Go to the Globe and Mail homepage

Jump to main navigationJump to main content

The Communications Security Establishment Canada complex in Ottawa is seen on Nov. 29, 2013. (DAVE CHAN FOR THE GLOBE AND MAIL)
The Communications Security Establishment Canada complex in Ottawa is seen on Nov. 29, 2013. (DAVE CHAN FOR THE GLOBE AND MAIL)

Canadian spy manual reveals how new recruits are supposed to conceal their identities Add to ...

Watch out for foreign spies, hackers, terrorist sympathizers and disgruntled employees. Tell acquaintances you work for a “generic” government agency.

Leave any iPods, USB sticks, and cellphones at home. At day’s end, turn off your computers, lock down files, and make sure not to take home anything classified. Spilling secrets means risking going to jail.

More Related to this Story

Then there are administrative details: The pay period ends every second Thursday, life insurance pays out at twice annual salary, and you get up to 15 paid sick days a year.

These are among the directives and cautions relayed to newly recruited spies at Canada’s electronic-eavesdropping agency, Communications Security Establishment Canada.

The “CSEC 101: Foundational Learning Curriculum,” comprises dozens of PowerPoint decks that are intended to help new employees at the Ottawa agency find their feet. The Globe and Mail obtained the 650-page manual through Access to Information laws.

These partly redacted presentations from 2012 do not speak to the kinds of CSEC spying lately brought to light by former American contractor Edward Snowden – the leaked operational slides that allegedly show CSEC spying on Brazil’s energy sector and also taking steps to keep tabs on foreign diplomats at G20 meetings.

Rather, the “learning curriculum” – complete with arcane acronyms and occasional illustrations from The Simpsons – speaks to the bureaucratic banalities behind the job, and a culture of extreme caution in terms of protecting information from outsiders.

“Discretion – it matters!” one slide says. “Be discreet both at work and home.”

The information conveyed in the CSEC 101 document is intended to groom new members of the agency’s rapidly growing staff of 2,100 computers scientists, mathematicians, engineers, linguists and analysts. Steeped in a culture of secrecy, the rookies are told they are patriotic collectors of “signals intelligence” – and that this “SIGINT” is a raw good that will be refined into reports, which in turn will be consumed by “clients” in just about every branch of the federal bureaucracy.

This is unassuming work. “SIGINT is not what you see in Hollywood!” cautions one slide, showing a picture of James Bond. The preferred pop-culture icon is instead a Tinkerbell-like character. “The most famous SIGINTer is the ‘Traffic Fairy,’” the slide says, showing a tiny pixie who apparently flits through computer traffic in search of secrets.

Because SIGINT is defined as “intelligence acquired through the collection of electromagnetic signals,” the job involves the collection of all manner of e-mails, phone calls, and Internet exchanges.

The prime directive at CSEC is that Canadian citizens’ communications are off-limits, whereas eavesdropping on foreigners is fair game, improving both national security and “Canada’s position on the world stage.”

New staff are told to be proud that they are part of a very exclusive club – the “Five Eyes” collective of Australian, British, Canadian, New Zealand, and U.S. intelligence agencies. Through this partnership, which dates back to the Second World War, CSEC personnel are embedded in the other countries’ agencies.

“Personal relationships are important!” the slides say, speaking to how Canadian “integrees” are sent to Washington, London, Canberra and Wellington. (Specific numbers of these “Canadian Special Liaison Officers” have been redacted.)

Within Canada, CSEC has spent decades plucking out SIGINT from thin air with the help of the Canadian Forces – the slides show the known military listening posts for radio signals in Leitrim, Ont. (outside Ottawa); Gander, Nfld.; Masset, B.C., and Alert, Nunavut. Yet today’s more advanced data-hacking techniques – what CSEC calls “computer network operations” – are only vaguely alluded to.

Employees are told to take “COMSEC” – communications security – very seriously. This applies to their own personal devices and CSEC’s role in protecting government telecommunications systems from foreign hackers. Smartphones, including BlackBerries, are susceptible to interception and revealing the users’ whereabouts, the slides say.

New staff are also encouraged to keep an eye on colleagues who go rogue.

Case in point? The slides remind new staff about Jeffrey Delisle, the naval intelligence officer now serving a 20-year sentence for selling secrets to the Russians.

CSEC employees are even urged to report any changes in their personal lives to their bosses, given how Mr. Delisle had suffered a damaging divorce and assumed the couple’s debt load prior to becoming a mole for Moscow.

Recruits also role play their way through ethical dilemmas, which are typically felt to be best resolved by confiding in superiors. One slide urges viewers to mull the hypothetical case of “Jean,” a Canadian SIGINT operative tasked with an unspecified spying operation that he feels could “negatively impact the privacy of Canadians without an operational benefit.”

“He remains confused and troubled,” the slide says. “What should Jean do in this situation?”

***

DO’S AND DON’TS

Do
Target the electronic communications of foreigners abroad

Don’t
Target the communications of Canadian citizens, or even foreigners inside Canada

Do
Study up on Section 8 of the Charter of Rights and Freedoms (i.e. what constitutes illegal searches against citizens)

Don’t
Bring banned electronic-storage devices (“personal cellphones,” “BlackBerries,” “burned CDs”) to work

Do
Know what’s on the National SigInt Priorities List (the intelligence that government “clients” order up)

Don’t
Use Bluetooth phones, the “most vulnerable communications device known to man”

Do
Be aware of threats from “foreign intelligence services,” “those sympathetic to terrorist groups,” and “trusted insiders”

Don’t
Wear any “CSEC T-shirt or ball cap to church/mosque/temple”

Do
Keep classified documents “covered or hidden from view when an uncleared visitor is present”

Don’t
“Take classified or protected material home”

Do
Ensure you use proper “encryption capabilities” when sending messages

Don’t
Toss “classified waste in the recycling bin,” because it “may reveal our partners outside CSEC”

Do
“Leave your CSEC, CSIS, NSA, DND, etc. memorabilia back home” when travelling

Don’t
If crossing U.S. border, “be reluctant to say that you’re attending work-related meetings with counterparts at Fort Meade” (i.e. NSA)

***

ETHICS

1. “You enter Tim Hortons with a friend. ... You both get a coffee and she pays for yours. When you finish your coffee and roll up the rim, you find that cup qualifies to win a vehicle. What would you do?”

2. “Jean is a new CSEC employee in the SIGINT business line. He is given an operational procedure ... as he reads it, it seems to require doing something … that would negatively impact the privacy of Canadians without an operational benefit. … He remains confused and troubled. ... What should Jean do in this situation?

3. “Charles likes to keep busy in the evenings and earn extra income. Charles has therefore decided to do income tax reports... He decides that he’ll offer income-tax-filing service to the consultants that CSEC will be hiring in the months to come... What should Charles do in this situation?”

4. “Mary is a new employee at CSEC in an IT Security section. ... She is aware of a potential concern with one of the products that a client department might use for a system as a result of a classified briefing. ... No one in the client department has the appropriate clearance. ... What should Mary do in this situation?

5. “Peter is a term CSEC employee in a directorate whose employees frequently travel. ... Two senior directorate employees bragged in front of him about how easy it is to generate ‘entertainment’ money on trips by claiming for meals that are actually provided free of charge ...”

6. “Nancy is a real dog lover. She also strongly believes in the value of dog shelters ... She therefore takes it upon herself to personally canvass all of her coworkers for a monetary donation.”

***

CSEC HISTORY

1925: Canada and Britain collaborate on a joint interception operation off British Columbia

1942: Canada and the United States sign an agreement to exchange cryptological information

1945: Igor Gouzenko, a Soviet cipher clerk, defects from the Russian embassy in Ottawa

1946: Federal government hires 176 “SIGINT” staff following an order-in-council to “continue the wartime effort”

1949: Canada and United States sign CANUSA intelligence-sharing agreement

1955: Canada helps NATO develop cryptological material

1975: Agency renamed CSEC from “Communications Branch National Research Council

1982: The Canadian Charter of Rights and Freedoms proclaims everyone has the “right to be secure against unreasonable search or seizure”

1986: Justice Canada lawyers begin to be embedded in CSEC

1989: The Berlin Wall falls, forcing CSEC to grapple with the end of the Cold War

1998: CSEC operations grow so diffuse that agency claims only 3 per cent of its reports are “security related”

2001: The Sept. 11, 2001 attacks lead to new CSEC laws and a new focus

Follow on Twitter: @colinfreeze

In the know

Most popular video »

Highlights

More from The Globe and Mail

Most Popular Stories