The Edward Snowden revelation that the Communications Security Establishment (CSE), without a warrant, used free airport Wi-Fi service to gather the communications of all travellers using the service and to track them after they had left the airport sparked an ongoing concern about mass surveillance in Canada. The number of Canadians affected by this surveillance is unknown apparently even to the Canadian Security Intelligence Service.
Key Government Bodies
Communications Security Establishment Canada (CSE)
The Communications Security Establishment Canada (CSE) is Canada's signals intelligence agency. The agency is responsible for foreign signals intelligence and for protecting the Canadian government's electronic information and communication networks. It reports to the Minister of National Defence, who is in turn accountable to Cabinet and Parliament. CSE is part of the Five Eyes, or the alliance of spying agencies of the United States, Australia, New Zealand, the United Kingdom and Canada.
CSE originated in World War II, as a military signals corps meant to collect foreign intelligence signals. The agency only came into public awareness, however, with the 1974 CBC TV documentary The Fifth Estate: The Espionage Establishment. Since the events of 9/11 and Canada's subsequent 2001 Anti-Terrorism Act, the CSE's capacities have expanded significantly, in terms of legal mandate, available technology, and financial resources. Today, it employs roughly 2000 people and its estimated 2015-2016 budget was $1.075 billion. The agency expects a net increase of $59.5 million in federal funding in the coming year
- To acquire and use information from the global information infrastructure for the purpose of providing foreign intelligence, in accordance with Government of Canada intelligence priorities.
- To provide advice, guidance and services to help ensure the protection of electronic information and of information infrastructures of importance to the Government of Canada.
- To provide technical and operational assistance to federal law enforcement and security agencies in the performance of their lawful duties.
CSE is bound by the Canadian Criminal Code, the Canadian Charter of Rights and Freedoms, the Privacy Act, and all Canadian laws. The agency cannot legally intercept the private communications of Canadians, except for foreign communications that originate or end in Canada. Ministerial authority for such interception is given on a case-by-case basis. Additionally, for reasons of national security, the Security of Information Act permanently binds CSE employees to secrecy, meaning they cannot legally disclose certain information without special authorization.
Per CSE's own description, all of the agency's activities must be necessary to fulfill their relevant mandate; proportionate to the risk being mitigated or the foreign intelligence of interest; effective at protecting the privacy of Canadians; and as minimally intrusive as possible.
The agency is overseen by the CSE Commissioner's Office, which conducts an annual review of CSE activities and their compliance with the law and ministerial authority. The CSE Commissioner can issue recommendations as to the CSE's conduct, which are then, in theory, implemented by the Minister of Defence. To date, the Commissioner has yet to find any CSE activities to be in violation of Canadian law.
CSE is responsible for the Canadian government's metadata surveillance program. Even though metadata does not include the content of the communication itself, it yields a substantial amount of information about its source devices, users and transmissions.
A national security measure to track patterns of suspicious activity, the Canadian metadata surveillance program was first implemented in 2005 by secret decree. It was then suspended for a year in 2008, amid concerns that the program could amount to unwarranted surveillance of innocent Canadians. However, the program was renewed in 2011 via ministerial directive from then-Defence Minister Peter MacKay. The program was broadly approved by the CSE Commissioner at the time.
CSE claims that it does not collect or use metadata to target Canadians without a warrant, as doing so would violate the National Defence Act. The agency holds that only uses metadata to identify foreign intelligence targets and their social networks, and possible cyber threats. However, CSE acknowledges that the subsets of metadata that it legitimately collects may inadvertently include metadata on the private communications of Canadians. To reduce this allegedly inevitable incursion of privacy, the agency takes measures such as limiting the length of time that metadata can be stored, restricting access to metadata to authorized CSE personnel, redacting any identifying information about Canadians when sharing intelligence with allies, and cooperating with the CSE commissioner's review of activities.
Canadian Security Intelligence Service (CSIS)
There are actually no oversight for the Communications Security Establishment.
Communications Security Establishment Commissioner
Security Intelligence Review Committee
National Defence Act
2001 Anti-Terrorism Act
2015 Anti-Terrorism Act (Bill C-51)
- "CSEC used airport Wi-Fi to track Canadian travellers: Edward Snowden documents".
- Boutilier, Alex (February 2, 2017). "Ottawa Bureau Reporter". Retrieved February 2, 2017.
- "Toronto Star". thestar.com.
- "Canada's spies expecting a budget boost - Toronto Star". thestar.com.
- Branch, Legislative Services. "Consolidated federal laws of canada, Security of Information Act". laws-lois.justice.gc.ca.
- Toolkit, Web Experience. "How does CSE protect the privacy of Canadians?". www.cse-cst.gc.ca. Archived from the original on 2017-06-13.
- FREEZE, COLIN (10 June 2013). "Data-collection program got green light from MacKay in 2011" – via The Globe and Mail.
- Toolkit, Web Experience. "Metadata and our Mandate". www.cse-cst.gc.ca.