Friday, May 29, 2015

CSE-CSIS memorandums of understanding

Justin Ling wrote an interesting article last week about some documents he obtained through the Access to Information Act concerning several memorandums of understanding (MOUs) between CSE and CSIS (Justin Ling, "Secret Documents Reveal Canada's Spy Agencies Got Extremely Cozy With Each Other," Vice, 20 May 2015).

He also posted the documents online.

It had long been known that CSE and CSIS had at least two MOUs on co-operation, both signed on 1 November 1990, one on CSIS Act s.12 activities and the other on s.16 activities. These documents lay out, at least in part, the parameters of the support that CSE can provide to CSIS under its Mandate C, the only part of the CSE mandate that permits the deliberate targeting of Canadians.

Which makes them potentially of great interest.

The documents Ling obtained included most of the text of the s.12 MOU. Key details were withheld, but there is still some intriguing material there, including a proviso that
All [criminal intelligence] information which may be used in the investigation or prosecution of an alleged contravention of any law of Canada or a province shall be reported to the Service [i.e., CSIS]. (See PDF page 16.)
Note the "shall" in that statement. The next paragraph seems to suggest that CSE's provision of such information to CSIS may be subject to various conditions or limitations, but we can't know whether or to what degree that may be true because all the subsequent details are redacted.

It seems reasonable to expect that the MOUs CSE has with the RCMP outline similar requirements for the provision of "criminal intelligence" to that agency as well.

How often such information is collected—deliberately or incidentally—and provided to federal "law enforcement and security agencies" remains an open question. Statistics on requests for CSE "Support to Lawful Access" seem to show relatively small annual numbers, only around 70-80 requests per year, but how sweeping those requests may be is not known, and whether they cover all aspects of Mandate C support is also unknown, so it's not possible to draw firm conclusions.

The even more sensitive CSIS Act s.16 MOU, which deals with the collection of foreign intelligence within Canada (think spying on foreign embassies and on foreign delegations attending events like the G8/G20 summit), was apparently withheld in its entirety, as there is no sign of it at all in the documents released to Ling.

The documents do reveal, however, that as of 2010 CSIS had "three specific Memoranda of Understanding with CSE which address ongoing cooperation in the performance of our duties and functions under sections 12, [redacted], 16 of the CSIS Act." (See page 71.)

To my knowledge, this third MOU has not been heard of before, and no information was released about its subject or contents.

The statement above strongly suggests, however, that the MOU relates to a separate section of the CSIS Act somewhere between sections 12 and 16, which would almost certainly be section 15. It is probably no coincidence that the preamble of a later, overarching "framework" MOU signed by the two agencies (also released to Ling) cites CSIS information collection/investigative activities under three separate, specific sections of the CSIS Act: 12, 15, and 16. (See page 21.)

Section 15 empowers CSIS to conduct investigations to provide personnel "security assessments" to federal, provincial, and foreign institutions, both for security clearance purposes and (federally) for immigration/refugee purposes. If this is indeed the explanation, it would seem that the idea that CSE SIGINT might contribute to such assessments is a deep, dark secret.

That said, the Ling documents also point to the existence of one or two other MOUs, one concerning "DIFTS" (30-08 activities) that was still under negotiation in 2010 (see page 72) and one signed in January 2007 (see pages 76-78).

If the latter was still in place in 2010, then it must be the one that I think relates to s.15.

The 2007 MOU seems to relate to a program involving the receipt by CSE of information from CSIS that is then used to guide CSE foreign intelligence collection, the results of which are subsequently provided to CSIS. (See, in particular, page 77.)

Which sounds a lot like the 2008 dispute between CSE and the CSE Commissioner over the agency's treatment of certain metadata, in which the Commissioner argued that CSE should re-examine and re-assess the legislative authority used to conduct its activities in relation to certain targets or topics, "particularly those supplied by federal law enforcement and security agencies engaged in ongoing criminal and national security investigations." [emphasis added] In the Commissioner's view, such activities should properly have been considered support to those agencies, i.e., Mandate C, not foreign intelligence (Mandate A) activities.

Maybe the dispute related to the collection/analysis of "foreign intelligence" metadata related to persons undergoing security assessments.

0 Comments:

Post a Comment

<< Home