The National Security Act (2017)

The National Security Act (2017) was passed into law on June 21, 2019. The Act includes a number of measures to enhance Canada’s national security framework and keep Canadians safe, while respecting the Canadian Charter of Rights and Freedoms, and the values of our free and democratic society.

The National Security Act (2017) introduces the most significant changes to the CSIS Act since 1984, when it was originally drafted. It is the first step in modernizing CSIS’ authorities, to ensure CSIS has the ability to operate effectively in today’s environment. The amendments to the CSIS Act focus on four key areas:

• Accountability and Review
• Threat Reduction Measures
• Dataset Framework; and
• Justification Framework

Accountability and Review

The National Security Act (2017) created two new entities to strengthen the framework of accountability for Canada’s national security and intelligence agencies: the National Security and Intelligence Review Agency (NSIRA) and the Office of the Intelligence Commissioner (IC). NSIRA replaces the Security Intelligence Review Committee (SIRC) and the Office of the Communications Security Establishment Commissioner (OCSEC). It has specific review responsibilities related government agencies, including to CSIS and also has the mandate to review any activity by a government department related to national security or intelligence. The IC – a retired superior court judge – will be responsible for reviewing the reasonableness of specific decisions by the Minister of Public Safety related to CSIS authorities.

Threat Reduction Measures

Amendments to the CSIS Act with regard to the Service’s threat reduction mandate more clearly define this authority by clarifying the requirement for the Service to seek judicial authorization before proceeding with a warrant application for any threat reduction activity that would limit a right or freedom guaranteed by the Charter. It lists what type of measures can be authorized by Federal Court warrant and expands the list of prohibitions (activities that can never be undertaken as a threat reduction measure).

Data Analytics

The acquisition of large volumes of information for analysis in order to advance mandated investigations has become an indispensable tool in intelligence work. The changes to the CSIS Act introduced by the National Security Act (2017) establish a framework for the collection, retention, and use of datasets by the Service. The framework authorizes CSIS to collect datasets that are likely to assist the Service in the performance of its duties and functions. However, in doing so, it establishes robust safeguards, to ensure Canadians’ rights and freedoms, including privacy, are protected.

Justification Framework

The changes to the CSIS Act introduced by the National Security Act (2017) acknowledge that it is in the public interest to ensure that CSIS employees designated by the Minister of Public Safety and Emergency Preparedness can effectively carry out the Service’s intelligence collection duties and functions. To enable this, the amendments to the CSIS Act provide a limited justification framework for CSIS employees or those acting at their direction to engage in activities that would otherwise constitute offences. In sectors where the targets of an investigation are engaged in such activities, sources may be required to participate to some degree, in order to gain trust, maintain credibility, and develop access.

It also establishes robust measures to ensure this authority is exercised in a manner that is reasonable, proportional, transparent and accountable.