A new report from the federal spy watchdog says the Canadian Security Intelligence Service failed to adequately consider the potentially serious adverse effects on people and their families when using its powers to disrupt potential threats.
The National Security and Intelligence Review Agency report also finds the spy service takes an “overly narrow” approach when determining whether a judicial warrant is required for a particular threat disruption measure.
Eight years ago, Parliament passed legislation allowing CSIS to go beyond its traditional role of gathering information about espionage and terrorism to actively derailing suspected schemes.
For instance, the disruption powers could permit CSIS to thwart travel plans, cancel bank transactions or covertly interfere with radical websites.
The Ottawa-based International Civil Liberties Monitoring Group said the review agency’s findings show CSIS cannot be trusted to follow the law or the Charter of Rights and Freedoms when it is granted secret powers to disrupt the lives of Canadians.
Under the law, CSIS needs “reasonable grounds to believe” there is a security threat before taking measures to disrupt it. The spy agency also requires a court warrant whenever proposed disruption measures would limit a freedom guaranteed by the Charter of Rights or otherwise breach Canadian law.
In addition, the measures must be reasonable and proportional in the circumstances, and take into account the availability of other means to reduce the threat, as well as foreseeable effects on third parties, including their privacy.
The review agency focused on the extent to which CSIS appropriately identified, documented and considered negative effects that the spy service’s measures could have on people.
Figures on the number of CSIS threat reduction measures that were proposed, approved and implemented from June 2015 to December 2020 were blacked out from the review agency’s heavily redacted report.
The watchdog says in some cases CSIS “disclosed information to external parties with their own levers of control” to deal with identified threats during the period under review.
The review agency found that CSIS’s documentation of the information disclosed to such outside parties as part of threat reduction measures “was inconsistent and, at times, lacked clarity and specificity.”
The watchdog says the precise content, including the scope and breadth of the information to be disclosed, is important and feeds into the overall risk assessment of the proposed measure. “A detailed and precise description of the information to be disclosed would allow for more considered assessments.”
The review agency also found that CSIS did not systematically identify or document the external parties’ authority and ability to take action, or “plausible adverse impacts of the measure.”
Overall, the agency indicates that CSIS had given “limited consideration” to the possible effects of threat reduction measures, including those carried out for the spy service by other parties.
“NSIRA notes that CSIS cannot avoid responsibility just because the outcomes of an action would be effected by someone else’s hand.”
The current CSIS process for determining whether a warrant is required for a threat reduction measure “is overly narrow” and should not be based on the effects of a spy service action alone, the report says.
“Rather, it should consider the full impact of the measure, including any direct and indirect impacts caused or initiated by external parties.”
The review agency says it expects CSIS to seek a judicial warrant when proposing a threat reduction measure that would limit someone’s Charter rights, or that would otherwise be contrary to Canadian law, whether at the direct hand of CSIS or that of an outside party to whom CSIS disclosed information.
“While these powers provide CSIS with additional flexibility, they also demand heightened responsibility, given their covert nature and ability to profoundly impact, not only the subject of a given (measure), but others potentially captured by its scope,” the report says.
In a written response accompanying the report, CSIS disagreed with the review agency’s recommendation that it “appropriately consider” the effects of outside party actions when determining whether a warrant is required.
CSIS said it works closely with the Department of Justice to assess whether a warrant is required for each of its threat reduction initiatives in accordance with the legislative regime, and when applied to operations involving third parties.
CSIS agreed in whole or in part with the review agency’s remaining recommendations.
A CSIS spokesman had no immediate update Friday on steps taken in response to the report.
The civil liberties monitoring group said it is unacceptable that CSIS believes it can ask third parties, like private companies, to take action against individuals based on a secret risk assessment without taking responsibility for the possible effects.
The fact that CSIS also disagrees with the review agency’s recommendation that it take this into account when deciding to seek out a warrant “proves that the service continues to skirt the law and should no longer be trusted with these powers,” the group added.
“We’ve been told over and over that we should not be concerned with CSIS’s threat reduction powers, because they have not reached the point of being so invasive that they require a warrant,” said Tim McSorley, the group’s national co-ordinator. “It is now clear that CSIS is farming out threat reduction measures to third parties, and using that as a reason to avoid considering whether they need a warrant in the first place.”
The federal government should intervene by suspending CSIS’s use of threat reduction measures and refer the issue to the Federal Court, said the group, which ultimately advocates abolishing the powers in favour of working with law enforcement agencies.