] Canadian Association of Chiefs of Police, CACP, is to lead numerous efforts to promote coordination and collaboration amongst Canada's law enforcement community to address threats to national security. As part of these efforts, the CACP has implemented structures to help manage incidents and share information in support of a mutual goal to protect the safety of Canadians.
The counter terrorism and national security committee, which is part of the CACP, has a mandate to harmonize the work of Canadian police agencies throughout the country in identifying, preventing, deterring, and responding to criminal activities related to terrorism and national security threats.
This committee has five priorities or objectives: one, to “promote collaboration and integration among law enforcement agencies and with appropriate public/private security and intelligence partners”; two, to “improve ability to operate in a cooperative and integrated manner” with a view to addressing emerging trends with respect to counterterrorism and national security; three, to “develop processes and facilitate strong communication at all levels”, so at the municipal, provincial, and territorial levels; four, to “recommend legislative reforms”; and five, to “promote education and training in matters of counter-terrorism and national security”.
There have been a number of initiatives that the committee has worked on over the past year. I'm going to focus on three for today's presentation.
The first initiative is the provincial and territorial counterterrorism guide. This guide is designed to support the efforts in developing counterterrorism strategies at the regional, provincial, and territorial level.
There are 11 key activities within the guide that are focused on four key strategies. The first is to prevent individuals from engaging in terrorism. The second is to detect the activities of individuals and organizations that may pose a terrorist threat. The third is to deny terrorists the means and opportunities to carry out their activities. The fourth is to respond proportionately, rapidly, and in an organized manner to terrorist activities and to mitigate their effects.
The second initiative is the provincial and territorial integrated response structures. The co-chairs of the counter terrorism and national security committee have met with provincial and territorial chiefs of police across the country in an effort to encourage and develop an integrated provincial and territorial approach for each province and territory to investigate and respond to terrorist activities.
The third initiative is the subcommittee of the counter terrorism and national security committee, the countering violent extremism sub-committee, developed in August 2015. The subcommittee is focusing on building training material that's consistent, that addresses previously identified research gaps, and that has a built-in evaluation tool to determine the efficacy of the programs that we are rolling out.
Those are the three key initiatives.
Thank you, Mr. Chair. I'll continue.
Building on what Laurence spoke about in terms of harmonizing and working together as police agencies, from the federal agencies to the municipal agencies and the provincial in between, there are three major concerns for the committee to consider from the policing standpoint. There are perhaps many, but certainly three for your consideration: the terrorism peace bonds, the intelligence-to-evidence conundrum, and then encryption. I'll speak to them separately.
The terrorism peace bonds manage some of the threat posed to Canadian citizens but not all. They do help manage in some cases, but something to consider is that with the terrorism peace bonds there are conditions imposed. I can provide an example of an individual subject to the peace bond who is not permitted to use computers, or not allowed to access the Internet for a number of different reasons that I'm sure are obvious. There is no mechanism in place right now for police officers of jurisdiction to go in and ensure that the person is complying with those conditions, so that's something for consideration.
With respect to the intelligence-to-evidence conundrum, we know how the intelligence lives in one space and the enforcement piece lives in another space. It's my understanding, after talking to my colleagues, some more learned than I, who have been involved in this field for some time, that this discussion has been ongoing for more than 15 years in terms of how we can improve the speed, flow, and direction of this information so that we can share it in a quicker fashion. Incidents such as the Aaron Driver one made it very obvious to the policing field how fast information moves, and how fast it has to move in order to detect, deter, and ultimately deal with a threat nationally.
Something to consider is how that's going to happen. The 9/11 Commission was very clear on the fact that information needs to be shared amongst the different agencies. Police agencies right now do share a lot of information, but that's something for this committee to consider as this bill proceeds.
With respect to encryption, we've heard a lot south of the border as far as going dark is concerned. We've heard all these different terms, but encryption, whether it be in the hardware itself or with the use of applications that are encrypted end to end, poses a very difficult issue for policing and how to monitor people who would carry on criminal activity, whether it's for terrorism or for organized crime. We've seen a number of examples in our jurisdiction and throughout Ontario, and certainly across this country.
The important thing is that we must be focused on the principles and not the technology, and where an individual or group is using any form of communications to support terrorism or other designated criminal activity, this may be intercepted by specified authorities with the proper and appropriate judicial authority.
Laws regulating access to communication data would be, in principle, the same as those currently in place for other forms of telecommunication intercepts, companies ensuring data is available to access if required, warrants being issued by the appropriate authority, and then both time limits and regular scrutiny and review.
I throw that out to the committee to consider as we go forward and you talk about this bill. These are really the top three concerns that seem to spread generally across the policing community: the terrorism peace bond and the future of that, the intel-to-evidence conundrum, and encryption.
Thank you very much for your time.
That's a very good question.
I've had discussions with our colleagues at the RCMP throughout the province and nationally through this committee and then, of course, locally. I would suggest to you that this type of threat that we're seeing with terrorism, which a lot of people attribute to the watershed moment of 9/11, has really drawn on our resources. I know for a fact that whether it's the RCMP or whether it's locally, we've had to redirect resources from other things in order to address this ongoing and serious threat. Depending on world events, that's scalable. It moves up and down depending on what's going on in the world.
We've dedicated resources to counterterrorism and anti-terrorism, but have not been able to backfill or replace those resources behind that to deal with other, more traditional things, such as organized crime and other things that the police deal with, either within jurisdictions or federally.
Therefore, it is very much an issue and it's one of those things—to use the analogy, you can only spread the peanut butter so thin and then what happens when things start to fall between the cracks.
I'll turn it over to Laurence before I get on my pulpit.
On the heels of the chief's remarks, looking at it again, and from a municipal perspective, we're attempting to increase our number of secondments to RCMP E Division INSET unit. We currently have only two members seconded. We're going to three, but I would like to see that increase even more.
Within the Vancouver Police Department over the last six years, we've increased the number of files that my unit, which looks into counterterrorism and national security files, from 13 files to 268 files, without an increase in our staff. In fact, it's a decrease because, as Chief Martin pointed out, we're having other issues, like a regional gang war that's going on right now, so we're very much stretched to the limit. We are called upon, in the first instance, to look at potential bomb calls; anti-government remarks regarding ISIS or al Qaeda; suspicious circumstances, such as people taking photographs of critical infrastructure; and then individuals who are involved in terrorism or radicalism. We, as a police jurisdiction, will look at those files initially, and if they meet the threshold for national security, then they are forwarded to INSET.
We're doing a lot of the training ourselves, in-house, whether it's a counterterrorism information officer training project or Operation SECURUS, working with the private sector to train businesses to become familiar with what to look for in terms of potential terrorist threats.
That said, our relationship with INSET has probably never been better. It's just that we're all at our end—and I won't speak on behalf of the RCMP—spread very thinly.
On the point you just made, to prove a component of a threat to the security of Canada, we're looking at having to collect evidence that demonstrates the crime was motivated by political, religious, or ideological objectives within Canada.
The issue we have—and, again, you've appropriately noted it—is that investigators are looking at an offence that involves perhaps the murder of an individual. While there could be a national security component, the elements of that traditional offence for murder are met and that investigation is launched.
The other issue we're dealing with now, whether it's traditional crime, if you will, or national security or terrorism, is that we have the Jordan decision out of the Supreme Court of Canada that sets prescribed timelines from the moment a person is arrested and charged until they're convicted, so the clock is ticking for collecting evidence. If we have the evidence at hand to prove a murder charge versus having to dig deeper to collect the evidence for political, religious, or ideological elements of that offence, that poses a challenge, and then police have to make that decision. Of course, it's in discussion with the RCMP because of the nature of the act, but those are the challenges we face.
If I could just add one more thing, the additional challenge—
Thank you very much for inviting me to appear before you today.
Bill proposes complex and major updates to national security law. It would address several decisions of the Federal Court of Canada, and widespread concerns expressed about Bill in 2015.
The Canadian Bar Association generally supports the goals and structure of Bill as a positive change, modernizing the legal framework for Canada’s national security infrastructure and increasing transparency, oversight and review, features that have previously been lacking. Our comments and analysis of the proposals in Bill C-59 are offered in hopes of further improving the bill.
Our written submissions provide a number of specific recommendations and I would refer you to those for the more technical amendments we propose. I will use my time today to focus on two or three areas of broader concern.
First of all, we support the creation of the national security and intelligence review agency, the NSIRA. I just have a couple of comments with respect to it but in particular with respect to the mandate. While we commend the decision to avoid language that would unnecessarily restrict the agency's mandate, an overly broad mandate could hinder the agency's ability to focus and assess its performance against its mandate.
In the way that it's drafted now, the NSIRA has responsibility for broad review of any activity of “a department that relates to national security or intelligence”. “Intelligence” is a very broad term. It could include things that are done by anything from the Canada Revenue Agency to Fisheries and Oceans, police departments, etc.
“National security” is also problematic given the multiple definitions that we see in different pieces of legislation. In particular, we remain concerned about the SCISA, the Security of Canada Information Sharing Act, or with the amendments that we have today. The breadth of the definition of an “activity that undermines the security of Canada” in section 2 is still very broad and notably it's different from the definition in the CSIS Act of “threats to the security of Canada”. Having two definitions is not helpful. It's confusing and it doesn't provide a clear mandate for national security agencies and in particular for an oversight or review agency.
I would also note in passing that the amendment to the exception in section 2(2) of the SCISA is troubling as it actually substantially reduces the protection under the current version. Several legitimate political activities might be seen on their face as undermining the sovereignty or territorial integrity of Canada.
In the past, we've recommended that there be one coherent, clear definition of “national security” and we continue to be of that view. It's also unclear whether certain other activities fall under the definition of “national security” at all. For example, the Secure Air Travel Act, SATA, does not refer to national security and it's unclear whether the review of SATA activities would fall under the NSIRA or not. In other words, is this national security legislation? Does it fall under NSIRA?
The coordination of the work of the NSIRA with other review agencies is obviously key although we would note that there remain significant gaps in the review framework. The problem is particularly stark with the Canada Border Services Agency, and we've expressed concerns about this lack of independent review of the CBSA in several past submissions.
CBSA remains one of the largest law enforcement agencies in the country and has no independent oversight or review at all. This is not a role that NSIRA should take on although it does highlight the problem of having a vague definition of “national security” because arguably everything that Canada Border Services Agency does could fall into a broad understanding of national security in a vague sense.
Everyday complaints about problems at the border should not be burdening NSIRA and its resources. A specialized review agency is required.
We also have concerns, in particular, with respect to NSIRA's access to information, and in particular that NSIRA would have access to any information other than a cabinet confidence that it deems necessary to conduct its work. This would extend explicitly to information subject to solicitor-client privilege, professional secrecy of advocates and notaries, or litigation privilege, creating an open-ended mechanism to review legal advice given to the government. This is of significant concern to the CBA.
The role of solicitor-client privilege is fundamental to the functioning of our justice system and this is as true for government actors as it is for private actors. It has been argued that privileged information must be made available because the practices of security agencies often depend on the legal advice they receive.
However, without assurances of privilege, legal advice will be sought less often, based on less candid disclosure by client agencies, or worse, sought and received but not documented.
The other problem with respect to the disclosure of solicitor-client privileged information is how the NSIRA then deals with it in its reports. It's not helpful for the NSIRA to have solicitor-client privileged information. What they need is information about how this is actually deployed in the agency, not the advice that was given behind those decisions.
Concerning the intelligence commissioner, the CBA supports the creation of an independent specialized office for the oversight and authorization of activities by the CSE and CSIS. We have generally called for judicial oversight, but we recognize the advantages of a dedicated commissioner with staff and resources to allow effective ongoing oversight.
The nature of the review mandated by sections 14 to 21 of the proposed intelligence commissioner act does create some concerns for us because there's a system of nested reasonableness findings. Instead of the normal process in front of a judge for a warrant where a judge would find whether there are reasonable grounds to issue a warrant, what the legislation currently foresees is that the minister would make a finding on reasonable grounds, and then the intelligence commissioner would review that on a reasonableness standard.
This creates two problems from our perspective. First, it's unclear how much deference that implies. There's an extensive debate in the courts right now around the application of the reasonableness standard at all and how that plays out in terms of deference.
There's no need to bring that confusion into this area, and there is not that confusion around the reasonable grounds standard, so there's no reason for this nested reasonableness finding other than creating a level of confusion as to how much oversight is actually being provided, in particular because it's going to be provided behind closed doors. It's important for Canadians to understand what the intelligence commissioner is doing and that it be clear.
With respect to the CSE, the CBA generally supports the more detailed mandate of the CSE, and we support the structure as it's being proposed. There are several elements of the proposed mandates that are in tension with one another, in particular, the offence and defence in cyber-operations.
We would recommend that there be an explicit vulnerabilities equities process as part of the mandate of the CSE, so that the balancing can happen in a transparent way. The U.S. has a process in place that might work as a model, or at least give ideas with respect to that.
With respect to CSIS, we continue to have concerns around the disruption powers. In particular, giving kinetic powers to CSIS comes away from the mandate of creating CSIS in the first place, after the McDonald Commission.
I'll refer you to our written submissions with respect to our concerns around section 12.1(3.2). We continue to have concerns similar to those we've had in the past with respect to these warrants limiting charter rights in that context.
Finally, I would note with respect to the Criminal Code provision of counselling of terrorism offence, in my view, following the jurisprudence of the Supreme Court in Hamilton, the counselling offences in the Criminal Code already cover everything this offence covers. There is no need to further complicate the Criminal Code. It's already too complex. It ought to be simplified, and the counselling offence covers everything you're hoping to cover here.
Thank you very much for your time, and I apologize if I went a little bit over.
Mr. Chair, Mr. Clerk, and honourable committee members, thank you for the opportunity to testify before you regarding Canada's national security framework.
Following a set of national consultations regarding the Anti-terrorism Act, formerly Bill , the Liberal government drafted Bill to replace the Anti-terrorism Act.
I have reviewed the bill and will comment on it through a human rights lens. Securing the safety of its populace is a fundamental function of government. It is without question that government and its agencies must be equipped with the means necessary to prevent, counter, and address evolving threats in the digital age. In that same vein, a balance must be struck between securing public safety and respecting rights, ensuring any limitations placed on rights are necessary, proportionate, and reasonable.
As a human rights professor, I am pleased to see language recognizing the need to maintain respect for the Canadian Charter of Rights and Freedoms, the rule of law, accountability, and transparency within Bill . The establishment of a national security and intelligence review agency with a mandate to review national security activities, consider complaints, and advance investigations is arguably the most significant advancement.
The bill also establishes an intelligence commissioner to review the reasonableness of Canadian Security Intelligence Service and Canadian Security Establishment authorizations regarding, inter alia, intelligence gathering and cybersecurity. Though Bill has addressed some shortcomings found in the Anti-terrorism Act of 2015, concerns remain regarding its impact on human rights, particularly the rights to privacy, freedom of assembly and association, freedom of expression, liberty and security, democratic rights, due process rights, and anti-discrimination protections.
Due to time constraints, this testimony focuses on concerns with amendments to the Canadian Security Intelligence Service Act regarding the collection, querying, exploitation, and retention of datasets. The act defines a “dataset” as the collection of information stored as an electronic record and characterized by common subject matter. A dataset could thus encompass any thematic electronic documentation, provided it is a publicly available dataset, relates primarily to non-Canadians living outside of Canada, or constitutes an approved class.
Though it is reassuring that a newly established intelligence commissioner would review classes of datasets to safeguard against abuse, the remainder of section 11.05(2) is read with caution. Use of the term “publicly available dataset” is misleading, as it can include information that is considered private under the Privacy Act, but is available in the public arena, potentially without the consent or knowledge of the person concerned. In other words, publicly available data can extend to private information made public on request, by subscription or by purchase. Rather than exploit this vulnerability by legitimizing and encouraging the commodification and exploitation of the public's data, the Government of Canada has a positive obligation to protect its populace against infringements by third parties that may compromise individual privacy in exchange for profit.
Granting government authority to collect publicly available data appears innocuous, but can reveal highly personal information in violation of the right to privacy. I also caution Canadians against blindly accepting mass government surveillance of foreigners. Though targeted surveillance may be necessary to thwart legitimate threats to peace and security, mass surveillance opens the door for foreign nations not accountable to Canadian voters to collect information about Canadians and share it with our governments, other nations, or corporations.
Under these circumstances, the Government of Canada could also place foreigners in danger by revealing compromising information to governments with poor human rights records. Differential respect for the privacy of Canadians versus non-Canadians outside the country also constitutes a violation of non-discrimination under the international covenant on civil and political rights.
The United Nations special rapporteur on the right to privacy has maintained that the distinction between one's own citizens and foreigners is not in compliance with the principles of the universal right to privacy.
Failing to properly restrain invasions of privacy could prompt charter violations of section 8 protecting against reasonable search or seizure or the promotion of presumption of innocence under section 11(d). In order to satisfy that such limitations are “demonstrably justifiable in a free and democratic society”, the onus is on the Government of Canada to prove these limitations are of sufficient importance, rationally connected to the objective, minimally impair rights, and produce an outcome that outweighs the gravity of the problem it seeks to address.
Though protecting public safety and national security is of sufficient importance to warrant a well-defined, targeted invasion of privacy, the mass collection of data that could lead to results that are relevant to the performance of CSIS's duties and functions is not sufficiently important to encroach on constitutionally protected rights.
Similarly, blanket collection of datasets merely “relevant” to the duties and functions of the service fails to demonstrate a direct rational connection to protecting public safety. If there is no direct connection to maintaining public safety and national security, why does the Government of Canada consider these proposed powers to be a necessary component of the national security framework?
The United Nations special rapporteur on the promotion and protection of human rights while countering terrorism has warned that “restrictions falling short of being necessary...constitute 'arbitrary' interference” with the right to privacy. The special rapporteur further stressed that, “for a restriction to be permissible, it is not enough that it serves one of the enumerated legislative aims; it must also be necessary for reaching the legislative aim.” Given that the aim of Bill is to protect national security, the blanket collection of any data relevant to the work of CSIS does not satisfy this test.
Information respecting the protection of public safety and national security in Canada should be narrowly defined and collected only “to the extent that is strictly necessary” and when there are reasonable grounds to suspect a threat to the security of Canada. If we allow the bulk collection and storage of personal data without a person's knowledge, consent, or ability to challenge the nature and authenticity of information collected, the next step could be to misuse, alter, deliberately conceal, or manipulate information.
Indeed, the Canadian Security Intelligence Agency Act allows a CSIS director to authorize designated employees to commit direct “acts or omissions that would otherwise constitute offences” in carrying out their duties and responsibilities. Theoretically, the minister could authorize the collection of datasets intended to assist CSIS employees with carrying out otherwise criminal activity. Are these powers consistent with the preamble of Bill , which claims to respect the Canadian Charter of Rights and Freedoms, the rule of law, as well as accountability and transparency, while championing national security?
Amendments to the act do advance safeguards, but the nature of these safeguards raises concerns. The bill includes provisions calling for this service to delete information and datasets regarding the physical or mental health of an individual, information subject to solicitor-client privilege, and material in foreign datasets regarding Canadian citizens. This suggests some datasets will encapsulate information that should be accorded the highest degree of privacy.
The question is, why would the minister and intelligence commissioner approve a dataset that could potentially reveal this type of information about someone who has done nothing wrong? Further, the amendments should expressly state that accidental collection of such data will result in its total destruction, which clarifies the desired outcome more precisely than using the term “delete”.
The Supreme Court of Canada has emphasized that “the protection of privacy is a prerequisite to individual security, self-fulfilment and autonomy as well as the maintenance of a thriving democratic society.” Though not constitutionally protected itself, the right to privacy is essential for the maximum expression of most rights found under the charter, including freedom of expression; freedom of peaceful assembly; freedom of association; the right to vote; the right to life, liberty, and security; fair trial rights, including prevention of unreasonable search and seizure, protecting the presumption of innocence, and maintaining solicitor-client privilege as part of satisfying the right to a fair trial, particularly, the provision against self-incrimination.
Acknowledging the impact on constitutionally protected rights, any limitation of privacy rights should be justified under section 1 of the charter by applying the Oakes test. If the courts identify—
As I see it, there are two major differences between Google and Facebook and CSIS.
First, and most important, those are private companies and they do not carry out the powers of the Canadian state or any other state, nor do they have police powers.
Second, you say that everyone agrees to provide their personal information to Facebook or Google. But not everyone does. I agree with you that most Canadians, maybe even a large majority of Canadians, choose to do so, but it remains a choice.
However, when an individual’s personal information ends up in CSIS’ database, it is not the result of a choice. Moreover, people choosing not to provide their personal information to CSIS are exactly the ones whose personal information you would most like to see in that database.
Think about police states. As a lawyer practising in the field of refugee rights, I can tell you that China, North Korea, Iran and countries that repress rights and freedoms use the information we are talking about here in a non-transparent, uncontrolled way, which makes those freedoms fictional and nonexistent. By that, I do not mean that Canada is acting in that way, but we are actually talking about protecting ourselves against it.
With publicly accessible information, there are problems with private databases, for which an access fee must be paid. A little earlier, Ms. Szurlej spoke about the fact that a fee has to be paid for access to some databases, particularly abroad. In the United States, for example, huge databases are accessible to the public.
For background checks, you can pay to get access to quite major databases. You can also pay to get into Twitter or Facebook. A little earlier, we were talking about Facebook and Google. They sell their data to the public. Anyone can buy the data. The identity of the purchaser makes no big difference for Google or Facebook.
Perhaps the procedures with data that are not public should be reviewed, to the extent that they are not published. There is also the question of the kinds of data. We are talking about general information, which is public. But the restrictions are on personal information.
In terms of the data that can be obtained, and that are not technically personal data, the differences are quite major. For example, data coming from Statistics Canada, from Google or from Facebook are not personal data in the eyes of the law. However, those data provide a lot of general information.
For example, those data could be used to design a deep learning algorithm or a neural network so that it can learn to determine people's sexual orientation or religion. However, at the end of the day, the algorithm contains no personal data. If you buy the algorithm, or access to it, are you buying personal data? Those are issues that have to be dealt with.
It is a very good thing to want to update the legislation in terms of databases and of current technology. However, in criminal law, we always try to use neutral language and present things in a neutral way from a technological perspective.
The legislation should be drafted in a way that can be applied to a “holodeck” or any other technology of the future, so that we do not have to update the legislation once more.
What does that mean for the algorithms and the technology? I am not an expert in the area, I am expert in legislation; but in my opinion, a number of questions need to be asked about what databases, and the various tools used by intelligence services, can represent.
Those are really different questions from those about what is or is not public, or about who can have access to what.
There are two concerns around the issue with respect to privilege. One is with respect to the government documenting and seeking legal advice. The first step is, will the government seek legal advice and should the government get...?
Usually when I give legal advice to a client, my legal advice is not, “This is, this isn't; this is the way it is, and this is the way it isn't.” What legal advice often looks like is, “Here's where you're at no risk whatsoever”, and then there's a spectrum as you start to get closer to the line. How much you want to push coming close to the line is a decision made by the person, and it's often a discussion and dialogue that happens between counsel and the individual getting advice.
I'm not saying it helps people to push the line, but what will happen if these discussions are going to be disclosed is that instead of getting advice with respect to where the line is, either that advice will not be sought at all or it will not be documented. That undermines the whole purpose of the minister, or the person who is making a decision, doing it in an informed way. If the person is going to cross the line, that should be done in an informed way, with access to full, frank legal advice.
In terms of having the protection of the privilege, it allows for those frank discussions to happen. If that privilege is going to be breached or is going to be reviewed by this agency or other agencies in the future and that privilege becomes meaningless, the process of being able to get that advice is no longer going to function. I would submit that it's just as important for private actors to be able to know the law, find out the law, and get a sense of what the law is.
The privilege belongs to the government, not to the lawyer. If the government decides that they did this thing and their lawyers told them to do it, you can disclose that. It's not the lawyers' privilege.
When the CBA comes forward, we're not trying to protect a privilege that belongs to us as lawyers. My clients can disclose my advice whenever they want. It's a privilege that belongs to the client, because the client has a right to speak to me in a frank and fulsome manner, tell me everything they want to know about, and I can explain the law to them so they can make decisions.