Am I out of time?
Evidence of meeting #13 for National Defence in the 42nd Parliament, 1st Session. (The original version is on Parliament’s site, as are the minutes.) The winning word was reservists.
A recording is available from Parliament.
Evidence of meeting #13 for National Defence in the 42nd Parliament, 1st Session. (The original version is on Parliament’s site, as are the minutes.) The winning word was reservists.
A recording is available from Parliament.
10:05 a.m.
Liberal
The Chair Liberal Stephen Fuhr
You're out of time.
I am going to give the floor over to Ms. Gallant.
10:05 a.m.
Conservative
Cheryl Gallant Conservative Renfrew—Nipissing—Pembroke, ON
Thank you, Mr. Chairman, and through you, how is Canada sharing threat intelligence and with whom is it sharing? How does it do the sharing of threat intelligence?
10:05 a.m.
Chief, Communications Security Establishment
Thank you for the question.
In terms of sharing threat intelligence, I'll go back to our three-part mandate. First, it's a mandate in terms of foreign signals intelligence and also a mandate in terms of cyber-protection. We share threat information from both of those domains.
I'll start on the cyber-protection mandate. I'm going to turn to my colleague, Madam Bruce, to talk a little on the foreign intelligence side.
In terms of cyber-protection, we share threat information with two key parties, if I can put it that way. First, we share within the Government of Canada family. It's often said that cybersecurity is a team imperative, that in order to be truly protected, all the pieces of the Government of Canada need to work together.
One of the key roles for CSE is to share the cyber-threat information that we're seeing and detecting with other Government of Canada partners. Some of those partners include Shared Services Canada, which plays a very important role in terms of providing IT infrastructure for the Government of Canada. We also share threat information with individual departments that may be coming under attack or facing particular threats. Such is that first bucket of whom we share with in terms of cyber-threats. We also share cyber-threat information via our partners in the Department of Public Safety and Emergency Preparedness. They run a cyber centre, which has an important role of providing both threat information and mitigation advice to critical infrastructure components in the private sector. So there are two big families in which we share our cyber-threat information.
10:05 a.m.
Conservative
Cheryl Gallant Conservative Renfrew—Nipissing—Pembroke, ON
Okay.
Very quickly, does threat intelligence sharing occur with IT security firms in the private sector?
10:05 a.m.
Chief, Communications Security Establishment
Via our partners in Public Safety in terms of critical infrastructure providers, one of their roles is to share cyber-threat information with critical infrastructure providers.
10:05 a.m.
Conservative
Cheryl Gallant Conservative Renfrew—Nipissing—Pembroke, ON
The USA Freedom Act has revised the USA Patriot Act, which was passed shortly after 9/11 and it required certain phone companies to give the NSA bulk records, metadata, and the number, dates, times, and duration of phone calls, but not the identity of callers or the contents of the conversations.
Would a similar amendment to Bill C-51, removing your ability to collect metadata, impact your ability to carry out your mandate?
10:05 a.m.
Chief, Communications Security Establishment
Mr. Chair, I'll try to answer that in a couple of perspectives. I'm not an expert on the USA Freedom Act, so I won't spend too much time on that.
In terms of our sharing of metadata, I'll just talk a bit about our answer about what we've gone through there in terms of identifying the issues. We will not resume that sharing of metadata until both I and the minister are confident that the processes are in place.
10:05 a.m.
Conservative
Cheryl Gallant Conservative Renfrew—Nipissing—Pembroke, ON
Mr. Chairman, I'm sorry, but that wasn't the question.
If you were not allowed to collect the metadata, would that impact or impede your ability to fulfill your mandate?
10:05 a.m.
Chief, Communications Security Establishment
Thank you for the question.
Yes, I can tell you that metadata is critical to CSE's operations from three perspectives, and I'll try to be brief.
As you know, metadata is not the content of the communications; it's the context around the communications. It's routing information, how telecommunications are routed through the global information infrastructure.
There are three critical roles that metadata plays for CSE and for the Government of Canada. First, it helps us to better understand the global information infrastructure, that vast intranet of information, and how it works. Second, it helps us to identify foreign threat actors—who they are and whom we'll target our defence activities against. Third, it helps us from a cyber-defence perspective. It helps us to identify malicious cyber-actors and to protect Government of Canada systems.
So the short answer is yes, metadata is critical to our operations.
10:10 a.m.
Conservative
Cheryl Gallant Conservative Renfrew—Nipissing—Pembroke, ON
Does the U.S. share its information from Prism with Canada, with CSE?
10:10 a.m.
Chief, Communications Security Establishment
I don't have that information off the top of my head.
10:10 a.m.
Conservative
Cheryl Gallant Conservative Renfrew—Nipissing—Pembroke, ON
That's not a problem.
Individuals in the private sector knew about the Heartbleed bug months before anyone publicly reported the vulnerability. Recognizing that the CSE does not monitor Canadian individuals, when was it that the CSE first learned about the Heartbleed bug?
10:10 a.m.
Chief, Communications Security Establishment
I believe that the Heartbleed virus incident happened before my time at CSE. It was back in 2014, I believe. I would have to get back to the committee on the actual date.
10:10 a.m.
Conservative
Cheryl Gallant Conservative Renfrew—Nipissing—Pembroke, ON
To what extent does the CSE monitor the dark web?
10:10 a.m.
Chief, Communications Security Establishment
Our cyber-activities and cyber-defence activities are critically important to the Government of Canada. Mr. Chair, I'm sure the committee can appreciate that it wouldn't be appropriate for me to get into our capabilities, methods, and techniques here.
10:10 a.m.
Conservative
Cheryl Gallant Conservative Renfrew—Nipissing—Pembroke, ON
Does the CSE track or monitor threats emanating from the dark net?
10:10 a.m.
Chief, Communications Security Establishment
Mr. Chair, as I said, we take our cybersecurity responsibilities very seriously, and we use a variety of techniques and tools, but from a national security perspective, it would be inappropriate for me to talk about our methods, capabilities, and techniques.
10:10 a.m.
Conservative
Cheryl Gallant Conservative Renfrew—Nipissing—Pembroke, ON
From the standpoint of the CSE, we're in the policy development stage of cybersecurity from a defence standpoint. Would it help the CSE to fulfill its mandate were Canada to adopt more than just a defensive posture on cybersecurity? What if we were to adopt an offensive posture? Would that be of assistance to the CSE?
10:10 a.m.
Chief, Communications Security Establishment
CSE is here to assist the Government of Canada both in terms of foreign signals intelligence and cyber-defence. There are two reviews. One is the defence review ongoing now, led by the Minister of National Defence. The other is the cyber-review, which the Minister of Public Safety and Emergency Management will lead. It's an interesting question that perhaps those reviews will consider.
10:10 a.m.
Conservative
Cheryl Gallant Conservative Renfrew—Nipissing—Pembroke, ON
Mr. Chairman, I would like to ask our witness to provide us with the date that the CSE first detected the Heartbleed virus or knew about it.
10:10 a.m.
Liberal
The Chair Liberal Stephen Fuhr
Can we get that reported to us after the committee meeting? If you could take that under advisement, we'd appreciate it.
10:10 a.m.
Chief, Communications Security Establishment
I'll take that down in my notes.
10:10 a.m.
NDP
Randall Garrison NDP Esquimalt—Saanich—Sooke, BC
Thank you, Mr. Chair, and my thanks to our witnesses for being here today.
I think we all recognize the important work that CSE does in protecting national security, but the very nature of your work also brings into question the other part of the dual responsibility of governance, and that is protecting civil liberties and privacy.
The question of metadata raises serious concerns for many Canadians, especially given the 2012 project that CSE seemed to have been running in partnership with the U.S. National Security Agency, which had to do with monitoring airport Wi-Fis and people's movements. The commissioner, as the review authority, recommended that CSE request a new ministerial directive on the use of metadata. He said that your mandate and your instructions were unclear.
Have you requested or received a new ministerial directive on metadata?