Saturday, November 30, 2013

Globe and Mail profiles CSEC

The Globe and Mail's Colin Freeze has produced an excellent introductory guide to CSEC, its operations, and its evolution since 2001 (Colin Freeze, "How CSEC became an electronic spying giant," Globe and Mail, 30 November 2013):
Next year, the analysts, hackers and linguists who form the heart of Communications Security Establishment Canada are expected to move from their crumbling old campus in Ottawa to a gleaming new, $1-billion headquarters.

It is the physical manifestation of just how far the agency has come since Sept. 11, 2001. Before those attacks, it was known as Canada’s other spy agency – an organization created to crack Communist codes more than seven decades ago, but rendered rudderless after the collapse of the Soviet Union. The agency’s biggest victory of the 1990s, insiders say, was its behind-the-scenes role in the seizure of a Spanish trawler during the Turbot Wars, a 1995 fishing dispute off the Grand Banks of Newfoundland.

But now, where it once focused on vacuuming up Russian radio signals from Arctic bases, its surveillance reach is global: Its leaders now speak of “mastering the Internet” from desktops in Ottawa. In 1999, it had a shrinking budget of $100-million a year and a staff of about 900. Today, CSEC (pronounced like “seasick” ever since “Canada” was appended to the CSE brand) has evolved into a different machine: a deeply complex, deep-pocketed spying juggernaut that has seen its budget balloon to almost half a billion dollars and its ranks rise to more than 2,100 staff.
Well worth reading the entire piece.

Bonus: The Globe and Mail also posted (1) the (heavily redacted) officially released text of a 2004 ministerial directive related to CSEC use of metadata and (2) 18 slides from CSEC's "Olympia" slide deck with only minor, privacy-related redactions (earlier discussion here and here).

Well done, Globe!

Friday, November 29, 2013

CSEC organization chart

The following is a partial reconstruction of CSEC's current organization chart, based on a variety of unclassified sources.

There are still a few gaps in it, and it might not be correct in every respect, but I think it's pretty close.



Update 27 February 2014:

Embassy has published a more recent CSEC organization chart (see here), but some of the SIGINT directorate names are redacted.

Thursday, November 28, 2013

Foreign intelligence collection and s.16 of the CSIS Act

Craig Forcese has written a very interesting and informative explanation of the legal regime applicable to whatever was or wasn't done by NSA and CSEC at the G8/G20 summit in 2010. It's great to have such an informed source commenting on these questions.

One of the key aspects he discusses is whether a judicial warrant obtained by CSIS under s.16 of the CSIS Act might provide a lawful basis for CSIS and by extension CSEC or even NSA to monitor foreign leaders and diplomats at the summit.

Forcese comments,
Where and when a Federal Court judge will issue a "section 16" warrant is totally a mystery to me. The one public case (of which I am aware) relating to a section 16 warrant has nothing to do with the sort of facts we are playing with in this scenario.

I have not had time to review the legislative history of s.16 and I'm sure I'm naive. But I confess, I have a lot of difficulty imagining CSIS coming to Federal Court and persuading a judge to authorize spying done by or in part by a foreign intelligence service operating in Canada and targeting foreign leaders at an international conference, in order to gather information on, say, negotiating positions so that NSA can support US policy objectives. That is a whole lot of bridges to cross.
I wouldn't want to wade into the question of whether a CSIS warrant might be extended to include the NSA (although if Justice Richard Mosley's experience is any guide, one might doubt whether that little detail was actually placed before the court in 2010).

But I think I can comment a little on other activities that have almost certainly used s.16 warrants.

It is well known (although not of course officially admitted) that CSEC and CSIS monitor the communications in and out of numerous embassies in Ottawa, including communications that take place entirely inside Canada.

For example, CSEC whistleblower Jane Shorten told CTV News in November 1995 that, among others, CSEC was monitoring the communications of the Mexican, South Korean, and Japanese embassies in Ottawa. According to Maclean's, during the early 1990s, "[Shorten’s] tasks changed to include monitoring all telephone and fax traffic in and out of the South Korean Embassy in Ottawa, which included conversations of locally hired Canadian staff. ‘That’s where I drew the line,’ says Shorten. ‘I said “Look, this is Canadian content now,” because anyone could phone up the South Korean Embassy and I would have it on tape.’" (Nomi Morris, “Inside Canada’s Most Secret Agency,” Maclean’s, 2 September 1996, p. 33)

Another whistleblower, Mike Frost, has also stated that embassy communications were being monitored by CSEC.

[Update 11 December 2013: More recently, monitoring of the communications of the Chinese Embassy may well have initiated the recent espionage investigation concerning Qing Quentin Huang. According to the National Post (Stewart Bell, "Undercover sting operation led to arrest of Canadian accused of trying to pass secrets to China," National Post, 1 December 2013), "The Canadian Security Intelligence Service notified the RCMP... that Mr. Huang had allegedly contacted the Chinese embassy in Ottawa to offer up the sensitive documents, several sources said."]

In 1991, reporter Peter Moon described the legal mechanics of these activities as they pertained to monitoring the Soviet Embassy:
Sources said a warrant is reissued annually by a judge to provide a legal basis for the round-the-clock surveillance on the Soviet embassy. CSIS then subcontracts most of the surveillance work, much of it of a highly technical nature, to the CSE. The CSE assists in the collection of any electronic messages sent to or from the embassy or by its staff, including telephone, cable, Telex, radio and facsimile messages. It also tries to collect information given off by electromagnetic emissions from electronic equipment in the embassy, such as computers, printing machines and electric typewriters, sources said. (Peter Moon, "Agency tackles foreign missions," Globe and Mail, 29 May 1991, p. A6)
As far as I can tell, this passage can only be referring to s.16 warrants.

If s.16 warrants are routinely provided to enable the interception of the communications of foreign diplomats located in Canada, and those warrants cover communications that take place entirely within Canada as well as cross-border communications, then it seems to me that it should not be a surprise if s.16 warrants are also issued to authorize collection of the communications of foreign leaders and diplomats temporarily located in Canada, as at the 2010 summit.

Whether CSIS/CSEC can then further subcontract some or all of that collection to NSA and possibly other partners, such as GCHQ, is of course still a crucial question.

Perhap Justice Mosley might like to take that question up too.

Update 29 November 2013: Note CSEC Chief John Forster's comments in this CBC piece (Laura Payton, "Top spy won't answer questions about G20 surveillance," CBC News, 28 November 2013):
"I can't comment in detail on the intelligence operations or capabilities of ourselves or our allies. What I can tell you is that CSEC, under its legislation, cannot target Canadians anywhere in the world or anyone in Canada, including visitors to Canada," Forster said Thursday morning outside the House defence committee.

"We would only do so if we were assisting a law enforcement agency in Canada under a warrant, etc. To do otherwise would be against the law. Further, we cannot ask our allies to do any kind of operations that we ourselves are not permitted to do under law," he said, adding that the commissioner who reviews CSEC has found the agency acts "within the law."
Technically, use of a CSIS Act warrant would fall under Forster's "etc." comment, as CSIS is not a law enforcement agency. But his remarks pretty much tell the tale: CSEC can't spy within Canada (for the most part) except when it is acting in support of another agency's warrant, in which case it can. Did CSEC act "within the law" when it (apparently) spied on the G20 summit? I see little reason to doubt that it did. Let's recall that it's the government that writes these laws, and that at least sometimes it knows exactly what it's doing when it writes them.

NSA spied on G8/G20 summit in Canada

CBC News reports that the NSA spied on the 2010 G8/G20 summit in Canada, and that it did so in close co-ordination with CSEC (Greg Weston, Glenn Greenwald & Ryan Gallagher, "New Snowden docs show U.S. spied during G20 in Toronto: Surveillance during 2010 summit 'closely co-ordinated with Canadian partner' CSEC," CBC News, 27 November 2013):
Top secret documents retrieved by U.S. whistleblower Edward Snowden show that Prime Minister Stephen Harper's government allowed the largest American spy agency to conduct widespread surveillance in Canada during the 2010 G8 and G20 summits.

The documents are being reported exclusively by CBC News.

The briefing notes, stamped "Top Secret," show the U.S. turned its Ottawa embassy into a security command post during a six-day spying operation by the National Security Agency while U.S. President Barack Obama and 25 other foreign heads of state were on Canadian soil in June of 2010.

The covert U.S. operation was no secret to Canadian authorities.

An NSA briefing note describes the American agency's operational plans at the Toronto summit meeting and notes they were "closely co-ordinated with the Canadian partner."

The NSA and its Canadian "partner," the Communications Security Establishment Canada, gather foreign intelligence for their respective governments by covertly intercepting phone calls and hacking into computer systems around the world.

The secret documents do not reveal the precise targets of so much espionage by the NSA — and possibly its Canadian partner — during the Toronto summit.

But both the U.S. and Canadian intelligence agencies have been implicated with their British counterpart in hacking the phone calls and emails of foreign politicians and diplomats attending the G20 summit in London in 2009 — a scant few months before the Toronto gathering of the same world leaders.

Notably, the secret NSA briefing document describes part of the U.S. eavesdropping agency's mandate at the Toronto summit as "providing support to policymakers."

Documents previously released by Snowden, a former NSA contractor who has sought and received asylum in Russia, suggested that support at other international gatherings included spying on the foreign delegations to get an unfair advantage in any negotiations or policy debates at the summit.
The report also questions whether such activities were legal:
"If CSEC tasked NSA to conduct spying activities on Canadians within Canada that CSEC itself was not authorized to take, then I am comfortable saying that would be an unlawful undertaking by CSEC," says Craig Forcese, an expert in national security at University of Ottawa's faculty of law.

By law, CSEC cannot target anyone in Canada without a warrant, including world leaders and foreign diplomats at a G20 summit.

But, the Canadian eavesdropping agency is also prohibited by international agreement from getting the NSA to do the spying or anything that would be illegal for CSEC.
I wouldn't put much credence in the idea that an "international agreement" stands in the way of such co-operation, but the CSE Commissioner did assure Canadians in his 2011-12 Annual Report that "CSEC is prohibited from requesting an international partner to undertake activities that CSEC itself is legally prohibited from conducting."

This question also came up in 2012 when MP Craig Scott submitted a written question asking,
Has Canada ever accepted communications intelligence from one of the traditional "Five Eyes" allies... where that intelligence consisted of communications that took place between persons both or all of whom were within Canada at the time the communications occurred?
Then-Defence Minister Peter MacKay wrote in his formal written response that
The Communications Security Establishment Canada (CSEC) is prohibited by law from directing its activities at any person in Canada or Canadians anywhere, and cannot ask its international partners, including the Five Eyes allies, to act in ways that circumvent this legal restriction.
[Update/edit 11:30 am 28 November 2013: As Craig Forcese points out here,
If you don't yourself have lawful permission to intercept, and you cooperate with someone else to do the intercept, that's called "aiding and abetting" or "conspiracy". That is why in the 5 second excerpt of my 20 minute conversation with the CBC, I say: "If CSEC tasked NSA to conduct spying activities on Canadians within Canada that CSEC itself was not authorized to take, then I am comfortable saying that would be an unlawful undertaking by CSEC."]
MacKay also wrote that
With respect to Five Eyes reporting derived from a communication where both or all communicants were in Canada at the time the communication occurred; in accordance with CSEC's legal mandate CSEC does not pursue the receipt of such intelligence and has clearly expressed its expectations to partner agencies.
I guess we are supposed to believe that CSEC was shocked -- shocked -- to find NSA so blatantly disregarding Canada's clearly expressed expectations when the Americans forwarded the intelligence they collected at the 2010 summit.

MacKay's response is a classic example of why the Canadian public can't believe a single word breathed by CSEC, its spokespersons, or its minister. Everything they say comes with a secret asterisk attached.

As indeed there was to the first part of Minister MacKay's response as well.

CSEC is only "prohibited by law from directing its activities at any person in Canada or Canadians anywhere" when it is operating under the first two parts of its three-part mandate (and even then it may be authorized by the minister to collect communications that involve Canadians). It is not "prohibited by law from directing its activities at any person in Canada or Canadians anywhere" when it is acting under Part (c) of its mandate, i.e., when it is providing support to a Canadian law enforcement or security agency acting lawfully under its own mandate.

Which means that there is a way for CSEC to legally collect foreign intelligence in Canada. As long as CSIS can get warrants under s. 16 of the CSIS Act to target the individuals in question, CSEC can assist in collecting their communications.

Whether those warrants could then be used to authorize NSA to also collect such intelligence is perhaps a question for lawyers and judges to sort out. (Paging Justice Mosley!)

Craig Forcese wrote some interesting and informative comments on the legal aspects of such spying here.

Update 11:30 am 28 November 2013: Forcese has also written a very helpful explanation of what may or may not have occurred during the summit and how the law applies to such activities here.

Update 2 December 2013: CBC has posted the NSA document here. More CBC commentary here: Greg Weston, "NSA document raises questions about Canada in G8 spying," CBC News, 2 December 2013.

Wednesday, November 27, 2013

Dissenters in Camelot



ShitHarperDid activists comment on CSEC's new headquarters (Stephen Hui, "ShitHarperDid activists annoy security guards at spy agency construction site," Straight.com, 27 November 2013).

Tuesday, November 26, 2013

Project SPRINGTHAW

David Pugliese reports that the Canadian Forces Information Operations Group has a project underway to replace and enhance one or more of its legacy SIGINT systems ("Defence Department upgrades spy technology," Postmedia News, 25 November 2013):
The Canadian Forces is buying new equipment to improve its ability to intercept communications at home and on international missions, according to documents obtained by the Ottawa Citizen.

Project SPRINGTHAW, to replace and upgrade the military's existing signals intelligence systems, was approved by the Conservative government in 2012.

The Department of National Defence, citing the need for secrecy, declined to provide information on how much program will cost taxpayers or from whom the new systems are being purchased. But the project has sparked concerns about what the equipment will ultimately be used for.

"The SPRINGTHAW project will replace and enhance the department's existing legacy signals intelligence systems located at (name censored) with a scalable signals intelligence technology that can be expanded to incorporate new and evolving capabilities in support of domestic and international missions," stated the May 2012 briefing for then associate defence minister Julian Fantino.

The heavily censored documents on SPRINGTHAW were declassified and released under the Access to Information process. An email from the DND to the Citizen stated the project is to be completed by December 2015.

The project is being co-ordinated through the Canadian Forces Information Operations Group and the purchase handled by the government's electronic eavesdropping agency, the Communications Security Establishment.

Monday, November 25, 2013

I spy with my five little eyes...

Back in 2009, Justice Richard Mosley issued a warrant authorizing CSIS, assisted by CSEC, to monitor from "within Canada" the communications of two Canadians travelling abroad. (The publicly released, redacted version of the decision can be read here.) A number of similar warrants have since been issued in other cases.

At the time, I commented that probably the most important way in which CSEC could assist CSIS in this regard was to "task the collection resources of its UKUSA allies to conduct intercepts of Canadian targets."

Last month, the Security Intelligence Review Committee (CSIS's watchdog committee) confirmed that this kind of assistance does indeed draw on the resources of CSEC's allies:
In order to maximize collection under the new warrant power, CSIS, in almost every case, leverages the assets of the Five Eyes community (Canada, plus the United States, the United Kingdom, Australia and New Zealand).
It appears, however, that Justice Mosley wasn't told that.

In August, the Annual Report of the CSE Commissioner addressed the Mosley decision, recommending that
1. CSEC discuss with CSIS the expansion of an existing practice to protect privacy to other circumstances; and
2. CSEC advise CSIS to provide the Federal Court with certain additional evidence about the nature and extent of the assistance CSEC may provide to CSIS.
The recommendations were written in the deliberately obscure language preferred by CSE Commissioners, and they were completely overshadowed by the news that the Commissioner could not rule out that one of CSEC's past programs had involved spying on Canadians. (See comments here.)

But Justice Mosley noticed them, and he summoned CSIS and CSEC to tell him the additional evidence that the Commissioner thought the Federal Court should be told.

So now he knows, and it sounds like he is not a happy Justice.

On November 22nd he issued a classified document called Further Reasons for Order elaborating on that original decision, and today he issued a public statement explaining what's going on:
In the classified Further Reasons for Order, Justice Mosley has found that CSIS breached its duty of candour to the Court by not disclosing information that was relevant to the exercise of jurisdiction by the Court and to the determination by the Court that the criteria of investigative necessity and the impracticality of other procedures set out in subsection 21 (2) of the CSIS Act had been satisfied. Justice Mosley has found that such information must be disclosed to the Court on any subsequent application for similar warrants.

In conducting its review of Commissioner Décary’s recommendations, the Court has determined that the execution of the type of warrants at issue in Canada has been accompanied by requests made by CSEC, on behalf of CSIS, to foreign agencies (members of the “Five Eyes” alliance), for the interception of the telecommunications of Canadian persons abroad.

The Court expresses its views about this practice in its classified Further Reasons for Order. However, it is concerned that statements in the public record, notably in the 2012-2013 Annual Report of the Security Intelligence Review Committee (SIRC) recently tabled in Parliament, may result in a false impression about the nature and scope of such warrants. The SIRC Report discusses the Committee’s “first examination of a new warrant power under Section 21 of the CSIS Act which was initially authorized by the Federal Court in 2009”. The report further states: “In order to maximize collection under the new warrant power, CSIS, in almost every case, leverages the assets of the Five Eyes community...”

This practice is addressed in the Court’s classified Further Reasons for Order. However, in light of these public statements, the Court considers it necessary to state that the use of “the assets of the Five Eyes community” is not authorized under any warrant issued to CSIS pursuant to the CSIS Act. The question of whether CSIS may, with the assistance of CSEC, engage the surveillance capabilities of foreign agencies was not raised in the application that resulted in the issuance of the first such warrant or in any subsequent warrants of this type.
News coverage:

Stewart Bell, "Court rebukes CSIS for secretly asking international allies to spy on Canadian terror suspects travelling abroad," National Post, 25 November 2013.

Colin Freeze, "CSIS not being forthcoming with court, federal judge says," Globe and Mail, 25 November 2013.

Update 20 December 2013: Added link to the public version of the 22 November 2013 Further Reasons for Order.

Saturday, November 23, 2013

CSE employees headed to conciliation

Contract negotiations between the Communications Security Establishment and the union that represents its employees are at an impasse, so the union has applied for the establishment of a conciliation board, reports David Pugliese ("CSEC spies head to conciliation as Tories move to limit union’s bargaining power," Ottawa Citizen, 22 November 2013):
Some of Canada’s spies are going to a conciliation board over pay and other benefits, a move that could potentially put them in a legal strike position sometime in the spring. But the push by the Conservative government to bring in new labour legislation covering federal workers could derail any attempt to walk off the job.

The Public Service Alliance of Canada, which represents around 1,400 employees at the Communications Security Establishment Canada (CSEC), applied Nov. 7 for the establishment of a conciliation board, said John MacLennan, president of the Union of National Defence Employees.

The workers include those in a wide variety of positions, ranging from mathematicians to clerical staff, added MacLennan, whose organization is part of PSAC.

[PSAC represents all CSE employees except those in management positions, so I'd be surprised if the total number affected isn't closer to 1800 or 1900.]

The federal government and union have held a total of 37 days of negotiations since early 2012. The last face-to-face meeting was held on Oct. 10. But according to a statement from the union in its request for a conciliation board, CSEC has declined to discuss anything substantive, including monetary issues and vacation time.

“We were in negotiations but that’s now fallen apart so there is no face to face,” said MacLennan. “That’s why we’ve asked for conciliation.”

The request was made to the Public Service Labour Relations Board.

The resulting conciliation report would be sent to CSEC management but it is non-binding. The union would also present the report to its members who could decide to vote to strike, said MacLennan. That process could happen as early as February or March.

Andy McLaughlin, director of public affairs at CSEC, sent an emailed statement to the Citizen noting that “CSEC welcomes the request for a conciliation board to help reach a collective agreement with PSAC.”

But MacLennan said the CSE management is taking a hard line on most issues. “They’ve dug their heels in so they’re not talking about anything,” he explained. “They think these employees aren’t militant and nothing will happen.”
The article also notes that
the Conservative government is moving ahead with proposed amendments to the Public Service Labour Relations Act and is hoping to get that in place by Christmas.

The changes would effectively put the government in the driver’s seat when determining which unions get to strike and which ones go to arbitration to resolve any contract disputes. They also give the government the exclusive right to decide which workers are essential and can’t strike. Changes also reduce the independence of arbitrators and ensure they base their awards on the government’s budgetary priorities.

Union officials warn that the changes will effectively strip them of their ability to bargain.
Next we get this comment:
Bill Robinson, one of the few analysts who monitors activities at CSE, has noted in the past that the likelihood of a strike happening at the agency is very remote.
I have indeed said that. And I would still say it.

There have occasionally been rough patches in the past. CSE's relations with its union grew quite tense in 1999, but in the end everything was resolved without a strike. (More here: Kathryn May, "Spies near strike: 'We can't talk about it'. A very quiet kind of labour dispute," Ottawa Citizen, 10 March 1999.)

As I noted in an earlier post, the only serious labour disruptions known to have occurred within the UKUSA community happened to GCHQ, which experienced a work slowdown in the winter of 1979-1980 and a one-day strike in 1981. These actions were cited as one of the reasons then-Prime Minister Margaret Thatcher decided in 1983 to ban unions at GCHQ, which led to a bitter dispute that continued until the decision was eventually reversed by Prime Minister Tony Blair in 1997.

I don't see much likelihood of CSE's staff writing a new chapter in the history of UKUSA labour interruptions.

Pugliese's article also mentions that
CSEC management is balking at continuing with the market allowance for specialized skills. The market allowance, around $10,000 a year, is a financial incentive for specialists to continue working at CSEC.

In the past the union has negotiated a market allowance for engineers, mathematicians and other specialists who are in demand.
In 2009, the union won a dispute with CSE management over eligibility for that allowance, with the result that more employees were recognized as being eligible for it. (See Public Service Labour Relations Board decision 2009 PSLRB 121.)

The most recent (now expired) collective agreement between CSE and its employees, and earlier versions, can be found here.

Thursday, November 21, 2013

More on oversight/review

More commentary on the inadequacy of Canada's oversight/review mechanisms (Jim Bronskill, "'Zero' accountability on spies: Segal," Canadian Press, 20 November 2013):
Conservative Sen. Hugh Segal says it’s “deeply problematic” that Canada lacks a full-fledged national security committee of parliamentarians to keep an eye on spy agencies.

At a national intelligence conference Wednesday, Segal described current oversight of the spy world as a “non-system of zero legislative accountability.”

It features parliamentary committees — including one on which Segal sits — that aren’t allowed to see secret documents and watchdogs that conduct after-the-fact reviews, the senator told a symposium of the Canadian Association for Security and Intelligence Studies.

He pointed to countries such as the United States and Britain where parliamentarians are able to tackle current crises head-on, eliciting candid testimony from spy chiefs.

In Canada, no one — least of all the responsible cabinet minister — steps forward to address the issues when an intelligence crisis erupts, Segal acknowledged.

“Any minister who says, ‘Actually, we have a big problem, I’m going to look into it’ these days is not part of the operative political culture,” he said.

“And I think that is deeply, deeply problematic.”

Segal said there has been a “lack of political will” to address the question with a measure of discretion, balance and focus.

...

University of Toronto law professor Kent Roach told the symposium Wednesday that a national security committee of MPs and senators would not be a panacea for intelligence oversight.

Easter’s bill worries Roach because the government would have “unfettered and unreviewable discretion” to decide what information the parliamentary committee would see.

“So I’m not terribly optimistic about that,” said Roach, who served as part of the research advisory group on the O’Connor commission of inquiry that looked into the Maher Arar torture affair.

Justice Dennis O’Connor recommended changes to allow national security watchdogs to exchange information and conduct joint investigations. He also advocated a co-ordinating committee that would include various security watchdog chairs to ensure seamless handling of complaints and probes.

Roach noted both the watchdog that monitors CSEC and the one that keeps tabs on the Canadian Security Intelligence Service have spoken of difficulty in following the intelligence trail through government because each has authority to peek into just one agency.

It’s time to adopt the “one big committee” approach to spy oversight instead of the current roster of watchdogs working in isolation, Roach said.

“We can be creative with the diverse composition. It can include present or past parliamentarians, judges, experts, civil society — I think that’s totally open, but we need to have a debate about it.”
More from Kent Roach ("Op-Ed: How to hold our spies accountable," Ottawa Citizen, 19 November 2013):
Canadians should be concerned that their accountability house is in particular disorder. The government has rejected the 2006 recommendations of the Arar Commission, which stressed that accountability should keep pace with the increased intensity of the whole of government and transnational national security activities. The heads of the two main watchdogs on Canada’s intelligence agencies have both recently raised alarms that they do not have the authority to chase intelligence threads beyond the agency that they review.

Canada is alone among democracies in not giving even a small group of parliamentarians access to secret information. The Afghan detainee affair underlines the mischief that this can cause in an interconnected world where so much is classified as secret.

Nevertheless, parliamentary review as contemplated in Wayne Easter’s bill before Parliament is not a panacea. The 2005 reforms contemplated a statutory committee that would not enjoy parliamentary privilege. The Joint Intelligence Committee in Britain has not performed particularly well in the post-9/11 era with respect to the possible complicity of officials in torture. This task had to be transferred to the now-aborted Detainee Inquiry and now to police investigations.

Congressional committees have been briefed on most of the notorious American national security activities but have failed to prevent or blow the whistle on them. Briefing in legislators can ties their hands and provide the thinnest veneers of legitimacy and accountability to problematic programs.

Parliamentarians that were briefed in on a dodgy CSEC program would at most be able to demand that the minister of defence or the prime minister know of and take responsibility for the program. This in itself could be important. Nevertheless, it would not necessarily change, stop or reveal the program.

The courts have played little role in restraining CSEC because its activities are authorized not by a judicial warrant but by a warrant from the minister of national defence. This approach is now being challenged by the British Columbia Civil Liberties Association and it remains to be seen what the courts will decide. The government will rely on restrictions that CSEC not target Canadians unless they are assisting the RCMP or CSIS presumably under a valid warrant.

The traditional warrant jurisprudence does not apply well to CSEC and other signals intelligence agencies, given that authorizations seem to relate to broad investigative techniques and not sufficient persons. Accountability mechanisms must seek to control both the necessity for obtaining the data in the first place and subsequent access to the data within and between governments. The Americans are considering having security-cleared special advocates provide adversarial challenge at the warrant stage. This may be worth pursuing in Canada. Alas, the courts have not traditionally policed sharing of information after it was obtained. The review of information sharing requires robust and nimble watchdog review.

In its most recent report, the Security Intelligence Review Committee has raised concerns that the caveats or restrictions on sharing intelligence that the Arar Commission stressed were so important to discipline and control over information sharing seem not to apply in the same way within signals intelligence agencies. Indeed, CSEC seems to have a “second-party” rule that applies to information that it shares with its Five Eyes partners as distinct from the more traditional “third-party” rule used by other intelligence agencies.

Independent watchdog review with powers to initiate systemic reviews and audits is crucial to accountability for signals intelligence. The former CSEC commissioner, however, in his last report echoed conventional wisdom in Ottawa that the Arar Commission’s recommendations for an over-arching structure would only create an “additional super-bureaucracy.” This soundbite approach may play well in some quarters but it ignores how accountability has failed to keep pace with increased whole of government use of intelligence and that the real bureaucracies are our rapidly expanding intelligence agencies.

The Arar Commission recommended statutory gateways that would allow the reviewers to share secret information. The time may have come, however, to have a single body to review the collection and sharing of intelligence throughout government. Australia has moved in this direction, but it would be critical that such a body could follow the information trail throughout government and not only have such powers when authorized by the government.

There is a case for creativity in the composition of such a review body. It could include current or former parliamentarians, sitting or retired judges, civil society representatives, current or former special advocates and others. A diverse body could help inspire public confidence. Such a body would have access to classified information but should put more emphasis on public engagement and outreach. The review body should also have the ability, if necessary, to challenge governmental claims that information must remain secret in court. Such a review body, even more than a parliamentary committee, is necessary to ensure that we have any chance of holding our spies accountable.
Earlier reporting on oversight/review issues here and here.

Update 24 November 2013:

See also Ian Macleod, "Security and privacy: Experts connect the dots as debate rages," Ottawa Citizen, 23 November 2013.

"Lawful access" returns

If you're not with the cyberspies, you're with the cyberbullies.

That seems to be the implied slogan for the Harper government's latest attempt to enact its sweeping "lawful access" wish list, which was introduced in parliament on Wednesday under the new name the Protecting Canadians from Online Crime Act.

Michael Geist explains the backstory and comments on the proposals here: "Lawful Access is Back: Controversial Bill Returns Under the Guise of Cyber-Bullying Legislation," MichaelGeist.ca, 21 November 2013.

See also the comments of Ontario's Information and Privacy Commissioner: "Statement from Commissioner Cavoukian on Bill C-13," 21 November 2013.

Update 25 November 2013:

More from Michael Geist: "The Privacy Threats in Bill C-13, Part One: Immunity for Personal Info Disclosures Without a Warrant," MichaelGeist.ca, 25 November 2013.

And a more sanguine view from Craig Forcese, "Bill C-13: Does the Trojan Horse Contain Lawful Access Gifts, or Just Greek Hoplites," National Security Law blog, 22 November 2013.

Update 11 December 2013:

Additional comments from Michael Geist: "The Privacy Threats in Bill C-13, Part Two: The Low Threshold for Metadata," MichaelGeist.ca, 11 December 2013.

Wednesday, November 20, 2013

Honour among data thieves, UKUSA version

We are regularly assured that the members of the UKUSA, or Five Eyes, community may spy on virtually the whole world, but they do not spy on each other. (The issue recently came up for Canada when media outlets speculated on whether Stephen Harper might be a target for NSA spying.)

There does seem to be some truth to the assertion that some sort of agreement exists among the UKUSA countries not to target one another.

But the spy world is not a realm where honesty is valued above all other attributes, and the "agreement" that reportedly exists between the UKUSA parties, like the Pirate's Code, seems to be "more what you'd call 'guidelines' than actual rules".

Today the Guardian published an excerpt of what the actual rules, as they pertain to the NSA, may be (James Ball "US and UK struck secret deal to allow NSA to 'unmask' Britons' personal data," Guardian, 20 November 2013):



The document confirms that the non-targeting agreement exists, but it also makes it clear that the agreement is really just a "common understanding" that has evolved among the UKUSA partners, with each side reserving the right, "when it is in the best interest of each nation", "to conduct unilateral COMINT action against each other's citizens/persons."

The NSA document goes on to state that "under certain circumstances, it may be advisable and allowable to target Second Party persons and second party communications systems unilaterally when it is in the best interests of the U.S. and necessary for U.S. national security." (Note that the term "Second Party" in this context refers not just to the United Kingdom, but also to the other members of the UKUSA community, i.e., Australia, New Zealand, and Canada.)

There is no reason to believe that such unilateral targeting is taking place on an en masse basis. Indeed, it seems clear that in most cases monitoring of Second Party citizens takes place with the knowledge and co-operation of the country whose citizens are being monitored, and it appears that in many cases the data in question will actually be provided by the Second Party country. (The Guardian article provides some very interesting details of how such arrangements currently work with respect to NSA monitoring of U.K. citizens.)

As another excerpt from the NSA document shows, only when the Second Party declines to collaborate, or when sharing the target would be "contrary to U.S. interests" (for example, if NSA wished to target Canadian government officials), would NSA consider proceeding on a unilateral basis.



According to the Guardian, the document cited in the article was a draft directive written in 2005. We don't know what the final wording of the directive actually was.

But don't be fooled by attempts that may be made to dismiss the text as a draft document that was never approved.

If the UKUSA non-targeting agreement really were ironclad, a proposal to change that policy would appear in a Top Secret, very, very tightly compartmentalized document presented to the NSA Director, with supporting arguments and extended discussion of the advantages and risks, not in a few paragraphs classified at the Secret NOFORN level. This may be a draft document, but it is not a proposal for a fundamental change in targeting policy.

Update 21 November 2013:

New York Times coverage: James Glanz, "United States Can Spy on Britons Despite Pact, N.S.A. Memo Says," New York Times, 20 November 2013

Update 22 November 2013:

CTV on the case: "U.S. can spy on Brits, so are they spying on Canadians?" CTV News, 21 November 2013

Update 5 December 2013:

The Ottawa Citizen notices the issue: Ian Macleod, "NSA considered spying on Canadians without this country’s consent: Report," Ottawa Citizen, 5 December 2013.

Update 2 May 2014:

U.S. National Security Advisor Susan Rice asserts, according to the New York Times, that "the United States [does] not have no-spy agreements with any of its close allies, even with the other members of the so-called Five Eyes — the United States, Britain, Canada, Australia and New Zealand" (David Sanger, "U.S. and Germany Fail to Reach a Deal on Spying," New York Times, 1 May 2014).

Monday, November 18, 2013

October 2013 CSE staff size

2124, a new record!

(If you click through on the link and get a different figure, it's probably because the Canada Public Service Agency has updated its website; they update the numbers once a month.)

Sunday, November 17, 2013

Ottawa Citizen profiles CSE's new headquarters

Extensive article in the Ottawa Citizen on CSE and its new headquarters (Ian Macleod, "CSEC: The spies next door," Ottawa Citizen, 15 November 2013).

The article contains lots of interesting tidbits about the new complex.

A note on its size, which is reported as 775,000 square feet in the article: As noted here, the figure of 72,000 square metres, or 775,000 square feet, commonly attributed to the building refers only to the "rentable space" in the part of the complex built under the Long-Term Accommodation Project (LTAP). In 2009, the government estimated that the overall size of the LTAP would be at least 82,700 square metres, or 890,000 square feet, and possibly as much as 83,300 square metres. And those LTAP figures did not include what is now known as Pod 1 of the complex, the 6000 square metre (64,600 square foot) Mid-Term Accommodation Project, which was built under a separate contract. Put it all together, and you get a complex of about 88,700-89,300 square metres, or roughly 960,000 square feet.

The article also has a couple of accompanying sidebar pieces:

Ian Macleod, "The players of Camelot," Ottawa Citizen, 15 November 2013 (A description of the companies and agencies participating in the construction project.)

"How the Communications Security Establishment came to be," Ottawa Citizen, 15 November 2013 (A brief potted history of CSE drawn from the material on CSE's website. Despite its provenance, this article has at least one glaring error: the agency was transferred to the Department of National Defence and renamed the Communications Security Establishment in 1975, not 1974.)

Friday, November 15, 2013

Perry Fellwock and CBNRC



Fascinating profile here of Perry Fellwock, who under the pseudonym Winslow Peck spilled the beans on NSA's operations to the counterculture magazine Ramparts (U.S. Electronic Espionage: A Memoir) in 1972.

Although focused almost exclusively on the activities of the National Security Agency, the Ramparts article was also the first to reveal the fact that the Communications Branch of the National Research Council (as CSE was then known) was Canada's signals intelligence agency.

References to CBNRC, but not its role, had occasionally appeared in public documents, and even in newspapers, in earlier years, and a 1960 New York Times article based on the revelations of William Martin and Bernon Mitchell, two NSA analysts who had earlier defected to Moscow, reported that Canada worked closely with the NSA on signals intelligence. But the New York Times report had not named the Canadian agency.

The Ramparts article was the first to put the two together, and Fellwock (still identified as Peck) went on to be the main source interviewed on CBNRC in the CBC documentary The Fifth Estate: The Espionage Establishment, broadcast on 9 January 1974.

It was the broadcast of The Fifth Estate (no relation to the later investigative series) that finally put the existence of CBNRC and questions about its role on the national agenda. Extensive news coverage and a series of questions about the agency in parliament soon followed.

It was only a first step. The CBNRC remained largely cloaked in secrecy even after the broadcast, and it wasn't until 1983 that the government formally acknowledged that signals intelligence was the primary mission of the agency, by then renamed the Communications Security Establishment. (The Deputy Minister of National Defence had let slip the fact that CSE did "communications intelligence" in 1977, but that statement appears to have been unplanned).

Still, the discussion that followed the broadcast almost certainly played an important role in the government's 1975 decision to move CBNRC from the National Research Council to the Department of National Defence and change its name to CSE.

And, more importantly, it marked the beginning of explicit parliamentary and media discussion of Canadian signals intelligence activities.

CSEC as cricketbait

Jesse Brown's final column in Macleans.ca reports that the least popular topic that he covered during his column's three-year tenure was "privacy in general and CSEC in particular".

Some topics are clickbait, and some are just cricketbait (as in "nothing going on here except the sound of crickets").

Good on him for trying anyway!

Tuesday, November 12, 2013

Growth in CSE budget since 1995



This chart shows the growth in CSE's personnel budget and its overall budget since fiscal year 1995-96. All figures are converted to 2013 dollars to account for the effects of inflation.

As can be seen, CSE's budget was stagnant or even in decline during the latter part of the 1990s, but it has been on a steady path of growth since the 9/11 attack.

CSE's 2013-14 budget, now estimated to be $460,887,980, is 3.5 times the size of its 2000-01 budget.

Globe and Mail coverage here: Colin Freeze, "Spy agency’s budget to hit $460-million after ‘steady path’ of growth," Globe and Mail, 12 November 2013.

Sunday, November 10, 2013

Fire on the roof!



"Canada's new 'spy palace' damaged by overnight fire," CBC News, 10 November 2013

Nothing too serious, apparently.

Saturday, November 09, 2013

CSE 2013-14 budget now $461 million

The Supplementary Estimates (B) for fiscal year 2013-14, tabled in the House of Commons on November 7th, show that CSE's budget for the current fiscal year is being increased to $460,887,980.

That's a big jump from the total shown in the 2013-14 Main Estimates.

The Main Estimates reported that CSE would receive $33,389,185 in statutory money and $388,818,662 in voted money, for a total of $422,207,847.

The Supplementary Estimates (B) report that $21,538,711 will be added to CSE's budget.

So why doesn't the new budget total $443,746,558?

The new budget is $17,141,422 higher than that because, according to the Supplementary Estimates (B), CSE already has $405,960,084 in voted authority, not the $388,818,662 shown in the Main Estimates.

And where did that extra money come from?

According to this document, it came from Treasury Board Central Vote 25, apparently to enable CSE to carry over some of the operating funds that it didn't manage to spend in the prior fiscal year. (The Public Accounts 2013 reported that $26,660,000 in CSE spending authority lapsed at the end of FY 2012-13, whereas only $21,000 was reported as "Available for use in subsequent years".)

[Update 12 November 2013: Colin Freeze, "Spy agency’s budget to hit $460-million after ‘steady path’ of growth," Globe and Mail, 12 November 2013]

Calls for greater oversight/review continue

More concerns are being expressed about the limited degree of oversight/review to which CSE is subject, including the lack of regular parliamentary oversight (Mitch Potter & Michelle Shephard, "Canada’s electronic watchers enjoy secrecy second to none," Toronto Star, 9 November 2013):
“Canadians who think they are in the clear on these ongoing scandals need to grasp that we are the ones who need the debate the most,” said Ron Deibert, director of the University of Toronto’s Citizen Lab.

“The Canadian checks and balances just aren’t there. We have no parliamentary oversight of CSEC, no adequate independent entity to watch the watchers and act as a constraint on misbehaviour. It just doesn’t exist now.

“It’s not a question of people shrugging and saying, ‘Well, I’ve got nothing to hide.’ The real problem is oversight — and the potential for abuse if left unchecked.”

It’s an idea that even CSEC’s former chief, John Adams, concedes would be helpful.

Adams doesn’t think “oversight” is realistic, but supports the robust “review” of CSEC’s activities and sees the value in having a committee of security-cleared parliamentarians “fully briefed on what CSEC is doing.

[A note on terminology: Canada's intelligence review bodies draw a sharp distinction between oversight, which is continuous, and review, which takes place after the fact, and note that their job is review (SIRC position; OCSEC position). However, in day-to-day use, "oversight" is typically used to refer all forms of monitoring by external officials or bodies. (I'm certainly one of the ones who usually uses it that way.)]

“It would be an opportunity for them to provide feedback and observations and raise concerns perhaps about what CSEC is doing and CSEC could also use that forum as an opportunity to talk about what they might be doing or consider doing or to bounce off of them some thoughts,” said Adams.

“It would be an opportunity for (Parliament) to have some public debate but it would be a limited public debate because they’d have to be sworn to secrecy.”

...

University of Ottawa scholar Wesley Wark, who specializes in national security and the history of intelligence agencies, says the CSEC watchdog is simply not enough.

Unlike Britain and the United States, Canadian oversight leaves a “gaping hole . . . a big gap” because Parliament is not involved in holding intelligence agencies to account as Adams suggested, Wark told The Star.

The issue has simmered for years, said Wark, with failed attempts, most recently in 2005, to create a British-style Committee of Parliamentarians on National Security.

But oversight actually grew worse in 2011, said Wark, when CSEC was deemed an independent agency within the Department of National Defence, effectively eliminating a requirement to report to the national security adviser and Privy Council office. “It took that away entirely,” said Wark, “and put it all within (DND), where it’s very easy for CSEC to disappear down its secret hole.

[Actually, the situation is even worse than Wark says. CSE used to report through the National Security Advisor in the PCO and the Deputy Minister of National Defence. But it now reports through neither. Since 2011, the Chief of CSE has been considered to be his own deputy minister, and he reports directly to the Minister of National Defence. CSE is considered to be in the National Defence portfolio, but it is not a part of the Department of National Defence and it has no reporting relationship through that department.]

...

Deibert, who this year published Black Code: Inside the Battle for Cyberspace, argues that while parliamentary oversight remains an admirable goal, the evolving issue of privacy-versus-surveillance warrants something more ambitious.

“I would go further: There needs to be somebody who is not part of Ottawa culture, who is adversarial, something with the authority and credibility of the Privacy Commission’s office,” said Deibert.

“Parliamentary oversight is necessary. But you also need oversight that doesn’t depend on favours or look through the lens of partisan politics.

“I just don’t think, as a society, Canada has caught up with the epochal scope of what has changed in the last 10 years. We’ve gone through the most profound transformation in how we communicate. Mobile and broadband technologies have turned us inside out — and at the same time these Cold War agencies are now turning their gaze inwards on us.

“It’s no longer spy-versus-spy and concern over foreign states with nuclear weapons. Now it’s about somebody blowing themselves up in a shopping mall. And so the threat model has turned toward all of society.”
(Bonus comment on the Toronto Star article: Whoever wrote the caption for the photo of John Adams that accompanies the piece evidently doesn't know that Adams is no longer Chief; at least the reporters themselves are not confused on that point.)

As noted in the article, CSE is the only member of the UKUSA community that doesn't have some kind of formalized parliamentary or legislative branch oversight/review. Here is what CSE's partner agencies say about their legislative watchdogs:

- National Security Agency (U.S.)
- Government Communications Headquarters (U.K.)
- Australian Signals Directorate (Australia)
- Government Communications Security Bureau (New Zealand)

There have been several recent efforts to revive the idea of establishing formal parliamentary oversight of Canada's security and intelligence community.

On November 7th, Liberal MP (and former Solicitor General) Wayne Easter introduced a private member's bill calling for the creation of a National Security Committee of MPs and Senators ("Liberals propose oversight committee to keep an eye on Canada’s spy agencies," Postmedia News, 7 November 2013):
Liberal public safety critic Wayne Easter, introduced a private member’s bill Thursday that would see six MPs and three senators exercise oversight over the spy agencies. Easter [actually Liberal MP Derek Lee] had previously introduced a version of the current bill in 2009 but it went nowhere. And with the Liberals as the third party in the House of Commons, that’s likely to be true again.

But recent revelations about Canada’s security agencies have raised calls for more accountability among various federal politicians and officials.

...

The NDP has also called for action. Last month, it put forward a motion to create a “special committee on security and intelligence oversight” that would make recommendations on parliamentary oversight of security agency activities.

And even in the middle of the spending scandal, the Senate recently found time to debate the whether CSEC had sufficient oversight.

[Notes on the NDP and Senate initiatives here.]

The idea of creating a special committee to provide accountability to the national security agencies has been around for almost a decade.

In 2004 the Liberal government under Paul Martin created a special committee to advise on the best practices of National Security committees. A bill was introduced in November 2005 by then Liberal public safety minister Anne McLellan, but the bill died when the government fell and an election was called.

[McLellan's bill, C-81, was given first reading on 25 November 2005. Easter's private member's bill is identical to C-81.]

In January 2011, Prime Minister Stephen Harper mused about the idea of creating a committee on national security, but said there was no agreement on a particular model.

Easter, who was part of the 2004 Liberal advisory committee on the issue, feels that there is no need for additional research.

“We’re already way behind the rest of the world and our allies in terms of having a national security committee of parliamentarians,” he said Thursday. “We do not need another study to study what’s already been studied.”
More explanation from Wayne Easter here (Wayne Easter, "Op-Ed: Canada’s intelligence agencies need oversight," Ottawa Citizen, 7 November 2013), including these notes on earlier support for an oversight committee:
A June 2009 Public Safety Committee report on the Iacobucci/O’Connor inquiries recommended that this legislation be revived and enacted: “the committee recommends that Bill C-81, An Act to establish the National Security Committee of Parliamentarians, or a variation of it, which was previously introduced in the 38th Parliament, be reintroduced in Parliament at the earliest opportunity.”

More recently, a Senate report from March 2011 stressed the need for an oversight committee, explaining that “Canada now lags significantly behind its allies on the issue of parliamentary oversight as the only country that lacks a parliamentary committee with substantial powers of review over matters of national security.”
Ontario Information and Privacy Commissioner Ann Cavoukian has come out in support of Easter's proposal ("Statement from Commissioner Cavoukian on Bill C-551 Act to Establish the National Security Committee of Parliamentarians," 8 November 2013), while expressing some reservations about the limited powers it would provide to the members of the committee:
The creation of a parliamentary committee to provide oversight for all agencies responsible for national security, and the requirement for the Prime Minister to table the committee’s report to Parliament are important components to providing accountability and transparency. While the bill may not give committee members sufficient authority to peer behind the veil of secrecy surrounding national security powers and programs, I see Mr. Easter’s bill as a proposal worthy of consideration, debate, and ultimately passing into law.
Cavoukian's statement also called for a greater role for the judiciary in authorizing CSE's eavesdropping activities:
The only gate-keeper limiting CSEC’s power to conduct intelligence gathering is the Minister of National Defence, lacking entirely in independence. Why have the courts been kept out of the equation here in Canada? After all, the courts are well situated to ensure that both necessary surveillance proceeds, and Canadians simultaneously enjoy rigorous privacy protections – not one to the exclusion of the other.
There have also been recent calls by Canada's existing review bodies to improve their ability to work with each other and to examine the workings of the security and intelligence community beyond the specific agencies that SIRC and OCSEC are assigned to monitor. (See the end of this recent post.)

The Chair of the Security Intelligence Review Committee, former Conservative MP Chuck Strahl, is among those calling for broader powers for the SIRC and other bodies (Jim Bronskill, "Watchdog cites need for stricter oversight to keep pace with spy services," Canadian Press, 7 November 2013):
The head of Canada's main spy watchdog says new rules — and possibly legislation — are needed to help keep an eye on federal intelligence agencies.

Chuck Strahl, chairman of the Security Intelligence Review Committee, says that as spy services work ever more closely together, there must be ways for watchdogs to do the same.

Strahl says he has no complaints about the review committee's ability to get information from the Canadian Security Intelligence Service, the agency he and fellow committee members monitor.

"The question though is, what about when it involves other government departments and agencies that we don't have access to?" Strahl said in a recent interview.

"Is the government satisfied that we can chase those threads when they disappear out of CSIS's hands?"

Strahl flagged the concern amid increasing calls for more comprehensive oversight of Canada's spy community, particularly in light of allegations about Communications Security Establishment Canada, the national eavesdropping agency.

...

Liberal public safety critic Wayne Easter tabled a private member's bill in the House of Commons on Thursday to create a national security committee of parliamentarians that would have access to top-secret information — unlike existing committees of MPs and senators.

"The necessity of this legislation has been evident for more than a decade," Easter told a news conference.

Just last month, the NDP unsuccessfully sought support in the House of Commons to study stronger oversight for the intelligence community.

The Conservative government has said it is looking at an inter-agency review system that would modernize the current approach of spy watchdogs working in separate silos, but few details have emerged.

Robert Decary, the recently retired commissioner of CSEC — a watchdog who reports to the defence minister — also expressed a desire to collaborate with the review committee over CSIS.

...

Strahl said intelligence agencies will continue to share more information with one another and work more closely on cases.

"Let's not just pretend it doesn't matter, because it will. And it'll increasingly matter, because the information sharing must continue and it must expand in my opinion — there's just no getting around it," he said.

"That means we need those rules and perhaps legislation that reflects that 21st century reality."

Wednesday, November 06, 2013

SIRC Executive Director is former CANSLO/W

Interesting tidbit about Michael E. Doucet, the new Executive Director of the Security Intelligence Review Committee, the group that reviews the activities of the Canadian Security Intelligence Service: as it turns out, Doucet used to work at the Communications Security Establishment, and he even served at one time as CSE's Senior Liaison Officer to the NSA. See his bio here.

CSE and NSA have posted liaison officers to each other since the beginning of the 1950s, with the practice formalized in 1954. The U.S. official is known as the Senior United States Liaison Officer/Ottawa (SUSLO/O), and the Canadian is known as the Canadian Senior Liaison Officer/Washington (CANSLO/W) (sometimes spelled out as Canadian Special Liaison Officer).

[Update 19 December 2013: A recent CSEC document that discusses the roles of these officers uses the terms Canadian Special Liaison Officer and Canadian Special Liaison Office in several places, but in one case it also uses the term Canadian Senior Liaison Office, so it appears that the Special/Senior confusion exists even inside CSEC. The same document uses the term Special United States Liaison Office for the U.S. equivalent. H/T Colin Freeze.]

I posted a partial list of earlier CANSLOs here. [Updated list here.]

The CANSLO/W after David McKerrow was Toni Moffa, I believe. Michael Doucet probably held the job after her, around the 2004-2007 period, give or take a few years.

I get the feeling that SIRC's laudable new interest in the workings of the CSIS-CSEC relationship and in the risks that are run when CSIS information about Canadians (and others) is fed into the Five Eyes SIGINT system may have been at least in part a result of Doucet's December 2012 hiring.

Tuesday, November 05, 2013

Canadian SIGINT in the 1945-1998 period

Some notes I wrote about the birth and post-war history of the Communications Branch of the National Research Council (CBNRC)/Communications Security Establishment (CSE) for a website that I once had:

Chronology of Canada's Postwar SIGINT Activities

(Kudos to the Internet Archive for preserving the site.)

Note that the chronology extends only to 1998, so none of the major changes the agency has undergone since 9/11 are included.

Two other points worth mentioning:

- We now know that the UKUSA Agreement (originally called the BRUSA Agreement) was signed on 5 March 1946, not in 1947 or 1948.

- We also now know that the CANUSA Agreement between Canada and the U.S. was reached in 1949.

Sunday, November 03, 2013

Answers on CSEC headquarters

In which I do the job of Sen. Claude "Écoutez" Carignan, the Government Leader in the Senate, so he doesn't have to:
Hon. Pierrette Ringuette: Honourable senators, there is some incredible construction happening on Ogilvie Road. I am told that it will house both the Canadian Security Intelligence Service (CSIS) and the Communications Security Establishment Canada (CSEC).

Can the Honourable Leader of the Government in the Senate tell us how many square feet this building will be, how much it will cost and how it compares to the Hoover Building? After all, there are only 32 million of us in comparison to the American population.

I understand that you might not have the answers in your notes, but I would still like you to answer my questions.

Hon. Claude Carignan (Leader of the Government): On the number of square feet, the cost and what else?

Senator Ringuette: Also, how that compares to the Hoover Building in Washington.

Senator Carignan: I am not sure whether we will be able to compare, but I will certainly take note of your question and provide any legally available information to answer it. (Debates of the Senate (Hansard), 28 October 2013)
Maybe Sen. Carignan will get around to answering these questions, and maybe those answers will even end up on the public record somewhere, but who knows when that will happen?

So here we go:

First off, the new headquarters complex being constructed on Ogilvie Road, although located adjacent to the headquarters of the Canadian Security Intelligence Service, will house only the Communications Security Establishment Canada.

The size of the complex is usually reported as 72,000 square metres, or 775,000 square feet. However, the government's 2009 "Request for Qualifications" document stated that
in order to meet CSEC program requirements of approximately 72,000 square metres of rentable space, the Facility will contain approximately: 2000 staff and contractors, an office area of 31500 gross square metres, office support of 11300 gross square metres, common space of 5300 gross square metres, special purpose space of 30000 net square metres, and special purpose common net area of 5200 gross square metres, for a total building gross of approximately 82700 square metres [or about 890,200 square feet].
It should be noted, however, that the figures cited in this document actually add up to 83,300 square metres, or about 896,600 square feet.

Furthermore, none of these estimates include the size of the Mid-Term Accommodation Project, which was built under a separate contract but is now considered to be part of the headquarters complex. It is now known as Pod 1 of the complex. The gross size of Pod 1 is about 6000 square metres, or about 64,600 square feet.

Thus, the full size of the new CSEC headquarters complex is likely to be approximately 88,700-89,300 square metres, or roughly 960,000 square feet.

As noted in Volume I of the Public Accounts of Canada 2013 (page 11.19), it is currently estimated that the construction cost of the new CSEC complex will be $1.170 billion. As with the square footage figures, however, this total does not include Pod 1, which according to CSEC cost about $61.5 million. Thus, the total construction cost of the complex will probably be about $1.23 billion.

The J. Edgar Hoover Building in Washington, D.C., is the headquarters of the U.S. Federal Bureau of Investigation, which has a mandate very different from that of CSEC. However, to answer the question, according to the FBI, the Hoover building's original design called for 2,800,876 square feet of space. The building cost $126,108,000 (U.S.) when it was completed in the mid-1970s.

Bonus answer: The population of Canada was recently estimated to be just over 35 million, not 32 million.

Friday, November 01, 2013

The box in Beijing



For those who want to play the game Spot the Covert Interception Site, here's a nice picture of a mysterious white box on the roof of the Canadian embassy in Beijing that looks like it would be highly suitable for hosting intercept antennas.

Former CSE employee Mike Frost reported in his 1994 book Spyworld that NSA applied heavy pressure on CSE to place an intercept site in the Canadian embassy in Beijing, and that the projected site even received a codename, Badger.

Frost did not know whether such a site was ever put into operation, but it certainly seems like a plausible possibility.

And, yes, if you're keeping track, the Chinese embassy in Ottawa also has a few mysterious boxes on its roof. It is manifestly untrue that "every country" conducts this kind of operation, but there is no doubt whatsoever that China is among the countries that do.

CSE received $636K from "foreign partners" in 2012-13

Page 6.43 of Volume I of the Public Accounts of Canada 2013 reports that CSE's "Foreign Partners - Security" fund received $636,386 in fiscal year 2012-13.

The Public Accounts also report that CSE spent $887,460 from the account during the year, leaving a total of $2,002,417 at the end of the fiscal year.

The same document explains that the Foreign Partners accounts "were established to record funds received from foreign partners, to cover expenditures to be made on their behalf, in accordance with the provisions of agreements with the Government of Canada."

It seems likely that the partner in question is the US National Security Agency.

Adding last year's data to previous years' totals (discussed here), we get a grand total of at least $11.4 million paid to CSE, and at least $9.4 million spent by CSE on behalf of its "foreign partners", since 2002-03.

What is this money paying for?

Update 10 December 2013: An NSA document dated 3 April 2013 (part of the Snowden collection), subsequently released in part by the CBC, states that "No Consolidated Cryptologic Program (CCP) money is allocated to CSEC, but NSA at times pays R&D and technology costs on shared projects with CSEC." That NSA money is probably the source of the "Foreign Partners - Security" funds, but it would still be nice to know what kinds of projects are being funded.

Fifth Estate X three

The CBC's Linden MacIntyre, co-host of the investigative journalism show "the fifth estate", comments on the movie "The Fifth Estate" and the importance of whistleblowers ("Why whistleblowers are crucial for democracy: Linden MacIntyre," CBC News, 30 October 2013):
In a memorable scene from the movie The Fifth Estate, a journalist opines that speeches in the British House of Commons were once so secret that people caught leaking them to the public were hanged for it. Not exactly true - but the Commons debates were conducted secretly, and people went to prison for reporting them in pamphlets. Public outrage, fired by whistleblowing, eventually put a stop to secrecy in parliament.

The modern pamphlet is a blog or tweet, the brown envelope is now a tiny thumb-drive with the information-carrying capacity of a truckload of paper documents. And from the opposing perspective, technology has also enabled institutions to delve deeply into private lives for law enforcement, commerce and the vague new project known as “public safety”.

...

The English philosopher Jeremy Bentham put it strongly - but his words have been embraced in principle and often quoted by politicians and jurists while making and interpreting our laws: “In the darkness of secrecy, sinister interest and evil in every shape have full swing.”

In another essay more than 200 years ago, Bentham said, “Secrecy, being an instrument of conspiracy, ought never to be the system of a regular government”.

Those are words that whistleblowers live by, which makes them auditors of governance and guarantors of our democracy.
When it comes to secrecy in Canada's government and in particular with respect to the intelligence community, there's a third "Fifth Estate" that bears mentioning -- the CBC documentary that lifted CSE (then called CBNRC) out of the shadows and onto the parliamentary agenda in 1974.

CSE's Information Kit tells the story as follows:
In 1974 the television program "The Fifth Estate" broadcast an exposé of Canadian involvement in signals intelligence. The program revealed the existence of the hitherto low-profile CBNRC, and explored the nature of its signals intelligence program and its US partners. The Fifth Estate's revelations were raised in the House of Commons over the next week. As a result of the unwelcome publicity, the government soon transferred Canada's SIGINT and Communications Security organization to the Department of National Defence portfolio, and renamed it the Communications Security Establishment (CSE).
In fact, the television program "the fifth estate" did not exist in 1974. It was a documentary entitled "The Fifth Estate: The Espionage Establishment" -- with no relation to the later program -- that the CBC broadcast on 9 January 1974. (See the comment by James Dubro at the end of this post if you don't want to take my word for it.)

And the discussion of CBNRC was actually a relatively small part of the broadcast.

But it did lead to a series of questions in the House of Commons and very likely played a major role in CBNRC's subsequent transfer to the Department of National Defence as CSE.

I have pointed out that CSE gets this particular detail of its own history wrong as least once before on this blog. It may not be a very big detail (not as big as getting their own budget wrong by $65 million, for example), but you'd think they could get it right nonetheless.

Perhaps no one there reads this site. They do, after all, have real jobs to do.

So I have a plan. If it doesn't get fixed this time, I'll e-mail the information to the Brazilian Minister of Mines and Energy and ask him not to tell anybody.