Evidence of meeting #89 for Public Safety and National Security in the 42nd Parliament, 1st Session. (The original version is on Parliament’s site, as are the minutes.) The winning word was c-59.

A video is available from Parliament.

On the agenda

MPs speaking

Also speaking

Stephanie Carvin  Assistant Professor, Norman Paterson School of International Affairs, Carleton University, As an Individual
Alex Neve  Secretary General, Amnesty International Canada
Craig Forcese  Professor, Faculty of Law, University of Ottawa, As an Individual
Wesley Wark  Professor, Graduate School of Public and International Affairs, University of Ottawa, As an Individual

10:25 a.m.

Prof. Wesley Wark

Let me just respond very briefly to this, Mr. Dubé.

I think one thing that's not entirely clear in the legislation is.... My understanding would be that any extension of a current authorization would only occur at the request of what is now called the chief of CSE, a title that part 3 of the bill might want to omit and change, incidentally. I think it would be much more comfortable. It's an offensive and archaic title.

However, the authorization would occur at the request of the CSE head. As Craig indicates, these ministerial authorizations are for broad categories of activity. We're talking about a continuity of effort.

I think probably what was in the minds of the drafters in this regard was that they wanted to ensure, again, the difficult balance between sustaining ministerial accountability and responsibility and the powers of the intelligence commissioner. From my perspective, I would prefer to see that balance maintained rather than giving an additional power to the intelligence commissioner in this kind of circumstance.

10:25 a.m.

NDP

Matthew Dubé NDP Beloeil—Chambly, QC

Okay. Thank you.

Moving backward to an earlier section of part 3 of the bill, proposed section 24 is one that I'm particularly concerned about. There are a few elements that I want to get to. I want to skip ahead to proposed subsection 24(4) because it does mention information acquired incidentally, which was something that was raised in your remarks. Proposed subsection 24(4) says:

The Establishment may acquire information relating to a Canadian or a person in Canada incidentally in the course of carrying out activities under an authorization issued under subsection 27(1), 28(1) or (2) or 41(1).

Are there sufficient safeguards beyond these vague notions of privacy for that kind of information being collected through the course of CSE's activities?

10:30 a.m.

Prof. Craig Forcese

Essentially proposed subsection 24(4) constitutes that, for greater certainty, it is possible legally for the CSE to acquire information incidentally in the course of its properly authorized foreign intelligence and cybersecurity conduct. That incidentally acquired information would presumably then be pulled into the retention rules and how you're supposed to govern that information. There are provisos about protecting the privacy of Canadians.

The other aspects of proposed section 24 are a little bit different. If you'll forgive me, I'll just comment on those. The other ones allow the service—notwithstanding the general admonishment that it's not supposed to direct its activities at Canadians or persons in Canada—to overcome that barrier for certain limited reasons, for research, for instance.

The issue then for me is what happens to the personal information that might be acquired over the course of that authorized conduct. How is that information going to be dealt with? Is there a requirement that it be expunged or be deleted, if done for research purposes? Are there other safeguards in place?

10:30 a.m.

NDP

Matthew Dubé NDP Beloeil—Chambly, QC

Lastly, very quickly to both of you because I'm on my last minute here, I'll just go to another part of the bill on the metadata or the datasets, depending on your preference—that seems to be the synonym, more than anything, but....

I tried to ask the director of CSIS about issue. It seems unclear to me in what way it will parse through...because its operations will be authorized, it seems to me, in a more general way. The way it chooses to retain doesn't necessarily seem to be subject to the same kind of scrutiny. It's not going to be piece by piece of the information, but rather this sort of general collection of datasets.

Am I misconstruing that? I'm just seeking some clarity in my last 30 seconds.

10:30 a.m.

Prof. Craig Forcese

The classes of Canadian datasets have to be approved by both the minister and the intelligence commissioner. Then, if the service chooses to retain individual datasets, that retention is subject to court approval, and the court could impose conditions on queries and exploitation. The individual dataset, then, is subject to closer scrutiny by an independent judge.

The other aspect of datasets is that it's more than metadata. It doesn't have to be metadata; it can be content information.

10:30 a.m.

Liberal

The Chair Liberal John McKay

We're going to have to get a fuller response at some other date.

Mr. Fragiskatos, you have seven minutes.

10:30 a.m.

Liberal

Peter Fragiskatos Liberal London North Centre, ON

Thank you both for being here today.

You're both well aware of the ministerial directives that were issued by Minister Goodale in late September with respect to the use of information obtained by torture, but for the purposes of the record and for the millions watching at home on CPAC.... I'm sorry, that was a little levity.

The rules prohibit the use, by the RCMP, CSIS, and CBSA, of information that was likely obtained through mistreatment in three main areas, except when it is necessary to prevent loss of life or significant personal injury. Use of this information is prohibited if it could lead to further abuse or torture, and with respect to information obtained through torture, it can no longer be used to prevent risks to property.

These are directives. It's not legislation that we're talking about. Could you give us your thoughts on whether the directives are good enough, or do we need these principles enshrined in law? Obviously, if they're enshrined in law they will be harder for any future government to change.

10:30 a.m.

Prof. Wesley Wark

I'll begin. I think both Craig and I have commented publicly on the ministerial directives.

I would say first of all that the current ministerial directive that was recently released is a great advance on the original versions in 2011, which I think were very problematic in terms both of protecting Canada's duties and obligations under law and providing for security.

The thing that I think is most advantageous about the current directive is that it makes a distinction between what is often called “inbound” and “outbound” information, and it is particularly strong in trying to ensure that Canada is not complicit in acts of torture by sharing information with overseas bodies that might have a very poor record in that regard. This has been the source of many of our problems in the past.

With regard to inbound information, there is always the challenge of knowing exactly whether it was derived from torture. You can have your suspicions, but no foreign intelligence agency is going to tell you directly, “By the way, we got this from torture.” What the current directive provides for is the use of some kinds of information in very extraordinary circumstances, which probably are unlikely to arise in practice.

From my perspective, it's a good question whether this should be brought forward into legislation or regulation. I am pleased that it's in regulation and that the regulation is public. I think it is very important to have that ministerial directive in public. Insofar as it is in public, which is a change from past practice, perhaps that is good enough.

10:35 a.m.

Prof. Craig Forcese

In response to your question, yes, I would prefer to see it in legislation.

10:35 a.m.

Liberal

Peter Fragiskatos Liberal London North Centre, ON

Can you expand on that?

10:35 a.m.

Prof. Craig Forcese

It's for the reasons you've described. For one thing, it is embedded and more difficult to change. For another, in the past, ministerial directives were not always transparent. We know about only the 2009 and 2011 ministerial directives through the use of access to information. As a policy matter, the government is more proactively disclosing ministerial directives, but of course it would be nice to ensure that going forward there was always transparency in this area. Again, then, there's a transparency aspect.

10:35 a.m.

Liberal

Peter Fragiskatos Liberal London North Centre, ON

Thank you very much.

Mr. Wark, I want to quote a couple of things here.

This is a sentence from an article you wrote in The Globe and Mail shortly after Bill C-51 was introduced. You say, “Strengthened accountability may well be our best bet to ensure that new security powers are balanced against rights protections.”

After Bill C-59 was released, you wrote, “Canada may have restored its place in the world as it pertains to national security review and democratic controls, a place we gave up after 1984.”

This is a general question. I think it shows that Bill C-59 has made an important advance, but I wonder whether you could give us your thoughts on where we were and where we are now as a result of Bill C-59.

10:35 a.m.

Prof. Wesley Wark

Briefly I would say that once upon a time, going back to 1984 and the passage of the CSIS Act, Canada was a bit of a global leader in terms of providing for accountability for security and intelligence, albeit in a relatively limited realm. That was augmented when the CSE commissioner's office was created in 1996.

However, after that time I think we fell behind advancing practices among our counterparts, particularly our Five Eyes members. We didn't have across-the-board integrated review. We weren't covering many aspects of an increasingly integrated practice of intelligence and security. We had no parliamentary capacity to really dig into the classified information, which is the lifeblood of the security and intelligence system.

My view is that with regard to the creation of NSIRA, the intelligence commissioner, and the legislation that has been passed to create a National Security and Intelligence Committee of Parliamentarians, that package puts Canada, I would say, in a leading position in the world in terms of providing for accountability, in theory. Now we'll have to see how well it is actually put into practice. However, we certainly have the bones of a very impressive system for accountability, and now we'll just have to make sure we can make it work.

10:35 a.m.

Liberal

Peter Fragiskatos Liberal London North Centre, ON

Thank you.

With about a minute and a half left, I wonder if you could expand, Professor Wark, on what you said in your opening remarks about the consent that would be necessary from the Minister of Foreign Affairs for active cyber-operations. You said that you think this is a good idea. Could you go into that a little more?

10:35 a.m.

Prof. Wesley Wark

Sure. Very briefly, I think it's absolutely vital.

In an earlier draft of my remarks to the committee, I was going to cite some examples where additional eyes on issues like this might have been helpful. I'll just take advantage of this moment to say that “thanks” to the Snowden leaks, we know of some instances of CSE operations that probably needed more careful thought before they were implemented. I think the most egregious example was the operation in which CSE was involved. It was part of a Five Eyes operation to target the Brazilian Ministry of Mines and Energy, and it was clear from the prime minister at the time's comments on that operation, when it was revealed in public, that there wasn't any particular political scrutiny of that at a high level.

I think if we go into the realm of active cyber-operations, what we're talking about are taking some very sensitive operations against foreign targets, foreign states, and foreign entities of all kinds—adversaries. We'll be doing this in a Five Eyes context. We will have to be in a position to understand the likelihood of success or failure, and the possibility of what kind of blowback may occur from this, whether we're encouraging an escalatory spiral.

That was the reason I mentioned the Stuxnet attack on the Iranian infrastructure, which was designed to damage their nuclear weapons program, but resulted in the Iranians ultimately launching a cyber-attack on the Saudi Arabian oil industry. There is that escalatory blowback dimension of this, and I think the Minister of Foreign Affairs needs to be involved in terms of providing consent to give eyes to the international dimensions of what might happen if we decide to do this, to really give more eyes to the question of costs and benefits.

10:40 a.m.

Liberal

The Chair Liberal John McKay

Thank you, Mr. Fragiskatos. I suppose after 1984, Bill C-59 puts us in a brave new world.

Mr. Motz.

10:40 a.m.

Conservative

Glen Motz Conservative Medicine Hat—Cardston—Warner, AB

I have no comment about 1984.

As we know, you can't wrap regulations and ministerial directives together. They're not the same. We know that. With that in mind, do both of you believe that these regulations allow accountability and public record with the ability to be more nimble? Rather than having everything in the bill, is there some value in having some provisions that require nimbleness to be in regulations?

10:40 a.m.

Prof. Craig Forcese

Absent a specific suggestion in this bill, I don't know that I would single anything out as better embedded in regulation. Professor Wark and Professor Carvin this morning both mentioned that the concept of dataset is broadly clothed. If we were to define it rigidly in the act, then we may have a problem. However, we don't. We have an open-textured definition of “dataset” that's then subject to scrutiny by independent oversight entities. That's an example of flexibility. There's also the prospect of “exigent circumstances”, which the bill recognizes in several instances.

I don't see this as overly restrictive, and to a certain extent, I think a lot of these changes surface internal guidelines that the services have in fact employed. I think codifying it in legislation is actually important because it creates a sense that these are agencies that do comply with the rule of law that people are otherwise unaware of because these standards are opaque and buried in operational policies. I think that's important in terms of credibility.

10:40 a.m.

Conservative

Glen Motz Conservative Medicine Hat—Cardston—Warner, AB

Thank you.

10:40 a.m.

Prof. Wesley Wark

I would just add very briefly that probably the ideal thing would be to have a balance between legislative direction and regulation in detail. I think one of the things that Bill C-59 does in particular through its accountability provisions is to ensure that if that combination of legislative direction and ministerial regulation isn't working properly, that will appear in the kinds of review reports and reporting to the minister that the body will do.

I would also say that although this remains a work-in-progress on the part of the government, I think it will be very important to roll out as quickly as possible the government's commitments on national security transparency, what has sometimes been referred to as the transparency charter. Transparency is a second dimension to accountability that I think will help ensure that balance between legislative direction and ministerial regulation is effective.

10:40 a.m.

Conservative

Glen Motz Conservative Medicine Hat—Cardston—Warner, AB

Thank you very much.

Professor Wark, you had indicated at the close of your opening remarks that you didn't get a chance to explain what you believe isn't in Bill C-59. I'm hesitant to give you the floor to do that but nonetheless I'm curious to know what you think those might be.

10:40 a.m.

Prof. Wesley Wark

Mr. Motz, I greatly appreciate the opportunity. I'll be very brief on this. I think these are very important issues and of course no piece of legislation, as sweeping as it might be, is going to capture them all, but there's lots of work to be done to truly modernize Canadian intelligence.

I'll give you my short list—there's a longer list—and Professor Carvin referred to these things in a different kind of dimension. I think Canada needs a comprehensive national security strategy. We've only issued such a thing once back in 2004, and we need a commitment to updating it. I think that we need, crucially, because Bill C-59 in terms of new powers is all about collection, an integrated, properly resourced, centralized intelligence assessment function. This is one of the great gaps in the system.

I think—this is a subject for another debate—we need a dedicated foreign intelligence agency distinct from CSIS. We need to move forward, as I said, with the proposed national security transparency charter. We need a revision and an updating of the Security of Information Act, which was part of the old Bill C-51 and is now I think completely out of date. We need modernized access legislation, particularly to resolve issues around access to basic subscriber information. There's more but that's my short list.

10:40 a.m.

Conservative

Glen Motz Conservative Medicine Hat—Cardston—Warner, AB

In the final 30 seconds that I have left, could we ask as a committee that you would provide those to us in writing at your convenience?

10:40 a.m.

Prof. Wesley Wark

Absolutely. I will do that.

10:40 a.m.

Conservative

Glen Motz Conservative Medicine Hat—Cardston—Warner, AB

Thank you very much. I appreciate it.