Deepening and expanding partnerships
CSIS’ outreach and engagement activities aim to develop relationships with, work alongside, and learn directly from Canadians to build a whole-of-society approach to mitigate national security threats.
Academic outreach
CSIS’ Academic Outreach team worked closely with operational units to support government priorities by bridging the worlds of academia, industry, and national security agencies through in-person expert briefings, roundtables, a commissioned study, and workshops. CSIS plays an active role in fostering a clearer understanding of security issues, a process that benefits CSIS’ experts, as well as the researchers and specialists who collaborate with us.
In February 2025, CSIS partnered with the Centre for European and Eurasian Studies at the Munk School of Global Affairs and Public Policy to host a workshop on Russia and international conflict to address Russia’s full-scale invasion of Ukraine to coincide with the third anniversary. This event brought together scholars, Canadian and foreign government representatives, students, and practitioners for a day of panels and discussions.
To support the development of the next generation of national security, intelligence, and foreign affairs scholars and leaders in Canada, CSIS sponsored the Ottawa Symposium of the Canadian Association of Security and Intelligence Studies (CASIS) and the CASIS Essay Contest for the third year.
CSIS also hosted two experts for workshops discussing the gamut of violent extremist threats and lessons learned by both national security practitioners and academic subject matter experts. In addition, CSIS hosted roundtables to discuss research security, as well as neurotechnology, cognitive warfare, and strategies for countering disinformation. CSIS remains committed to being at the forefront of understanding, investigating, and mitigating security threat activity.
Stakeholder engagement
CSIS’ Stakeholder Engagement Program continued to expand and deepen relationships with key stakeholders across the community advocacy, academic, and private sectors; and with Indigenous partners across Canada.
CSIS produces two newsletters: the monthly Need to Know, which is sent to a broad cross-section of partners and stakeholders across Canada, and Research Security Quarterly, which helps meet the growing demand for national security engagement and transparency within the country’s research and innovation communities. These newsletters provide readers with information on relevant developments in national security matters and highlights related events and training opportunities. In 2025, CSIS co-published the editions of Research Security Quarterly with the University of Alberta and the University of Ottawa.
Throughout 2025, CSIS joined Public Safety, the Department of Justice, and the RCMP to deliver targeted resilience and awareness briefings to non-governmental organizations, civil society organizations, community associations, Canadians from diverse communities, as well as university administrators, faculty, students, and staff across Canada. This coordinated effort was led by Public Safety’s Office of the National Countering Foreign Interference Coordinator. The goal was to combat foreign interference and transnational repression, and reduce these threats to strengthen societal resilience, and maintain the trust of Canadians in their democratic institutions.
In June 2025, a representative from CSIS’ Stakeholder Engagement team was a panellist at the 2025 Research Security National Conference: Navigating New Domestic and Global Frontiers hosted by the University of British Columbia in Vancouver. CSIS provided an overview of its engagement work with the academic community, and of national security threats targeting researchers and research institutions.
In the past year, CSIS also continued its long-standing support to Canadian universities by complementing and reinforcing efforts of their research security departments and expanding relationships across Canada’s research ecosystem. CSIS also provided briefings to health science groups, which included timely insights into evolving risks to Canada’s life sciences sectors, helping institutions better safeguard sensitive research, and ensuring that the Canadian-led world-class life sciences research and innovation remains open, secure, and trusted.
CSIS continued working with Canadian businesses and business associations to build resilience and mitigate threats to Canada’s economic security. This work with groups like the Business Council of Canada (BCC) and the Canadian Chamber of Commerce (CCC) helps enhance communication between the public and private sectors. CSIS continues to engage with businesses and business associations to deliver threat briefings to support informed decision-making, including to the CCC and to the BCC’s National Security Working Group and National Security Executive Network.
In support of the Government’s Defence Industrial Strategy (DIS), CSIS provides support to the Department of National Defence by prioritizing threat briefings for DIS industry partners to raise awareness of evolving national security risks and disseminate critical information that enables industry to integrate security considerations from conceptual design through final delivery.
Trust is imperative and helps CSIS foster relationships needed to better protect non-Government of Canada sectors and entities most affected by threats to Canada’s national security. As CSIS continues to grow and deepen these partnerships, the knowledge shared will help inform CSIS’ operations and, in turn, help CSIS continue to earn the confidence and trust of Canadians, which should lead to increased contributions to conversations around national security.
Five Eyes Indigenous Network and Summit
This past year, CSIS chaired the Five Eyes Indigenous Network. As Chair, CSIS hosted the Network for an in-person annual summit in Ottawa. The Summit was a first of its kind, where foreign and Indigenous partners discussed key threats, priorities, and activities. This three-day Summit included classified and unclassified thematic panel discussions, case studies presented by Five Eyes and Indigenous partners, and cultural experiential learning with First Nations, Inuit, and Métis artists and performers. Key outcomes of CSIS’ Chairpersonship of the Network included:
- Strengthening collaboration across Five Eyes nations on Indigenous initiatives and priorities;
- Ensuring Indigenous partner participation in the broader national security discussion, and ensuring indigenous priorities and perspectives are shared and heard; and
- Identifying of case studies and promising practices based on past experiences of CSIS’ work with indigenous partners that can be applied moving forward.
Policy and accountability
Protecting national security and advancing Canada’s interests requires CSIS to be a policy-driven organization that is accountable to Canadians and Parliament.
Modern threats call for modern authorities. Despite changes over time, the CSIS Act continues to reflect the era in which it was written: the 1980s. The current authorities set out for CSIS remain defined by that era, and changes to the legislation over the years have been outstripped by the speed of evolving national security threats. Compared to its allies, Canada faces considerable challenges in collecting the intelligence needed to protect Canadians, inform decision-making, and advance Canada’s interests. CSIS collects information abroad on security threats, but is unable to collect abroad on wider strategic issues such as the diplomatic, military, and economic intentions and capabilities of foreign states. Currently, CSIS is only able to collect this information from inside Canada and in the context of assistance to the Minister of National Defence or the Minister of Foreign Affairs.
CSIS is aware that Canadians’ expectations of CSIS are high, as they should be. Identifying threats to the security of Canada and to Canadian interests, advising decision-makers and stakeholders, and mitigating those threats must be done reasonably and in a measured way, but it must be modern and nimble to ensure that CSIS can continue to keep all Canadians safe and Canada resilient and strong in an increasingly dangerous world.
Oversight and review will continue to be critical to maintaining trust in our national security institutions, and can be strengthened by ensuring we balance safeguards and efficiency. Since 2017, we have seen the addition of the NSICOP, the replacement of CSIS’ dedicated review body with NSIRA, and the expansion of the role of the Intelligence Commissioner (IC) to include some oversight for CSIS. These are important developments designed to enable the review of activities across organizations, improve parliamentarians’ ability to engage in matters of national security, and expand Canadians’ exposure to and understanding of Canada’s national security and intelligence activities. CSIS will continue to examine whether these functions are working optimally and if there are opportunities to improve and streamline the functions to help ensure that CSIS decisions and activities are appropriate and reasonable.
Lawful access
Canada is the only Five Eyes country that does not regulate electronic service providers to enable better lawful access to information. The 2025 NSICOP report on lawful access elaborates on the challenges that CSIS and law enforcement face in this space and recommends the development of such legislation. The Government introduced legislation (Strong Borders Act, Bill C-2) in June 2025 aimed at addressing these challenges. The Bill sought to amend the CSIS Act to ensure parity with the Criminal Code and provide CSIS with the authority to require service providers, such as telecommunications companies, to provide a confirmation of service, which would allow CSIS to verify the initial building block information (i.e., whether an individual is a client of a service provider, the date range of service, and the province/territory of service) to advance the early stages of national security investigations.
The Bill also sought to require electronic service providers to have the capabilities to respond to legal requests from the Federal Court to access information and data, and lawfully intercept communications.
Potential benefits of lawful access legislation
Example 1: Two CSIS subjects of investigation are at an advanced stage of planning a terrorist attack. CSIS is aware that they are finalizing their plans from a hotel room in a major Canadian city, and has an idea of the general location, but is unable to confirm the exact hotel in question. With the confirmation of service demand, CSIS would be able to request a confirmation of service from a small subset of hotel providers in the local vicinity—information that is no more than minimally intrusive. CSIS could use this collected information as part of an application for a warrant from the Federal Court to further the investigation and work with its partners to prevent an attack.
Example 2: A CSIS subject of investigation is planning to travel to an ideologically motivated violent extremist paramilitary training event. CSIS is aware that the subject uses a social media account associated with a Canadian phone number to share the agenda and other information related to the event. CSIS plans to seek a warrant to lawfully access their communications and advance the investigation. However, the service provider does not have intercept capabilities and despite a warrant, CSIS is unable to get the investigative information required. This results in a significant delay in the investigation, CSIS having to deploy additional resources to monitor the threat, and a longer investigation during which Canadians are less safe. The new legislation would require service providers to maintain basic capabilities that are up to international standards and ensure they are “intercept-capable,” which would provide better, more predictable investigative outcomes for CSIS and keep Canada and Canadians safer.
External review and oversight
CSIS is dedicated to upholding the highest standards of transparency and accountability, ensuring that its operations comply with Canadian law, including the CSIS Act and the Canadian Charter of Rights and Freedoms, adhere to direction from the Minister and the courts, and align with Government of Canada policies.
Independent external reviews by NSICOP and NSIRA foster a culture of compliance, transparency, and continuous improvement at CSIS, while keeping Canadians informed of key national security issues.
In 2025, there were a total of 30 national security reviews involving CSIS by NSICOP and NSIRA. Of these reviews, 22 are ongoing. CSIS received 71 requests for information and briefings from review bodies. CSIS responds publicly to all recommendations as they help to ensure CSIS remains lawfully compliant and is continuously improving, leading to better national security outcomes for Canadians.
Under the NSIRA Act, anyone can submit a complaint to NSIRA about a CSIS activity or the denial of a security clearance required by the Government of Canada. In recent years, there has been a significant increase in complaints against CSIS filed with NSIRA regarding process delays for security screening of immigration applications. CSIS has seen a 290% increase in NSIRA complaints between 2024 and 2025, over 91% of which are related to allegations of delays in CSIS’ immigration security screening. In response, NSIRA held an en banc hearing. CSIS will examine NSIRA’s findings and recommendations, and will implement appropriate changes.
While there are high volumes of applications awaiting security screening, CSIS continues to take the time required to carefully screen applications to ensure the safety of Canada and all Canadians. CSIS does not expedite application processing in response to complaints.
The IC also provides an important additional layer of oversight and accountability for CSIS. The IC reviews decisions of the Minister of Public Safety on classes of datasets and approves the retention of a foreign dataset under Section 11.17 of the CSIS Act. The IC also approves the classes of acts and omissions that designated CSIS employees and directed persons can commit that would otherwise constitute offences while performing intelligence collection activities. With the goal of further increasing transparency, the Office of the IC and CSIS work together in a way that protects against disclosure of information that would be injurious to national security when publishing IC decisions on its website. In 2025, the IC rendered 5 decisions involving CSIS.
Protecting privacy and personal information
CSIS limits the collection, use, retention, and disclosure of personal information to what is necessary and proportional to meet its mandate. CSIS engages with the Office of the Privacy Commissioner and the Treasury Board Secretariat to identify and implement best practices in privacy protection, ensuring that CSIS programs are aligned with the principles of the Privacy Act. In the past calendar year, CSIS has completed its review of 13 privacy breaches (2 material, 3 founded but non-material, 1 unfounded, 7 underway) and 31 privacy breaches related to non-compliance (2 founded but non-material and 29 in progress). CSIS also conducted 24 privacy needs assessments (6 completed, 18 currently underway) and is currently drafting 4 new privacy impact assessments (14 currently underway).
Access to Information Act and Privacy Act requests
CSIS has faced a number of challenges and workload pressures related to Access to Information Act (ATIA) requests, which has resulted in a drop in compliance rates. There are a number of factors at play, however, this drop is largely attributable to the significant increase in the amount of Privacy Act (PA) requests from individuals seeking the status of immigration and citizenship applications. These immigration-related PA requests have resulted in a drop in overall on-time compliance under both the PA and the ATIA programs. ATIA requests decreased over the past year, although the volume of pages reviewed increased by 86%. CSIS is actively examining a variety of options to deal with the pressures such as the use of technology, to improve efficiency, undertaking various staffing strategies, and exploring innovative approaches to address client requirements.
Justification Framework
The Justification Framework provides legal authority for CSIS employees who are designated by the Minister of Public Safety and persons acting under their direction, such as human sources, to engage in activities that would otherwise constitute offences. This means, for example, a CSIS employee, or human source acting at their direction, is protected from criminal liability when they engage in reasonable and proportional activities with a suspected terrorist in the hope of gaining their confidence.
As a first layer of accountability, the Justification Framework requires the Minister of Public Safety to determine, at least once a year, the classes of acts or omissions that designated CSIS employees may be justified in committing or directing another person to commit, and this determination is only valid after it is reviewed and approved by the IC. As a second layer of accountability, and as an added layer of transparency, Section 20.1(24) of the Justification Framework also requires the Minister to publicly release certain information. The following table, by fiscal year, provides the information required to fulfill these obligations:
| Justification Framework table | 2021–2022 | 2022–2023 | 2023–2024 | 2024–2025 |
|---|---|---|---|---|
| Number of emergency designations under s. 20.1(8) | 0 | 0 | 0 | 0 |
| Number of authorizations to direct the commission of acts or omissions under s. 20.1(12) | 172 | 173 | 178 | 161 |
| Number of directions under s. 20.1(15)(b) | 0 | 0 | 0 | 0 |
Since the Justification Framework came into force in 2019, the authorizations granted were in support of information and intelligence collection activities relating to espionage/sabotage, foreign interference, and terrorism as defined in paragraphs (a), (b), and (c) of the definition of threats to the security of Canada in Section 2 of the CSIS Act. During the same time, the majority of the acts or omissions that were directed to be committed under those authorizations were related to terrorism as defined in paragraph (c), and as such would otherwise constitute terrorism-related offences under the Criminal Code.