Public Safety Committee on Feb. 6th, 2018

Is it up to me to start?

Thank you very much, Mr. Chair.

Good morning, everybody.

Thank you for the opportunity to appear before you today to discuss Bill C-59. I will focus my presentation on two main areas. The first part will lay out SIRC's high-level response to the bill. In the second, I will offer a few suggestions for improvements to the language of the bill based on SIRC's experience in this area.

This is a positive time to be working in the area of review and accountability for intelligence in Canada. Not long ago, I was here to discuss the creation of a committee of parliamentarians in the context of Bill C-22. I'm here again, this time to discuss the government's proposal to create the National Security and Intelligence Review Agency, or NSIRA. I will use this abbreviation. I hate using those acronyms of NSIRA, NSICOP, SIRC, CSARS, etc., but we have to. I will go on with NSIRA, which will be responsible for reviewing intelligence and national security activities across government.

Indeed, as included in the bill before you, NSIRA is to review any activity of CSIS or CSE carried out in any other department or agency that relates to national security or intelligence and any other matter related to national security referred to it by the minister. This will bring a dedicated national security review of the type that SIRC has been doing for more than 30 years to a large number of other departments and agencies, including in particular the CBSA and the RCMP. This will answer the gap that so many, including SIRC, have commented on over the years.

The recently created National Security and Intelligence Committee of Parliamentarians, or NSICOP, has been added to the proposals respecting the new intelligence commissioner. Together the three entities will represent a substantial change in the accountability system for intelligence in Canada.

I will just take a minute to describe for the committee the mandate and responsibilities of the Security Intelligence Review Committee, or SIRC. I will stress that SIRC is an independent external review body that reports to Parliament on CSIS's activities.

SIRC has three core responsibilities: to carry out in-depth reviews of CSIS's activities, to conduct investigations into complaints, and to certify the CSIS director's annual report to the Minister of Public Safety and Emergency Preparedness. In essence, SIRC was created to provide assurance to Parliament, and by extension to Canadians, that CSIS investigates and reports on threats to national security in a manner that respects the law and the rights of Canadians.

SIRC has discharged its mandate faithfully over its history, and it has had an impact. This was demonstrated most recently by the Federal Court of Canada decision of October 2016 that confirmed SIRC's long-standing practice of assessing the lawfulness of CSIS activities, including how CSIS applies the “strictly necessary” threshold to its collection and retention of information, which is one element that is all over the place now. Through its review work, SIRC contributed to high-level discussions on the type of intelligence that CSIS can collect and retain, as we see in the dataset provision of Bill C-59.

But the legislation makes clear that the National Security and Intelligence Review Agency, or NSIRA, is an entirely new entity, to be created—not from SIRC or the Office of the CSE Commissioner—but from a desire to push the accountability agenda forward in Canada. SIRC and the Office of the CSE Commissioner will be dissolved when NSIRA is created.

SIRC, along with its partners and counterparts in the review community, have long called for change of this nature that will break down the silos that have hampered review for so long.

When the decision was made in Canada more than 30 years ago to create SIRC, it represented some of the best, most forward thinking at the time on accountability for intelligence. But this is a new era, with new challenges for accountability. Canada has an opportunity to again fashion itself after the best of thinking on accountability, taking into account the important experience of others.

The parliamentary element of accountability means designing a committee of parliamentarians, which, I imagine, you already know. I am pleased that the government did not stop at the creation of NSICOP and has included equal attention to expert review.

Internationally, we can see our allies similarly adding substance to the review and oversight structures responsible for national security. In the U.K., there is the new Investigatory Powers Commissioner's Office. In New Zealand, there has been a doubling of the size of its inspector-general. In Australia, expanding the size and remit of its inspector-general for intelligence is actively being discussed as we speak.

Canada's deliberations on accountability are happening at a time when there has been a shift in thinking on accountability for intelligence agencies, translating into expectations among the public of greater transparency. To that end, one of the great strengths of the bill is the provision that allows for the agency to issue special reports when it decides that it is in the public interest to report on any matter related to its mandate. The new agency will issue these reports to the appropriate minister, who must then cause them to be tabled before each House of Parliament.

This will allow the new agency to signal a significant issue to the minister and the public in a timely way. SIRC is not currently able to do this, and it has been a limitation for SIRC in its ability to present the results of its work in a timelier manner. In light of the government's recent statements regarding transparency, this is an important provision. At the same time, we note that there are no provisions in the bill requiring CSIS to issue a public report to match the requirement of CSE in this regard. In the interests of transparency, SIRC views this as an important gap that SIRC puts to the committee to consider in its deliberations.

The proposed legislation makes clear that SIRC and its experience will be central to what is coming. The transitional provisions clarify that, at the coming into force of part 1, SIRC members, of whom I am one, are to be continued as NSIRA members for the remainder of their term. In the majority of—

Okay, well, I will run now.

What do these proposed changes mean for SIRC in the immediate? We have proposed some amendments that are not major. You have them in writing, and I encourage committee members to look at them. I will answer any questions you may have on that subject.

We will of course continue to review the activities of CSIS to ensure those activities are compliant with Canadian law and Ministerial Direction. As soon as we become NSIRA, we will promptly put the necessary mechanisms in place with the 17 or 18 new organizations that are under review.

All those organizations will be called upon to have MOUs with NSIRA to address the issue of how the review will be done; it's obviously a little early to address this.

In closing, we are very happy with this new bill that will cover...I wouldn't say “requests”, which is too strong, but what was discussed many times in the past over the last few years. Personally, having been involved for many years in national security, I will say that it will be very good to have all organizations and institutions in the Canadian government together being able to share their information and, I would say, to have better service for Canadians regarding national security.

I will stop at that and be available for questions.

I'm going to take less than 10 minutes. If I could, I'd just like to make five points.

First, if I were a member of the House—and I'm well aware that I'm not—I would have quite happily voted yea at second reading. I think this bill goes a long way toward simultaneously dealing with security issues and concerns as well as charter and legal rights concerns.

I do say “dealing simultaneously”. People talk about balancing the two. I don't think they need to be balanced. Each is so important that they have to be dealt with as stand-alones and then adjusted as necessary.

I think this is the case because the bill endeavours to respond to one central issue that it should address, and that's the level of threat faced by Canada and its allies. Otherwise, there's no reason to make changes. The only reason we have these agencies and their review capacity is that we're facing a variety of threats in the areas of terrorism, espionage, foreign interference, and cyber-activities.

In these areas, I think it's fair to say that our adversaries remain committed to pursuing their activities against Canada and our allies here and elsewhere. It does not take a great deal of effort, I think, to see how a rebalancing of the world's power relationships is adding considerable instability to the world and offering opportunity to our adversaries, states and non-states alike, and I think we're only beginning to get a grip on cyber-threats. I think the additional authorities proposed in the bill, along with the new arrangements for review, reflect this not-so-brave new world.

I only have one specific concern that I wanted to raise concerning the provisions in the bill that relate to the proposed intelligence commissioner. My concern is not really about the security and rights balance, if I can contradict myself; rather, it's a machinery-of-government or accountability issue. The bill proposes to give the commissioner final say about a number of CSEC and CSIS activities, which in my view should be the responsibility of ministers of the crown and not that of an appointed official. Giving a former judge, however eminent, responsibility for the legality of some activities is one thing—and a good thing—but surely “reasonableness” should be the domain of ministers and of the officials for whom they are responsible.

In practical terms, if something goes wrong in the future, and whether this House or the Senate or a royal commission looks at this issue, it seems to me that the veto proposed to be given to an appointed official will make it too easy for the minister of the day to escape accountability. I say again that this is not a security issue, and I raise this issue because as a concerned Canadian I think we should have considerable respect for the fundamental principle of our unwritten constitution, which is that ministers, not appointed officials, are accountable for delicate and sensitive things.

Under the current arrangements being proposed, you will have the agencies, the public safety department, the Department of Justice, the minister, and then an appointed official, who may or may not know anything about national security, determine in the final analysis whether in these variety of activities they can move forward. Having a former judge as a commissioner to determine legality is fair ball. While it's entirely lawful for Parliament to do this, it seems to me that it is fundamentally changing one of the principles underlying our system of government to give such a fundamental veto to an appointed official.

I'm going to stop there. I have a variety of views on some other parts of the bill. Should you have any questions, I'd be happy to try to answer them.

Thank you, Chairman.

Yes. Thank you, Chairman.

I generally agree that the authorities that are being proposed for CSEC are a good thing. I would put it somewhat differently. Monsieur Boisvert said that a good defence involves an offence. I would say that in the area of cyber, it's actually difficult to distinguish offence from defence and that, for example, you can sit in Canada and build up firewalls. That's purely defensive, and we're doing that now. Is it actually offensive, when you know somebody's about to come in and do you damage, to try to do something about it? I would say that's still in the realm of defensive, although it's in a grey area. “Offensive” would mean actually going out with a plan and a strategy and trying to do damage to somebody else.

At an absolute minimum—and I agree with the bill—you need to give CSEC the capacity to move outside Canada and to take some positive steps. I'd also note that I agree with Mr. Boisvert. All of our close allies have been doing this for some time, and we've been subject to some under-the-radar criticism for not being able to do it. I would also note that because the authority exists doesn't mean that it will be used blithely.

However, I think one of the great challenges of the day is cyber operations and cyber-activities, and we need to have this, I think, to defend ourselves, using the word “defence” in the broadest sense.

I don't agree with that. I think that under international law, states are restricted in what they can do to other states, but there's a big exemption to that. One of those exemptions is self-defence, which is defined very broadly. I think most of what would be envisaged under the provisions that we're talking about would fall under the exemption in international law relating to self-defence. Technically speaking, it may be hacking, but it's hacking that's necessary, I would argue, for national security.

I think that's rather more difficult. I was about to say that they could use existing powers, which enable them to try to protect federal institutions. The big difficulty in dealing with cyber, of course, is identifying where the problem is coming from. It may seem simple, but it is in fact very difficult, and in most cases anybody trying to affect elections uses cut-outs.

You will have read as well, as I have, what is believed to have happened in respect of the last U.S. presidential election, and it took about a year before they had some reasonable assurance that it was the Russians.

I'm not sure I would use the offensive capability to protect our elections, but I would use that grey area of defensive moving into offensive if we can identify where it's coming from.

Broadly speaking, I would, although we have to acknowledge that it's often done under the cover of religion. A lot of people use the tenets of Islam to justify what they want to do. I fundamentally believe that a large chunk of the Muslim world believes that they're under attack by the west.

I had some research done once to find out the last time a non-Muslim country was attacked by the west. Do you what country it was? Grenada. Every other significant military effort undertaken by the west—read: often the United States—has been against a Muslim or a quasi-Muslim country. You can understand why I argue that they do feel under attack. If you add that basic sort of gut-level reaction to everything that's on the Internet, in the cyberworld, and whatnot, they do feel threatened.

That said, religion is often used as a cover.