With the return of Canada's Parliament later this month, one of the security issues sure to attract attention is Bill C-59.
It aims to modernize and clarify Canadian national security and intelligence operations. This includes how the country collects and retains metadata, better coordination for oversight and review of counter-terrorism investigations.
These issues and the need for reform have been the subject of discussion in Canada for more than a decade and, ironically, many of the changes proposed in C-59 were specifically described in detail in a May 2016 IPT column on the subject.
The bill would revise the much-maligned existing Anti-Terrorism Act, known as C-51, enacted by the previous government in the immediate aftermath of the October 2014 terrorist attacks in Quebec and on Parliament Hill. Curiously, the bill was passed with the support of opposition Liberals who are now in power. They promised changes if elected during the 2015 campaign.
C-51's increase in CSIS authority, expanded information sharing and broader anti-terrorism power in the Criminal Code generated legitimate debate. The bill also fueled partisan and ideological hyperbole in part because it did not address oversight and accountability, and the language used in the Bill to explain and justify its changes was deficient. Its defense by the Harper government was also needlessly combative rather than substantive.
It is important to note that the bill was only introduced in Parliament in late June, 18 months after the elections. The new government may have realized that the original bill was not necessarily as malevolent as had been suggested and that the issues involved were more complex than originally thought. The bill also demonstrates that, to its credit, the government has decided to address larger national security institutional and accountability issues which C-51 did not.
These issues are of real importance to Canadians and while the questionable payoff of $10.5 million to terrorist Omar Khadr and the Liberal government's deer in the headlights approach to the flood of people illegally entering Canada to claim 'refugee' status will be under the spotlight, so too will C-59.
It contains a relatively detailed preamble that sets out the bill's national security purpose and intent, along with the required consideration of civil rights and liberties. This is a welcome feature that greatly reduces the future ability of courts to strike down legislation on Charter grounds on the basis that no justification for the impugned measures was provided by government.
The bill creates the National Security and Intelligence Review Agency (NSIRA) that will have direct review authority over the Canadian Security Intelligence Service (CSIS), the Communications Security Establishment (CSE) and, in relation to national security issues, the Royal Canadian Mounted Police (RCMP). The new NSIRA can review activities of any department that relates to national security or intelligence and review authority for an issue referred to it by a Minister of the Crown. This should be a significant step to ending the 'siloed' environment that different review bodies encountered when trying to get the 'big picture' on national security issues involving multiple departments and agencies. If C-59 is passed, it will be the entity with the authority to investigate complaints made against CSIS or CSE and the RCMP when it relates to 'national security' issues. This review could include cases of alleged improper information sharing or unauthorized 'disruption' activities. It should be clarified and confirmed that this also applies to the actions of an agency of the federal government, as a significant gap would be created were that not the case.
While this change is positive, the agency needs to be assessed to ensure it is carrying out its duties as intended, because having a mandate is not the same thing as delivering on it. With the creation of the Parliamentary National Security Review Committee, there is no longer a need to have the new NSIRA comprised of former politicians. The agency needs people with operational, academic or even journalistic expertise in order to succeed, and it needs appropriate funding to be able to carry out its important duties.
The bill abolishes the Office of the Commissioner of the Communications Security Establishment and replaces it with an increasingly empowered Intelligence Commissioner. The Intelligence Commissioner has defined approval authority for authorizations, amendments or determinations sought by CSIS and CSE for things like communications interception, cyber system intrusion, and for CSIS, travel disruption, financial interference, communications interception, creating false documents. The scope of these new 'disruption' authorities will deservedly be debated as C-59 is reviewed.
The commissioner also is granted extensive review and approval authority over metadata (or 'datasets') acquisition, use and sharing, which is clearly a response to the 2016 Federal Court decision slamming CSIS for its unauthorized activities in this area. Metadata involves communications from cellphones to the internet. Metadata interception does not necessarily record actual conversations, but through modern data analytical technology, it can provide information on who a person communicates with, when that takes place, and more.
While independent oversight is welcome, it must not simply create more self-serving bureaucracy that interferes with operational intelligence and national security needs. This appears to be recognized in s. 21 of the act which permits expedited approval in defined operational circumstances, but this is an issue that needs to be clarified and monitored. In a welcome sign of information sharing and coordination, s. 22 of the Act requires all of the commissioner's decisions in this regard to be provided to the new NSIRA.
C-59's most important changes include a modernization of the Communication Security Establishment's (CSE) mandate that gives more specific detail and authorizes 'active' cyber operations. This means CSE can take proactive cyber intrusion measures, including, presumably, hacking and disruption, in the "global information infrastructure" including in information based systems. These changes more accurately reflect the current cyber and security environment and the activities that CSE is undertaking.
For the first time, CSE will be authorized to carry out 'active cyber operations' for the broad purpose of being able to "...degrade, disrupt, influence, respond to or interfere with the capabilities, intentions or activities of a foreign individual, state, organization or terrorist group as they relate to international affairs, defence or security." This is a significant enhancement of CSE's mandate that, no doubt, will be subject to close scrutiny.
Changes to the CSIS Act in C-59 provide more detail regarding restrictions on activities as well immunities for CSIS officers in carrying out their duties. The bill does not, however, remove the active 'disruption' authority that was provided to CSIS in C-51 which was a historic change in CSIS' traditional restricted information gathering role. In that sense, the C-59 changes to CSIS are more symbolic than substantive. The amendments also create specific and extensive procedural requirements for CSIS in the gathering and maintaining public 'datasets,' which are the compiled and organized data from 'metadata' retrieval. A preamble to the bill reinforces the priorities of mandate clarity, appropriate respect for privacy and compliance and accountability.
The changes made to the Secure Air Travel Act in C-59 suggest that Transport Canada wants greater operational control of the 'No Fly' list system and that it is finally preparing to add modern technology to the existing biographic data based system. This change will support an effective international 'bad guy' biometric lookout database. The bill also adds measures to somewhat improve the redress system for people challenging their designation, a concern driven in part by recent cases involving children improperly added to the list.
C-59's changes to the Criminal Code are among the most dramatic. They will expand the designated terrorist 'entity' criteria and repeal the unused preventive arrest and investigate hearing provisions.
Unfortunately, the changes covering people who advocate or promote terrorist acts, and the definition of 'terrorist propaganda,' are counter-productive in that they will not address the modern terrorist communications techniques that use broad social media messaging for radicalization and recruitment. There have been no reported instances of abuse of the current provisions, so the motivation for this change appears to be political. Fortunately, the bill leaves existing evidentiary standards for terrorism peace bonds in the Criminal Code, which were lowered in C-51, intact.
The bill also creates a mandatory review of the legislation and its operational impacts in five years which is a helpful strategy.
C-59 likely will preserve law enforcement's and intelligence agencies' national security capabilities created by C-51. The bill dramatically modernizes Canada's cyber security capabilities and makes significant reforms to strengthen and coordinate institutional review and oversight in the national security sector.
There are definitely a number of issues in C-59 that need to be raised at committee so that appropriate explanations of the rationale and purposes of the changes can be provided. That is, after all, the purpose of the committee review of legislation and hopefully this can be accomplished without the acrimony and partisanship that surrounded C-51.
Scott Newark is a former Alberta Crown Prosecutor who has also served as Executive Officer of the Canadian Police Association, Director of Operations for Investigative Project on Terrorism and as a Security Policy Advisor to the governments of Ontario and Canada. He is currently an Adjunct Professor in the TRSS Program in the School of Criminology at Simon Fraser University.