Accountability and Transparency

CSIS depends on the trust of Canadians to do its work. That is why robust oversight and accountability mechanisms are so fundamental. They provide assurance to Canadians that we continue to operate lawfully in our efforts to protect Canada and Canadians.

Accountabilities of the CSIS Director

• Minister of Public Safety
  Provides advice on national security policy, adherence to Ministerial Direction and the management of departmental operations, including an annual report.

• National Security and Intelligence Advisor
  Ensures the NSIA remains informed of security and intelligence matters in the provision of advice to the Prime Minister.

• Clerk of the Privy Council
  Ensures the Clerk remains informed of overall performance and achievement of corporate priorities.

• Treasury Board
  Exercises authorities under the Financial Administration Act and any relevant legislation or policies (e.g. controls, internal audit).

• Human Resources
  Exclusive authority over human resources management and appointment of employees.

• Labour Relations
  Maintains productive labour-management relations as per the Federal Public Sector Labour Relations Act and Public Servants Disclosure Protection Act.

Legal

Ensures that CSIS and its employees act lawfully in the conduct of its affairs and operations.

Review

Ensures that CSIS responds to inquiries from the National Security and Intelligence Review Agency (NSIRA) and National Security and Intelligence Committee of Parliamentarians (NSICOP) in the fulfillment of its statutory review function.

Mandatory reporting

Ensures compliance with government reporting requirements, such as the Main Estimates, the Management Accountability Framework, Access to Information, and the Treasury Board Policy Suite.

Parliament

Core Mandate

• Public Accounts
• Government Operations and Estimates
• Standing Senate Committee on National Security and Defence
• Standing Committee on Public Safety and National Security

Officers and Agents of parliament

Ensures that CSIS responds to Agents and Officers of Parliament, including:

• Auditor General of Canada
• Information Commissioner
• Privacy Commissioner
• Parliamentary Budget Officer
• Commissioner of Official Languages

Ensures that CSIS responds to various government coordination bodies, including:

• Chief Statistician
• Chief Information Officer
• Ombudspersons
• Canadian Human Rights Commission

Ministerial Direction for Accountability

In accordance with the powers granted by subsection 6 (2) of the CSIS Act, the Minister of Public Safety and Emergency Preparedness issued a new Ministerial Direction for Accountability to CSIS in September 2019.

This new direction restates the fundamental role that accountability plays in our system of government and the importance of maintaining the confidence of Canadians. It articulates two pillars of accountability for the organization: accountability to the Minister of Public Safety, who is responsible for CSIS; and external accountability through review bodies and to Canadians through transparency.

The issuance of this new Ministerial Direction for accountability modernized parts of the 2018 MD for Operations and Accountability. Efforts are underway to modernize the remaining sections. CSIS remains committed to supporting the Minister on this matter and show Canadians that we continue to be worthy of the trust they have vested in us to protect their safety and Canada’s national security.

The National Security Act, 2017

The National Security Act, 2017 introduced the most significant changes to the CSIS Act since our organization was created in 1984. These changes add greater transparency and accountability to our work, and modernize our authorities in specific areas.

There are three main changes to the CSIS Act introduced by the National Security Act:

1. Threat reduction measures

CSIS’ threat reduction mandate provides the Government of Canada with another tool to respond to threats to the security of Canada, capitalizing on the Service’s unique intelligence collection function. Given the nature of our mandate, CSIS is often the first agency to detect threats to the security of Canada.

In some circumstances, no other Canadian partner may be able to take action against a threat, because of differing mandates and authorities or a lack of threat awareness.

Any threat reduction measure carried out by CSIS must be reasonable and proportional to the threat to be reduced. The new National Security and Intelligence Review Agency (NSIRA) is informed of every measure taken to ensure that CSIS upholds these requirements.

Amendments to the CSIS Act introduced by the National Security Act clarified wording in our threat reduction mandate to emphasize that measures taken by CSIS in this area are fully compliant with the Canadian Charter of Rights and Freedoms. They also introduced a fixed list of measures that CSIS can take, with a warrant, to reduce a threat. Together, these changes help Canadians better understand what CSIS can and cannot do to diminish threats to Canada’s security.

2. Justification framework

The National Security Act, 2017 amended the CSIS Act to recognize that it is in the public interest to ensure that CSIS employees can effectively carry out our intelligence collection duties and functions, including by engaging in covert activities, in accordance with the rule of law. A framework was also created and added to the CSIS Act that provides a limited justification for designated employees acting in good faith and persons acting under their direction to commit acts or omissions that would otherwise constitute offences.

This is particularly true for counter-terrorism operations where CSIS relies on the assistance of persons who have access to individuals, entities and activities that are relevant to its collection objectives. These persons (human sources, for example) are in a position to provide intelligence supporting mandated investigations; often, this information could not be obtained by any other means.

This justification framework offers protection from criminal liability for CSIS employees and directed persons, including human sources. It provides a clear legal authority for the commission and direction of otherwise unlawful activity, allowing the continuance of activities critical to operational success, and assuring the integrity of Service information collected pursuant to these activities. This includes providing logistical support for a source by paying for a meal during a meeting, buying a cellphone or laptop to assist them in undertaking their work.

The Act also establishes robust measures to ensure this authority is exercised in a manner that is reasonable, proportional, transparent and accountable, including robust review by the Intelligence Commissioner (IC) and the National Security and Intelligence Review Agency (NSIRA).

Why does CSIS need to engage in otherwise illegal activity?

CSIS’ intelligence collection mandate is set out in sections 12 to 16 of the CSIS Act. In carrying out these duties and functions, CSIS relies on the assistance of persons, including human sources, who have access to people, organizations and activities that are relevant to our collection objectives. These individuals are in a position to provide intelligence – that often could not be obtained by other means – that support investigations. In sectors where the targets of an investigation are engaged in unlawful activities, sources may be required to participate to some degree, in order to gain trust, maintain credibility, and develop access. Designated CSIS employees may need to direct, support and pay these persons, to guide and facilitate their role in information and intelligence collection.

There are many checks and balances governing the CSIS’ use of the justification framework. CSIS employees can only commit or direct otherwise illegal activity if it falls under a class approved by the Minister of Public Safety. The determinations of the Minister are subject to review and approval by the Intelligence Commissioner under the Intelligence Commissioner Act. Only employees designated by the Minister for this purpose can commit or direct otherwise illegal activity. In order to direct this activity, in addition to being designated, employees must have the authorization of a senior designated employee. Before committing or directing otherwise illegal activity, the employee must assess that this activity is reasonable and proportional, considering the nature of the threat, the nature of the activity, and the reasonable availability of other means to achieve the operational objective.

CSIS employees must successfully complete robust training prior to being designated by the Minister. This training is designed to ensure employees have a clear idea of the legislated requirements that govern their ability to commit or direct otherwise illegal activity, and a sound understanding of the policies and procedures that guide their application of this authority.

The establishment of the justification framework enables CSIS to carry out operational activities that are necessary to the achievement of our mandate. The clear authority it provides for the conduct of otherwise illegal activity enables CSIS to effectively investigate threats to the security of Canada, particularly those in the terrorist domain.

3. Dataset framework

The National Security Act, 2017 also amended the CSIS Act to provide a clear legal mandate for CSIS’ collection and retention of datasets. It lays out parameters by which CSIS can collect, retain, and query datasets containing personal information that is not directly and immediately related to a threat to the security of Canada. This framework facilitates CSIS analysis of data in support of our operations, where we increasingly rely on this technique to corroborate human and technical sources, further identify individuals of interest, and generate investigational leads.

The framework applies to every dataset that contains personal information that does not directly and immediately relate to activities that represent a threat to the security of Canada. It sets out three types of datasets: Canadian, foreign and publicly available. A Canadian dataset is defined in the CSIS Act as a dataset that predominantly relates to individuals within Canada or Canadians, which includes Canadian citizens, permanent residents or corporations incorporated or continued under the laws of Canada or a province.

Canadian and foreign datasets must remain segregated from operational holdings and can only be queried by designated employees in accordance with the provisions of the CSIS Act. The Act also sets out record-keeping and audit requirements and provides for robust review by the National Security and Intelligence Review Agency (NSIRA).

National Security and Intelligence Review Agency (NSIRA)

The Security Intelligence Review Committee (SIRC) expanded into the National Security and Intelligence Review Agency (NSIRA), and the scope of its responsibilities broadened. Now, in addition to reviewing the activities of CSIS, NSIRA has specific responsibility for reviewing the activities of the Communications Security Establishment (CSE), and can review any activity carried out by any federal department or agency, that relates to national security or intelligence. NSIRA also has the mandate to investigate a range of complaints related to national security, including those made pursuant to the CSIS Act, the RCMP Act, the Citizenship Act and the Canadian Human Rights Act.

Over the years, SIRC and CSIS developed an open exchange of information to support SIRC investigations; this same transparent relationship will continue with NSIRA. CSIS works diligently to ensure NSIRA has timely access to documentation required to satisfy their review requirements.

The Avoiding Complicity in Mistreatment by Foreign Entities Act

CSIS takes the human rights reputation of the foreign agencies it engages with very seriously and opposes in the strongest possible terms the mistreatment of any individual by a foreign agency. CSIS has robust, long-standing policies and decision-making procedures in place to ensure that information sharing with foreign partners does not contribute to the mistreatment of any individual by a foreign entity. CSIS has been following Ministerial directions on such requirements for well over a decade.

The National Security Act also established the Avoiding Complicity in Mistreatment by Foreign Entities Act. This new law requires that direction related to the disclosure, solicitation and use of information that may lead to or be obtained from the mistreatment of an individual by a foreign entity be issued to the Department of National Defence, Global Affairs Canada, the Royal Canadian Mounted Police, Communications Security Establishment, Canada Border Services Agency and CSIS. In addition, the Act outlines CSIS’ responsibility to provide a report to the Minister of Public Safety and Emergency Preparedness on the implementation of those directions.

Further to the passage of the Act, an Order-in-Council (OiC) laying out this direction was issued in September 2019. The OiC reinforces CSIS’ longstanding responsibilities regarding information sharing with foreign entities. It dictates that if the sharing or requesting information would result in a substantial risk of mistreatment of an individual, and the risk cannot be mitigated, CSIS cannot share or request the information. If it is believed that information received by CSIS was obtained through mistreatment, CSIS must ensure that its use does not create a substantial risk of further mistreatment, used as evidence, or deprive anyone of their rights or freedoms, unless the use is necessary to prevent loss of life or significant personal injury.

Transparency

The confidence of Canadians in the national security efforts of CSIS is fundamental to our legitimacy, operational effectiveness, and institutional credibility. While certain information on our activities and interests must remain protected, CSIS is steadfast in its commitment to making information about some of the activities more transparent to Canadians, ensuring there is no risk or compromise to our national security. Through public forums, public communications, social media platforms, CSIS endeavours to communicate transparently about our decision-making processes and national security activities. In 2019, CSIS also created an Academic and Stakeholder Engagement team dedicated entirely to finding opportunities to engage with Canadians in order to ensure their trust and confidence.

Engaging Canadians on the legal framework under which we conduct national security activities, and our respect for the privacy rights of Canadians, is a priority for the entire organization.

Academic Outreach and Stakeholder Engagement

Academic Outreach is responsible for assisting CSIS and the broader Canadian intelligence community better understand current issues, develop a long-term view of various trends, challenge assumptions and cultural bias, and sharpen research and analytical capabilities. With its network of expert contacts across Canada and around the world, CSIS Academic Outreach’s ability to quickly identify and engage leading experts on any number of subjects makes it a valuable resource for CSIS and its Government of Canada partners who are often required to respond urgently to ‘surprises’ in the geopolitical environment. The programme has recently evolved and is now more actively engaged in providing advice to Canadian academic institutions on how to protect their students, their research, and academic integrity from adversaries seeking to undermine the openness and collaborative nature of higher education in Canada.

Building on the success of Academic Outreach, in 2019, CSIS launched a complementary Stakeholder Engagement programme. The current threat landscape is compelling CSIS to expand its network of stakeholders to include those across a number of non-traditional sectors. These stakeholders can include Canadian industry, civil society, provincial and municipal officials, as well as other organizations. It is more critical than ever to engage with these stakeholders in a more open and transparent manner to sensitise them to threats and to enhance cooperation to help mitigate the risks of loss of sensitive technology and intellectual property, and to ensure that these stakeholders recognize CSIS as a partner in protecting the strength of Canada’s social fabric and economic prosperity.

One of CSIS’ important stakeholder relationships is the one it holds with the National Security Transparency Advisory Group (NS-TAG). The advisory group was established in 2019 and advises the Government of Canada on the implementation of the commitment to increase transparency across Canada’s national security and intelligence departments and agencies. NS-TAG advises on how to infuse transparency into Canada’s national security policies, programs, best practices, and activities in a way that will increase democratic accountability. It also seeks to increase public awareness, engagement, and access to national security and related information. Finally, it aims to promote transparency — which is consistent with CSIS’ own long-established commitment with Canadians.

CSIS also engages in important dialogue with the Cross-Cultural Roundtable on Security (CCRS) and intends on continuing to pursue this important relationship and seek their perspectives on emerging developments in national security matters and their impact on Canada’s diverse and pluralistic society.