Skip to main content
Open this photo in gallery:

Cameron Ortis, as shown in a courtroom sketch from his Sept. 13 hearing in Ottawa.Lauren Foster-MacLeod/via Reuters

Canada’s government and spy agency have been dealing with the fallout of a possible security breach since Sept. 13, when the RCMP arrested one of its own high-ranking intelligence officials and charged him under post-9/11 information security laws, as well as criminal breach of trust. Little is known about what, specifically, Cameron Ortis is alleged to have done, but the RCMP has confirmed that he “had access to intelligence coming from our allies both domestically and internationally.” Now, with Mr. Ortis freed on bail and law-enforcement agencies trying to contain the damage and reassure allies that their secrets have not been compromised, the case could have far-reaching implications for Canada’s reputation in cybersecurity. Here’s what you need to know.

Who is Cameron Ortis?

Open this photo in gallery:

An undated Facebook photo of Mr. Ortis.Facebook/Handout

A native of Abbotsford, B.C., the 47-year-old Mr. Ortis graduated from the University of British Columbia with a doctorate in political science and a keen interest in security in the digital age. During his studies, he got job offers from government agencies and private companies, and according to his LinkedIn profile he started working as an adviser for the federal government in 2007. But friends and colleagues told The Globe he offered up few details about what he was working on, and with whom. His PhD adviser, Brian Job, said he knew “he was working for the RCMP, and I knew that he was in a position of some considerable responsibility and sensitivity.”

Before his arrest, Mr. Ortis was director-general of the RCMP’s National Intelligence Coordination Centre. His roles gave him broad access to both Canadian and allied intelligence, RCMP Commissioner Brenda Lucki confirmed on Sept. 16. He was so highly regarded for his work that, a few years ago, some of his superiors wanted to give him abbreviated police training and make him an officer, according to current and retired RCMP officials given confidentiality by The Globe. Then-commissioner Bob Paulson supported the plan, the officials said, but others were wary of possible friction between civilian and regular RCMP members.

As recently as August, Mr. Ortis was working on a probe of defrauded Russian tax money being laundered through Canada, anti-Putin campaigner Bill Browder told The Globe in a Sept. 14 interview. Mr. Browder says he had met with Mr. Ortis in 2017 to press for an RCMP investigation of the tax scheme uncovered by Mr. Browder’s late employee, Sergei Magnitsky, in the 2000s. Mr. Ortis "seems like the last person one would expect to be a spy for a foreign country,” Mr. Browder told The Globe.

Behind the investigation

The RCMP’s allegations centre on Mr. Ortis’s activities from 2015 to 2019, but various accounts of the investigation generally concur that it was in March, 2018, that authorities first suspected something was wrong.

RCMP Commissioner Brenda Lucki says documents were uncovered during a joint RCMP-FBI probe in 2018 that suggested a mole or “internal corruption” within the RCMP, and that investigations later led to Mr. Ortis. The Globe has reported, citing sources granted anonymity, that the 2018 joint probe (which also included the Australian Federal Police) was investigating the company Phantom Secure, whose founder, Vancouver businessman Vince Ramos, was arrested and convicted in the United States for selling encrypted phones to organized criminal groups. The RCMP found documents on a laptop belonging to Mr. Ramos that made them suspect a leak, and alerted at least two of Canada’s Five Eyes intelligence allies, according to sources familiar with the matter. The laptop discovery triggered an internal RCMP probe, dubbed “Project Ace,” that turned its attention to Mr. Ortis in May of 2019 and was authorized to search his home a few months later, a senior government official told The Globe.

What are the charges?

Open this photo in gallery:

Ottawa, Sept. 13: John MacFarlane, senior counsel with the Public Prosecution Service of Canada, speaks with the media outside of the Ottawa courthouse where Mr. Ortis had his initial court hearing.Dave Chan/The Globe and Mail

Court documents offered no details about what information is at issue or to whom Mr. Ortis might have allegedly given it. His October bail hearing, which resulted in him being granted bail on Oct. 22, was put under a publication ban.

The charges announced in September centre on the Security of Information Act, a little-used law established in response to the Sept. 11, 2001, terrorist attacks in the United States. This was the law used to convict Sub-Lieutenant Jeffrey Paul Delisle, a navy officer who pleaded guilty in 2012 to selling secrets to the Russian military. SLt. Delisle was sentenced to 20 years in prison.

Here are the specific laws the RCMP has used to charge Mr. Ortis:

  • Security of Information Act, Section 14(1): This makes it a crime for people bound to secrecy to share “special operational information.” As defined in the law, that can mean details about anything from military plans to the identity of confidential intelligence sources or Canadian encryption and cyberespionage methods. Punishment: Up to 14 years in prison.
  • Security of Information Act, Sections 22(1)(b) and 22(1)(e): These sections relate to things the accused may have done to prepare to do something illegal under the act. Subsection (b) is about “obtaining, retaining or gaining access” to information; subsection (e) is about “possessing any device, apparatus or software” that could hide ill-gotten information or communicate it surreptitiously. Punishment: Up to two years in prison.
  • Criminal Code, Section 122: This makes it illegal for officials to commit fraud or a breach of trust in connection with their duties. Punishment: Up to five years in prison.
  • Criminal Code, Section 342.1(1): This is the part of the Criminal Code dealing with unauthorized use of computers, including the illicit sharing of data or passwords. Punishment: Up to 10 years in prison.

Ottawa’s response

Open this photo in gallery:

RCMP headquarters in Ottawa.Dave Chan/The Globe and Mail

The RCMP has been in touch with its Five Eyes allies and other global agencies affected by the leak, Commissioner Lucki says. Canadian federal departments that handle sensitive intelligence are also running a full review of whether they shared secrets with Mr. Ortis, The Globe reported on Sept. 16, citing a senior government official granted anonymity. The departments under review included Canada’s spy agency, the Canadian Security Intelligence Service; the Privy Council, which is in charge of the federal bureaucracy; as well as the departments of Global Affairs, Defence and Public Safety.

On the election campaign trail, Liberal Leader Justin Trudeau tried to reassure allied nations that their secrets are still safe with Canada. “We are in direct communications with our allies on security, not only the Five Eyes group,” Mr. Trudeau said on a Sept. 17 visit to St. John’s. “We are also working with them to reassure them, but we want to ensure that everyone understands that we are taking this situation very seriously.”

Commentary and analysis

Jessica Davis: Canada needs damage control and transparency from the government in spy case

Compiled by Globe staff

Based on reporting by Daniel Leblanc, Marieke Walsh, Michelle Zilio, Andrea Woo, Ian Bailey, Wendy Stueck, Robert Fife and Kristy Kirkup

Editor’s note: An earlier version of this article incorrectly described Sergei Magnitsky as a tax lawyer.

Interact with The Globe