The Committee’s work in 2022
The National Security and Intelligence Committee of Parliamentarians 2022 Annual Report

18. On January 20, 2022, following the 2021 federal election, the Prime Minister announced the re-appointment of the Honourable David McGuinty as the Chair of NSICOP, and the Committee’s new and returning members for the 44^th Parliament. On May 20, 2022, the Prime Minister announced the appointment of two new members to the Committee.

19. In 2022, the Prime Minister tabled the Committee’s 2021 special report on the government’s cyber defence framework. The Committee launched a review of the lawful interception of communications and the “going dark” challenge, completed its special report on the national security and intelligence activities of GAC, and continued its review of the Federal Policing mandate of the RCMP.

20. Between January 20 and December 31, 2022, the Committee met 25 times, 11 of which were hearings. It met with 41 officials from 12 federal organizations, either in-person or via secure video conference. It also held two briefings with a total of five academics.

21. On February 14, 2022, the Prime Minister tabled the Committee’s Special Report on the Government of Canada’s Framework and Activities to Defend its Systems and Networks from Cyber Attack. The report was submitted to the Prime Minister on August 11, 2021 and is summarized in the 2021 Annual Report. The government agreed with all four recommendations (Annex B).

22. On June 27, 2022, the Committee submitted its classified Special Report on the National Security and Intelligence Activities of Global Affairs Canada to the Prime Minister and the ministers of Foreign Affairs, National Defence, and Public Safety. On November 4, 2022, the Prime Minister tabled the revised version of the report in Parliament. The government agreed with all four recommendations. That special report is summarized in this annual report, and the Committee’s recommendations, as well as the government’s response, are contained in Annex A.

23. On August 18, 2022, the Committee announced the launch of its review of the lawful interception of communications by security and intelligence organizations and the “going dark” challenge. The Committee’s review will examine the legislative, regulatory, policy and financial framework for the lawful interception of communications for security and intelligence activities, the challenges resulting from the impact of rapidly changing and emerging technology, including the use of end-to-end encryption, and any limitations of the current framework when faced with these challenges. NSICOP's review will also examine potential risks to the privacy rights of Canadians associated with modernizing authorities in this area.

24. Throughout 2022, the Committee held appearances and advanced its review of the RCMP's Federal Policing mandate, including numerous appearances and briefings by senior officials.

25. The Committee, as represented in most cases by its Chair, also met with international representatives from Australia, New Zealand and South Africa. The Chair also delivered presentations on the Committee and its work to the National Security Transparency Advisory Group and the Canadian Association for Security and Intelligence Studies, and met with the Director of the Canadian Institute for Cybersecurity and representatives of the United Nations Office on Drugs and Crime.

Reporting requirements for 2022

Injury to national security and refusal to provide information

26. The NSICOP Act has several reporting requirements. The Committee must include in its annual report the number of instances in the preceding year that an appropriate minister determined that a review conducted under paragraph 8(1)(b) of the Act would be injurious to national security. It must also disclose the number of times a responsible minister refused to provide information to the Committee due to his or her opinion that the information constituted special operational information and would be injurious to national security, consistent with subsection 16(1) of the Act.

27. In 2022, no reviews proposed by the Committee were deemed injurious to national security by a minister and no information requested by the Committee was refused by a minister on those grounds.

• Reviews deemed injurious to national security: 0
• Information requests refused: 0

The Avoiding Complicity in Mistreatment by Foreign Entities Act

28. Pursuant to the Avoiding Complicity in Mistreatment by Foreign Entities Act (the Act), twelve organizations within the federal government must submit to their Minister an annual report in respect of the implementation of the Act in the previous calendar year. The annual reports must contain information regarding:

1. The disclosure of information to any foreign entity that would result in a substantial risk of mistreatment to an individual;
2. The making of requests to any foreign entity for information that would result in a substantial risk of mistreatment of an individual; and
3. The use of information that is likely to have been obtained through the mistreatment of an individual by a foreign entity.

29. The Act requires the implicated Ministers to provide a copy of their organization’s annual mistreatment reports to NSICOP and NSIRA.

Avoiding Complicity in Mistreatment by Foreign Entities Annual Compliance Reports Received for 2021

The Committee received 2021 mistreatment reports from the following departments and agencies:

1. Canada Border Services Agency
2. Canada Revenue Agency
3. Canadian Security Intelligence Service
4. Communications Security Establishment
5. Department of National Defence and the Canadian Armed Forces
6. Financial Transactions and Reports Analysis Centre of Canada
7. Fisheries and Oceans Canada
8. Global Affairs Canada
9. Immigration, Refugees and Citizenship Canada
10. Public Safety Canada
11. Royal Canadian Mounted Police
12. Transport Canada

Referrals

30. Pursuant to paragraph 8(1)(c) of the NSICOP Act, any minister of the Crown may refer any matter relating to national security or intelligence to the Committee for review. The Committee did not receive any referrals in 2022.

Review of Global Affairs Canada (GAC)

31. On November 4, 2022, the Prime Minister tabled the Special Report on the National Security and Intelligence Activities of Global Affairs Canada (GAC, or the Department) in Parliament and the Committee published it to its website. ^{Footnote 6} Consistent with its reporting obligations in the NSICOP Act, the Committee summarizes this review here.

The Committee was concerned by the near total absence of governance.

32. This review was the first in-depth examination of GAC's three broad national security and intelligence roles, which are to ensure foreign policy coherence, play a facilitation and advisory role for certain CSIS and CSE intelligence activities, and conduct its own security and intelligence activities. The Committee heard from senior officials from GAC, CSIS, and CSE, and focused on the Department’s International Security and Political Affairs Branch.

33. The Department’s broadest security and intelligence role is to ensure foreign policy coherence. This involves engaging CSIS, CSE and DND/CAF to ensure that they consider foreign policy interests when contemplating certain national security or intelligence activities. GAC has bilateral written arrangements with CSIS (2009), CSE (2009), and DND/CAF (2016). Its engagement with CSIS and CSE is formalized and involves longstanding joint oversight committees, but this is not the case for its engagement with DND/CAF. CSIS and CSE have policies and internal committees that govern how they consult GAC before collecting certain types of intelligence, conducting some operations, or concluding written arrangements with foreign security agencies.

34. The Committee identified significant weaknesses in the Department’s internal governance of its foreign policy coherence role. The Department had no policies and few oversight committees, which may introduce weaknesses into the government’s assessment of foreign policy risk. As for the Department’s external governance, the formal nature of GAC's consultations with CSIS and CSE contrasts starkly with the nascent nature of its consultations with DND/CAF. The Committee recommended that the ministers of Foreign Affairs and National Defence put in place proactive, regular, and comprehensive consultation mechanisms to ensure that defence policies and operations are aligned with foreign policy objectives (Recommendation 1).

35. GAC produces and uses intelligence, funds international security projects, and coordinates the government’s response to Canadians who are taken hostage abroad by terrorist groups. GAC is one of the largest consumers of intelligence in the federal government, which it uses primarily to safeguard embassies and consulates, and it collects intelligence around the world. The Committee was concerned by the absence of ministerial direction for these activities, and recommended that the Minister of Foreign Affairs provide written direction to the Department on its national security and intelligence activities (Recommendation 2).

36. GAC plays an advisory and facilitator role in relation to certain CSIS and CSE operational activities. Although GAC has played a role in relation to CSIS's collection of foreign intelligence since the coming into force of the CSIS Act in 1984, unlike CSIS the Department has neither a policy nor a requirement to inform its minister about these activities. GAC and CSE cooperate in relation to CSE’s foreign intelligence, cyber security, and cyber operations mandates. The coming into force of the CSE Act in August 2019 gave GAC a significant role in CSE’s then new authorities to conduct cyber operations. The Act requires CSE to consult GAC before carrying out defensive cyber operations, and to obtain the consent of the Minister of Foreign Affairs before carrying out active cyber operations. While there is a GAC-CSE working group for these operations, CSE also has a ministerial direction that requires it to regularly report on the status and results of its cyber operations to its minister. GAC does not.

The most significant problem was political:
successive governments failed to establish a framework to respond to terrorist hostage-takings abroad or provide direction on individual cases.

37. The Committee was also concerned by the near total absence of governance and formalized reporting to the minister regarding GAC's facilitator role. While GAC is not itself collecting this intelligence, addressing the potential impact of the exposure of the intelligence activities would fall to the Minister of Foreign Affairs, who must be kept informed so that they can provide direction and oversight. The Committee recommended that the Minister of Foreign Affairs put in place comprehensive governance mechanisms for the Department’s security and intelligence activities and for those that it supports or contributes to at partner organizations (Recommendation 3).

38. One of GAC's key security activities is coordinating the government’s response to terrorist hostage-takings and other international critical incidents. GAC has a three-person team that supports an interdepartmental task force, but in twenty years the Department has done little to prepare for these incidents: there is no policy framework, no training, and no routine tabletop simulation exercises for the task force. This undermines the Department’s claim to “lead the coordination” of the government’s response to international critical incidents, and tends to skew the government’s response towards the mandate of the organization that brings the most capabilities to a particular incident. The Committee recommended that the Government of Canada establish a clear framework to respond to terrorist hostage-takings abroad (Recommendation 4).

39. In conclusion, the Committee’s GAC review revealed a significant imbalance between the Department’s significant role as a core member of the security and intelligence community and its governance mechanisms. Governance is the combination of internal and external structures and processes – including policies, procedures and oversight committees – that support prudent decision-making, accountability, and institutional memory. Governance serves accountability. Establishing a sound governance and accountability structure requires political will. The Committee came to five findings, and the government agreed with the Committee’s four recommendations (Annex A).