Spy agency intercepted, kept 66 communications of Canadians

Share

Ottawa's foreign-focused electronic spy agency intercepted and retained 66 communications from Canadians last year. The material was gathered, without warrants, in the course of its spying on foreign threats.

This new detail about the privacy-encroaching activities of Communications Security Establishment Canada (CSEC) was disclosed, for the first time, in an annual report from its watchdog agency.

A specific number had never before been released by officials in Ottawa, who had previously characterized CSEC's collection of Canadian communications as only "small" and "incidental" relative to what it harvests from the wider world.

Intelligence agencies, even ones whose focus is global, are being pushed to operate more transparently as concerns about domestic spying grow. Privacy advocates and even Supreme Court judges have lately been seeking to clarify just how much the Canadian state can access citizens' communications data.

Over the past year, CSEC – a 70-year-old "signals intelligence" organization whose very existence was once considered a state secret – has been found engaging in controversial activities as it brings its foreign spying efforts closer to home.

Recent disclosures have shown that CSEC sometimes peruses communications trails – or "metadata" – of digital devices inside Canada. In one example, leaked documents showed the agency kept an eye on smartphones passing through Pearson International Airport, just to see where their digital signatures would next turn up.

It's unknown just how much global communications and metadata CSEC is intercepting and storing over all. The watchdog body reviewing the spy agency focused only on relatively rare phone calls and Internet exchanges involving Canadians, communications that CSEC stumbles upon in the course of its spying but that are kept in their entirety as "essential" for intelligence purposes.

Typically, the Criminal Code bans federal agents from spying on Canadians without judicial warrants. But Parliament relaxed the strictures for CSEC in the omnibus Anti-Terrorism Act, which passed in 2001.

Through this law, the spy agency received legal leeway to "incidentally" collect private communications of Canadians during its global trawlings, and have these powers managed under executive, and not judicial, scrutiny.

The Defence Minister (Rob Nicholson in the current cabinet) signs secret "ministerial authorizations" that serve as a legal shield around such spying efforts. This effectively means that, when the agency wants to eavesdrop on global terrorists or other designated adversaries, it can keep the communications of Canadians who are overheard coming into contact.

"I examined all of the 66 private communications unintentionally acquired by CSEC in the conduct of its foreign signals intelligence activities [in 2013]," Jean-Pierre Plouffe, the commissioner of the watchdog agency, wrote in a document released to Parliament on Wednesday.

The first annual report from the newly appointed former Quebec Superior Court judge went on to say that staff in the watchdog office listened to and read the CSEC intercepts to ensure they were obtained lawfully.

The watchdog agency did not speak to overall volumes of Canadian communications captured by CSEC, beyond saying that the non-essential stuff was tossed out. "All other recognized private communications unintentionally intercepted by CSEC were destroyed," Mr. Plouffe wrote.

In addition to its job of spying on foreigners, CSEC has a mandate to protect federal computer systems from hackers. It is also given legal leeway to intercept some private communications for this job, but no numbers have been disclosed.

In his report, Mr. Plouffe said that the leaks from U.S. intelligence contractor Edward Snowden over the past year have created a challenge. "I want to reassure Canadians, especially those who are skeptical about the effectiveness of review of intelligence agencies, that I am scrupulously investigating those CSEC activities that present the greatest risks to compliance with the law and to privacy."

Then, he concluded that "all of the activities of CSEC reviewed in 2013-2014 complied with the law."