NDVA Committee Meeting
Notices of Meeting include information about the subject matter to be examined by the committee and date, time and place of the meeting, as well as a list of any witnesses scheduled to appear. The Evidence is the edited and revised transcript of what is said before a committee. The Minutes of Proceedings are the official record of the business conducted by the committee at a sitting.
For an advanced search, use Publication Search tool.
If you have any questions or comments regarding the accessibility of this publication, please contact us at accessible@parl.gc.ca.
STANDING COMMITTEE ON NATIONAL DEFENCE AND VETERANS AFFAIRS
COMITÉ PERMANENT DE LA DÉFENSE NATIONALE ET DES ANCIENS COMBATTANTS
EVIDENCE
[Recorded by Electronic Apparatus]
Monday, October 29, 2001
The Chair (Mr. David Pratt (Nepean—Carleton, Lib.)): I'd like to call to order this meeting of the Standing Committee on National Defence and Veterans Affairs.
We're very pleased today to welcome some guests from the Communications Security Establishment. We have Mr. Keith Coulter, the chief, Mr. David Akman, director of legal services, Ms. Barbara Gibbons, director general of corporate services, and Mr. Simon Gauthier, deputy chief, information technology security.
Mr. Coulter, in light of the events of September 11, as you may know, we're doing a study on the whole issue of counter-terrorism. We're hoping to be able to compile a report very soon for the minister's attention and for the attention of the finance committee, leading up to the pre-budget discussions. So we're very interested in getting your comments, as yours is an organization that has recently received some additional funding.
Mr. Coulter, you have the floor.
Mr. Keith Coulter (Chief, Communications Security Establishment, Department of National Defence): Thank you very much, Mr. Chairman. I have a short opening statement, and I hope we can address all your questions in the time that's available to us afterwards.
[Translation]
Thank you for inviting me to appear before this Committee today. I welcome the opportunity to discuss CSE, the Communications Security Establishment, with you.
Let me begin by saying that I am new to the organization. I assumed the position of Chief of CSE just twelve weeks ago. But in the course of those twelve weeks, I have developed a very strong sense of how important CSE's work is, and how professionally it is carried out.
Since 11 September, I have had the opportunity to see CSE perform under crisis conditions, and I want to assure the Committee that Canada has been well served by the tireless efforts of this organization since that historic date, as it has been well served during other times of international tension and crisis for well over half a century.
[English]
CSE is Canada's national cryptologic agency. Historically, we have called ourselves code-makers and code-breakers. That description is a bit dated in this era of global information infrastructure, but much of what we do can still be generally understood in these terms.
Code-making and code-breaking are not two solitudes. Those who protect communications from interception by others, obviously, have much to share with those who provide valuable information by exploiting the communications of others, and vice versa. Canada, like many other countries, takes advantage of this fact by consolidating these responsibilities in a single organization. In Canada that organization is CSE. The motto on the official CSE badge reflects this dual mandate: “Providing and protecting information”.
CSE now also carries out a third set of activities. It provides technical and operational assistance to law enforcement and security organizations. CSE may, for example, assist with the decryption of communications these organizations have collected under their own authorities. It may also provide advice and training, and in some cases share equipment.
So there we have the three elements of CSE's mandate: foreign intelligence, information protection, and assistance to law enforcement and security agencies.
• 1535
Let me share very briefly a bit of CSE's history. CSE
was established as an organization 55 years ago. With
the approach of the Second World War, signals
intelligence became a very urgent requirement, and the
Canadian government responded by establishing what is
known as the examination unit, under the auspices of the
National Research Council, to produce intelligence from
intercepted radio signals.
In 1946 the government established Canada's new national cryptologic centre by Order in Council under the name Communications Branch, National Research Council. At the same time, spurred on by the Gouzenko revelations, concern was developing for the security of government communications. It was natural for the communications branch of the National Research Council to take on a new communications security mandate to go with its signal intelligence responsibilities.
In 1975 this organization was moved by Order in Council to National Defence and was renamed the Communications Security Establishment. CSE has been a separate employer within National Defence since that time, and it remains an organization managed and staffed by civilians.
[Translation]
As Chief of CSE, I report to the Minister of National Defence through two Deputy Ministers. The Deputy Clerk, Counsel, and Security and Intelligence Coordinator is accountable to the Minister for CSE's policy and operations. The Deputy Minister, National Defence, is accountable to the Minister for administrative matters relating to CSE.
Let me say a word about resources. CSE has a budget of about $106 million and a workforce of about 1,000 people. As you know, it has received in-year supplemental funding of $37 million as part of the Government's efforts to ensure adequate resourcing for the fight against terrorism.
CSE maintains close partnerships with other Canadian government organizations, including CSIS, the RCMP, the Canadian Forces Information Operations Group and the Office of Critical Infrastructure Protection and Emergency Preparedness.
CSE also works very closely with international partners, the US, the UK, Australia and New Zealand. Canada is a net beneficiary of this arrangement. We receive substantially more from this collective intelligence pool than we contribute.
[English]
Let me look in a little more detail at CSE's foreign intelligence and information technology security programs. I'll start with foreign intelligence.
CSE gathers foreign intelligence by targeting foreign entities abroad. These can be individuals, they can be organizations, they can be states, but they are never Canadians. We never target Canadians. CSE does not direct its collection against anyone in Canada, nor does it target Canadians abroad.
The government uses the foreign intelligence CSE produces to help understand a very complicated world. CSE's intelligence product informs decisions, contributes to the development of our foreign policy, and helps to protect the security of our country and our citizens. As you can imagine, government intelligence requirements changed dramatically at the end of the Cold War. They have changed again in the wake of the September 11 attacks. Intelligence against terrorism is now our overriding priority at CSE.
• 1540
At the same
time, we are dealing with dramatic changes in
communications technology. To appreciate the extent of
these changes, we have only to look at how we ourselves
communicate. For many of us mailing a letter to a
friend and using a pay phone are things of the past.
They have been replaced by the Internet and by wireless
technology, such as cell phones and blackberries.
Maintaining a leading edge understanding of the global
information infrastructure is CSE's core strength. As I
am sure you can appreciate, maintaining that expert
understanding is not an easy task. Indeed, in today's
communication environment, anything can be anywhere.
For CSE staying on top of this dynamic technology
environment is a challenge that surpasses anything
we've been called upon to do in the past.
In this complex environment, CSE's current legal framework constrains its ability to meet the transnational threat posed by terrorism. Bill C-36, currently under consideration by Parliament, thus aims at ensuring that CSE has the tools it needs to address today's problems. Let me explain.
CSE only targets foreign entities located abroad. That's a very important thing to understand. We do not target anything but foreign entities abroad. That's the case under the current legal regime, and that will be the case with the adjustment to the legal framework proposed in Bill C-36. Under the authorities it now has CSE can only collect information when two foreign entities abroad communicate. If, however, a foreign target abroad, such as a terrorist organization, communicates with somebody in Canada, CSE is currently prohibited from intercepting these communications. This is because under the Criminal Code a private communication is defined as one that originates in Canada or terminates in Canada. It does not matter who is communicating or how they are communicating. If the communication goes into Canada or comes out of Canada, CSE is not allowed to intercept it. Thus citizenship is not the issue here, geography is.
Under the current legal framework, if a terrorist in Afghanistan is communicating with someone in Pakistan, CSE could intercept that communication. If, however, the same terrorists are communicating with someone in Toronto, CSE is prohibited under the current regime from intercepting that communication. Let me be clear. Under the new regime CSE would still not target the individual in Canada. CSE cannot do that now, and it would not be authorized to do that under the new legislation. However, if this terrorist located in Afghanistan communicated with somebody in Canada, this legislation would give CSE the authority to follow that communication into Canada.
This authority is crucial in the fight against terrorism, because such a conversation may well be the first indication we have of a terrorist link to Canada. The limitation that now exists creates a serious gap in Canada's intelligence capacities. It is a gap that, amongst our allies, is unique. Our key partners, the United States, the U.K., Australia, and New Zealand, already have legal frameworks in place that allow them to collect this kind of intelligence. Our inability to do what they can now do makes us a weak link in our collaborative intelligence efforts against terrorism.
Bill C-36 thus contains an amendment that will address this gap. CSE will continue to target only foreign entities abroad. The amendment specifies very clearly that CSE will not be able to direct its collection at Canadians or any person in Canada. However, with the written authorization of the minister, and under very strict conditions outlined in the legislation, when a legitimate foreign intelligence target communicates with someone in Canada, CSE will be able to intercept that communication. This amendment thus represents an important enhancement of CSE's ability to collect intelligence on terrorism.
[Translation]
The second part of CSE's mandate is protecting the Government's electronic information infrastructures.
As with foreign intelligence, CSE works within a serious limitation in this part of its mandate.
CSE may not now monitor the technical data on Government computer systems and networks that communicate with Canadians, although such monitoring is an indispensable tool in assessing the vulnerabilities of networks.
• 1545
The proposed amendments would authorize CSE to perform more
effective monitoring of our computer systems and networks. This
role will become ever more critical as the Government moves closer
to making its services available on the Internet through
"Government On-Line".
[English]
Whenever interception of communications is considered, the protection of the privacy of Canadians must be first and foremost. CSE's current operating procedures reflect this paramount priority, and to ensure this is the case, CSE operates under a very effective regime of oversight and review. We are accountable, as I said earlier, through two deputy ministers, to a minister, so we have political direction and oversight. In addition, officials from the Department of Justice examine CSE's planned operations in advance of their implementation to ensure their lawfulness.
The government appointed Mr. Claude Bisson, a former chief justice of the Quebec Court of Appeal, as CSE commissioner in 1996. His mandate is to review CSE's activities to determine whether they are in compliance with the law. In five annual reports the commissioner has found that CSE's operations fully comply with the law.
CSE is also subject to review by the Privacy Commissioner, who in 1996, in an audit, found that CSE was in total conformity with the Privacy Act.
The safeguards that accompany the proposed new authorities have been designed to ensure that protecting the privacy of Canadians remains paramount. The minister must be satisfied that strict conditions are met before he can authorize the interception of communications that go into or out of Canada. Those conditions are outlined in the legislation itself, and include the condition that there will be no use or retention of any of this information unless satisfactory measures are in place to protect the privacy of Canadians. To accompany CSE's new authorities, the commissioner's own mandate has been outlined in this legislation and has been strengthened to include the review of activities carried out under any ministerial authorization.
[Translation]
I have tried to give you an overview of what my organization does. I know you will appreciate that I can provide very little detail on how it does it.
I must emphasize that, since the events of September 11, CSE's focus has been on improving its capabilities with respect to terrorism.
[English]
I have dealt at some length with the amendments to the National Defence Act in Bill C-36 because the enhanced capabilities that are authorized for CSE in this amendment will be extremely important to our counter-terrorism effort. They will bring CSE's authorities into line with those of our closest allies and assure them of our commitment to remaining an active and contributing member of our close intelligent partnership. They will allow us to more effectively protect our computer systems and networks, they will enable CSE to help protect Canadians abroad and our citizens at home, and they will help ensure that Canada can make an effective intelligence contribution to the international campaign against terrorism.
Thank you, Mr. Chairman.
The Chair: Thank you, Mr. Coulter.
On behalf of all of the committee members present, I would like to thank you for that very interesting presentation.
Mr. Benoit, seven minutes.
Mr. Leon Benoit (Lakeland, Canadian Alliance): Thank you, Mr. Chair. Good afternoon, and welcome all.
Mr. Coulter, you took great pains throughout the presentation to say you are not targeting Canadians. Then you get to page 5 and you say:
-
Under the new regime the CSE
will still not be targeting an individual in Canada... However,
if this terrorist in Afghanistan communicated
with someone in Canada, this legislation would give CSE
the authority to intercept that communication.
So after going to great lengths to say you are not targeting Canadians, you are saying that under this new legislation, in fact, you could target Canadians. It won't be based on citizenship, it'll be based on a terrorist from some other country communicating with someone in Canada. Would you consider that to be a major change in the mandate of the CSE?
Mr. Keith Coulter: As to the use of the word targeting, I would respectfully submit that we are aiming at something. We're aiming at a foreign entity abroad, that is what we're targeting, and nothing else. We're trying to find out what they're communicating about, who they're communicating with. Frankly, it's not an easy task to understand all the linkages in terrorist networks abroad, but that's what we're trying to find out.
Mr. Leon Benoit: But of course, as you said in your presentation, you can follow a communication from a terrorist abroad to someone within Canada.
Mr. Keith Coulter: Right, but that is not a matter of targeting. The focus of our antennae, if you like, is on the entity abroad, and what we're talking about are communications connecting with that entity abroad coming from Canada or to Canada.
Mr. Leon Benoit: But doesn't that change the mandate in a substantial way?
Mr. Keith Coulter: It doesn't change the mandate. We're still collecting foreign intelligence, and that's the same mandate we've always had. So as we frame the mandate for CSE in this legislation, there's absolutely no change. What it would do is give us an area of information gathering we have not had before. It would be a very small-volume, but highly significant area, because it would allow us to understand any terrorist linkages to Canada a lot better than we do now.
Mr. Leon Benoit: I'm not arguing that it's not a good thing. I think that is a good thing. I understand why it's necessary, and I fully support that. My concern is that this really does, I think, change what this organization does as it relates to the privacy of Canadians, and for that reason, I don't believe the scrutiny that is there under this legislation is good enough. The scrutiny that's there is the minister, and this is what the minister said at the justice committee last week. He said it's the minister, the Information Commissioner, and the Privacy Commissioner, who, by the way, have their hands tied now: if the Solicitor General so chooses, he can make any of this information unavailable to them. And this legislation doesn't say that an ex-judge will be appointed as commissioner for the CSE, but one may be. So that's the scrutiny that would be in place under this legislation.
CSIS, our Canadian intelligence service, has SIRC as a body that closely scrutinizes the activity of that intelligence agency. Why wouldn't we have a body like SIRC in place to provide proper scrutiny and accountability for the CSE?
Mr. Keith Coulter: Speaking from a CSE perspective, I think it's only appropriate for me to say that we will accept any oversight the Government of Canada decides to give us. But I would say that I feel extremely accountable, with the political oversight we have. We have the Justice lawyers looking at every single thing we do, the commissioner, not only with the review process now, but right in the legislation, being required to review all our activities in the area of any authorizations that would be given and to build his office capability to do that. That's right in the legislation, where he can get the legal help, the technical help, and any other help he might need. Then there's the outside review. We have a lot there. I would argue that it does add up to a fair regime of accountability, but if the government saw fit to give us a certain type of oversight process, we'd just engage with that and we'd welcome them in.
Mr. Leon Benoit: I guess there's not a security agency or intelligence agency anywhere that would like more government oversight.
I would suggest that all of these so-called scrutiny bodies that are in place now are too closely linked and could be controlled so easily by the minister and by the government that they don't provide a level of scrutiny and accountability that I think is proper. Again, I think a body like SIRC is far more in line. I realize that you can't say what kind of scrutiny you think your own agency should have, but wouldn't you agree that there are substantial changes in what your organization is allowed to do, because now Canadian citizens can be a lot more affected by the intelligence you gather?
Mr. Keith Coulter: The only Canadians who would be affected by the intelligence we gather would be people we had information on who met the standard outlined in the legislation concerning what is essential to national security, defence, and international affairs. Maybe this is putting it too simply, but terrorists in Canada would have a loss of privacy relative to what they have now, but not ordinary Canadians.
Mr. Leon Benoit: Again, it's without proper judicial process or anything that these people would be determined to be terrorists. I agree that you need a lot of leeway, but I also think there has to be the proper scrutiny. So what I'm trying to establish is just how serious this change is, how it may affect even a few Canadians or people in this country.
The Chair: Mr. Coulter, you're going to have to save that answer for the next round for Mr. Benoit, because his time has expired.
Mr. Bachand.
[Translation]
Mr. Claude Bachand (Saint-Jean, BQ): Thank you, Mr. Chairman.
Mr. Coulter, this afternoon I sent you - I don't know whether you have seen it - an official letter asking you to give me a tour of CSE, something I am still interested in. I hope you will answer my request promptly, because I would very much like to visit your centre.
Mr. Keith Coulter. I can give you an answer at once. The answer is yes.
Mr. Claude Bachand: Very well.
Mr. Keith Coulter: As you know, we are currently extremely busy, and so we must choose a date that suits both you and CSE.
Mr. Claude Bachand: Very well. Thank you very much.
[English]
The Chair: Perhaps, Mr. Coulter, that invitation could be extended to the entire committee.
Mr. Keith Coulter: I undertook in the justice committee to look at what kind of program, Mr. Chairman, would make sense for parliamentarians, and it is our intention, as soon as we get some breathing space—and I do have people that haven't even had half a day off since September 11, as I'm sure the committee can appreciate—to put together a program for interested parliamentarians. We'd welcome you with open arms. We're proud of what we do. We can't give briefings on every little grinding detail of what we do, but I think we could put together the kind of program that would interest a number of parliamentarians.
The Chair: Mr. Bachand, that won't come off your time.
[Translation]
Mr. Claude Bachand: Thank you very much. I hope that in the preamble to your kit you will point out that this was done on the initiative of the Bloc Québecois.
Coming back to your presentation, Mr. Coulter. You are authorized to intercept electronic communications between terrorist countries, but an increasing number of people are saying that you will now be authorized to intercept within Canada, and they are not happy about that. They say that the private life of Canadians will no longer be respected.
I was thinking about that this week. I don't know if you are going to discuss this during our visit. You said you are currently mandated to intercept correspondence or communication between two countries. Is there a list of terrorist countries on which you are concentrating? I suppose you have nothing to gain by listening to what's going on between Great Britain and France. Can you begin by answering that question? At this time is there a list of countries targeted for electronic surveillance?
[English]
Mr. Keith Coulter: Yes. We have an intelligence priority setting process that we go through annually, with occasional updates along the way. September 11 updated our priorities rather dramatically and very quickly, putting terrorism so far ahead of everything else that it was unmistakably the highest priority. Obviously, we cannot make the results of such a process public, because it's about what we're targeting and what we're doing, but there is a very formal interdepartmental process.
• 1600
We get more
suggestions than we can accommodate, because people
want information about things.
When you look outside our border, the world is a
very complicated place. It's hard to
figure out what's happening, what's important, and
what's real. What we try to do is sort through
everybody's requirements from the client departments
and
set intelligence priorities through an interdepartmental process,
whereupon those are taken before ministers and
before an interdepartmental committee on security and
intelligence, which the Prime Minister chairs.
They're agreed upon each year, and we follow those
priorities.
[Translation]
Mr. Claude Bachand: All right, I understand you are unable to give me the list of countries.
I will now ask you a question that may require input from your legal advisor. I see Mr. Akman, your Director of Legal Services sitting next to you. I imagine he will be able of help.
You say it is not a question of citizenship, that geography is the important thing. There is a question that has been bothering me this week and that I would like to ask. I hope you will be able to give me an answer. When a country is on your list, is that country's embassy here, in Canada, included?
[English]
Mr. Keith Coulter: I have to answer for my organization, that's what we're here to do. We are in the foreign intelligence business, and we look abroad, completely outside our borders. What we're talking about is a very specific authorization to follow a communication, say, if it's coming into Canada. If it's a terrorist organization, that's a separate matter, but we look outside, that's what we do, we don't look inside.
[Translation]
Mr. Claude Bachand: Yes, but...
Mr. Keith Coulter: May I continue?
[English]
We're not the only agency in the Government of Canada. If you look, for example, in the CSIS Act, you'll find in section 16 that CSIS has responsibilities related to the collection of foreign intelligence inside Canada. So it's another organization that would have to speak to that. Do you want to say anthing, David?
Mr. David Akman (Director, Legal Services, Department of National Defence): I think the answer to your question is that embassies in Canada are not foreign for the purposes of this act. We're talking about location within the country, whatever is located within the country. This doesn't give us any power to do anything in Canada.
[Translation]
Mr. Claude Bachand: Yes, but based on my concept of geographic area, I have always considered that, if I was invited to dine at the American Embassy, I was in the United States. If I was invited to the Embassy of Syria for dinner or supper, I was on Syrian soil. Am I wrong? Do you not share my definition of an embassy?
[English]
Mr. Keith Coulter: The prohibition on our intercepting communications comes from section 184 of the Criminal Code, and the definitions are in section 183. The definition of a private communication relates to in Canada or any person in Canada, so anything within that, whether it's an embassy, the residence of someone who's a foreigner, or a hotel room of a foreigner, anything in Canada is out of bounds. The only agency that can do any intelligence within Canada related to foreigners or anything is CSIS. That's just not our game, it's not what we do, it's not what we think about, not what we act on.
The Chair: Thank you, Mr. Bachand.
Mr. Wilfert, seven minutes.
Mr. Bryon Wilfert (Oak Ridges, Lib.): Thank you, Mr. Chairman.
Through you, first, the difficulty, obviously, for the government and for Canadians is to strike a balance between freedoms we enjoy as Canadians and security. You've indicated that since September 11 terrorism has become your highest priority. My question is, what priority did it have before September 11, given the fact that international terrorism has been with us for at least two centuries, and we have seen an escalation of what we have identified as terrorist states, whether it be Iran or Iraq or Syria or Libya? We have been aware of terrorist activities, terrorist cells, or sympathizers of terrorists in Canada, and yet it would seem that on September 11 the entire intelligence community, in the United States in particular, was completely caught off guard by what occurred.
• 1605
So I would ask you first if
you can explain or elaborate a little more, when
you say it's become the highest priority, what was
happening before. And what goes into this new approach
in heightened intelligence gathering? I'm
sure most Canadians before September 11 had never heard of
your particular branch—maybe that's good news—but on
the other hand, I think Canadians are now far more
interested in what it is you're doing. So I'd ask
that first of all.
Mr. Keith Coulter: I think with what I would call a shift of gears, it was significant. Terrorism was one of our priorities. It's a matter of how you weight the effort you put into things. We've got a limited number of people, a limited number of computers, a limited number of resources in various forms that we can devote to various things, and there were competing priorities.
I always like to look ahead. September 11 was a very big moment for North America, for the world, and it spoke loudly to the intelligence community about what it needed to do in regard to immediate and longer-term priorities. The immediate priority when something like that happens is to train your system on the problem, and I think we did an awful lot in the early days, not looking behind us at what might have been and what kind of weighted effort might have made a difference and prevented September 11, but looking ahead. We knew we had to produce information and intelligence that would help the Government of Canada understand what had happened and what it needed to do. That's been our focus since September 11, dealing with that as our highest priority.
I think it's going to require long-term strategies. To be very clear, I think my organization believes to a person that we have to be in this for the long haul. It's not going to be the kind of thing where we can gather a little intelligence and send the right people to the right places to fix it. As my counterpart in the United States says, this is not a crisis, this is a campaign, it's for the long haul.
We're working through it. It has implications in respect of the authorities we need, the major one being that we're presenting in the legislation. It has partnership priorities. We've got to get all of our partnerships right to get this done properly, with the RCMP, with CSIS, with others here in Ottawa, and with our partners internationally. We have to resource it properly, and we're looking at that. We're in discussions already for the long-term resourcing that will be needed to have an effective counter-terrorism campaign.
I know that's a bit rambling, but we looked at the immediate term as focusing completely on the problem, and now we're working through the longer term.
Mr. Bryon Wilfert: I realize that when you're driving, you don't want to have your eyes fixed on the rear-view mirror, but those who don't learn from history, as we know, are doomed to repeat it. There seem to have been so many ebbs and flows in international terrorism. Even of late, with regard to the embassy bombings in Tanzania and in Kenya in 1998-1999, there was an immediate response, as there was again with the issue in Yemen. Yet we seem to have been lulled back again. I think it's important, whether it's our intelligence gathering community or that of our allies, to ask why these gaps were there. If you don't know what the problem was, it's pretty hard to fix it. Clearly, you're suggesting that under Bill C-36—and I would concur—one of the tools as outlined will provide assistance with the gap you mentioned that our allies don't have, which is important.
• 1610
Regarding the work you do, the
resources you have, the resources you've said
you require, how do we evaluate the
situation so as to know what it is we need to do
to move forward, to make sure
you're putting the right materials in place, so that we
don't have a repeat of that? There are, again, concerns
that there
could be repetitions or other variations. It's very hard to
deal, I realize, with terrorists who don't play by any
rules. We're trying to play a civilized
game in a very uncivilized atmosphere.
The Chair: Mr. Coulter.
Mr. Keith Coulter: I have no difficulty with anything you've said. We're working through it. I don't think there's anybody in intelligence organizations around the world who has in their hand the perfect answer to this one. It's a step-by-step, iterative process, and we're learning as we go. We're learning a lot about what we might have done before September 11, as well as how we can do better and what we need to do now.
Obviously, there will be a lot of books written on this—twice the number of casualties on American soil as at Pearl Harbour. The books are being written. People will look in the rear-view mirror. I and my organization can't afford to do that right now. We're flat out trying to make a difference by looking ahead and getting it right. Part of that is connected to what didn't happen before September 11—it has to be. The fact that we're coming up with new ways and new ideas is a revelation to us that this wasn't something we couldn't have done a year ago, say.
The Chair: Thank you, Mr. Wilfert. Thank you, Mr. Coulter.
Mr. Stoffer.
Mr. Peter Stoffer (Sackville—Musquodoboit Valley—Eastern Shore, NDP): Thank you, Mr. Chair.
Sir, you mentioned you have about 1,000 employees. In the estimates you have a budget of around $100 million to $106 million, with an additional top-up of $37 million. That means about 45% of the budget is for salaries. Do you have enough money to do the job you think is effective? I know every department says it could use more resources, but to do what the Canadians are asking in a secure society, do you have the resources to do your job effectively as we speak?
Mr. Keith Coulter: Over the last several years we've held our own, but we haven't had big increases in resources, it's been fairly constant and steady. We would like more. We feel we're an organization that's trying to make a difference, and we'd like to be resourced in a way that would allow us to do more.
I think as we move forward here on the terrorism issue, we will be putting the case—we already are putting the case at the bureaucratic level, and it will advance to the political level soon—that certain things need to be funded. We'll see where that goes. It's in competition with other very pressing things. Some of the organizations we work most closely with, including CSIS, also have the same sort of situation, where in doing more to make more of a difference, you need more resources. So all of that is coming forward now. I'm going to make, as strongly as I can, the case for resources in certain areas, and undoubtedly, I'll be given a serious hearing in all the decision-making fora.
Mr. Peter Stoffer: Sir, you also indicate in your report that the object of CSE is not to target Canadian citizens or permanent residents within the borders of Canada. What happens in a situation, say, such as that our Solicitor General recently called the container boy business? What if that person ended up on the shores of Canada and you knew this was an illegal alien within our borders who was communicating with the technology he is reported to have had, a laptop, a cell phone, etc.? If you picked that up, would you be able to utilize that information, or would you have to pass it off to another agency?
Mr. Keith Coulter: By definition, anybody inside Canada is treated the same. We can't target their communications. So even if we knew, in your example, that somebody had just arrived inside our twelve-mile limit, there are other agencies this would be passed off to, the RCMP or CSIS, depending on circumstances. We would not continue to try to do any work regarding the communications of that person.
Mr. Peter Stoffer: We have the RCMP, we have the armed forces, we have you folks, we have CSIS, we have all these departments. The question is, what's the thread that links them all together? If container boy ended up on our shores and you knew about it, would you pass that information on and would it be a seamless transition? As Mr. Wilfert said, it appears, at least through the media, that with all the greatest intelligence in the world, the United States was caught flat-footed and completely off guard. They have some of the latest equipment, the most well-trained people, their alliances with Israel, France, around the world, and yet they were caught off guard.
So I'm just checking. There seems to be a bit of a bureaucracy built up in the intelligence service. Is it, or is it going to be corrected so it is, a seamless transition, where information can flow from one department to another much faster than now, where, again, Canadians can feel secure that their tax dollars are well spent and that agencies such as yours have the resources to do the job and move that information quickly, to make the appropriate arrests or apprehend certain people in this field?
Mr. Keith Coulter: I think the short answer is, yes, we provide foreign intelligence to those agencies. If there's a threat to Canada and we see it coming, we pass that information to those agencies. They act on it as is consistent with their own authorities. That's our bread and butter, looking outside Canada's borders and trying to interpret what's going on, trying to predict. Part of that is predicting things that are coming our way, and that information is automatically provided to the relevant agencies.
Barb, do you have anything to add to that right now?
Mr. Peter Stoffer: He put you on the spot.
Mr. Keith Coulter: I did. I put her on the spot.
Ms. Barbara Gibbons (Director General, Corporate Services, Department of National Defence): It woke me up.
You've heard us say we target only outside the country. Right now, if this person were within Canadian borders, we would never even get that information. That's the problem. We have measures in place to preclude our intercepting that kind of information. That's exactly why we're asking for this kind of legislation.
Mr. Peter Stoffer: Okay. But I'm just picturing a scenario where this person's on that container ship, 300 miles off the coast of Canada, and you pick up that information. A week later, he's in Halifax harbour. You're saying you're just going to stop that?
Ms. Barbara Gibbons: No. When he's 300 miles away, and if we've got that information, that's passed to the proper authorities here.
Mr. Peter Stoffer: Okay. Very good.
Mr. David Akman: For clarification, we're looking at foreign intelligence, and if we know of alien smuggling coming in, we will pass that information to the relevant law enforcement or security intelligence agencies,
Mr. Peter Stoffer: That's fairly seamless, right?
Mr. David Akman: If we have it.
The Chair: Mr. Stoffer, your time is up.
Mrs. Wayne, seven minutes.
Mrs. Elsie Wayne (Saint John, PC/DR): Thank you very much, Mr. Chairman.
Mr. Coulter, you stated in your presentation that you work with CSIS, the RCMP, Foreign Affairs, and Citizenship and Immigration. The information we have received is that back in 1999 CSIS was aware that there were 350 terrorist groups in Canada. These 350 terrorist groups were foreign people. Did they deal with you at that time? Were you working with CSIS and the RCMP and the others with regard to those groups? And why have we not done something about these groups?
Mr. Keith Coulter: CSIS is the lead agency for that. We support them by providing foreign intelligence. There are a lot of things that are foreign-to-foreign communications that we're able to understand and provide as an information base to CSIS, which helps them do their job. These 350 terrorist groups in Canada comprise a huge part of their job. But we can help them more with the authority we're seeking in the legislation. Instead of just doing the terrorist communications abroad, we would be able to follow that into Canada, to make that linkage, which is right now, as Barb has said, something we have to technically defeat before we ever acquire it to comply with the laws of Canada. So if we have that, I think we can paint a better picture for CSIS of whatever terrorist groups are in Canada and which ones really have the most harmful plans.
Mrs. Elsie Wayne: The concern I have is that knowing in 1999 we had 350 terrorist groups in Canada, instead of giving CSIS the tools to do what they had to do, they laid off 750 people. If we knew in 1999 we had 350 terrorist groups in Canada, why weren't we all working together? I would ask, Mr. Coulter, how come your group didn't come forward? If you needed an amendment, we should have got it through for you in 1999, so that you could do what you had to do and work with the rest of them to make sure these terrorists were picked up in Canada and something was done with them. We wait until it happens in the United States, and then we do this, but we have a problem right here in Canada that has to be addressed.
Mr. Keith Coulter: The short answer to the question is that in 1999 this authority would have been very helpful towards understanding these terrorist networks and what they're up to. But you can never rewind and say, would that have been the critical thing that would have made a difference? It certainly would have been helpful in understanding the groups in Canada.
We are where we are. We're going forward. This is the moment I think we have to capture the right way, and that's what we're trying to do, bringing forward something that would be acceptable to Parliament and Canadians. I think we are in a different environment that way since September 11, because people have seen those dreadful images, and they'll linger a long time, now they see what is possible. If I had been sitting here two years ago, I don't know whether I'd have got the same audience.
Mrs. Elsie Wayne: How does CSE work with sister organizations in the United States, the United Kingdom, Australia, and New Zealand? In what ways are you proactive, rather than reactive, and what new things are you doing since September 11 with regard to those countries?
Mr. Keith Coulter: It is truly a remarkable partnership we have with those countries. We are highly regarded, seen as capable, seen as contributing partners. As I said in my opening statement, we get more information and other things from this partnership than we give back, but that's true of the other partners as well. The United States is obviously the biggest of those partners, it has a huge contribution to make, but everybody else has a unique piece that they contribute, and everybody's contribution is appreciated. It's a really well-functioning partnership.
• 1625
We're all going through
this exercise where we're trying to get
the right strategies in place for the long term
concerning
terrorism. About a week and a half ago I spent a
couple of days with the National Security Agency in the
United States, and I had very serious meetings with
different parts of the organization, as well as with my
counterpart. They're going through the same
thought process, the same regrouping process, the same
refocusing process, trying to get their formula
right to deal with terrorism better. And we're helping
each other. We're having the kinds of meetings where
we're sharing ideas as well as
information on just how you tackle this thing. How
do you do it most efficiently? What technology will
help us the most? What's the right formula?
So we're at that level, and we're working
very closely with those partners on this.
Mrs. Elsie Wayne: So you feel the amendment in the bill will give you the tools to protect Canada and Canadians better than the system at the present time can?
Mr. Keith Coulter: It's one element we absolutely need. It is not the only thing we need. We talked about resources here earlier. Mr. Stoffer talked about partnerships. We've got to get those right. Anything less than perfect is unacceptable. We've got some work to do there. We're working on it. We're working more closely with CSIS, for example, than we have at any time in our history. It's heartwarming to see the way people are working together. We've exchanged people, and we have a little task force that's driving ideas on this. CSIS has contributed a person to that. It's an excellent growing partnership.
So there are more things. There's the authority, there are the partnerships, and there's the resourcing. All of that will add up, I hope, to something Canadians can be very proud of as contributing to this global effort.
Mrs. Elsie Wayne: Thank you.
The Chair: Thank you, Mrs. Wayne. Thank you, Mr. Coulter.
Mrs. Gallant.
Ms. Cheryl Gallant (Renfrew—Nipissing—Pembroke, Canadian Alliance): Thank you, Mr. Chairman.
With Internet routers forwarding transmissions from country to country, it can take quite some time until the originating server is traced. How can the CSE know unequivocally that interceptions are not Canadian-based?
Mr. Keith Coulter: The short answer is, we don't know. Right now one of our issues is that we have to be able to technically demonstrate that both ends of a communication are foreign. It's only when we can demonstrate this that we can acquire a communication. So there are communications where we know one end is foreign, but we don't know what the other end is, and even those we do not currently acquire because we would be breaking the existing law.
Obviously, if we have the authority to be focusing on a foreign target, a terrorist group, say, in a communication to Canada, we'll also be able to pick up the unknown end. That will be an additional thing. Almost all of that will not be Canadian. Our practices have been developed over time, with lawyers looking over our shoulder every step of the way and with the oversight, to where we have a very careful approach, so as not to ever acquire a communication of a Canadian.
Ms. Barbara Gibbons: That is the basis of our dilemma right now, the fact that we have to know those ends are foreign before we can intercept. As you say, it's very difficult in a lot of cases to know how things are being routed. So we're precluded from that interception, even though we may be missing a number of things where both ends are foreign. The problem is, we would be in violation of section 184 of the Criminal Code if, in retrospect, it were proven that one end was indeed Canadian, even though we didn't know it at the time. That's why we can't do it at this point.
Ms. Cheryl Gallant: So if critical intelligence is inadvertently obtained, aside from this legislation, is there a protocol in place to have this information admissible?
Mr. Keith Coulter: What was your last word?
Ms. Cheryl Gallant: If you did inadvertently obtain information that at one end happened to be Canadian-based, if you didn't know it at the time, but it was later found out and it wasn't terrorism-based, is there a protocol in place to have this information made admissible?
Mr. Keith Coulter: It is deleted from all databases immediately. Not only that, we would build a better technical solution, so that we wouldn't acquire it again. I assure you we are very good at this, and our CSE commissioner cares about it a lot. We just don't make mistakes. If we ever acquire anything with a Canadian base, it is immediately grounded. This would be an inadvertent kind of thing, with communications moving out there. It's immediately deleted from all databases, and we go back to the kind of programming we've had in this area, we see there's something in here that's Canadian, the programming isn't good enough, and we fix that.
Ms. Cheryl Gallant: So you don't pass it along to the RCMP?
Mr. Keith Coulter: No.
Ms. Cheryl Gallant: Part of the CSE's mandate is protecting the government's information infrastructure. Citizens, as well as government, are now susceptible to electronic viral warfare. When the CSE develops a vaccine or a fix for a virus it finds, does it pass along that information to the private sector? And does it construct viruses in anticipation, in order to have fixes available when necessary?
Mr. Keith Coulter: Simon Gauthier, who is our deputy chief for information technology security, will answer that.
Mr. Simon Gauthier (Deputy Chief, Information Technology Security, Department of National Defence): We do not construct viruses for the purpose of assessing the security of the communications. We do, however, try to develop non-intruding or non-damaging techniques, so we can assess how secure these communications or networks or systems are. That's the last part of the question.
With respect to protecting the information infrastructure, our first role is to serve the Government of Canada. So our services, through a series of client service cells, are given primarily to the Government of Canada. The challenge we have now is that as more and more government services use the Internet, not only at the federal level, but also across jurisdictions, we're in a bit of a quandary as to where you stop that service. So in that context we err on the side of giving it away, rather than retaining it. We are the vulnerability experts in Canada. We aim at trying to achieve this position in respect of knowledge, techniques, and tools, and when it comes to protecting Canada's infrastructure, we don't hold back. We really try to serve Canadians at large.
The Chair: Thank you, Mr. Gauthier.
Mr. Simon Gauthier: And on your last point—
The Chair: Very quickly.
Mr. Simon Gauthier: We also rely heavily on industry as an arm whereby we can give out these services to others in government.
The Chair: Thank you, Ms. Gallant.
Monsieur Bachand.
[Translation]
Mr. Claude Bachand: Thank you, Mr. Chairman.
Last week, we were privileged to welcome Mr. Thompson of the Mackenzie Institute. He alluded to a "“Globe and Mail” article that I have been unable to find. When Mr. Thompson spoke to the American Congress, he mentionned that the CSE had serious security problems. I would first like to ask you, Mr. Coulter, if you have identified any of these problems.
• 1635
Secondly, you mentioned that you had over a thousand
employees. I suppose a terrorist organization would be very
interested in obtaining information from inside your organization.
You must conduct exhaustive investigations on your entire staff.
Can you solemnly swear that not a single one of the thousand or so
CSE employees would give information to a terrorist organization?
[English]
Mr. Keith Coulter: What I can say in response is that I'm confident we have good security, but I would also add that somebody in my position should never be overconfident. I have been, as I said in my opening statement, in position at CSE for 12 weeks. One of my early thoughts was that I would want some more analysis and comparative work done on the security of the organization. Some preliminary work is being done. It's part of my agenda and priorities to make sure we have full and adequate security, but I have no cause for alarm. There's no incident that's triggering my alarm. I just fundamentally believe that when you take over an organization, as I have, instead of easing into all the procedures and routines that have worked for many years, you ought to have a very critical eye and be very worried about how these kinds of things are done.
I should say that intelligence agencies around the world are also, as a result of the terrorist incidents of September 11, looking in a different way at their physical security. You're referring to, say, infiltration kinds of things, but there is also just the pure physical security of buildings and the people who work in them.
There's a whole array of issues there, and what I can tell the committee is that I'm taking nothing for granted and that part of my initial year will be ensuring, in my own mind, that we have everything possible in place to avoid the kinds of things you're referring to. But we have here the woman who's responsible for, among other things, security at CSE.
Ms. Barbara Gibbons: I would like to add that we have never in our history had a case of anyone in the organization providing information to a terrorist group. I wouldn't expect that to change now. I've been there a little bit longer than Mr. Coulter has, and I have confidence in the people who work in our organization.
[Translation]
Mr. Claude Bachand: I would like to know if you investigate each one of your one thousand employees. According to what you have said, Mr. Coulter and Ms. Gibbons, you are also in the process of reviewing your organization's security measures. If I have understood you correctly, Mr. Coulter, there are some security measures you want to re-examine as you have only been in the position for twelve weeks. You are working to tighten, fine-tune or change certain security practices in your own organization. Have I understood correctly?
[English]
Ms. Barbara Gibbons: As concerns the reliability of our personnel, they all hold the highest clearance. I think we're talking about two different things. One is a threat from within the organization, people divulging information, and I do not have a concern about that. We've got the highest level of security for every one of the people who work in our organization. That is not a concern.
Physical security is something we've been looking at since September 11. Frankly, it isn't something that most of us in Canada have felt we needed to be very concerned about before, but September 11 brought it home to us that we do need to be concerned on the security front. So physical security we are looking at.
The Chair: Thank you, Mr. Bachand. Thank you, Ms. Gibbons.
Mr. Wood, five minutes.
Mr. Bob Wood (Nipissing, Lib.): Thanks, Mr. Chairman.
Earlier in your presentation, Mr. Coulter, you said everybody is working around the clock. I'm interested in how the volume of work has increased since September 11.
Mr. Keith Coulter: One indicator is that the amount of data processed by the organization—which is working seven days a week now, rather than five—has more than doubled. That is an indicator of the devotion and dedication of the rank and file of the CSE, as much as it is of the fine tweaking of computers and a seven-day work week. People are just doing everything humanly possible.
I'm trying not to get emotional here, but it's an organization that's really trying to make a difference. It's flat out, and people are working their hearts out. They have more than doubled the normal output.
Mr. Bob Wood: Mr. Stoffer touched on this a bit earlier. The government has approved $37 million that was recently added to your organization. I understand about $6 million is going toward the purchase of new equipment for research and development. What about the rest? Is it going toward the addition of personnel to alleviate the workload?
Mr. Keith Coulter: No, it was for technology.
You go ahead, Barb, because you know that the best.
Ms. Barbara Gibbons: I happen to have it here.
It's mostly for infrastructure upgrades and equipment. We're looking at enhanced computing power for vulnerability identification—cyber threats—increased data processing, and storage capacity—and Mr. Coulter mentioned our volume has more than doubled—specialized tools for analysts—our in-year funding didn't allow us to project in terms of new analysts, but it did allow us to enhance their tool kits in order to make them more efficient—and upgrades to our IT infrastructure, as well, in order to handle the volume that we're looking at.
Mr. Bob Wood: If every country adopts the type of legislation that we talked about, pertaining to foreign Internet, is there going to be a guarantee anywhere in the world about confidentiality?
Mr. Keith Coulter: I'm not sure what legislation you're referring to.
Mr. Bob Wood: I'm talking about some of the legislation we're putting through, and I'm sure there will be other legislation in the United States and throughout. Is there going to be any guarantee?
Mr. Keith Coulter: Absolutely. The authority—
Mr. Bob Wood: How are you going to do it?
Mr. Keith Coulter: —we're seeking in this legislation is an authority that our partner countries—the United States, the U.K., Australia, and New Zealand—already have in place, and have had for quite some time.
In my mind, the issue of protecting privacy is a separate one. What we have to have in place are stringent standards and procedures, so that the privacy of ordinary Canadians, people who aren't connected to terrorists plots and whatnot, is absolutely protected. I think the legislation outlines a regime in which, only in very specific circumstances, the minister can authorize us to look at a communication when one end is Canadian, although we're targeting the foreign entity. We then have procedures in place so that this information is only used or retained if it's essential to national security purposes.
That's a really high bar. Anything else we acquired would be deleted from all databases, no records would be kept, and we'd have an independent review to ensure that was case. Reports would be tabled in Parliament and information would be provided to Canadians about it through Parliament.
If we had a problem, it would be a huge deal. If our commissioner tabled a report that said, whoops, CSE is no longer protecting the privacy of Canadians, I think there would be a public outcry—and there should be a public outcry. That's going to be an issue that I care about in practice, and one my organization will care about very much. We have to make sure we have in place the regime to protect the privacy that Canadians want, expect, and deserve.
Mr. Bob Wood: Before—
The Chair: Mr. Wood, your time has expired, unfortunately.
Mr. Bob Wood: Thank you.
The Chair: Mr. Stoffer.
Mr. Peter Stoffer: Thank you, Mr. Chairman.
• 1645
Sir, you had mentioned that you align yourself with
the U.S., U.K., Australia, and New Zealand. Wouldn't
you align yourself with our NATO allies, for example, in
the sharing of information? If not, why not?
Mr. Keith Coulter: Our closest partnerships are with those countries, and they date back to the Second World War. It's just one of those things that happened. It serves everybody's interests to be able to contribute and to work together in a very close partnership.
Canada is also part of NATO, and intelligence sharing does go on. The Canadian participants at NATO are people who have access to our products and information.
This intelligence business has various layers. We're talking about a very historic, close partnership with four other countries, and it is the closest—
Mr. Peter Stoffer: Would that include the country of Israel as well? They apparently have one of the better intelligence gathering systems in the Middle East, which has always been a hotbed of terrorist activities over the years. I would assume you would want to share as much information as possible with them.
Mr. Keith Coulter: We do not have a cooperative arrangement with Israel.
Mr. Peter Stoffer: Is that by design, or a result of just not getting around to it?
Mr. Keith Coulter: I'll check with Barb, but I don't think we've ever had one.
Ms. Barbara Gibbons: No, we don't have bilateral arrangements with anybody.
Mr. Keith Coulter: —with anybody else.
Ms. Barbara Gibbons: What we have is the partnership that Mr. Coulter mentioned—the one among the five countries—and the larger NATO sharing.
Mr. Peter Stoffer: You mentioned that the countries you talked about—the U.S., Australia, New Zealand, and the U.K.—already have this type of legislation. They've had it for a long time, and now we're just catching up.
Mr. Keith Coulter: There's one little wrinkle to that. They all have the authority in place. It's an executive order in the United States. The New Zealand government already has it by the equivalent of an executive order, but they have it currently under consideration in legislation. This is authority that they already have, and it is being enshrined in legislation, like our mandate would now be in legislation. But they all have the authority, absolutely.
Mr. Peter Stoffer: My last question is out of ignorance, if anything else. It seems to me that if CSIS does internal, domestic intelligence and CSE does external intelligence, wouldn't it be advisable or prudent to have it all under one roof? Instead of having to go across the street or down the road, you could just go down the hallway, where you and your counterpart in CSIS can share that information.
I say that because I find it amazing that Timothy McVeigh was not an Arab, a Muslim, or of any other distinctive nature, he was a southern American. If I was planning a terrorist attack and you knew about it, you just said that if I was a Canadian, all of that information would be deleted from your files. Surely to God you would at least tell someone that this Canadian in Nova Scotia might be up to no good. I would hope you would at least pass that information on, but our indications are that you don't.
Mr. Keith Coulter: We don't collect that information, so we don't pass it on.
Mr. Peter Stoffer: But if you knew about it, surely to God you would at least tell someone. I mean, to hell with the laws of the country.
Some hon. members: Oh, oh!
Mr. Peter Stoffer: I say that in—
The Chair: Mr. Stoffer, you're on your own on this one.
Mr. Peter Stoffer: Mr. Chairman, I most respectfully retract that last statement.
But if you knew I was up to no good, Mr. Coulter, surely you would pass that information on to someone.
Mr. Keith Coulter: I can meet the spirit of your thinking.
Mr. Peter Stoffer: I hope no one's watching.
Some hon. members: Oh, oh!
Mr. Keith Coulter: We collect foreign intelligence. If the intelligence that we collected said there was going to be something in the zone of an Oklahoma City bombing, we would obviously pass it on. We would do that. There was some discussion at the other committee as well about whether or not something criminal would meet the test of essentiality in the legislation. Our view and the lawyers' view is that the biggest things absolutely would, and they would be passed on.
Mr. Peter Stoffer: What about the combination of the two agencies?
Mr. Keith Coulter: The combination of the two agencies is a very interesting question. I'm not a machinery of government expert, so I can't tell you what the perfect formula is. However, I can say we would have to think that through extremely carefully. There are a number of considerations.
• 1650
First, as an agency, we work in close partnership
with the National Security Agency in the United States.
CSIS, of course, can work closely with the CIA. If
we merged our two pieces together, obviously some
parts of the new organization could do something like that,
but I'm just dealing with the machinery that we have
now.
I came to a job in which decisions have been taken about that machinery, and my agenda is a better partnership. My counterpart in the United States agrees with me that we need a better partnership. My counterpart in the U.K. agrees that we need a better partnership. I've spoken to Australia and New Zealand. I'll be getting together with them in the near future, and I know they will agree.
Within Ottawa, the people I talk to, including the director of CSIS, agree that we need to work on that partnership. We have to make it perfect, so that's my focus, that's my agenda. If the government decides to have a different kind of machinery, though, we'll work out the relationships in that new context.
The Chair: Thank you, Mr. Coulter.
Mrs. Wayne.
Mrs. Elsie Wayne: Thank you very much, Mr. Chair.
Mr. Coulter, I'm not going to say I'd be doing anything wrong that you'd have to look into, dear, so you won't have to worry about that.
Mr. Peter Stoffer: You are a Tory.
Mrs. Elsie Wayne: But I'm a good girl.
Some hon. members: Oh, oh!
Mrs. Elsie Wayne: Currently, the Deputy Clerk of the Privy Council and the Counsel and Security and Intelligence Coordinator are accountable to the Minister of National Defence for the operations of the Communications Security Establishment. We have the new cabinet committee on national security, and we have many standing committees meeting, as we are meeting today. Will the approach that we're using appear to be as strong as the approach in the United States, Mr. Coulter? The American approach has their new Office of Homeland Security and a complete overhaul of their system, which is a new structure to ensure communication, effectiveness, and rationalization of processes in order to counter terrorism. Will the process that we're putting in place in Canada be as strong and effective as the one in the United States following the overhaul they've just done?
Mr. Keith Coulter: As I mentioned, I was in the United States about ten days ago, and I got my briefings on how the homeland security thing is evolving. I may now be a little out of date, though.
In my mind, the evolution of that isn't certain. Tom Ridge has an enormous task ahead of him. A lot of traditional relationships exist there, and partnerships are being forged as we speak, as well. It's not clear to me exactly what the end state of all of that will be.
Here in Canada, it is my view—and I've been around Ottawa for enough years to have some reference points—that the security and intelligence communities have never worked as closely together. There is a lot of interdepartmental process, and people are forging new linkages and relationships that will help us in the long term. I would be very interested in what committees like this can recommend in terms of machinery and in terms of coordinating mechanisms and whatnot.
I believe Dick Fadden, the Deputy Clerk of the Privy Council, who you referred to, will be appearing before a Senate committee tonight at six o'clock to talk about coordination of all of this. That's his responsibility, not mine. I just try to play into it, driving as many good partnerships and good dynamics as I possibly can. I know these people are all partnership-oriented, and that's how we're approaching it right now.
Mrs. Elsie Wayne: I only have one other question, Mr. Chair.
• 1655
CSE is involved in assisting efforts to ensure that
the telecommunications and information technologies of
the Canadian government are secure. Given the
complexity of signals intelligence, could CSE
concentrate on this and leave information technology
security to an organization like the Office of
Critical Infrastructure Protection and Emergency
Preparedness?
Mr. Keith Coulter: It's a very interesting question, and my personal answer is that we can't go too far down that road. This provision of information and the protection of information are so closely related, and the code breaking and the code building are so closely aligned, that you need a centre of excellence around that. But that's it.
We don't have to do everything in that area. I think Monsieur Gauthier has a very good approach.
Do you want to address ITS a little bit, Simon?
Mr. Simon Gauthier: We do work very closely with OCIPEP, the organization that you referred to. The ad hoc division of effort has been one by which we focus on technology issues, trying to understand vulnerabilities, trying to understand electronic techniques and communication techniques, and they apply it to the Canadian infrastructure. That's the relationship we have in place now, and it has worked quite effectively.
The Chair: Thank you, Mr. Gauthier.
Thank you, Mrs. Wayne.
Ms. Beaumier.
Ms. Colleen Beaumier (Brampton West—Mississauga, Lib.): Thank you.
I don't begin to understand anything about technology, but I have a few problems. Frankly, I don't really buy everything I've heard—I don't mean from you, but all along in this whole problem.
We're hearing that you need new legislation in order to be more effective, that you need this equipment to be more effective. The big problem is that we know of at least twenty suicide bombers. I don't believe only those twenty people knew. Others had to have known. They had to have communicated by e-mail or by phone. What went wrong? If we can't figure out what went wrong, how can we possibly prevent anything in the future? We aren't talking about a sophisticated operation here. We're talking about bold people with exacto knives. The airlines have decided what went wrong in the air, but what went wrong on the ground prior to that? How can we fix it if we don't know what it was?
Mr. Keith Coulter: I think we have some ideas about what it was. We have some good ideas and some good information about things that happened prior to September 11, but we have no option but to focus on gathering every bit of evidence that we can. In a perfect world, it would be nice to call a time out, collect our thoughts, figure things out exactly, and do the perfect analysis of everything that might have happened before September 11. But it's not a perfect world. It just keeps chugging along, and terrorist organizations keep working at the second wave. We have no choice but to do everything we possibly can to gather information that can help decision-makers make the right decision.
This isn't easy stuff, madame, it's just really tough reality, so what we're talking about here is trying to gather information and create the right strategy around this stuff for the longer term. I'm very proud of my organization and team, and the way we're fighting our way through this in terms of trying to deliver operational products and engage the resource discussions and strategy discussions at the same time. We're here talking about legislation that we absolutely need. This has a lot of pieces, and we just have to keep working at it.
• 1700
I'm an optimistic person. I don't think there's
a bigger challenge that we could possibly face, but
I believe that, collectively, as organizations in the federal
government and around the world, we can get at
this problem far more effectively than we ever have in
the past.
Ms. Colleen Beaumier: I don't believe it was failings by your organization or by necessarily any Canadian organization. Perhaps the failings were in internal intelligence gathering within the U.S.
You say you can't gather information that originates or ends in Canada. We all know that with the Internet, you really can't determine where it begins or ends until after a period of time. A lot of this has been very confusing for me. Are most of these communications done in code? I see code makers, code breakers—
Mr. Keith Coulter: We're getting into a zone I'm not comfortable talking about on camera, but let me say it's a mix. We get encrypted material, and part of our job is to decrypt it. We also get ordinary communications that don't need decryption. It's a combination.
Ms. Colleen Beaumier: If you were to come across some vital information, not knowing either where it originated or where it was going, would you not do something with that?
Mr. Keith Coulter: We don't in the current regime, just to be clear, because it goes back to the previous question. We cannot acquire that communication unless we can prove both ends are foreign. If we had the authority, as specifically authorized by the minister, to acquire a certain type of communication even if one end of that communication is Canadian, then we would be able to do so, by logic, even if one end was unknown. We wouldn't have to make that proof that the other end of it was not Canadian.
The Chair: Thank you, Ms. Beaumier.
Monsieur Benoit.
Mr. Leon Benoit: Thank you, Mr. Pratt.
You keep repeating that you don't target Canadians; however, you will collect information on Canadians and will follow Canadians, so to speak, through the information collection and into Canada. At the committee meeting before, at your appearance with the minister before the justice committee—I think that was last week—you stated the CSE wouldn't require a warrant to pass information on if it was received through monitoring of communications, if you were passing it on to the RCMP. Mr. Owen seemed to contradict you when he indicated the CSE is not permitted to pass along information unless it is related to international affairs, security, and defence. Is that true?
Mr. Keith Coulter: Actually, I hope the record shows—I haven't read the transcript, but certainly I remember my end of that conversation—that he actually said much criminal activity would not meet that test, and I agree with that. It is the most serious...
If you look at CSIS, for example, there's a lot of jurisprudence around it. If you look at the CSIS definition of threats to the security of Canada, for example, it would include foreign-inspired activities detrimental to the interests of Canada. Again, that's a very high bar. What is detrimental to the interests of Canada is not detrimental to the interests of one Canadian, so it's a very high bar.
• 1705
Our position is that
if there were something that met the
very high test of national security, this legislation
would allow us to transfer that
information to other government departments if it was
relevant to their—
Mr. Leon Benoit: Without a warrant?
Mr. Keith Coulter: There is no warrant, because we're talking about a ministerial authorization regime. You can't get a judicial warrant around this stuff, so our position is now...
Since you're referring to the input of Mr. Owen, I believe he was just making an input, as I read the conversation. That's because in an answer to a previous question, I had framed it in a way in which you could say it applied more generally to crime. If I was being interpreted that way, then I'm grateful he asked his question, because his statement was that much criminal activity wouldn't meet this test. I absolutely agree. I would up it from “much” to “most”, but some would meet it.
Mr. Leon Benoit: In some cases, though, information collected on Canadian citizens could qualify and be passed on to the RCMP, to CSIS, to foreign intelligence agencies, is that correct?
Mr. Keith Coulter: Yes, some, but it has to meet that very strict standard or test.
Mr. Leon Benoit: Right, and even if it's information that had been collected here or collected somewhere through your network, there's really nothing determining how that information might be used when it is passed on to foreign governments. For example, if you collected information that would help the Americans put a case together to assassinate a foreign leader, that would be possible. You don't try to restrict the use of that information once it has gotten to a foreign intelligence agency.
Mr. Keith Coulter: If we sought an authorization, the information would be information that we would use in the Canadian government context. We'd be very careful. We would share intelligence products with our intelligence partners, but if there was information about somebody in Canada, I can't conceive of a circumstance in which we'd want to pass that raw information to the United States unless it was a threat to the United States.
Mr. Leon Benoit: But it could happen.
Now, if I—
The Chair: Your time has expired.
Mr. O'Reilly.
Mr. John O'Reilly (Haliburton—Victoria—Brock, Lib.): Thank you very much, Mr. Chairman, and thank you very much for attending, Mr. Coulter.
I wanted to follow along on the actual changes to the National Defence Act, because that's really the lane we should be focusing on in this particular committee. Bill C-36 deals with the minister's authority to act, and I wanted you to expand on that a little. Also, it would appear to me that due process has changed, and that some individual rights are going to be infringed because of ministerial authority.
As the second part of that question, obviously there's a disagreement even among the learned people in the committee system. One of our colleagues, Mr. Owen, disagrees with you publicly, in the paper, on whether or not what would happen would stand the test of the charter.
The other part of the question is that the act talks about monitoring or protecting—I'm not sure if it's one or both—government computer systems. I want to know just exactly how that takes place.
I wish you luck in trying to monitor the government computer systems. We can't get them to talk to each other, so I don't how you're going to monitor them. The Library of Parliament is on Apple, which you can't open in your office—and it's the only one, so they must have been giving away colour television sets that day or something. How do you possibly protect so many different systems within the government, because they are not all the same? The Industry system is different from the one at Foreign Affairs, and the one at Foreign Affairs is different from others. I can't figure them out, but I know very little about computers. I don't know how you're going to do that.
Anyway, those are my questions.
Mr. Keith Coulter: Mr. Chairman, it troubles me when this is characterized as an infringement on individual rights, because the whole implementation of this legislation is going to be around protecting privacy to the greatest extent conceivable around one new area of authority. We protect the privacy of Canadians. Public reports are issued on how well we're doing, and fortunately they're all indicating that we're doing well.
Sometimes, if you have a foreign-to-foreign communication, there could be a reference to a Canadian. We obviously have a very strict regime that the Privacy Commissioner of Canada, the CSE commissioner, and we ourselves care very deeply about. We're making sure no unwarranted infringement on the privacy of Canadians occurs, and we have a good record of doing that.
In what we're proposing here, we've built in all of the tests that would be required so that we get at terrorism. We talked about the huge international-crime kinds of things we could get at, like some ship heading toward our shores with unknown numbers of people, unknown intentions, and unknown whatever. We could pass that kind of information that might not be directly terrorist-related, but it might be international smuggling or something. But it's a very high bar. For anything that doesn't meet that test, we delete the information. It's taken out of our database. It's not used or retained, it's eliminated completely. We have also built a process in which there is independent review to ensure that this is the case.
My own view is that the only rights in play right now that will be infringed are the rights of a very few people when we need to know what they're up to because they pose a threat to the security of this country. The rights of ordinary Canadians are protected.
With respect to monitoring and protecting systems, we're talking about intrusion detection technology that only Simon Gauthier fully understands.
Simon, can you respond to the question of how we're going to protect the government systems, given the vast array of different, sometimes incompatible components and the Government On-Line dimension?
The Chair: Very briefly, Mr. Gauthier.
Mr. Simon Gauthier: We do not intend, sir, to constantly monitor all Government of Canada networks. As you said, that would be an impossible task. What this act would allow us to do, though, is develop solutions on real-life data, something we really didn't need to do when the Internet was not used to the extent it is today. It was possible to create many of the solutions in a lab environment. Nobody really controls the Internet. It is access technology that has been developed by the world.
We now have a need to develop solutions using what I'll call real-life data, something we currently cannot do without advising all users of the network. It's a chicken-and-egg thing. In not knowing who all the users are because it is the Internet, we have been prevented from being as efficient as possible.
The Chair: Thank you, Mr. Gauthier.
[Translation]
Mr. Bachand, you have the floor.
Mr. Claude Bachand: Mr. Chairman, I would like to make a comment to Mr. Coulter and Ms. Gibbons concerning employee security. We are surprised to learn that criminal organizations sometimes succeed in breaching and infiltrating major organizations thought to be completely secure. I can tell you that, in Quebec for example, organized crime managed to obtain information from Sûreté du Québec offices.
I don't know whether I can give you any advice, but it seems to me that it would be a good idea to set up an internal investigation department within your organization so that, if a complaint is made, the matter could be investigated.
• 1715
It seems to me like wishful thinking when you say you have a
thousand employees and no problem will ever arise. That was my
comment on an internal investigation department.
I would like to return to what Mr. Coulter said about being somewhat miffed that people could think the private life of Canadians was being threatened. In your presentation, Mr. Coulter, you said:
-
The CSE can also be investigated by the Privacy Commissioner, who
concluded in 1996 that the CSE conducts its activities in total
conformity with the Privacy Act.
I would like to remind you that, about a week ago, this same person said and I quote:
[English]
-
It could literally gut all the privacy protections
that Canadians now have.
[Translation]
He went on to say:
[English]
-
Now, the CSE could listen in on communications only
outside Canada, but the antiterrorism bill would allow
the interception of voice and electronic conversations,
in some circumstances, between Canada and abroad.
[Translation]
Perhaps this upsets you because you are well-intentioned but, as legislators, we would like to be sure there is not too great a threat to the privacy of Canadians and Quebeckers. There are all kinds of possible opportunities. The Bill specifies that the Minister may authorize all sorts of things, specifically interception. He can also authorize you to change your mandate. I would like you to comment on that.
Under section 3, the Minister may say that the Chief will change duties and mandate. He will be able to do this after the Bill is adopted. There is nothing that says he will do so within the context of the Act, and I hope this will be the case, but I find the Minister is given a great deal of authority, a great deal more authority. This is why a lot of people, including Mr. Radwanski, are asking questions. So are we.
I invite your response.
[English]
Mr. Keith Coulter: From the first part, on the way you're coming back at security issues, I know you understand the real world and that you know not everybody in the real world means good to people. Terrorist networks are out there, and we have to address this problem.
You said I was surprised. No, I'm not surprised people would say this infringes on personal rights. I think it's a very serious issue. So I'm not surprised, I'm troubled. This is a moment when I think we in Canada need to look at this differently. We need to realize that an intelligence organization like the CSE needs the same kinds of tools that intelligence organizations in our partner countries have, in order to work a counter-terrorism strategy that will make a difference over time, and in order to understand those networks, their linkages, and their relationships with Canada. We need those tools so that we can escape from further damage here in North America, and hopefully escape from ever having that kind of damage in Canada. So I think it's a very serious issue.
In many respects, I know my job is easier than that of parliamentarians. I can come forward and say I need this. I'll tell you now, here, on the record, that CSE absolutely needs this legislation if it's going to be effective over the longer term in contributing to the global effort against terrorism. We need this, but parliamentarians have to decide whether or not we have this power, or whether or not it is something we should not have when it's weighed against other things. That's why we have Parliament, and I'm glad we do.
The Chair: Thank you, Mr. Bachand.
Mr. Coulter, I'd like to ask you a question. One of the comments we've heard a lot since September 11 has been on the whole issue of the terrorists who were involved staying under the radar. That essentially means, of course, that they stayed out of the way of intercepts so that phone calls, faxes, and other types of communications like e-mails, could not be intercepted. Thus, the Government of the United States and other allied governments were not in a position to know what their intentions were. That leads to the whole question of the extent to which these people in the world of terrorism are operating.
• 1720
As I said, one of the comments that has come up is the
importance of human-source intelligence. I know there has
been a lot of questioning at places like the
CIA and the National Security Agency about once again getting the CIA
involved in more human-source intelligence.
As someone who is involved in signals intelligence, which is obviously an important aspect of foreign intelligence, would you say our foreign intelligence capability is lacking because we don't have that capability, we don't have an agency specifically designed to have human sources operating in various countries in an aggressive intelligence gathering manner?
Mr. Keith Coulter: Fundamentally, you want to get information from human sources as well as from signals sources, so I have no difficulty with the way you're framing the issue. But the human-source intelligence part is not my organization, as I know you know.
The Chair: Let me rephrase that a little bit, in terms of the question—
Mr. John O'Reilly: I'm sorry, Mr. Chairman, you're out of time.
Some hon. members: Oh, oh!
The Chair: We're keeping close track of that, Mr. O'Reilly.
Have any situations arisen in which you and your organization have said to yourselves collectively that it would have been really helpful if we'd had somebody on the ground to pursue that further in some manner or other?
Mr. Keith Coulter: That's not our mindset. We're following the communications and global information infrastructure, and we're trying to glean all the information we can off of that.
In terms of painting the picture, it's a better question for some of our clients and for the coordinating people involved in this, because our whole mindset is to try to drive the best signals intelligence information into the mix. I'm not getting very theoretical here, because it's just obvious that the more human-source intelligence you can drive into that mix, the better it's going to add up.
The Chair: Very quickly, there's obviously a lot of information flowing in cyberspace, and we have agencies cooperating in the U.K., the U.S.A., Australia, New Zealand, etc. Does Canada look after a particular niche of that information, or is there a lot of duplication in terms of the various agencies that are operating?
Mr. Keith Coulter: There's some of both. We have a unique perspective on things. We're a Canadian organization, and we follow Government of Canada priorities. Those other organizations that we partner with follow the priorities of their governments. We frequently find that we can share collection data, and we're able to use each other's data to our advantage. But everything we do follows the priorities set by the Government of Canada in its priority-setting process, and we'll share and partner internationally wherever it makes sense to pursue those priorities.
The Chair: Thank you.
Mr. Stoffer.
Mr. Peter Stoffer: Just very quickly, Mr. Akman, in your opinion, does what you are asking for meet the Charter of Rights and Freedoms that we know now? Would it pass a Supreme Court test?
Mr. David Akman: We think it will. If you go back to the actual legislation, tests are set out when the minister makes his authorization. Those conditions are found in proposed subsection 273.65(2), and they were put in specifically to deal with the charter. The charter protects against unreasonable search or seizure, it doesn't protect against a search or seizure. We feel that with all these conditions in there, the search would not be unreasonable if a Canadian got caught up in the web.
• 1725
If you look at the four conditions as laid out in
proposed paragraphs 273.65(2)(a), (b),
(c), (d), they say:
-
(a) the interception will be directed at a foreign
entities located outside Canada;
-
(b) the information to be obtained
could not reasonably be obtained by other means;
-
(c) the expected foreign intelligence value of the information
that would be derived from the interception justifies
it; and
-
(d) satisfactory measures are in place to protect the
privacy of Canadians and to ensure that private
communications will only be used or retained if they are
essential to international affairs, defence or
security.
This is the high bar that we can set.
The minister can also apply additional conditions at proposed subsection 273.65(5) of the legislation. He can add any additional conditions that he feels are necessary
-
to protect the privacy of Canadians, including
additional measures to restrict the use and retention
of, the access to, and the form and manner of disclosure
of, information derived from the private
communications.
So enough safeguards are built in that we believe that it would satisfy a charter challenge.
Mr. Peter Stoffer: Okay.
As my second-last question, you said we have alliances with the U.S., the U.K, Australia, and New Zealand, in terms of an agreement that we have. Does this mean that, the odd time, you may have to eavesdrop in their countries as well?
Mr. Keith Coulter: No, part of the partnership is that we do not listen. We do not target Americans. Americans don't target us. New Zealanders don't target Australians.
The Chair: Mr. Coulter, if I may pick up on that question, is that the aspect of the agreement that's called “friends on friends”?
Mr. Keith Coulter: We don't call it that. We just say we don't target each other.
Mr. Peter Stoffer: Sir, are you saying that, with all its fears after September 11 and regardless of whatever alliances or friendships we have with each other, if the United States suspected terrorists were in Canada and the Americans had the ability to monitor those terrorists' activities, they wouldn't monitor those activities, or that they don't?
Mr. Keith Coulter: They will not now... we have to be careful here. This is a partnership of agencies, not governments. We are talking about the National Security Agency in the United States. It is one to of the partners to this agreement, and it does not target Canadians.
I have people who work down there. The Canadian Forces Information Operations Group has people who are integrated right into the structure. We therefore know they don't target people inside Canada, but they are very busy targeting stuff abroad.
Their rules allow them to follow communications in the United States. In targeting a terrorist group in Afghanistan, if they had a communication from that foreign target into Canada, they could follow it. That's the authority we're asking for. It would be similar to theirs.
Mr. Peter Stoffer: Mr. Chairman, I find that rather surprising. Mrs. Wayne said earlier that 350 terrorist cells were identified in this country in 1999. We could argue the numbers, I guess, but recently we've been hearing about fifty terrorist cells acting in Canada. I find it astonishing that it is being indicated that the United States, through the National Security Agency, wouldn't want to or doesn't monitor the activities of those people within our Canadian borders, with or without Canadian government or CSE permission.
Mr. Keith Coulter: The only monitoring that they would do is monitoring that targets outside, if those communications were to link into these groups.
Mr. Peter Stoffer: Outside Canada?
Mr. Keith Coulter: Yes.
Mr. Peter Stoffer: So if there is a terrorist cell in Montreal, like Ahmed Ressam's, for example, after that story... They caught him at the border. That's one example of a person getting through and then being caught, but only at the border. Obviously, they must assume—at least, I would assume, Mr. Chair—or know more people like him within the Canadian border are trying to gain access into the United States. I would only assume they would want to have that type of information. If they can get it, they'll get it.
Mr. Keith Coulter: But just remember that the agency responsible for collecting information on terrorist groups in Canada is not CSE, and in the United States, it's not NSA, the National Security Agency. I think you're following something that is a CSIS concern, and they would partner with somebody else in the United States. You'd therefore have to talk to the director of CSIS about the mechanics of what is shared and what is not.
Mr. Peter Stoffer: So it may be another agency, then.
Mr. Keith Coulter: As I say, it's really important to know that this is a foreign signals gathering intelligence partnership, not a wholly complete picture of the intelligence information flow between Canada and the United States.
The Chair: Mr. Stoffer, thank you very much for those questions.
Mr. Coulter, thank you very much for you answers. They have been very forthcoming. And we certainly appreciate the involvement of your team members, if I can call them that, in responding to questions as well. Hopefully we'll have an opportunity to have you back in front of the committee again sometime—although maybe not too soon—to pursue some of these issues.
• 1730
Thank you very much for your testimony today.
Mr. Keith Coulter: Thank you, Mr. Chair, we'd welcome that.
The Chair: We're adjourned.