Chapter 5: The Committee's Assessment
Special Report on the Collection, Use, Retention and Dissemination of Information on Canadians in the context of the Department of National Defence and the Canadian Armed Forces Defence Intelligence Activities
92. This Special Report on the collection, use, retention and dissemination of information on Canadians in the context of DND/CAF defence intelligence activities was triggered by the promulgation of the CANCIT Functional Directive on August 31, 2018, and its provision to the Committee on October 26. As stated in the Committee's terms of reference, the objectives of the Special Report were to:
- describe the DND/CAF authority and policy framework for the collection, use, retention and dissemination of information on Canadians;
- describe the circumstances in which, and purposes for which, the collection, use, retention and dissemination of Canadian citizen information is permitted, versus those in which it is prohibited;
- describe the manner in which DND/CAF tracks and documents its collection, use, retention and dissemination of Canadian citizen information; and
- assess the legal, policy and administrative frameworks under which the collection, use, retention and dissemination of Canadian citizen information is permitted or prohibited.
93. This Special Report has addressed the first three of these objectives:
- DND/CAF authority and policy framework: In the absence of clear statutory provisions for defence intelligence, DND/CAF defence intelligence activities are largely conducted under the authority of the Crown prerogative. In practice where DND/CAF faces the possibility of encountering information about Canadians, DND/CAF relies on authorities under the Integrated SIGINT [Signals Intelligence] Operations Model for its SIGINT activities (see paragraphs 35 and 53) and partnerships with other federal government departments and agencies for its other activities (such as *** see paragraphs 18-21 and 69-79 respectively) through a request for assistance pursuant to section 273.6 of the National Defence Act. DND/CAF defence intelligence activities are also subject to several policy documents, mostly in the form of functional directives, several of which include directions on the handling of information about Canadians. The CANCIT Functional Directive, intended to apply to all defence intelligence activities, is the latest addition to the policy suite. (Chapters 1-4)
- Circumstances permitting and prohibiting the handling of CANCIT information: The intentional collection of information about Canadians is currently authorized only in the context of the DND/CAF counter-intelligence program, and where DND/CAF is providing assistance to another department or agency pursuant to section 273.6 of the National Defence Act. In all other cases, DND/CAF adopts a cautious approach, most often opting to *** in which information about Canadians was inadvertently encountered. (Chapters 3-4)
- Tracking and documenting the use of CANCIT information: Prior to the CANCIT Functional Directive, there was no requirement to track how information about Canadians was handled. Given the limited amount of available data, the Committee cannot comment on this aspect of the Special Report. (Paragraphs 89-91)
94. The Committee turns next to its assessment of the legal, policy and administrative frameworks under which the collection, use, retention and dissemination of Canadian citizen information is permitted or prohibited. The Committee focuses its assessment in three areas. The first is the trigger for this Special Report: DND/CAF's current policy framework to handle information about Canadians. The second area is the issue of the extraterritorial application of the Privacy Act. The third area is DND/CAF's reliance on the Crown prerogative for the conduct of its defence intelligence activities, particularly when those activities involve the collection of intelligence about Canadians.
DND/CAF policy framework on Canadian citizens
95. The main purpose of the CANCIT Functional Directive is to "[e]nsure clarity on the legal and policy constraints around the collection of Canadian citizen (CANCIT) information when conducting defence intelligence activities." Footnote 108 For the reasons that follow, the Committee believes that the CANCIT Functional Directive has not achieved this objective, and lacks sufficient clarity with respect to its scope and to DND/CAF authorities for the collection of information about Canadians when conducting defence intelligence activities.
96. With respect to scope, the CANCIT Functional Directive was drafted as an overarching direction to DND/CAF. This is evident from language used throughout the document:
- the directive applies to all officers and members of the CAF and all employees of DND, not only those of units responsible for specific defence intelligence activities;
- the "purpose" of the directive refers to "defence intelligence activities" generally; and
- the definitions cited in the directive are generic and drawn from DND/CAF official nomenclature (e.g., defence intelligence, information, intelligence, operations).
97. Despite the directive's statements in regard to its scope of application, DND/CAF sought to limit its general application in the course of the review. DND/CAF explained that, in practice, directives and orders governing other defence intelligence activity areas - such as signals intelligence (SIGINT) and human intelligence (HUMINT) - continue to be in force and must be read in conjunction with the CANCIT Functional Directive. Footnote 109 DND/CAF also stated that the need for the CANCIT Directive stemmed from issues related to the handling of captured equipment and material (CEM) *** However, the CANCIT Functional Directive does not make references to SIGINT, HUMINT, CEM or other defence intelligence activity areas, nor the need to read its guidance in conjunction with any other relevant functional directives. In short, the CANCIT Functional Directive does not define which defence intelligence activities are included in its scope, nor which directives take precedence with respect to the handling of CANCIT information. As discussed in paragraph 8, the Committee was unable to verify why the CANCIT Functional Directive was required, given existing guidance in other functional directives, nor establish what problems it was meant to address or resolve.
98. The lack of clarity in the policy framework also manifests itself in the characterization of DND/CAF authorities. The CANCIT Functional Directive states:
DND/CAF operations and activities shall not involve the collection of CANCIT information for defence intelligence purposes except where:
- Collection occurs in support of mandated defence operations and activities; or
- Collection, in support of another department or agency, is subject to the authority, mandate and requirements, as prescribed by law, of the supported Canadian department or agency to collect the information Footnote 110
99. Although the CANCIT Functional Directive appears to prohibit the collection of information about Canadians, the Committee is concerned that the first exception to that prohibition negates it entirely. On a plain reading, the language used in the directive strongly suggests that DND/CAF personnel are permi:ted to collect information about Canadians in all cases where a defence intelligence activity occurs in support of mandated operations. As with other parts of the CANCIT Functional Directive, the language refers to all defence intelligence activities. It does not identify specific defence intelligence activities, some of which, most notably SIGINT activities, have explicit statutory prohibitions against intentionally collecting the communications of Canadians, including in the context of mandated operations. Moreover, the CANCIT Functional Directive definition of "operations" includes a broad range of military activities, again suggesting that the collection of information about Canadians is permitted on all military missions.
100. On the broader record provided to the Committee during its 2018 review of defence intelligence activities and this Special Report, it is clear that DND/CAF does not, in fact, use the Crown prerogative to collect information about Canadian citizens as part of its defence intelligence activities in the context of mandated operations. Footnote 111 The Committee is concerned, however, by the ambiguity in DND/CAF directives and policies about its authorities to do so. In short, direction about authorities to collect information in the conduct of defence intelligence activities, especially where they may involve information about Canadians, should be clearly stated.
101. The Committee believes that the authorities for the second type of collection, in support of another government department and under its authorities, are clearer. DND/CAF stated that such support is provided under the authority of 273.6 of the National Defence Act. The Committee is satisfied, through its familiarity with the request made by [*** another government organization to DND/CAF ***] that appropriate mechanisms are in place to obtain such authorities.
102. However, the Committee returns to a theme raised in its 2018 Annual Report: important limitations on intelligence activities being embedded in policy documents rather than statute. Footnote 112 The requirement in the CANCIT Functional Directive (and using similar language, in the Ministerial Directive on Defence Intelligence) that intelligence support to another government department is subject to the authority of the requesting department is a self-imposed restriction. Section 273.6 of the National Defence Act provides that the "the Governor in Council, or the Minister [of National Defence] on the request of the Minister of Public Safety and Emergency Preparedness or any other Minister, may authorize the Canadian Forces to perform any duty involving public service." The term "public service" is not defined, and there is no restriction on what DND/CAF may do. In contrast, the authority of the Communications Security Establishment (CSE) to provide assistance is limited, through express statutory language, to the powers of the assisted department or agency. Footnote 113 It is not clear to the Committee why limitations on this type of assistance should be found in policy for one organization and statute for another; statutory clarity should exist for both.
The extraterritorial application of the Privacy Act
103. During the course of this review, the Committee became aware of two issues of significant concern relating to the Privacy Act. The first is that DND/CAF takes an inconsistent approach to the application of the Privacy Act. In the area of domestic intelligence collection, particularly counterintelligence activities, DND/CAF applies the Privacy Act for the sharing of information with other government departments with respect to personnel security issues, and the maintenance of a personal information bank (see paragraph 67). More generally, DND/CAF appears to apply the Privacy Act in the context of sharing of intelligence with other government departments. The CANCIT Functional Directive itself cites the Privacy Act as a reference, and states that "CANCIT information may be shared with other Canadian government departments and agencies if the disclosure is authorized by law, including the Privacy Act."
104. [*** This paragraph has been revised to remove injurious or privileged information. However, the Committee concluded through the course of its review that DND/CAF believes that the Privacy Act does not apply to its overseas operations. The Committee examined a case study that, in the Committee's opinion, showed that DND/CAF believes that the Privacy Act does not apply to its overseas operations. The Privacy Act has been in force since 1983 and does not contain exceptions regarding its application to DND/CAF activities outside of Canada. The Committee believes that the Minister of National Defence should clarify his department's position, and the Committee makes further recommendations on this issue at the end of the report. ***] Footnote 114 *** Footnote 115
105. [*** This paragraph was revised to remove injurious or privileged information. The paragraph describes the Committee's second and related concern. ***]
106. Owing to its unique mandate, DND/CAF has two legal advisors: the Judge Advocate General and the Department of Justice. Under the National Defence Act, the Judge Advocate General is the legal advisor to the Governor General, the Minister of National Defence, the Department of National Defence and the Canadian Armed Forces in matters relating to military law and military justice, both highly specialized areas of expertise. Footnote 116 Parliament enacted the mandate of the Judge Advocate General in the National Defence Act in 1998.
107. On the other hand, the Minister of Justice and Attorney General is charged with the provision of advice "to the heads of the several departments of the Government on all matters of law connected with such departments." Footnote 117 The mission of the Department of Justice is to:
- support the Minister of Justice in working to ensure that Canada is a just and law-abiding society with a system of justice that is accessible, efficient and fair;
- provide high-quality legal services and counsel to the government and to client departments and agencies; and
- promote respect for rights and freedoms, the law and the Constitution.118
108. The role of the Department of Justice includes helping "the federal government develop policy and to draft and reform laws as needed." These responsibilities reflect "the dual role of the Minister of Justice, who is also by law the Attorney General of Canada. In general terms, the Minister is concerned with the administration of justice, including in such areas as criminal law, family law, human rights law and Aboriginal justice. The Attorney General is the chief law officer of the Crown, responsible for all litigation for the federal government." Footnote 119 In short, the Department of Justice is the government's 'law firm' on broader questions of law and the Constitution.
109. Concurrent with the decision to place the Judge Advocate General on statutory footing in 1998, the Department of Justice created the DND/CAF Legal Advisor, charged with giving legal advice on some matters previously within the purview of the Judge Advocate General. In principle, that meant that the Judge Advocate General would provide advice to the Department of National Defence, the Canadian Armed Forces and the Minister of National Defence on specialized areas of military law and operations, and the Department of Justice would provide advice on broader issues of law and the Constitution. In areas of overlap, the two organizations would work together to identify common principles and provide consistent advice. While this approach may produce conflict in practice, Footnote 120 it is to the benefit of DND/CAF to receive legal advice from organizations with expertise in relevant areas of law. It seems reasonable, for example, that the legal advice of the Judge Advocate General would have primacy in relation to issues relating to the Law of Armed Conflict, also known as International Humanitarian Law. However, to the extent that DND/CAF activities implicate more general public law issues that may also arise for other agencies in different settings (e.g., the consular activities of Global Affairs Canada, visa applications made to immigration officers outside of Canada), the need for government lawyers to speak with one voice becomes acute.
110. [*** This paragraph was revised to remove injurious or privileged information. It discusses the Committee's assessment of the role of the Department of Justice. ***]
Collection of information about Canadians
111. In recent missions, DND/CAF has obtained information about Canadians who maybe members of armed extremist groups, such as Daesh. Like some citizens of our closest allies, Canadians have travelled to conflict zones to promote their objectives through violence. [*** The following two sentences have been revised to remove injurious or privileged information and to ensure readability. The sentences state that DND/CAF is aware of such instances, including in a reas where DND/CAF has operated, and was asked by an ally to provide further information. DND/CAF also obtained intelligence about Canadians who may be involved in terrorist activities against Canada under the authority of another department. ***] In and of themselves, these insta nces may be isolated and may reinforce DND/CAF's contention that its defence intelligence activities rarely implicate Canadians. Nevertheless, these cases raise an important issue: should DND/CAF have explicit authority to collect, use, retain and disseminate information about Canadians where it may be appropriate to do so, including in circumstances where the use of lethal force against the concerned individuals is contemplated?
DND/CAF policy prohibitions on intentional collection of information about Canadians
112. Setting aside for the moment the caveat in DND/CAF's CANCIT Functional Directive that the collection of CANCIT information could occur in support of mandated defence operations and activities authorized under the Crown prerogative, DND/CAF has a clear policy bias against intentionally collecting information about or from Canadians in the context of its defence intelligence activities.
- DND/CAF conducts its SIGINT activities under CSE's authority, whose activities are subject to a blanket statutory prohibition against directing intelligence activities at Canadians. Footnote 121
- Current DND/CAF activities to collect *** information about Canadians who may pose a threat to Canada a recurrently conducted under *** Footnote 122
- DND/CAF has formalized a process through which [*** another department ***] shares back information that could be of interest to DND/CAF.
- DND/CAF has implemented operational policies and directions that it may not conduct HUMINT activities in Canada, nor direct its HUMINT activities at Canadians anywhere. Footnote 123
- DND/CAF stated unequivocally that it does not share information about Canadians with Canada's allies. Footnote 124
Under those standards, Canadian extremist travellers who may be present in DND/CAF areas of operations ***
113. These policy restrictions are difficult to reconcile with the operational reality described in Chapter 1 of this Special Report. The Committee recognizes that there are sensitivities associated with the potential consequences of military action on Canadians, even where the use of force is not contemplated. However, the threat posed by Canadian extremist travellers calls for a proportional response. The Committee is not convinced that the current *** approach to defence intelligence activities that involve Canadians, or information about them, constitutes an appropriate response to the threat posed by Canadian extremist travellers.
114. The government frequently deploys CAF members and DND employees to participate in international operations, most commonly as part of a coalition of countries. Where there are Canadians physically present in the area of operations who may pose a threat to coalition forces, it is incumbent on Canada to use its intelligence resources to help coalition forces understand the threat, [*** The rest of this sentence and the two following were revised to remove injurious or privileged information. The sentences describe the Committee's concerns with DND/CAF's approach. ***]
115. [*** This paragraph was revised to remove injurious or privileged information and to ensure readability. In the absence of clear authorities, DND/CAF looks to other domestic partners for authority to conduct intelligence activities. In some cases, this is perfectly legitimate: Parliament has provided statutory mechanisms for security and intelligence organizations to support the activities of other government departments where they have unique capabilities or powers. In other cases, it is less than ideal. This Special Report discussed an example where DND/CAF obtained information which contained CANCIT information and was uncertain it could possess or analyze that information. Working with another government department in these circumstances is not always effective, as those departments may not understand the intelligence or operational requirements of DND/CAF. There is also no guarantee that the department would detect in this information details that would be directly relevant to a military operation or that it would subsequently share information in a form that would be useful in a military context. Finally, DND/CAF's reliance on the authority of others may create challenges. This is incompatible with the fluidity of military operations, in which the value of operational intelligence declines over time (for example, the location of an individual or the timeframe for an event to occur). ***] *** Footnote 125
116. When it encounters intelligence about Canadians who may be taking part in hostilities, DND/CAF should have no doubt concerning its authority to obtain that intelligence, determine its relevance, and share it with other government organizations or, if appropriate, allied nations.
The Crown prerogative
117. As noted, the CANCIT Functional Directive includes a caveat that the collection of information about Canadians may occur in support of mandated operations and activities authorized under the Crown prerogative. Indeed, DND/CAF relies on the Crown prerogative for all of its defence intelligence activities, except where it acts under the statutory authority of another department or agency. The question for the Committee was, if the Crown prerogative provides an implicit authority for DND/CAF to conduct defence intelligence activities in the context of a deployed operation, why in practice has it not also constituted a sufficient authority for DND/CAF to collect, use, retain and disseminate Canadian citizen information in the same context? In short, why doesn't DND/CAF direct its intelligence activities at Canadians?
118. It appears that the Crown prerogative is not sufficient for those purposes. While the Crown prerogative provides some implicit authority for defence intelligence activities conducted in support of DND/CAF-specific missions, that authority is uncertain on whether it permits DND/CAF to collect, use, retain and disseminate information about Canadians. As a result, DND/CAF collects information about Canadians only during the conduct of its counter-intelligence program, under the authority to the Financial Administration Act, or when conducting activities under the legal authority of another department, pursuant to section 273.6 of the National Defence Act. Footnote 126 For other defence intelligence activities, DND/CAF relies on the statutory authority of other departments and agencies regarding the handling of information about Canadians that may be encountered. Those authorities are well-grounded in legislation and jurisprudence, but were not designed for the specific needs of the military.
119. The applicability of the Charter to DND/CAF's defence intelligence activities is another source of uncertainty. In the current state of the law, the Charter does not typically apply extraterritorially, and *** However, the current position of the Supreme Court of Canada is that the Charter may apply in certain circumstances, particularly if Canadian state actors are in breach of their obligations under international law. In the future, this could well include the actions of DND/CAF in a foreign nation.
120. If the Charter were ever found to apply to the defence intelligence activities of DND/CAF outside Canada, the Committee believes that the argument that the Crown prerogative provides sufficient authority to collect information about Canadians would be unpersuasive. From a legal policy perspective, there is evidence that Parliament and successive governments believe, insofar as Canadian intelligence activities are involved, that safeguards must be in place where the state collects information about Canadians even where there is no certainty that the Charter applies. This is evident for Canada's two primary intelligence organizations: CSE and CSIS.
121. The statutory scheme under which CSE conducts its activities prohibits CSE from targeting Canadians, even outside of Canada. Footnote 127 Recognizing that CSE activities carry the risk of inadvertently collecting information about Canadians, the scheme directs the agency to put in place measures to protect the privacy of Canadians in the use and retention of intercepted communications. Footnote 128 This scheme was recently amended by Parliament to add a new oversight mechanism for CSE, the Intelligence Commissioner, whose mandate will be to review the conclusions upon which the Minister of National Defence authorizes CSE to conduct a mandated activity, and to approve the authorization if the Minister's conclusions are reasonable, including those regarding measures to protect the privacy of Canadians. Footnote 129 Similar restrictions are in place for situations in which there is a risk that private communications of Canadians could be intercepted. Footnote 130 Similarly, Parliament recently amended the CSIS Act to extend the jurisdiction of a designated judge of the Federal Court to issue a warrant authorizing CSIS to take investigatory actions outside Canada. Footnote 131 Although this amendment was meant to address specific jurisdictional issues surrounding certain CSIS activities, it also mitigates risks where a Charter-protected right may be infringed by requiring a warrant in specific circumstances.
122. In short, relying on the Crown prerogative as authority to collect, use, retain and disseminate Canadian citizen information is not a viable option. Rather, the Committee reiterates the rationale it provided in its 2018 Annual Report for the government to consider providing explicit legislative authority for the conduct of defence intelligence activities (see Chapter 4, Annual Report 2018, especially "Defence intelligence: The question of legislation," paragraphs 241-252). On the basis of this review, the Committee offers two further reasons to establish statutory authority for DND/CAF to conduct defence intelligence activities.
123. First, the current approach to defence intelligence activities, conducted under the umbrella of the Crown prerogative and a collection of directives and other instruments, creates uncertainty. In the worst instances, DND/CAF is unsure that it has the legal authority to do things that, from a policy or operational perspective, it should be able to do. [*** This sentence was revised to remove injurious or privileged information. The sentence notes that the Committee commended DND/CAF. ***] significant energy is directed at resolving them. Internal and external consultation undertaken to address legal doubt may contribute to operational delay, which itself may be prejudicial to the safety of DND/CAF members and Canada's national interests. Additionally, DND/CAF solutions may be imperfect, or involve awkward workarounds where DND/CAF relies on the authority of other departments and agencies. While these authorities may provide DND/CAF a legal 'safe harbour,' they come at the expense of ***
124. Second, ambiguous legal authorities are doubtful i n a democratic system governed by the rule of law. Parliament has never contemplated what DND/CAF should do in the area of defence intelligence, and has never weighed issues of defence intelligence against issues of Charter-protected rights. As a result, defence intelligence is an anomaly among the other forms of intelligence in Canada. While it is true that the Crown prerogative is a source of some authority, it is not a transparently democratic source of legal authority. There is a credibility, and a social licence, that arises when an elected legislature speaks through legislation. State powers that have never been prescribed by legislation are uncommon, and the more invasive they are, the more they might reasonably attract controversy. If done properly, legislating DND/CAF's military intelligence mandate would address these concerns while preserving the flexibility it needs to execute its missions.