types of metadata containing Canadian identity information were not being minimized properly before being shared with CSE's partners in the United States, the United Kingdom, Australia and New Zealand. The former Chief of CSE informed the Commissioner, as well as the Minister of National Defence, about this matter.

After making this discovery, CSE proactively suspended the sharing of this metadata with its partners. The Chief of CSE assured the Commissioner that the suspension will remain in effect until systems are in place to properly minimize all Canadian identity information.

In his annual report, the Commissioner stated that he would carefully weigh the legal implications of the incidents. The Commissioner directed his staff to investigate this issue as part of the metadata review that was already under way. This included: an examination of relevant documentation and technical detail of systems involved; interviews with CSE operational, policy and technical staff and managers, and with senior CSE officials; and meetings with Justice Canada's legal counsel at CSE. In addition, the Commissioner received advice from both in-house legal counsel and external independent legal counsel.

The Commissioner stated: "CSE co-operated fully with this investigation, was forthcoming, provided in-depth written accounts of the metadata minimization deficiencies and has been providing updates on the status of corrective efforts."

After careful examination of all the information before him, the Commissioner concluded that CSE's failure to minimize certain Canadian identity information prior to it being shared with its partners did not comply with paragraph 273.64(2)(b) and section 273.66 of the NDA, and, as a consequence, did not comply with section 8 of the Privacy Act. The Commissioner therefore exercised his legal duty under paragraph 273.63(2)(c) of the NDA and informed the Minister of National Defence and the Attorney General of Canada of this non-compliance with the law. In this instance, while the Commissioner stated he believes the actions of CSE were not intentional, it did not, however, act with due diligence when it failed to ensure that the Canadian identity information was properly minimized.

The Commissioner stated: "During my mandate, I have echoed past Commissioners' longstanding calls to amend Part V.1 of the NDA because certain important provisions are ambiguous. I recently recommended to the Minister of National Defence that the NDA be amended to provide a clear framework for CSE's metadata activities." While paragraph 273.64(1)(a) of the NDA provides authority to CSE to conduct metadata activities, an explicit authority for these activities would strengthen overall accountability.

The Commissioner received a reply to his letter to the Minister of National Defence and the Attorney General of Canada and is pleased that they have accepted his recommendations related to metadata. He will continue to monitor developments.

Background on Metadata

Related Products

Associated Links


J. William Galbraith
Executive Director, Office of the CSE Commissioner
(613) 992-3044

Date modified: