Committee
Consult the user guide
For assistance, please contact us
Consult the user guide
For assistance, please contact us
Add search criteria
Results: 1 - 60 of 146
View Harjit S. Sajjan Profile
Lib. (BC)
Thank you, Mr. Chair.
I've actually had a little bit of de déjà vu this morning, given that I was at the defence committee and I see most of the same people here. It's nice to see everyone again.
I'd like to start by thanking all of you for the tremendous work that you have done in studying Bill C-59. These discussions and the experts you have talked to have helped inform the development of this important legislation, so thank you for all of your efforts.
I am accompanied today by Greta Bossenmaier, the Chief of the Communications Security Establishment; Shelly Bruce, the Associate Chief of CSE; and senior officials from CSE, National Defence, and the Canadian Armed Forces. It's our pleasure to be here today as you continue your review of the National Security Act, 2017.
This legislation demonstrates our government's recognition that the pursuit of national security involves two inseparable objectives: the protection of Canadians and the defence of our rights and freedoms. This commitment is apparent in part 3 of Bill C-59, which would establish stand-alone legislation for the Communications Security Establishment.
Last November, I had the opportunity in the House to speak to CSE's proud history of serving Canadians. For over 70 years, CSE has been Canada's foreign signals intelligence agency and the lead federal authority for information technology security in the Government of Canada. Over that long history, CSE has successfully adapted to remarkable change, including very rapid technological advancements and evolutions in the global threat landscape. However, what is needed now are modernized authorities to ensure that CSE is able to continue to adapt in this ever-changing environment both today and into the next 70 years.
In my remarks this morning, I'd like to underscore the importance of this legislation to ensuring that our security and intelligence agencies can keep pace with security threats, while at the same time enhancing accountability and transparency.
First, the CSE act would modernize the foreign intelligence aspect of CSE's mandate by allowing CSE to use new techniques to acquire intelligence through the global information infrastructure. CSE's foreign signals intelligence program is essential to keeping the government informed on matters of national security, national defence, and international affairs. These proposed changes will ensure that CSE is able to continue to collect this vital intelligence.
Second, as Canada's centre of excellence for cyber-operations, CSE operates at the forefront of changes in technology. The act would strengthen the cybersecurity and information-assurance aspect of CSE's mandate. Notably, the act would improve CSE's ability to defend important non-Government of Canada networks and to share cyber-threat information and mitigation advice. Taken altogether, the CSE act will strengthen Canada's cyber-defences by better protecting Canadians' most sensitive information and important cyber-networks from compromise.
Third, and of particular interest to National Defence, the technical and operational-assistance aspect of CSE's mandate would clarify that CSE is allowed to provide assistance to the Canadian Armed Forces and the Department of National Defence. This will enable CSE to better support Canada's military missions and the brave women and men of the Canadian Armed Forces serving in theatre.
Of course, CSE already provides important intelligence to the forces under the foreign intelligence aspects of CSE's mandate. This legislation would allow CSE to do more to help them to, among other things, conduct active cyber-operations in support of government-authorized military missions. Bill C-59 will enable CSE and the Canadian Armed Forces to better co-operate to ensure the best use of tools and capabilities to meet mission objectives.
The Department of National Defence and the Canadian Armed Forces look forward to the opportunity to work more closely with CSE to leverage its capabilities and expertise, as outlined in Canada's new defence policy “Strong, Secure, Engaged”.
I also want to discuss a crucial element of the proposed CSE act: foreign cyber-operations. I know that in her appearance before committee last month, the associate chief of CSE, Shelly Bruce, spoke to you about the active cyber-operations and exactly what they would look like in practice. Today I want to reiterate why these operations are important and why they are needed to protect the security of Canadians.
CSE's foreign cyber-operations mandate will provide Canada with the cyber-means to respond to serious foreign threats or international crises as part of a broader strategic approach.
For example, CSE would use active cyber-operations to prevent a terrorist's mobile phone from detonating a car bomb, or CSE could impede the ability of terrorists to communicate by obstructing their communications infrastructure.
CSE's active and defensive cyber-operations would be carefully targeted, by law, to the activities of foreign individuals, states, organizations, or terrorist groups that have implications for Canada's international affairs, defence, and security. Foreign cyber-operations would be subject to strict statutory prohibitions against directing these operations at Canadians, any person in Canada, or the global information infrastructure in Canada, and would require a robust approval process.
This brings me to my final point. This bill will considerably enhance oversight and review of Canada's national security and intelligence community, which includes CSE, the Department of National Defence, and the Canadian Armed Forces.
The oversight and review positions in the national security act demonstrate our government's commitment to enhancing lawfulness and transparency. I look forward to working with the proposed new bodies, including the national security and intelligence review agency and the intelligence commissioner.
By updating, clarifying, and clearly outlining in legislation what CSE is permitted to do, this legislation will empower Canadians to better understand what CSE does to protect Canada and Canadian interests. By adding new oversight and accountability measures, the national security act should also give you and all Canadians confidence that the measures are in place to ensure that CSE will continue to abide by the law and protect the privacy of Canadians.
To the members of the committee, I'm very proud of Bill C-59. This is very important legislation that will deliver on our government's promise to protect Canadians and their rights and freedoms.
Thank you.
Collapse
View Michel Picard Profile
Lib. (QC)
View Michel Picard Profile
2018-03-22 12:26
Expand
Thank you.
I will ask my questions in French, if you don't mind.
I will go back to a few points that we discussed about Canadian citizens potentially being targeted.
Clearly, the CSE does not investigate Canadians abroad. Also, when there is information that might involve a Canadian abroad, it is ignored; the information is destroyed.
The CSE is a partner with several departments in Canada, but also an international partner. It therefore exchanges information. How does the CSE have to manage information that comes from international partners that are not subject to restrictions when it comes to investigating Canadians?
Collapse
Greta Bossenmaier
View Greta Bossenmaier Profile
Greta Bossenmaier
2018-03-22 12:27
Expand
Again, it's focusing on our mandate, which is, again, to not focus on Canadians or anyone in Canada. I think it's recognizing that there could be incidental collection as we undertake our activities. It's also focusing on, if I understand the question correctly, how we work with foreign partners.
I'm joined here today also by our chief privacy officer and deputy chief responsible for policy and communications. Again, as privacy is part of his title, I'm going to ask Dom to speak a bit about how we work with partners and deal with private information.
Collapse
Dominic Rochon
View Dominic Rochon Profile
Dominic Rochon
2018-03-22 12:28
Expand
Thank you for the question.
I'll stay in English and try to answer by looking at this from the angle of foreign signals intelligence.
When we collect information, you're quite right that given the nature of how communications work, we may come across information related to a Canadian. Let me use a tangible example. We're looking at known bad guy X in country Y. This bad guy X is in line with an intelligence priority of the government. It stands to reason that they're a bad person wanting to do bad things that are an affront to national security. We're collecting against this person.
Now this person, unbeknownst to us, could phone you. When we collect that, we need to understand that the resulting call becomes a private communication. The Criminal Code is very clear that it is against the law to collect a private communication.
We have ministerial authorizations that cover the various activities that we use to collect information and that allow us to keep that information, if indeed it is of national security or intelligence interest. As you pointed out, we are to delete it immediately if it doesn't. If the phone call is to you and it's talking about something that is not related to national security, we are to delete it. We annotate that. We delete it immediately, and that is reviewed by our commissioner to make sure we delete these things on an annual basis.
If indeed it has a national security interest, then we keep it, but even in keeping it, we write a report that talks about the conversation you may have had, possibly about blowing up something somewhere that is of interest to Canada. We would still protect your identity in that report, by using a generic term to render your identity illegible.
Then it comes time for information sharing. Where does our report go? Obviously there are domestic agencies within the national security apparatus here in Canada—CSIS, RCMP, and others—that have an interest in reading the report. Now they may have a legal mandate to know the identity of that Canadian, so there are procedures in place to disclose that information to them.
Similarly, when we're writing reports, some of the information is obviously shared with foreign partners, and there are other things that govern that exchange of information. Again, though, if they wanted the disclosure of that information, they would have to show us why it was imperative for them to get that information.
Of course, we're bound by other things. We have a ministerial directive, for example, which was recently reissued by our minister, related to information sharing that may lead to the risk of mistreatment. We do an analysis of what our partners want that information for and what they are going to be using it for, and we do a risk analysis to make sure it isn't going to be leading to mistreatment. There's a calculus that happens before any information is shared.
Collapse
View Michel Picard Profile
Lib. (QC)
View Michel Picard Profile
2018-03-22 12:31
Expand
The aspect of the issue I wanted to address does not concern so much the information that goes abroad, but rather the foreign partner who informs you that, after their investigation and analysis, they have identified four persons, one of whom is Canadian. This foreign partner is not subject to the restriction of not investigating Canadians and sends you information. Since this is a person of interest to the foreign partner, does it change the status of the person and, therefore, the process you have just explained to us? Do you retain the information and confirm that this person represents a threat or, on the contrary, are you required to reject that information?
Collapse
Dominic Rochon
View Dominic Rochon Profile
Dominic Rochon
2018-03-22 12:32
Expand
Without going into too much detail, I would say that the example you give would be within the mandate of CSIS. If that partner has information about a Canadian, we then work in partnership with CSIS.
We would look to CSIS and say, “There's information possibly about a Canadian. That is your responsibility, not ours,” in terms of following up with regard to a specific Canadian.
Collapse
Greta Bossenmaier
View Greta Bossenmaier Profile
Greta Bossenmaier
2018-03-22 12:40
Expand
Sure, and I will ask Scott Jones, our deputy chief of IT security, to come in.
Perhaps to answer the question, Mr. Chair, I'll go to three different pieces of the proposed legislation.
First of all, to prevent cyber-attacks, we need to have not only good capabilities and tremendous Canadian men and women working on this but also good intelligence to try to understand what those threats are before they even come to Canada. In the legislation, there is a strengthening of our ability to ensure that we can continue to collect foreign signals intelligence, including that relating to cyber-threats. That's a piece of it.
The second piece I would draw attention to is that the cybersecurity aspect of the legislation talks about us being better able to share threat information with the private sector, and it also talks about us being able to—again, at their request—help defend their systems. That's another way this legislation would strengthen our ability to help do cyber-defence for Canadians.
The third piece I would focus on is the defence of cyber-capabilities. If there was a cyber-attack, instead of us sort of standing back with a shield with which we would try to protect against these billion malicious attempts per day and waiting for them to happen, if we could go and say, “Let's try to stop that cyber-attack from even happening”—there could be a server outside which we know is now trying to infiltrate a Canadian system and steal Canadians' information—we could, through this legislation, which would be a new piece for us, try to stop that attack before it got to our shores and into our systems.
With that overview, maybe I'll ask Scott Jones, our IT security—
Collapse
Scott Jones
View Scott Jones Profile
Scott Jones
2018-03-22 12:42
Expand
Really, when we're talking about a billion malicious actions, we're talking about the gamut, all the way from people poking at our systems, looking to see where they're vulnerable, up to people trying to compromise or install malicious software called malware, or basically exploit any vulnerability that exists. It's a wide range of activities, but what we're trying to do is counter the full range, no matter where it originates. We want to counter any malicious activity that's coming at the Government of Canada, and the number is astonishing. I think that's really where we are going into a few different areas. Number one is making it better. How do we work to make the systems that we have more defendable? That's working with the commercial sector, and that's being able to share more information, being able to share some of our tools and techniques, and pushing it forward.
We've shared some of our tools publicly. We have a system called Assemblyline which we have made open-source and publicly available to anybody who could leverage that. That's how we, for example, defend the government and look at millions of malicious files a day.
The second piece is providing that level of defence that fills the gap between the best available commercial and the state-of-the-art threat activity that we're facing today. Bill C-59 would allow us to then use that on critical systems of importance, as designated by the minister, but also with the informed consent of the system's owners. Informed consent is something that's particularly important in this case.
The third piece is general information sharing, whether that is providing advice and guidance or being able to share what we're seeing, what's going on, and very much clarifying our authorities to share information.
That's where we kind of layer all these things together and start to deal with those billion events.
Collapse
Michael Day
View Michael Day Profile
Michael Day
2018-02-15 11:39
Expand
I would simply say or ask the question, is there any legislation that requires CBSA be provided with the complete watch-lists that are accumulated by CSIS, CSE, and RCMP? If lacking that, why isn't there the requirement? How can they perform their function if they don't understand who is being watched as a threat to this country?
Collapse
Scott Newark
View Scott Newark Profile
Scott Newark
2018-02-15 11:39
Expand
I'm sorry, if I can just add in, I also sent in a note that I did several years ago out of frustration in dealing with the “we can't share that information because of the Privacy Act” nonsense. The legal authorizations for law enforcement and security purposes for authorization sharing within agencies is significant. Also contained within the Privacy Act, section 8, my favourite section, paragraph 8(2)(m), is the section that says that if the holder of the information decides that the public interest in releasing the information or the truth outweighs the personal information in keeping it, then they have the authority to release it.
Collapse
Michael Day
View Michael Day Profile
Michael Day
2018-02-15 11:40
Expand
Personally, I would say that's insufficient. It allows them to. It doesn't force them to. Legislation needs the requirement, not just the independent judgment of the agencies to decide what they will or they won't.
Collapse
Guy Bujold
View Guy Bujold Profile
Guy Bujold
2018-02-15 12:05
Expand
Thank you.
Mr. Chair, honourable members, thank you for inviting me here today to speak to you about Bill  C-59, An Act respecting national security matters. As you said, Mr. McKay, I am accompanied by Ms. Joanne Gibb, Director of the Research, Policy and Strategic Investigations Unit of the Civilian Review and Complaints Commission for the Royal Canadian Mounted Police.
I will focus my comments today on part 1 of the bill, which seeks to establish the national security and intelligence review agency, thereby transferring certain powers, duties, and functions from the Civilian Review and Complaints Commission for the RCMP to this new agency.
As the head of the commission, I strongly believe in the importance of civilian oversight and review, whether it is related to national security or, for that matter, related to law enforcement more generally. Independent review fosters positive change and makes organizations better, and I think that's an objective we shouldn't lose sight of when we're talking about these changes. Consequently, the commission supports all of the efforts to enhance the national security review framework.
The trust that Canadians have in their public safety and national security agencies is predicated on accountability and transparency, to the degree possible. Independent review, whether it is by the National Security and Intelligence Committee of Parliamentarians, or by expert civilian bodies such as the Civilian Review and Complaints Commission, the Security Intelligence Review Committee, or the Office of the CSE Commissioner, contributes to the overall accountability framework of the organizations entrusted with keeping Canada safe and secure.
As the government seeks to further strengthen that framework by creating the National Security and Intelligence Review Agency, the commission welcomes the opportunity to work collaboratively with the new review body to ensure that RCMP activities are independently examined.
Created in 1988, the commission has significant experience and expertise in managing complaints and conducting reviews of the RCMP, whether it is into the RCMP’s actions in relation to the G8 or G20 summits, the RCMP seizure of firearms in High River, or policing in northern B.C., to name a few subjects.
The Civilian Review and Complaints Commission for the RCMP, as it is known now, has long been a key element of the RCMP’s accountability structure. By independently reviewing complaints, and where necessary making findings and remedial recommendations, the commission strives to bring about constructive change in the RCMP.
Currently, the commission is undertaking a review of the RCMP's implementation of Justice O'Connor's recommendations in relation to the Maher Arar affair. That investigation is ongoing at this time and is expected to be completed before the end of the fiscal year. The commission will then prepare a report outlining any findings and recommendations pertaining to the six sectors examined by Justice O'Connor.
It is my hope that any findings or recommendations made by the commission would guide the new review agency in its future work in relation to the RCMP's national security activities.
In his 2006 report, Justice O’Connor stressed the importance of a review body being able to “follow the thread”. Through Bill C-59, the new national security and intelligence review agency will have the mandate to do just that, providing a more holistic approach to national security review. Justice O’Connor also stressed the need to eliminate silos and for expert review bodies to work more collaboratively. We're hopeful that this will be an outcome of the new legislation and new oversight structures.
Since the mandate of the RCMP is much broader than just national security, I am pleased that Bill C-59 permits the national security and intelligence review agency to provide the Civilian Review and Complaints Commission with information it has obtained from the RCMP if such information relates to the fulfilment of our own mandate. I believe that this is critical to the overall effectiveness of the expert review bodies.
For example, if in the course of a national security review the national security and intelligence review agency becomes aware of a policy issue unrelated to national security, that issue could be flagged to the CRCC for further examination. This is the reality of the world we're living in.
To further illustrate the importance of collaboration and co-operation, I would suggest that if a public complaint was received by the commission that pertained to national security, but also contained allegations related to RCMP member conduct, the two review bodies should be able to collaborate, within their respective statutory mandates, to deal with the complaint. That is the only way that the Canadians who had made a complaint would receive an appropriate response to all their complaints.
Although the legislation requires the complaint to be referred to the National Security and Intelligence Review Agency, the CRCC, as the expert review body in relation to policing and police conduct, could deal with the allegation related to member conduct. This would ensure a consistent approach in reviewing complaints of RCMP on-duty conduct.
In terms of changes to the commission's mandate relative to Bill C-59, certain elements in the legislation might benefit from further clarification, and that the members of this committee may wish to consider further. Proposed amendments to the RCMP Act require that the Civilian Review and Complaints Commission refuse to deal with a complaint concerning an activity that is closely related to national security and refer any such complaint to the national security and intelligence review agency. That means the CRCC will continue to receive all public complaints related to the RCMP, and thus will remain the point of intake for public complaints. The onus will then be on the CRCC to determine whether the complaint is, in the words of the legislation, “closely related to national security” before deciding on how it will dispose of it.
Absent a definition of national security, however, the commission must make a determination on whether to refer the complaint to the national security and intelligence review agency. Once referred to the national security and intelligence review agency, that agency must receive and investigate the complaint in accordance with section 19 of the new legislation. There is currently no authority, however, for a referral back to the CRCC if the national security and intelligence review agency were to deem, after it had examined a complaint, that it was not a matter closely related to national security. This is a matter that the committee may want to consider further.
Also, while Bill  C-59 prohibits the commission from dealing with or investigating complaints closely related to national security, as well as RCMP activity related to national security, there is no prohibition on the commission's chairperson from initiating a complaint related to national security. Further to the RCMP Act, if the chairperson is satisfied that there are reasonable grounds to investigate the conduct of an RCMP member in the performance of any duty or function, the chairperson may initiate a complaint in relation to that conduct. Bill  C-59 does not amend subsection 45.59(1) of the RCMP Act and, as a result, the chairperson could initiate a complaint closely related to national security. I respectfully suggest that the committee may wish to consider whether this is consistent with the intent of the legislation.
As I indicated at the beginning of my remarks, I believe in the importance of civilian oversight of law enforcement, and we at the Civilian Review and Complaints Commission for the RCMP are fully committed to working with the new national security and intelligence review agency.
In closing, I'd like to thank the committee for allowing me to share my views on the important role of the independent civilian review. I welcome your questions.
Collapse
View Sven Spengemann Profile
Lib. (ON)
Thank you both, Mr. Bujold and Ms. Gibb, for being with us today and for sharing your expertise and for your service to the country.
First, I want to circle back to what you mentioned already in your submission, the standard of “closely related to national security”. Absent any suggested amendments, how likely do you think it is that the commission would frame a scenario as being closely related to national security and NSIRA would send it back to you saying that it's not? Is that a likely outcome? If so, what would make it likely?
Collapse
Guy Bujold
View Guy Bujold Profile
Guy Bujold
2018-02-15 12:15
Expand
First of all, let me make it clear to the committee that the number of complaints that have a potential for being related to a security matter is very small. When we review the complaints in the commission since 2015, we can identify a half a dozen that might have been related to security matters and that would therefore no longer fall within the purview of the CRCC. That's the first point.
The second point is, I believe that, notwithstanding the fact that there isn't a precise definition, the agencies working together.... And that's the construct that I have in my own mind as to how this will all unfold. In real life, we'll be able to identify those areas where there is a possible blurring, if you wish, and those will be resolved.
I still believe, however, that this inability of the CRCC to return something—
Collapse
Guy Bujold
View Guy Bujold Profile
Guy Bujold
2018-02-15 12:16
Expand
—in a number of very small cases.... And whether it warrants an amendment in and of itself, I will leave to the committee to decide, but the lack of that as a provision in the legislation might prove to be an issue at some later date.
Collapse
View Matthew Dubé Profile
NDP (QC)
View Matthew Dubé Profile
2018-02-15 12:25
Expand
I appreciate that, Chair. I'm just looking at the way police oversight happens in the context of...I think we've heard witnesses talk about that, but I appreciate that point.
The Anti-terrorism Act, 2015, provided for the sharing of information, further to Justice O'Connor's recommendation that we follow the trail. Has that changed the way you work? I can imagine that information or complaints might hypothetically be forwarded to the RCMP or, conversely, that the RCMP might forward them to CSIS.
You cannot get into the details, of course, but has this changed your approach regarding actions by the RCMP in situations that also involve other agencies?
Collapse
Guy Bujold
View Guy Bujold Profile
Guy Bujold
2018-02-15 12:26
Expand
I will ask Ms. Gibb to provide further information if necessary, but I can say that there are no problems with the sharing of information between the RCMP and the commission at this time, nor do we expect there to be any either when the changes in question come into effect. Under the current act, we have very broad powers to obtain the information we need to conduct investigations.
Collapse
View Matthew Dubé Profile
NDP (QC)
View Matthew Dubé Profile
2018-02-15 12:27
Expand
I'm sorry, perhaps my question was not clear.
Let's say you receive a complaint related to an action by the RCMP involving the sharing of information as set out in the former Bill C-51 and as amended, in a sense, by the current bill.
What do you do if you follow the trail from the complaint and arrive at the information forwarded by CSIS, for instance, and you find that it is the actions by CSIS that are the object of the complaint?
Collapse
Joanne Gibb
View Joanne Gibb Profile
Joanne Gibb
2018-02-15 12:27
Expand
We don't have any public complaints of that nature, but I'll add that our ongoing national security review into Justice O'Connor's recommendations is looking at domestic information sharing as it is currently done by the RCMP.
When that's complete, we should have a better answer for you on whether or not BillC-51 affected how they share information, but I'm not aware of any public complaints regarding information sharing in that regard.
Collapse
View Matthew Dubé Profile
NDP (QC)
View Matthew Dubé Profile
2018-02-15 12:28
Expand
As to sharing information with our allies, the example that comes to mind is Operation Hemisphere, I think it was called. We received information from the DEA, the U.S. Drug Enforcement Administration.
When the information comes from another country, does that complicate the commission's work?
Collapse
Guy Bujold
View Guy Bujold Profile
Guy Bujold
2018-02-15 12:28
Expand
No. Actually, we would not receive much information about the review of a complaint.
Collapse
Joanne Gibb
View Joanne Gibb Profile
Joanne Gibb
2018-02-15 12:28
Expand
I'll add again, just to promote my investigation, that foreign information sharing is also part of that ongoing review.
Collapse
View Matthew Dubé Profile
NDP (QC)
View Matthew Dubé Profile
2018-02-15 12:28
Expand
As regards national security, you made recommendations about how to proceed in this context and the need for a stronger definition. If I understand correctly, however, the ideal would be for you to work together rather than passing the buck back and forth.
You conduct parallel investigations, is that correct? How do you see this?
Collapse
Guy Bujold
View Guy Bujold Profile
Guy Bujold
2018-02-15 12:29
Expand
First of all, we want to meet the legal requirement, under the act, to refer cases involving national security to the new agency. However, in an investigation relating to a worrisome national security issue, if we find that an RCMP member did not fulfill their obligations, their conduct would be an issue. In our view, the commission should be able to continue that investigation. That would mean sharing information with the new agency and would allow us both to conduct our investigation to arrive at a conclusion.
Collapse
View Matthew Dubé Profile
NDP (QC)
View Matthew Dubé Profile
2018-02-15 12:31
Expand
You mentioned that you are reviewing Justice O'Connor's recommendations.
Will you publish a report once you have completed that review?
Collapse
Joanne Gibb
View Joanne Gibb Profile
Joanne Gibb
2018-02-15 12:31
Expand
Yes, a report will be made public at some point.
Collapse
View Michel Picard Profile
Lib. (QC)
View Michel Picard Profile
2018-02-15 12:38
Expand
When you receive and investigate a civil complaint and when it is clearly recommended to send it to national security, who makes that decision? Does national security let you know that something is its responsibility or do you decide who will take care of the issue in light of facts?
Collapse
Guy Bujold
View Guy Bujold Profile
Guy Bujold
2018-02-15 12:39
Expand
As far as we understand the bill, once a complaint is read, our organization would decide whether to send it to the new agency.
Collapse
View Blaine Calkins Profile
CPC (AB)
View Blaine Calkins Profile
2018-02-15 12:43
Expand
Okay. You've said that absent a definition actually in the legislation, it's going to be difficult for your organization to make a determination about the point in the investigation at which you hand over information that could be relevant to NSIRA. Is that correct? Did I understand that correctly?
Collapse
Guy Bujold
View Guy Bujold Profile
Guy Bujold
2018-02-15 12:43
Expand
I said two things. One, the number of cases in which that would come out based on past practice would be very small. Two, we believe, absent a definition, we would be able to deal with those cases through discussions between ourselves and the new agency.
Collapse
View Blaine Calkins Profile
CPC (AB)
View Blaine Calkins Profile
2018-02-15 12:43
Expand
Right, but it seemed to me as though you were actually making a case to have a definition added to the legislation. Is that true?
Collapse
Guy Bujold
View Guy Bujold Profile
Guy Bujold
2018-02-15 12:43
Expand
We don't believe that any definition would actually be able to create a razor's edge between what is a security and a non-security issue.
Collapse
View Blaine Calkins Profile
CPC (AB)
View Blaine Calkins Profile
2018-02-15 12:45
Expand
In your opening remarks I heard you say that a concern you had was that there was no referral back to your organization should NSIRA make a determination that it does not cross or meet whatever their threshold is for a national security issue. Would you be advocating to request a legislative change in Bill C-59 to make sure that issue is brought back to your organization? I'm assuming from your comments that when an investigation does cross that national security threshold, in your organization's opinion, and you send it on—or will be sending it on to NSIRA, in this particular case—that investigation would cease in your organization. Is that correct?
Collapse
Guy Bujold
View Guy Bujold Profile
Guy Bujold
2018-02-15 12:46
Expand
Yes, that is our position. We are saying that in the eventuality that NSIRA were to determine that no, it wasn't and there were dimensions of that which were related to the conduct of an RCMP member, they would send it back.
Collapse
View Michel Picard Profile
Lib. (QC)
View Michel Picard Profile
2018-02-15 12:46
Expand
I want to come back to one of the questions asked.
When you receive a file involving a national security element, it is provided that you should transfer that file and end the investigation. You have proposed a procedure whereby the new agency would refer the file to you if it determined that no investigation was needed.
Wouldn't it be simpler for you if the file was suspended until a confirmation was given for you to continue the procedure?
That puts an end to the issue of national security, and you know that you can close the file. If the file remained open, you could continue the procedure.
Collapse
Guy Bujold
View Guy Bujold Profile
Guy Bujold
2018-02-15 12:47
Expand
There would probably be many ways to get the same result. The most straightforward way is definitely in the act and enables the National Security and Intelligence Review Agency to refer the complaint to us if it determined that national security was not involved.
Collapse
View Glen Motz Profile
CPC (AB)
I wish to advise the committee that I will be sharing my time with the aged Mr. Picard.
Voices: Oh, oh!
Mr. Glen Motz: I only have one question actually.
What will your process be, when this happens, in order to consult with NSIRA for your determination of whether or not a matter or a complaint falls within an investigation or is national security related?
I would be so bold as to suggest that the initial complaint may not be as evident when it first comes in. As you uncover that, will you, and how will you, go about consulting with NSIRA on these matters?
Collapse
Guy Bujold
View Guy Bujold Profile
Guy Bujold
2018-02-15 12:49
Expand
The modalities of the consultation are something we will have to work out with the new agency. We have an objective in mind, which is to ensure that we respect the intent, both the spirit and the letter of the new law, which says to us, “You are not to do this. You are to send it over.”
We believe that in the majority of cases, we will be able to make the determination quite easily as to whether it is in pith and substance something related to national security. There will be a few instances, and again we go by history—the past being a good indicator of what may occur.... In a few instances, we will want to talk to the people at NSIRA to ensure, not necessarily in dealing in a granular manner with everything that's related to the complaint, but with enough specificity to ensure that....
It would seem to me that our default would be that if NSIRA said in that conversation, “Yes, this is a matter of national security”, we would toss it over to them, which makes the notion of them being able to return it to us, if they thought it wasn't all that more important....
Collapse
View Pierre Paul-Hus Profile
CPC (QC)
All right. Thank you.
My next question is about information sharing. The former director of CSIS told the committee that, although he hadn't counted, the number of times the words “protection of privacy” are mentioned in the bill is really quite astounding. He said he was as much in favour of privacy as everyone else, but that he sometimes wondered whether the fact that we are placing so much emphasis on it would scare some people with respect to national security.
Can you comment on this?
Collapse
Tricia Geddes
View Tricia Geddes Profile
Tricia Geddes
2018-02-13 11:20
Expand
Sure. I guess I would say that it's quite clear that this bill is able to deliver the effective tools and the authorities that we need, in order to be able to conduct our investigations. Ensuring that we have the confidence of Canadians and that we are able to do so in a manner that protects their privacy is very critical to our ability to carry out our mandate. I think the bill has achieved both of those objectives.
Collapse
View Matthew Dubé Profile
NDP (QC)
View Matthew Dubé Profile
2018-02-13 11:24
Expand
I appreciate that.
Ms. Bruce, we'll go back to you. Clause 25 in part 3 dealing with the privacy protections.... Some of the words that are used include, “and disclosure of”. The minister has explained that the changes to SCISA that now use the word “disclosure” refer to information already in the possession of different agencies or departments. In other words, when you're talking about the disclosure of information that you're obtaining through this research, does that mean of the information could be shared between different agencies and departments?
Collapse
Scott Millar
View Scott Millar Profile
Scott Millar
2018-02-13 11:24
Expand
Hi there.
Just to be clear, right now we share information with other departments and agencies under our existing authorities. When we do that, we do it through an end-product report, an intelligence report. That will continue the way it is now. There are privacy measures in place when we share that information, and those measures are reviewed. In fact, how we do that is reviewed and has been reviewed for 20 years. So this will enshrine the legislation of practice that exists now with CSE.
Collapse
View Matthew Dubé Profile
NDP (QC)
View Matthew Dubé Profile
2018-02-13 11:25
Expand
I ask because one of the responses to the concerns.... You said that you're not using the information you're collecting under section 24 to create profiles or do any kind of investigation. Does that preclude other agencies from potentially doing the same thing, if you're disclosing the information you've collected to another agency, and it's beyond your mandate to be doing anything yourself with that information?
Collapse
Shelly Bruce
View Shelly Bruce Profile
Shelly Bruce
2018-02-13 11:25
Expand
When we say we need privacy measures in the disclosure of information, it means that in the course of our foreign intelligence or cyber-security operations, we may come across an entity, an IP address, an individual, or a company that is unknown to us. So we need to do research from open sources to contextualize that and to make sure we understand what we're dealing with.
If it turns out that the individual, that company, or that IP address is Canadian, then we put in place measures to mask that identity if that information leaves CSE. It's about protecting that information.
Collapse
View Pam Damoff Profile
Lib. (ON)
One of the things I've asked a number of witnesses here—and I guess that's where it would come in—is whether ministerial authorization should be involved if you're going to be releasing that information to other departments when Canadians are involved. A number of witnesses here have said yes, it should.
Collapse
Scott Millar
View Scott Millar Profile
Scott Millar
2018-02-13 11:33
Expand
How the ministerial authorizations and the capture are distinct from publicly available information is that under the ministerial authorizations, for any information that we acquire where there's a reasonable expectation of privacy or we might interfere with it, that information is brought into the ambit of the ministerial authorization and also the secondary review by the intelligence commissioner.
That authorizes us to undertake a series of activities in support of the foreign intelligence mandate.
Collapse
View Pam Damoff Profile
Lib. (ON)
But I'm specifically talking about your sharing that information. You take your information and give it to CSIS. Right now, they apply, you decide, and you give it to them. Do we already have a ministerial authorization in the middle of it, that before you release any information on Canadians to another government agency you need that authorization?
Collapse
Scott Millar
View Scott Millar Profile
Scott Millar
2018-02-13 11:34
Expand
I guess the only thing I would say is that there are privacy protections that have to be laid out in the ministerial authorization. As well, the minister will designate under the proposed CSE Act who can receive that information. That is a new element in that ministerial designation, so the minister will be engaged. The commissioner will be engaged with the activities undertaken within a ministerial authorization, and NSIRA will review them as well.
Collapse
Malcolm Brown
View Malcolm Brown Profile
Malcolm Brown
2018-02-13 11:35
Expand
This is a really important question, and not just for the mythology around what CSE does or other organizations like CSE do in other countries.
The reality is there are layers of protection for the transfer of information to protect privacy, but also to ensure that information is shared in a timely way, and there are layers of review. We have all the things that Scott and Shelly have described governing the way they do it. It's not willy-nilly, that we'll just toss it over.
Collapse
Malcolm Brown
View Malcolm Brown Profile
Malcolm Brown
2018-02-13 11:36
Expand
I know you weren't, but for greater certainty, I'm trying to make that point.
In that context, the other point is that the receiving organization has a whole series of obligations as well, in the way they treat that information. Our friend the Privacy Commissioner—and he is a friend—plays an important role in all of that. As well, people like me who run these departments have very serious obligations in protecting the way that information is used, and ensuring and justifying its retention for however long we might feel we need to have it.
Collapse
View Pam Damoff Profile
Lib. (ON)
I think the world has changed; 20 years ago the conversation would have been much different. You're talking about personal conversations. They might be phone conversations. Now you have so much personal information out there on the Internet, and the information you can gather is so much wider. Therefore, it's a very different conversation from what we would have had even 10 years ago.
Collapse
Malcolm Brown
View Malcolm Brown Profile
Malcolm Brown
2018-02-13 11:37
Expand
Yes and no. The way that warrants are now used by the authorities that all of these agencies have to go through to access information is a long tradition. The reality is that yes, it's different, but the underlying principles and the foundation in law are the same in the way information is treated. We have to update our procedures and practices, and from time to time examine and ensure that they're still relevant. I think what's in Bill C-59 demonstrates quite a capacity to absorb and propose change. It's important not to think that it's so different that we have to jump to a new framework—not immediately, because we have to think through the consequences.
I think the challenge is to find the right balance to ensure that the concerns you're describing, about people feeling their information isn't being shared willy-nilly, are addressed by the way we manage the information. The layers of scrutiny that are embedded in this bill are so significant that I think.... We'll see, it's a prediction, and I know I've got to stop because I'm taking up your time, but this is an important issue. You have heard witnesses who feel the layers of scrutiny embedded in this bill are too much of a burden.
Collapse
View Matthew Dubé Profile
NDP (QC)
View Matthew Dubé Profile
2018-02-08 11:44
Expand
Thank you very much.
When it comes to information sharing, how concerned should be about what are essentially cosmetic changes in this bill from what was brought in by the former BillC-51? You mentioned it in your comments, and I don't really have time to get into some of the details I was going to ask about, but perhaps you could reiterate those concerns in the 30 seconds that are probably left.
Collapse
Laura Tribe
View Laura Tribe Profile
Laura Tribe
2018-02-08 11:44
Expand
We definitely have big concerns about the Security of Canada Information Sharing Act that was enabled by BillC-51 not really being revised or overhauled in the way we had hoped. One of the big changes that we would look for is limiting the information requested to those who request it, and not allowing it to continue being shared between departments after the fact. Another change we would look for is limiting who can access information within other government agencies.
Collapse
Results: 1 - 60 of 146 | Page: 1 of 3

1
2
3
>
>|
Export As: XML CSV RSS

For more data options, please see Open Data