A new national security act for Canada

With Trudeau’s replacement for the controversial Anti-Terrorism Act (once called Bill C-51) closer to becoming law, Andrew Seal looks at the differences between the two, including surveillance tactics, review mechanisms and the no-fly list appeal process. 

By: /
April 11, 2018
CSE
A view of Canadian Forces station Leitrim, which intercepts communications for the Communications Security Establishment (CSE), in Ottawa. REUTERS/Chris Wattie

Over two years after forming government, the Liberals’ long-awaited national security legislation is one step closer to becoming law. Next week, on April 17, the standing committee on public safety and national security begins a clause-by-clause review of the legislation before it heads back to the House of Commons for its second reading.

Bill C-59, or what will be the National Security Act, 2017, is a big one and, according to some experts, there’s much to be concerned about. The bill is intended to address the more problematic aspects of the Anti-Terrorism Act, 2015, passed during the last months of Stephen Harper’s mandate.

Bill C-51 (now the Anti-Terrorism Act, 2015) was introduced following separate attacks in eastern Canada in 2014, which left two soldiers dead. It was intended to improve Canada’s ability to combat terrorism and security threats, increase the efficiency of law enforcement and facilitate information sharing between government agencies. It was highly criticized by human rights groups, civil liberties organizations, First Nations activists, legal experts and several former prime ministers.

Justin Trudeau, leader of the then-third party Liberals, supported the act while promising to, if elected, repeal its more “problematic elements… and introduce new legislation that better balances our collective security with our rights and freedoms.”

While Trudeau’s newer version does address some of the most controversial aspects of the Anti-Terrorism Act — most notably lack of accountability and ambiguous language surrounding speech restrictions and CSIS’s new powers — the 140-page bill comes with its own host of problems.

The bill creates three entirely new acts, while amending five others. “It’s a pretty significant piece of legislation,” says Christopher Parsons, research associate at the University of Toronto’s Munk School of Global Affairs. “In some cases, it may be authorizing activities that have previously been found to be questionable or flat out illegal. In others, it is going to be an attempt to stave off other sorts of suits that are coming up through the courts,” he says, referring to the charter challenges that have been filed against sections of the current Anti-Terrorism Act.

When that act came into effect in 2015, it made some major changes to Canada’s national security landscape, some of the more contentious ones being: criminalizing certain types of speech, allowing the Canadian Security Intelligence Service (CSIS) to violate the Charter of Rights and Freedoms with a warrant, facilitating information sharing by federal agencies, and expanding the no-fly list. Further criticism of the act pointed to the fact these new powers were not accompanied by adequate oversight or review.

Now, with Trudeau’s Bill C-59 making its way through the House, here’s a breakdown of what is slated to change:

Accountability

If there’s one thing C-59 does right, it’s accountability. The bill amalgamates several civilian watchdogs, creating the National Security and Intelligence Review Agency (NSIRA). This agency will review the actions of CSIS and the Communications Security Establishment (CSE) — Canada’s equivalent of the US’ National Security Agency. But beyond this, NSIRA will be able to scrutinize the activities of any federal department or agency involving national security or intelligence, including the Royal Canadian Mounted Police (RCMP).

NSIRA replaces the Security Intelligence Review Committee, which currently carries out after-the-fact reviews of only CSIS’s activities. Furthermore, NSIRA will have to annually compile a comprehensive national security report directly for the prime minister. While the increased, more streamlined oversight is considered a move in the right direction, Parsons is concerned about NSIRA’s ability to effectively monitor a huge number of departments and the fact it won’t be able to reveal what Canada’s intelligence agencies are actually up to.

"From a resource management perspective, they’re going to be overwhelmed."

“Just from a resource management perspective, they’re going to be overwhelmed,” he says. “They’re going to have an incredible amount of agencies they have to review, so we’ll see how well resourced they are to engage in that.”

On the other hand, Scott Newark, an adjunct professor in the terrorism, risk and securities studies program at Simon Fraser University, is confident the increased review mechanism will have the intended effect. “It demonstrates a commitment to balance,” he says. “Someone knowing that what they do is going to be shared [with the review agency] at the end of the year has an incentive to do the right thing and do what the legislation intended.”

C-59 also removes CSE’s officer of the commission and creates a new position, the intelligence commissioner, who will have direct oversight of CSE and CSIS. The commissioner will have the authority to approve operations as well as the collection and use of datasets by both agencies.

Canadian Security Intelligence Service

One of the biggest concerns about C-51 was the ‘kinetic’ powers it granted CSIS — in other words, the ability CSIS would have to interact with the physical world, as opposed to purely gathering intelligence. Moreover, with these new powers, CSIS can violate an individual’s charter rights if it has a warrant. The powers are intended to allow CSIS to disrupt the activities of terrorists, and could include speaking with their family, intercepting mail or interrupting travel. This is particularly worrisome given that CSIS was originally created to separate intelligence from policing after RCMP abuse of power in the '60s and '70s.

Newark argues that the powers are, in fact, charter compliant. He believes much of the alarm surrounding the issue stemmed from the Harper government refusing to debate or answer questions when the previous bill was before the House.

“If the actions [of CSIS] would have breached the charter or the criminal code, then they had to go to a judge and get authorization to do it, which is what makes it charter compliant,” he says. “But rather than explain that in the legislation, [the government] just pushed it through.”

C-59 leaves these controversial powers intact, but defines more specifically what they might entail and mandates the consideration of individual privacy.

The new bill also explicitly permits both CSIS and CSE to collect datasets. While CSIS will need judicial approval to collect certain sets of Canadian data, anything deemed ‘publicly available’ is fair game, raising concerns over the potential warrantless collection of data from social media sites. 

Last year, CSIS was discovered to be concealing the fact that it was collecting and retaining data on Canadian citizens for longer than necessary. C-59 will effectively legalize this, though it does require more information to be included in annual reports to elected officials.

Still, Parsons says, the concern remains that CSIS will be able to retain a “large volume” of Canadian data. “In the case of CSIS, I think they’ll largely be continuing with operations as they are,” he says. “There are some restrictions on their ability to collect datasets. So, when they collect it, they aren’t able to immediately use it. They evaluate it for 30 or 90 days and they have to go before a federal court to obtain approval to integrate and use that data set.”

Communications Security Establishment

CSE’s new mandate is one of the biggest changes C-59 introduces. The bill creates the Communications Security Establishment Act, enshrining the workings of CSE into public law for the first time. Notably, this includes mandates for offensive and defensive cyber operations against entities or foreign individuals outside of Canada. Canadian citizens and residents cannot be the target of these operations, but could be impacted if, for example, they had contact with a targeted individual. In fact, any such cyber operations will be exempt from the considerations applied to other parts of CSE’s mandate, which requires it to act in a “privacy-protective manner.” According to Parsons, CSE could target communications tools themselves on the grounds of preventing certain parties from using them, even if, for example, that meant shutting down a server ordinary Canadians were also using to communicate.

Parsons finds the legislation too broad and is concerned that parliamentarians may not be fully aware of what they are authorizing. “They can take active operations as stated in the legislation,” he says, “to degrade, disrupt, influence, respond to or interfere with capabilities, intentions and activities of individuals, states, organizations and terrorist groups.”

However, CSE is not permitted to take any actions which deliberately cause injury or death, nor can it affect foreign democracies or justice systems. The problem here, some say, is that C-59 doesn’t define justice or democracy.

“It’s an open question among most experts, whether Russia constitutes a democracy, and moreover you can imagine a criminal justice system in which we would want to cause disruptions,” says Parsons. “To inhibit a judge from making a certain ruling, we might affect their computer systems. Is that a permissible action?" 

To the contrary, Newark finds the new measures necessary and in line with what other states are doing. “Proactive cyber engagement is part of the new reality. You can’t just pretend this isn’t going on,” he says. The minister of foreign affairs will also have to approve all offensive operations.

"Proactive cyber engagement is part of the new reality."

According to Parsons, Canadian journalists could also be targeted if they are in communication with individuals or organizations who wish ill to Canada. “If… you’re in communication with one of those individuals, your digital identifiers can be bound up beside theirs,” he says, adding that your identifiers could be given a degree of prominence if there aren’t many people communicating with that individual. “Your digital identifiers could then be monitored more pervasively, not even just talking to this person but browsing Facebook, uploading and downloading videos, all with the angle of trying to understand who you are.”

Furthermore, Parsons says, CSE could even delete journalistic materials obtained by foreign news agencies if they contained government documents or secrets, thus preventing Canadians from learning about the activities of their own government.

CSE also collects large amounts of Canadian metadata, something currently the subject of a lawsuit filed against them by the British Columbia Civil Liberties Association. Parsons says C-59 is written in a way to nullify this claim and pave the way for mass collection and analysis of Canadian data. “It was deftly done,” he says.

Parsons explains that Canadian data can be put into databases for analysts to then “play with” so they can figure out how Canadians move about, what kind of businesses they visit, what kind of encryption they use, and more.

“Those same capabilities can be made available to the RCMP, CSIS and other federal bodies that come to the CSE with an assistance warrant. We’re talking about lawfully turning Canada into a research lab that other agencies can then exploit.”

Information sharing

Bill C-59 slightly reins in the massive information sharing sanctioned by C-51, recasting it as information disclosure. Agencies will now have to keep records of every disclosure, and may only share private information when “reasonably necessary in the circumstances.”

“They didn’t specifically articulate those balancing of interests in the legislation in C-51,” says Newark, who is supportive of the information disclosure provisions.

However, a new provision in C-59 has the Canadian Civil Liberties Association concerned. Activism, protest, advocacy and other lawful activities could be subject to information sharing if found to “undermine the security of Canada.” This could leave Indigenous activists or anti-pipeline protesters subject to information disclosures if their actions are considered a threat to Canadian infrastructure.

No-fly list

While the no-fly list existed prior to the Anti-Terrorism Act, that law introduced the Secure Air Travel Act to legislate how the list functions. There is no way to find out if you are on the list. Most controversially, however, is the erroneous inclusion of people who pose no threat at all, including children, to the list. As the no-fly list operates on biographical data, people have been added to the list simply by having the same or similar name to someone considered a flight risk.

“It was obsolete the day it was introduced. Having biographical data is laughable, how outdated it is,” says Newark. “You need to have biometric information on a no-fly list, because, and I know this comes as a shock, but sometimes bad guys use phony ID.”

Since people aren’t notified of being added to the list, they just have trouble boarding or checking in at the airport. Many people experience several delays before figuring out they or their children have been flagged. It is then very difficult to have your name cleared.

“You can't have a system like that that doesn’t have a proper redress process in place,” says Newark. “C-59 has started to take some steps toward that. Transport Canada is taking more control over it.”

It is possible to petition the minister of public safety to have your name removed from the list, but if the ministry doesn’t reply within 90 days, the petition is considered rejected. Bill C-59 changes that timeframe to 120 days, but will consider all unanswered requests to be approved, and the name will subsequently be cleared.

Parents will also be able to find out if their children are not on the list, but this doesn’t mean the names of children and others will not continue to be added without justification. Transport Canada will be taking over the list and screening passenger information, something currently handled by airlines.

C-59 further falls short of allowing a special representative with security clearance to advocate on behalf of those mistakenly caught up in the list and view any potential evidence against them, something the CCLA considers a violation of the right to due process.

Speech

The Anti-Terrorism Act caused quite a stir by criminalizing certain types of speech, making “advocating or promoting the commission of terrorism offences in general” punishable by up to five years in prison. This clause raised concerns due to the broadness of the phrase “terrorism offences in general” and the fact that prosecuted individuals might not have even intended for their speech to cause any acts of terrorism.

Newark maintains this doesn’t infringe on free speech, but acknowledges some Western countries have been moving in that direction.

“Some European countries… literally were crossing the line into saying that if you were promoting resisting the west’s presence in the Middle East, that was terrorism propaganda. In other words, it intruded into what was legitimate free speech,” he says.

Newark supported the measure in C-51 and thinks concerns of journalists and some others being prosecuted under the law are “unfounded.”

"I still don’t even think we’re at a point where we know what was going on previously."

“That is part of reality of today’s world when you’re dealing with domestic terrorism, which is what we’re shifting into,” he says.

C-59 replaces this with a more narrowly defined definition, “advocating or promoting the commission of a terrorist offence.” This means a higher evidentiary standard for prosecution and the requirement that the individual intends for terrorist acts to result from their speech.

Newark finds this concerning and redundant. He says that counselling others to commit terrorist acts is already covered in Canada’s Criminal Code, and hopes the previous standard will be reinstated after the committee’s review of the bill.

“I’m hoping at committee, people will drill down onto that and ask a question,” he says.

“There may be a realization that in today’s world, with the use of the internet for the spread of terrorism, recruitment and radicalization, that’s the reality if you want to have the most effective legal mechanism in place to be able to deal with it.”

Going forward

Given the Liberals’ majority mandate and probable support from the Conservatives, C-59 is likely to become law. The government seems to be anticipating constitutional challenges to the bill, much like those faced by C-51. For this reason, Newark says, it is making extensive use of preambles to justify why these powers are needed.

“The courts must consider what’s in the preamble. The last government decided they didn’t have to do this. That’s a mistake,” says Newark.

“The number one basis on which national security legislation tends to get struck down by the courts is that parliament never provided any justification for doing what they’re doing.”

Newark considers C-59 to be a step in the right direction that will aid those fighting terrorism.

Parsons disagrees. “I still don’t even think we’re at a point where we know what was going on previously,” he says.

“They’re not willing to explain it, and now they want additional powers. So I think that in order for this to be a fix to C-51, or a real upgrade to national security legislation generally, there has to be an understanding of how it’s used.”

He points out there could be further unforeseen consequences, especially as Canada’s privacy and data-protection provisions continue to be watered down, diverging greatly from one of our biggest trading partners, the European Union.

“The kinds of mass surveillance that are authorized within C-59 and, in particular, the CSE Act, could have pretty severe trade implications if it does lead to the Europeans determining that Canada does not have an adequate regime for the protection of commercial privacy and European citizen’s privacy,” says Parsons.

Newark agrees that the bill, in its current form, could have unintended implications, but says that isn’t out of norm. “It’s entirely possible that these sections were put in place without anybody ever thinking about that,” he says, regarding potential trade implications. “It’s a perfect example of something that needs to get resolved at committee.”

Once the bill becomes law, CSIS will still be able to circumvent the charter with a warrant, kids will still be on the no-fly list, federal agencies will still be sharing our information, and CSE will be on the offensive with any ‘undemocratic’ country potentially in its crosshairs.

Six years after the new National Security Act goes into effect, the newly-created National Security and Intelligence Committee of Parliamentarians will coordinate — as mandated by C-59 itself — a full review of this legislation, the powers it affords and the actions that result.

We’ll see what they think.

"You always have to wait and see how things work out,” says Newark.