Past Session:

Proceedings of the Standing Senate Committee on
National Security and Defence

Issue 16 - Evidence - Meeting of April 23, 2015

OTTAWA, Thursday, April 23, 2015

The Standing Senate Committee on National Security and Defence met this day at 1:33 p.m. to examine the subject matter of Bill C-51, An Act to enact the Security of Canada Information Sharing Act and the Secure Air Travel Act, to amend the Criminal Code, the Canadian Security Intelligence Service Act and the Immigration and Refugee Protection Act and to make related and consequential amendments to other Acts.

Senator Daniel Lang (Chair) in the chair.

[English]

The Chair: I want to welcome everyone to the Senate Standing Committee on National Security and Defence for Thursday, April 23, 2015.

Before we welcome our witnesses, I would like to begin by introducing the people around the table. My name is Daniel Lang, Senator for Yukon. On my immediate left is the clerk of the committee, Adam Thompson. I would like each senator to introduce themselves and state the region they represent, starting with our deputy chair.

Senator Mitchell: Grant Mitchell, Alberta.

Carolyn Stewart Olsen: Carolyn Stewart Olsen, New Brunswick.

Senator Ngo: Thanh Hai Ngo, Ontario.

Senator Kenny: Colin Kenny, Ontario.

Senator Day: Joseph Day, Saint John—Kennebecasis, New Brunswick.

Senator Runciman: Bob Runciman, Thousand Islands and Rideau Lakes, Ontario.

Senator Beyak: Lynn Beyak, Northwestern Ontario.

Senator Jaffer: Mobina Jaffer, British Columbia.

The Chair: Colleagues, the Senate has referred to this committee the subject matter of Bill C-51, An Act to enact the Security of Canada Information Sharing Act, the Secure Travel Act, to amend the Criminal Code, the Canadian Security Intelligence Services Act and the Immigration and Refugee Protection Act and to make related and consequential amendments to other Acts.

Joining us today as we continue our pre-study of Bill C-51 are the Honourable Jean-Pierre Plouffe, Commissioner, and Mr. J. William Galbraith, Executive Director, Office of the Communications Security Establishment Commissioner; Mr. Ian McPhail, Chair, and Mr. Richard Evans, Senior Director, Operations, Civilian Review and Complaints Commission for the RCMP; and Mr. Michael Doucet, Executive Director, Security Intelligence Review Committee.

Thank you for taking the time to join us today. We are pleased to welcome you back and to acknowledge the work you do to ensure our security agencies are fulfilling their mandates respecting Canadian laws.

I understand each organization has an opening statement. I would invite Mr. Plouffe to begin, followed by Mr. Doucet and Mr. McPhail.

Hon. Jean-Pierre Plouffe, Commissioner, Office of the Communications Security Establishment Commissioner: Mr. Chair and honourable senators, I am pleased to be back to appear before this committee on matters that touch upon my office. I am accompanied today by Mr. J. William Galbraith, executive director of my office.

[Translation]

You have my biographical note, so I will not spend time going over that, but I would like to say that I have found that my decades-long experience as a judge has stood me in very good stead in my first year and a half as CSE Commissioner. I would like to make a few quick points about my office before commenting on Bill C-51.

I am independent and at arm's length from government. My office has its own appropriation granted by Parliament. I have all the powers under part II of the Inquiries Act which gives me full access to all CSE facilities, files, systems and personnel, including the power of subpoena, should that be necessary, to complete my reviews.

I have 11 full-time staff, 8 of whom are focused on review; they are complemented by subject matter experts under contract, two of whom also conduct reviews. I also have both in-house and independent legal counsel. My personnel have experience and expertise in areas including information technology, cyber-security, intelligence, legal affairs, privacy, and national security policy.

[English]

Let me turn now to Bill C-51. Part 1 of the bill, the proposed security of Canada information sharing act, allows the sharing of information with the 17 Government of Canada institutions listed in Schedule 3 of the bill. On March 6, 2015, I wrote to the Chair of the House of Commons Standing Committee on Public Safety and National Security examining this bill, Mr. Daryl Kramp, questioning why the existing review bodies were not also given increased authority to share information amongst themselves. I recognize the intent of the bill is for departments and agencies to share information to protect Canada against activities that undermine its security.

At the same time, I believe it is critical that as the information-sharing authorities governing law enforcement, security and intelligence agencies expand, the ability of review bodies to share and cooperate must keep pace. Furthermore, I strongly believe that review is a key component in ensuring that law enforcement, security and intelligence agencies conduct their activities within the law and also that they protect the privacy of Canadians.

There is, as I wrote in my letter to Mr. Kramp, which is published on our website, cooperation among intelligence and security agencies. They are authorized to cooperate and to share information. There is no equivalent explicit authority for my office to cooperate and share with SIRC and the Civilian Review and Complaints Commission, CRCC, for the RCMP. However, based on our reviews of activities involving both CSE and CSIS, my predecessor and I have referred questions or issues to the chair of SIRC that involve CSIS for follow-up as they deem appropriate.

Due to legal impediments, these questions or issues do not involve operational information. Therefore, the sharing of information and cooperation between my office and SIRC is limited. Activities beyond this, such as the sharing of operational information of the agencies or the conduct of joint reviews, would need a legislative change.

I believe the law should explicitly authorize such cooperation between my office, SIRC and the CRCC. Such an explicit authority to cooperate and share information would strengthen review capability and effectiveness. It would also enhance the ability of review bodies to ensure the compliance of activities undertaken jointly by CSE, CSIS and the RCMP. This authority becomes that much more important in the evolving context of ever greater cooperation between law enforcement, intelligence and security agencies, and the prospect of increased information sharing as envisioned in Bill C-51.

This issue of cooperation among review bodies is a long-standing one, indeed. Nine years ago, Justice O'Connor, in his commission of inquiry report, also referred as the 2006 Arar inquiry report, recommended that "statutory gateways" be enacted linking the review bodies responsible for CSE, CSIS and the RCMP to achieve four goals. This was meant to provide, one, for exchange of information; two, referral of investigation; three, conduct of joint investigations; and four, coordination and preparation of reports. Nevertheless, in the absence of legislative change, we have been active in encouraging cooperation to the extent possible within existing authorities.

[Translation]

For example, in 2005, we initiated a Review Agencies Forum that meets one to two times per year. Review officers and managers from my office, SIRC, CRCC as well as the Privacy Commissioner's office, have an opportunity to compare best practices in review methodologies and discuss issues of mutual interest.

In consultation with our review colleagues, we also organized review workshops in the past for personnel new to the review function. We plan to continue this initiative. And, as I already mentioned, my predecessor and I have referred to the chair of SIRC, questions and issues resulting from our reviews of CSE that implicate CSIS. I would also do the same with the CRCC, should the occasion arise.

[English]

As to Part 4 of Bill C-51, the added measures to reduce threats to the security of Canada that it proposes for CSIS will have a more direct impact on SIRC, which will review CSIS's performance in that regard.

With respect to any impact of Part 4 on my office, this is unknown at this time. It is possible that CSIS may request assistance from CSE in taking measures to reduce threats to the security of Canada. CSE can provide technical and operational assistance to CSIS under Part C of its legislated mandate as provided for in the National Defence Act. If it does, I will review CSE's activities in this regard. However, we will not know to what extent until it actually happens. I will monitor this to determine whether I will need to increase my resources as a result.

[Translation]

Thank you for the opportunity to appear before you today, and I wish you well in your deliberations. I would be pleased to answer your questions.

[English]

The Chair: Thank you very much.

Mr. Doucet, please.

Michael Doucet, Executive Director, Security Intelligence Review Committee: Mr. Chair and honourable senators, good afternoon and thank you for the opportunity to appear before you today. This afternoon I'm pleased to introduce you to Chantelle Bowers, SIRC's Deputy Executive Director.

When SIRC was invited to appear last month in regard to Bill C-44, I discussed our work and what changes might be required to assist us in ensuring that this work is as comprehensive as possible. Today I would like to expand on those themes and discuss what Bill C-51 would mean for SIRC and for national security accountability in Canada.

Let me begin by clarifying how SIRC operates as there has been quite a bit of discussion around the committee being part time. The committee itself meets several times per year. During those meetings, it establishes priorities and reviews the work undertaken by our staff. Committee members are also assigned to complaints cases and preside over the attendant hearings.

The committee is supported by a full-time staff, including myself as executive director. I am responsible for the day-to-day operations of SIRC and its 18 full-time employees, including nine research staff and three lawyers. SIRC's staff is composed of individuals from different academic and professional backgrounds, with many approaching or eclipsing 10 years of experience in reviewing the most sensitive national security issues.

[Translation]

A typical review requires hundreds of staff hours and is completed within four to five months. SIRC staff review and analyse thousands of pages of hard copy and electronic documentation; conduct briefings and interviews with relevant CSIS staff; and often undertake a field visit when a review involves a regional office or a foreign post. A classified report on the results of a review is presented to the committee when it meets. SIRC also conducts investigations into complaints made against CSIS and denials of security clearances.

[English]

Therefore, the committee is made up of part-time members; SIRC's work is very much carried out on a full-time basis. With that clarified, I would like to move on to a discussion of the impact of Bill C-51 on SIRC and accountability.

Bill C-51 will significantly impact the effectiveness of not only SIRC but of Canada's national security accountability overall. With the passage of Bill C-51, SIRC will stand at a critical threshold whereby ability and capacity to effectively fulfill its review function could be in jeopardy. Having said this, SIRC is obviously in the process of assessing the impact of the announcement made in Tuesday's federal government budget, namely, a significant increase to SIRC's budget to enhance its review of CSIS.

First, the legislative amendments contained in Bill C-51 aimed at giving CSIS threat diminishment powers and SIRC's obligation to annually review at least one aspect of the service's performance in taking measures to reduce threats to the security of Canada will require a significant resource commitment from SIRC in both its research and investigative complaints function.

The most significant impact that we foresee will be on research, which will be responsible for leading the review of CSIS's threat reduction activities. Threat reduction activities are by their very nature controversial and/or potentially high risk, meaning that SIRC will have to pay very close attention to them in coming years. The number of complaints that these activities may generate is difficult to predict, but we must also be prepared for an increase in complaints given that SIRC investigates complaints with respect to "any act or thing done by the Service."

SIRC will need to commit the resources required to undertake focused, dedicated and permanent mandatory review in order to provide proper comprehensive and systemic review of these new threat reduction activities. SIRC will therefore face difficult decisions in coming years as we struggle to cover a larger CSIS waterfront.

Second, in our 2010-11 annual report, SIRC commented that:

The existing review mechanisms — including SIRC — are neither configured nor equipped to examine fully Canada's increasingly integrated national security activities.

This statement became the basis for follow-the-thread discussion, namely the need for SIRC to be able to address and assess national security matters that involve CSIS but go beyond the strict confines of that agency.

[Translation]

This is not a new discussion, but with Bill C-51, its importance is greater than ever. In 2006, the O'Connor commission criticized Canada's national security accountability structure and made detailed recommendations. Justice O'Connor observed correctly that the national security activities of many federal entities had become largely intertwined in the aftermath of 9/11, but review agencies remained siloed.

[English]

SIRC's ability to follow the thread and conduct joint reviews is absolutely vital to accountability. With Bill C-51 comes increased information sharing for the purposes of national security. As a result, over 100 Government of Canada institutions can share information in respect of activities that undermine the security of Canada without any clear standards for disclosure. Seventeen departments with a national security nexus, including CSIS, are listed in the legislation as the recipients of this information sharing. Of those 17 departments, only 3 are subject to a dedicated review body; and those review bodies represented here today are constrained from following the information of the agency they examine into other Government of Canada institutions and from performing joint reviews. These legislative constraints on SIRC will make it increasingly difficult for us to provide robust assurances on CSIS's activities to Parliament and Canadians.

I would like to leave you with the conclusions from the 2009 report of the Standing Committee on Public Safety and National Security on their review of the findings and recommendations arising from the O'Connor inquiry. The report states:

Without an integrated structure for the full review of national security issues, the government cannot effectively and efficiently protect Canadians from violations of their civil rights and freedoms.

SIRC looks forward to being part of such an integrated structure, whatever form it may take.

Thank you, and this afternoon I welcome any questions you may have.

The Chair: Thank you very much.

Mr. McPhail.

Ian McPhail, Chair, Civilian Review and Complaints Commission for the RCMP: Mr. Chair, honourable senators, thank you for inviting me here today along with my colleagues from SIRC and the Office of the CSE Commissioner. I welcome the opportunity to discuss the role of the Civilian Review and Complaints Commission in providing independent review of the RCMP. I am accompanied by Mr. Richard Evans, Senior Director of Operations for the CRCC.

I have previously testified at this committee that a strong, credible and independent civilian review mechanism is essential to maintaining public trust in any policing organization. At the time, I was testifying on amendments to the RCMP Act.

With the coming into force of the amended RCMP Act in November 2014, the newly named commission now has additional authorities and resources to enhance our effectiveness. The RCMP Act now unambiguously sets out the commission's right to access information held by the RCMP and to determine what information is relevant to an investigation or a review. Although there are certain limits to the commission's access, I am confident that the RCMP recognizes the value of independent civilian review and will cooperate with the commission in fulfilling its mandate.

That mandate has been expanded to include not only reviews of conduct of RCMP members further to a public complaint but also to undertake broad, systemic reviews. Pursuant to section 45.34 of the act, the commission can undertake a review of a specified activity of the RCMP to ensure that it is carried out in accordance with legislation, regulation, ministerial direction, or any policy, procedure or guideline. To date, the commission has not initiated any such review; however, extensive planning has occurred over the past year in anticipation of the new mandate.

Commission staff has developed a risk matrix model to facilitate the identification of RCMP activities. Given the large, diverse and complex nature of the RCMP, the model was established to identify those areas that pose the greatest risk and, therefore, would benefit from external review in an effort to identify potential problems before they become larger issues affecting public trust in the force.

The RCMP has been briefed on the commission's planning activities, and I expect to inform the minister and the commissioner in the near future of potential systemic investigations. All of this to say, the commission has a mandate to review all RCMP activities, including those envisioned by Bill C-51. For example, with respect to the information sharing provisions contained in the bill, the commission is well positioned to review that type of activity, including the policies, procedures and internal oversight mechanisms that would undoubtedly accompany the implementation of such legislative changes within the RCMP.

It is important to note that notwithstanding the increased collaboration that Bill C-51 will facilitate, security intelligence and law enforcement remain fundamentally distinct, subject to different policies, procedures and thresholds. As such, oversight of the agencies charged with combatting terrorism must also reflect different expertise. I believe strongly that the commission has a mandate to provide effective oversight of the RCMP.

In conjunction with oversight partners at the federal and provincial levels, Canada is well served by a model that works in the Canadian context. As an example, the commission has experience working cooperatively with other oversight bodies in the absence of explicit legislative provisions, as demonstrated in our investigation into the RCMP's role in the G8/G20 summits, where we worked closely with the Office of the Independent Police Review Director of Ontario with great success.

Since that time, the amended RCMP Act now provides the commission limited joint investigation authorities with our provincial counterparts. Federally, the commission strives to maintain a cooperative working relationship with SIRC, the Office of the CSE Commissioner, as well as the Office of the Privacy Commissioner. I believe that in so doing, we are laying the foundation for a more coordinated and collaborative national security oversight community.

Thank you, Mr. Chair. I would be happy to respond to any questions you may have.

The Chair: Thank you very much.

I will begin with the deputy chair, followed by the sponsor of the bill, Senator Runciman.

Senator Mitchell: Thanks to each of you. You have inspired an overwhelming number of questions, but I don't get to ask an infinite number of them.

The Chair: You get far more than you deserve.

Senator Mitchell: I don't know where to start. I will start by being nice to the chair, so maybe I will get three instead of two.

I am interested in two classes of questions: One is the question of silos, which certainly has been addressed extensively; and the second is the question of resources, which has been addressed as well.

I will start with Mr. Doucet and anybody else can jump in. You are saying clearly, and it has been said in your report, for example, that if CSIS were to give information to the Department of National Defence and DND were to give that information to the United States, and the United States were to give that information to Syria, and Mr. Arar ends up in Syria being tortured, there's no way that you ever could have followed that thread under this bill, even though the sharing of information is a huge portion of this bill. It increases and allows more information sharing, but you would not be able to follow it in any kind of constructive way from your agency to another agency and another and another.

Mr. Doucet: Yes, senator, that's correct. You have captured it very well. As information is shared, and we call it following the thread, we cannot follow that thread from agency to agency. The problem is exacerbated as intelligence agencies all have their relationships nationally and internationally. As that information leaves our borders, so to speak, we don't have any reach into it. So, number one, we don't have the ability to follow information nationally as it goes from agency to agency.

Of course, as review agencies we cooperate on methodologies and research and so on, but we do not have the right to follow information when the agencies that we review are sharing more and more information all the time, as they should be doing.

Senator Mitchell: It is said that agencies create memorandums of understanding for the sharing of information, but it is not required in this bill that they do so. Would you, for example, get to see the memorandum of understanding that other agencies would have not only with CSIS but also might have between and amongst themselves — other agencies that CSIS works with?

Mr. Doucet: Not necessarily. We, of course, have unfettered access to all information at CSIS, with the exception of cabinet confidences. We can look at their memorandums of understanding, but we would not necessarily see memorandums that are held by other agencies within the community. Of course, they could be public, in which case we would have access to them, but typically we would not see those MOUs.

Senator Mitchell: Mr. Plouffe, I am very interested in your concern about the conceivable expansion of your work. One area where that might be inspired, if I could put it that way, or driven, would be in the area of the new warrant provisions for disruptive activities by CSIS. That could mean, could it not, that it might open up CSIS's ability to use CSEC to help them in disruptive activities, meaning it could bring a great deal more pressure.

Do you have the resources to check warrants? Do you check warrants now? I'm asking this question in the context of the Mosley case.

Mr. Plouffe: Right now, I have sufficient resources, in my view. In the last seven or eight years, the number of employees has been increased from 8 to 11, and I expect that in the forthcoming two or three years more employees will be hired.

With regard to what Mr. Doucet was alluding to, we do share information to an extent between the review agencies, but as I was saying and as Mr. Doucet said, this is limited. It is limited because we cannot, pursuant to the Security of Information Act, share operational information. We do share, practically speaking to an extent, methodology and so on, but at one point in time we cannot, for example, conduct joint investigations. Let's say that both CSE and CSIS are involved. Sometimes they would like to make a joint review. We can't do that right now because it's operational.

Under the assistance mandate of CSE with regard to the provisions of this bill, if in the future, for example, CSIS more often requests the assistance of CSE, this would mean more work for CSE and also more work for my office. I will have to monitor that in the future and see whether or not in practice more work is involved. If so, I will have to ask, obviously, for more resources.

J. William Galbraith, Executive Director, Office of the Communications Security Establishment Commissioner: With respect to your reference to warrants, when CSE would be requested to provide assistance to CSIS, yes, we would have access to the warrant because that's what's giving CSE the authority, so we would be able to review those.

Senator Mitchell: In a sense, the bottom line is that while this act is designed to create much greater integration of the work of the 17 national security agencies, and the sharing of information and even the cooperative activity, it does nothing whatsoever to break down the silos of the very few — 3 of 17 — review agencies that review. It is only 3 of 17 of these agencies in any event. How does that make any sense?

Mr. Plouffe: Well, maybe it doesn't.

Senator Mitchell: Thank you very much.

The Chair: I think the chair has given the deputy chair a great deal of latitude, so we will move on to Senator Runciman.

Senator Runciman: This question is for Mr. McPhail and then, perhaps as well, for Mr. Doucet.

Mr. McPhail, in terms of doing your job, which is providing oversight of the RCMP, I'm assuming you have broad access to RCMP info. I think I garnered this from your opening statement, but I would like to put it on the record, namely that your organization has what you deem to be sufficient authority to access RCMP information and, in particular, national security information.

Mr. McPhail: The short answer, senator, is yes. To expand on that, the CRCC is entitled to have access to any information under the control or possession of the RCMP which, in the opinion of the commission, the commission considers to be relevant. That applies to all phases of a review or an investigation. It further extends to privileged information, including special operating information and information related to the Witness Protection Program. The commissioner can object but must provide reasons for his or her objection in writing. The amended RCMP Act provides a dispute resolution mechanism in such a case.

However, I do believe that the RCMP understands that releasing information to the commission is quite separate and distinct from releasing it publicly. The reason is that the commission is subject to government counter-security policy. In fact, the government went so far as to schedule the commission as an agency permanently bound to secrecy pursuant to the Security of Information Act.

I take from this that the government recognizes the CRCC as an organization that is expected to handle sensitive and classified information. All this to say the commission has a clear mandate to review all RCMP activities, including national security activities.

Senator Runciman: This is a question you may not want to respond to. It deals with SIRC, which I guess Mr. Doucet would feel comfortable about. I looked at some of what he has said in the past indicating concern that SIRC's mandate limits its reviews to CSIS. Taking a look at the CSIS Act, I have some concerns about that conclusion. I'm not sure if it's based on a binding court interpretation of the act or whether it's an internal policy decision. I wonder if your officials have looked at that mandate and how it may affect you and whether you share the view that SIRC does, apparently, that their reviews are limited to CSIS.

Mr. McPhail: Our reviews are limited to the RCMP, and those apply not only to public complaints but also to systemic reviews.

With respect to the RCMP, that would include a criminal investigation or a review from the moment the RCMP becomes privy to information regarding any security or counter-intelligence issue. It's the new mandate for the commission allowing us to do systemic reviews that will enable us to investigate this.

Quite clearly that does not give the commission authority to investigate information held by other bodies, but it does give the commission the authority to investigate, hypothetically, the policies and procedures by which the RCMP engages in information sharing and how it deals with the information once it has been received.

Senator Runciman: That didn't really deal with my question. In any event, he chose not to answer.

I should pose that question to Mr. Doucet. If you look at the CSIS Act, questioning whether you already have the authority under section 39 and 50 to acquire information from anyone you choose to in the instance of investigating a complaint, I'm wondering, as I posed earlier: You don't believe you have the express authority, and my interpretation of this is that you do have express authority to summon witnesses and documents from other federal departments and agencies. I'd like to hear your explanation with respect to how you feel your mandate limits it to reviews. I would believe you also have the ability to initiate. I think you did mention initiating based on complaints. But you also have the ability, I believe — in my perhaps mistaken interpretation — to conduct investigations on an ongoing basis while an operation is still under way. I know Justice Major has suggested these are all after-the-fact investigations and reviews, but in fact you do have the opportunity to go into a situation on an ongoing basis.

Mr. Doucet: Thank you, senator. Let's maybe talk about the act to begin with, if I may, and let's go back to 1984 when the CSIS Act was in fact enacted.

Back in 1984, and for many years after 1984, intelligence agencies in Canada didn't necessarily talk to each other a whole lot. We talk about contemporary intelligence, the post-9/11 intelligence world, where agencies are now talking together and sharing information so much more. Our history, if you want to put it that way, has been a history of reviewing CSIS and CSIS alone.

In our annual report tabled to Parliament for the year 2011-12, for the first time we put in a section called "A Message from the Executive Director." We always had a message from the committee. In that annual report, I laid out to Parliament what I considered were three tenets of SIRC, three guiding principles, if you will.

The first is that we are a professional organization engaging professional people and doing very serious professional work. That should be a given, but we wanted to put that out there.

The second tenet is that we are independent. We're fiercely independent, and we stand by that.

The third one — and I think this is of interest to your question, senator — is that we are a member of the S&I community. We are not just a review agency of CSIS. We are a member of the community. As a member of the community, our goal is to go to other members of the community and talk about tools and techniques that they use that are somewhat similar to CSIS, that allow us to better review CSIS.

I'll give you an example that I like to use if we're looking at surveillance technology. There are other members of policing in the S&I community that use surveillance technology. It benefits us and it benefits Parliament if we have those conversations. Those conversations to date are limited to tools and techniques, and not to operational information.

As we move forward to the future and look at new legislation and its impact, we will be doing a gaps analysis to look at what we are missing, what we are not getting where we are not looking. As part of our gaps analysis, we will be looking, obviously, at our authorities — not just what have we practised in the past but what can we do in the future. I'm a big believer in looking at what we have done historically as a predictor for what we can do or what we should be doing in the future.

I may not have specifically answered your question on your interpretation of the act, but I think I've laid out where we've come from and where we are today.

I have to tell you that after telling Parliament that we were going to go out to other organizations to talk about tools and techniques within S&I and policing, when we knocked on their door, the first question was, "What are you doing here? You don't have any right to talk to us." Well, we certainly have a right. You may not want to talk to us, but we have that right.

Those doors have really been opening for us. When we go into another organization, we tell them, "You won't find yourself in our annual report. We're not critiquing you. We're not reviewing you." We're searching for knowledge on a tool, on a technique, whether it's analytics, surveillance, as I mentioned, those sorts of things. So that's where we are today.

Senator Stewart Olsen: This may have been partially answered, Commissioner Plouffe. You've suggested we need legislative changes to expand the mandate of the Security Intelligence Review Committee. We're talking about sharing here, which is a big point, I can see. Do you think this can be done by regulation or an MOU between the two departments, or do you think it requires legislation?

Mr. Plouffe: Regulations are not as strong as a law, as we all know. An MOU is even less binding. It is binding, but a memorandum of understanding between departments or institutions is similar to an arrangement, to a contract. If we want the review bodies to explicitly share information on the operational side, it is my view that we need legislative change, not only regulations.

Also, normally, you make regulations pursuant to a law, to an act. If you want to make regulations, they have to be relevant to one of the provisions of the enabling act. In other words, let's say we have the authority under the National Defence Act to do so. Then we can make thereunder a regulation. But if you don't have any provision in the act permitting review bodies to collaborate and share information, I don't think you can make valid regulations under that law.

Senator Stewart Olsen: Thank you.

Mr. Doucet, right now are you confident that you have the ability to properly scrutinize? You partially answered in mentioning your gap analysis, so I'm not sure you need to even expand on that, because that was quite a good answer.

Mr. Doucet: SIRC is very confident today in our ability to seek information from CSIS to conduct our reviews. As we mentioned under Bill C-44 when we were here, our concern was gaps, based on the expanding waterfront of activities at CSIS, as we spoke about. But we are more confident today than we were on Monday.

Senator Stewart Olsen: Thank you very much.

Senator Kenny: I have some questions for Mr. Plouffe.

The last time I was on a committee that had an opportunity to question someone in your position was when Mr. Justice Lamer was in the role. When he was asked what he did, he answer was, "Not very much. People don't complain about electronic collection, so we're a pretty quiet shop."

A little bit of time has passed. Could you please describe to the committee how you do your job; what are the components of it; how do you set your priorities; and are you working on it full time?

The Chair: Those are four questions.

Senator Kenny: No. That's actually one question that's clearly put.

Mr. Plouffe: I will start with the easy answer. I'm not full time; I'm part time.

I would disagree with my ex-colleague, or the ex-commissioner, saying we don't have too much to do. I think that today we have a lot to do. We have a very strong professional relationship with CSE. But, on the other hand, my mandate is twofold. I have to ensure that what they do complies with the law, in the first place; and in the second place, I have to assure myself that they protect the privacy of Canadians.

The last part, the privacy of Canadians, in my mind is a serious one and involves a lot of work. Not only do we look at the law as such, we look at CSE procedures. We look at how they do internal operations with regard to privacy and so on. We want to make sure that the privacy of Canadians is respected. We conduct six to eight reviews every year on a number of subject matters, so I feel that we are very busy indeed.

I'm part time, but I live in the Outaouais region. I'm there maybe more than two-and-a-half days a week. I'm there maybe three days a week or four days a week. Yesterday, I was called by the executive director. I was having lunch somewhere, and he said, "We need you." I did come. I'm not from Montreal. I'm not from Toronto. I'm from Ottawa, so I'm available. I'm part-time officially, but in practice maybe I'm full-time.

Senator Kenny: You have given me Mr. Justice Lamer's answer with kinder words. You really haven't told us of anything about what you do. Why don't you give us some examples of how you protect the privacy of Canadians and how you go about setting your priorities?

Mr. Plouffe: I will ask the executive director to answer that with regard to what is a review. It goes into details. He'll provide you with the proper answer.

Mr. Galbraith: Senator, in a very short answer, we have information on our website in terms of the function that talks about what constitutes review, how we go about it, how we set our priorities, how we determine what to review and in what order of priority.

We receive briefings from CSE. The ongoing reviews may identify other issues that require a separate investigation.

Twice a year, we update an annual work plan, a three-year work plan. It's updated twice a year. It's not cast in stone. If there is some issue that arises, we consult with the commissioner. If he decides that this is something that should take priority because of the risks it presents to compliance with the law, the risk to privacy of Canadians, then that becomes a priority and something else has to move out of the way.

Under any given time, there may be about 10 reviews under way. The commissioner said we complete six to eight classified reviews that are submitted to the minister responsible for CSE, the Minister of National Defence, but those are completed. There are others that are ongoing that will go into a new fiscal year, for example.

Does that satisfy, or are there other specific questions?

Senator Kenny: It doesn't, but I'm prepared to ask my second question, and that is, what potential harm would come if you do not get legal authority for sharing information? You make an impassioned case for the importance of it. Describe to us what harm would come to Canada if you don't get that authority.

Mr. Plouffe: Well, it's just more complicated to do our job. That's all. We can do the job anyway, except that it's more difficult if you cannot share with other review bodies. If you look at the intelligence agencies, they cooperate more and more between themselves. Why not for us? If it's good for them, it should be good for us.

It's the same thing around the world. I'm meeting with my counterparts in the United States and England. We want to share information and be more efficient. If we could share information among the review bodies, we would be even more efficient in the job we do.

The typical example I can give is what we call a joint review. The Mosley case. My predecessor is the first one that, in the annual report, talked about that problem. He had to refer the matter to the president of SIRC. We could not do a joint review, so he referred the matter to the president of SIRC for whatever action he deemed necessary. Let's say we would have this express authority to share information. We could have undertaken a joint review, and we could have had even a joint report out of it.

For me, as it is the case very often when we discuss law, it's a matter of common sense.

Senator Kenny: You're saying it would be more efficient, but you haven't given me an example yet of what the consequences would be if you don't get the authority you're asking for.

Mr. Plouffe: With all due respect, I think I did answer partially what you're saying. What I'm saying is I can operate, yes, but it's more difficult for me to operate because I cannot share this information sometimes with my counterparts at SIRC, so I have to act in a silo all the time. What's the problem with sharing operational information among ourselves? It would be easier. We would lose less time and we would be more efficient. I suspect Canadians expect us to be as efficient as we can.

To answer your question quite simply: At the present time, we can operate. There is no problem. We can operate anyway, except it would be more efficient and better if we could share information.

Senator Beyak: In the interests of time, I think my questions have been answered during Senator Kenny's question.

Senator Ngo: This question is for Mr. Doucet. In your presentation you mentioned the lack of resources. In light of the budget on Tuesday, which proposed to double your budget from $2.5 million to $5 million per year and every five years after that, with this new proposed budget, will you have the required resources to handle the review of CSIS's activities within Canada and outside of Canada, including information sharing, disruption activities and the use of the warrants?

Mr. Doucet: Thank you for the question, senator. We have begun to look at what we will do with our budget increase and how we will expend our funds. I will get to your question in one second.

Let me assure you that what SIRC will not do is not take new funds and take an organization this size and just make it this size. We're looking at our operations and a gap analysis of what we may not be doing today, and we're combining that with very complex legislation as it relates to information sharing and disruption. I'm confident that we can structure our organization for success in the future. Where there are gaps or gaps in our coverage, we will be happy to talk about those downstream and to talk about and let Parliament know not only what we are doing with the increased funding but what gaps may exist that we are not reviewing at any point in time.

As you've touched on and as Senator Kenny touched on, information sharing is a complex business. We don't expect, if this bill is enacted, on day one that there would be a floodgate of information coming into the service that we would then have to review. However, what we do expect over time is that there will be a lot more information coming in. The bill doesn't provide a mechanism to ensure the reliability of that information, so that is part of the issue in following the thread of information. We see the day that CSIS will be receiving information from up to 100 organizations without a qualifier on the reliability of that information. We will of course look at CSIS's activities with that information, what they do with that information, how they dispose of that information and so on. So there is a lot of work, but we're confident that we can make good use of the funding and add value to Parliament and to Canadians in what we can do.

Senator Jaffer: Thank you for your presentations and for being here.

I know for many years you have been dealing with other groups and other groups' threats. I won't name those groups, but I am a Muslim so I will name the groups that you probably will be looking at now. I know the RCMP and CSIS have made progress in diversity, and I have faith that they have started to understand the issues faced by the Muslim community.

You are one step removed, so I would like to know how you educate yourself. How diverse is your workforce, and how much are you doing to understand the challenges of the Muslim community?

Also, how do you relate to the community that is most affected? I know that you are not doing it directly, but Muslims form a large part of this country and they also need to have trust in what you are doing. How are you communicating the work so you can build trust with the community that is most affected at the moment?

Mr. Doucet: Thank you for that very good question. Let me begin with how we educate our staff and what we do in SIRC to educate our staff not only on different communities but on technology and other areas.

A while ago we started having to have what I will call Friday morning or afternoon events where we bring all our staff together. To explain why it's Friday, our staff spends a lot of time at CSIS, at the service, and Friday tends to be a day at the office, paperwork, writing reports. We had a world renowned expert from Public Safety come in a month or two ago to give a talk — not only to the staff but to the committee — on radicalization and on the communities out there. It really enlightened us to the work that is going on at Public Safety. By doing things like that we hope to educate ourselves.

With respect to the service and to our review of the service, whenever they're treating people or treating information, we always look at the justification and proportionality of what they're doing. We always ask the question, "What is the threat to Canada and to Canadians, and why are you doing this?" We always satisfy ourselves or we report on it that we are not satisfied with what they're doing at any given time.

We do not necessarily extend ourselves to communities specifically through community outreach. We have been very active speaking at various conferences and venues whenever we can, whether it be at the university level, privacy conferences or elsewhere, about SIRC, waving the banner of what we do and what we do on behalf of Canadians. That's really where we are.

I think we are putting emphasis on that. Probably a year and a half ago, we staffed a position that was directly linked to communications and outreach, and we're putting those plans together for the future.

Senator Jaffer: If my colleague Senator Baker was here he would have this question, so I will try and ask it, but not as articulately as he would. He has this question about federal Judge Richard Mosley strongly rebuking CSIS — you know what I speak of Mr. Doucet — and all these decisions that are outstanding. I'm not looking for secret information, but is SIRC looking at what happened? Because Justice Mosley clearly found that CSIS and other Canadian federal agencies illegally enlisted global surveillance dragnets while keeping domestic federal courts in the dark. Is SIRC looking at the behaviour of CSIS in that area?

Mr. Doucet: We are always cognizant of what the Federal Court is doing. We're very familiar with the Mosley decision. My colleague, Chantelle, can maybe expand on that as well. We're always mindful, whether it is Justice Mosley's comment on duty of candor. We have the ability to look at the warrant process from beginning to end, look at the targeting, look at all of those things, so we are well aware of those.

Chantelle, did you want to add to that?

Chantelle Bowers, Deputy Executive Director, Security Intelligence Review Committee: I would simply add that we absolutely followed the jurisprudence very carefully. There was of course a Federal Court of Appeal review of that decision as well. It is currently before the Supreme Court of Canada, so we're following that, and we will continue to have the warrants as part of our review process in the future and look at that very carefully.

[Translation]

Senator Dagenais: My question is for Mr. McPhail. I am glad you are here. I was a police officer in the Sûreté du Québec, and back then we called that the ethics committee. So, I prefer asking you questions in my capacity as senator. I would like to talk about your credibility, which has been attacked so often by the media. It would thus be interesting to get your take on the issue. My question is quite simple: do you receive the necessary reception, understanding and support on the part of political authorities to properly handle your oversight mandate?

[English]

Mr. McPhail: Senator, the very simple answer to your question is absolutely. Indeed, since I have been at the commission, we have added to our staff complement. We have members of our staff who have broad experience in policing and intelligence matters.

To reference Senator Jaffer's comments, we are also quite cognizant of the fact that the RCMP is called upon to deal with diverse communities, so we ourselves have become more diverse.

As a matter of fact, one of my goals is to establish an advisory committee consisting of knowledgeable Canadians from various backgrounds to assist us with some of the public concerns. The amendments to the RCMP Act give the CRCC greater legal authorities and our increase in funding gives us the tools to do the job, so I am very confident that we do have that ability.

[Translation]

Senator Dagenais: Do you offer some form of mediation? When it came to ethics, for example, we knew that police officers could appear before the ethics committee, but there was also a mediation process by which a citizen could voice an opinion in the presence of a commissioner. All this was done within a type of mediation framework. Does your committee foresee implementing this type of process?

[English]

Mr. McPhail: At the present time we are able to and do review informal resolution, which the RCMP conducts with complainants. We have received a number of complaints from members of the public since I have been there who were dissatisfied with the results of that informal resolution. We have investigated and made recommendations.

We're currently examining the whole issue of informal mediation as to whether there are opportunities for the commission to become directly involved in that rather than simply reviewing, so it is a top-of-mind issue for us, senator.

The Chair: I would like to ask one or two questions. I would like to direct a question to the Honourable Jean-Pierre Plouffe and it has to do with your previous experience as a judge. In Bill C-51, the requirements of the request for warrants go before a judge to be able to give the authorization. Are you satisfied, with your previous experience, that that is at least a significant check and balance in the system to ensure that those who are actually doing the day-to-day work required to keep Canadians safe, at the same time that their work has to be scrutinized, is a good process?

Mr. Plouffe: The short answer is yes. By referring to the Federal Court in this instance to obtain a warrant, with regard to the added powers supposed to be given to CSIS, it is a form of oversight, and I think this is quite satisfactory indeed.

The Chair: I want to pursue this vein too, because I think Ms. Bowers referred to warrants, as well as Mr. Doucet. Some of the witnesses before this committee during the course of the study of this bill have spoken about the fact that when a warrant is issued, a lot of times the requirement to report back isn't necessarily requested by the judge. Subsequently, very few people, if any, know the end results for the request of the warrant.

In view of that criticism, would you be in favour of either a regulation being put in place by the Governor General or by a policy that when CSIS officers apply for a warrant that they include, at all times, how they're going to report back to the judge so that some accountability is built into the system? That would meet what I think is a valid criticism of the current bill. Would you be in support of that?

Mr. Doucet: Thank you, senator. That's a good question, one I haven't pondered, to be quite honest. I think it is conceptually very interesting that —

The Chair: Is that a yes or a no?

Senator Mitchell: He's getting to a yes.

Mr. Doucet: That could potentially be a good way to report on the execution of the warrant. There are of course other ways, but that would force the reporting on the execution of the warrant.

The Chair: Senator Kenny, maybe you want to jump into this because I don't think you got an answer to your question in respect to the need for the legislative changes for this cooperative effort between the various organizations.

The way I understand it, in your opening address, there is a working group that works between the various organizations and you meet a number of times per year. I don't know what more you need to do your job over and above what is already there. I do have a concern if everybody gets in bed together as opposed to meeting your own mandate, because it gets blurred when you're working with the various other agencies when you get too close. So there's a saw-off here.

Maybe Senator Kenny has a comment on that before they answer the question.

Senator Kenny: That depends on whether I'm going to be able to ask my follow-up questions.

The Chair: You will be able to answer that because I am going to give you five minutes.

Senator Kenny: Thank you.

I think when you come before a committee like this you should be prepared to say, "We think this is a good idea, but here is the harm or the cost, other than it will make us more efficient." Everybody wants efficiency, and sure we want it, but what examples can you give us where we will have a breakdown of the system? Perhaps I wasn't fair, and the question is open to anybody on the panel. If you have more things you would like to say, Mr. Plouffe, I would be happy to hear them. Some specific examples of what might be missed or what has been missed because you couldn't communicate readily and easily.

Mr. Doucet, you can go ahead in the meanwhile, while they're having their meeting.

Mr. Doucet: Thank you, senator. Let's talk about the security of Canada information sharing act, where a hundred government agencies can now provide information to 17 in the security intelligence business. When we talk "following the thread," this is a reverse of the question you asked, but information will show up within an intelligence agency, and we will use CSIS as an example because they're the one I'm most familiar with. They could receive a vast amount of information, given the broader concepts of information sharing, and different thresholds used in the act than in comparison to the CSIS Act, so there aren't necessarily thresholds in the information being provided. That would be problem number one.

Problem number two is the bill doesn't provide for a mechanism to ensure the reliability of shared information. So information could be provided on a Canadian, on you or me, without any question as to the reliability of that information. So that would potentially be a problem because now the service would be the holder of information where they didn't have any context on the reliability.

Third, this increased integration and heightened information sharing between institutions further emphasizes the fact that we cannot do joint reviews of those 17 agencies with only three review bodies. Information is coming in and being held for how long on Canadians without any view of proportionality, reliability or threat because the originator of that information felt there was a threat and they provided it.

If we had reach-back to that organization in our review, we could ask them that question: "You provided this information to CSIS, we know what they've done with it, on what basis did you provide that? What were your thresholds in providing that?"

That is one of the major points around information sharing and us being able to do reviews together. Because, once again, we do share from a methodology perspective, operational perspective and a learning and development perspective, but we do not share operational information that we review.

The Chair: Senator Kenny, you are okay? It is a quarter past 2.

Senator Kenny: No, I'm not okay, chair.

The Chair: Maybe another day.

Senator Kenny: You gave me time to ask the question I wanted to ask, and I would like to put that question now, please.

The Chair: I will give you two minutes, that's it, and then we are going on with the next panel. Be brief.

Mr. Plouffe: I have an example for you, senator.

Senator Kenny: This isn't out of my two minutes.

The Chair: Yes, well, okay, this is getting a little bit beyond the pale here.

Senator Kenny: No, it's not.

The Chair: You ask your question and I want a brief response and we will adjourn for the next panel. Ask your question, please.

Senator Kenny: Mr. Plouffe said he had an answer to the previous question that he didn't get a chance to give.

The Chair: Then we will go with that. Mr. Plouffe.

Senator Kenny: And then I have my question.

Mr. Plouffe: Very shortly. It is the Mosley case. I will ask my executive director to give you a view details on that.

Mr. Galbraith: Just very quickly, in terms of the harm or what would not happen, in the case of Judge Mosley, when he requested additional information from CSIS on the warrants, the case where CSIS was requesting assistance from CSE, if we had been able to share operational information with SIRC, the commissioner would have been able to pass operational information to SIRC that would have alerted them to additional information that would have allowed them to look at the CSIS side. Justice Mosley, when he requested that in the fall of 2013, that may have been able to have come about perhaps a year earlier had we been able to share operational information. The Security of Information Act is what prevents that from occurring.

The Chair: I'm sorry. As the chairman, time is moving on. It is 17 past 2. I would like to say, we are in recess and I will excuse the witnesses.

Senator Kenny: I would like to make my case.

The Chair: You have made your case. We are recessed.

(The committee suspended.)

——————

(The committee resumed.)

The Chair: Welcome back to the Standing Senate Committee on National Security and Defence as we continue our review of Bill C-51. Joining us on the second panel of the day are Daniel Therrien, Privacy Commissioner, and Leslie Fournier-Dupelle, Strategic Policy and Research Analyst, both from the Office of the Privacy Commissioner of Canada.

I understand you have an opening statement and I would like you to begin.

[Translation]

Daniel Therrien, Privacy Commissioner, Office of the Privacy Commissioner of Canada: Mr. Chair and members of the committee, thank you for the invitation to discuss Bill C-51. I will be as brief as possible so that you may ask questions, and I hope, further illuminate the debate on this bill. I will get straight to the point.

As Privacy Commissioner of Canada, I am of the view that part 1 of Bill C-51, which contemplates information-sharing for national security purposes between all government departments and 17 specified agencies, is excessive and lacks balance. While I appreciate that information-sharing as contemplated by the bill may sometimes lead to the identification of new threats, I believe this end is accomplished at much too great a cost to privacy. The bill would potentially lead to disproportionately large amounts of personal information of ordinary, law-abiding citizens being collected and shared. This sets up the prospect of profiling and big data analytics on all Canadians. In short, the means chosen are excessive to achieve the end.

It would be entirely possible for Bill C-51 to protect both security and privacy. In order to have a balanced approach, the bill should have reasonable thresholds and effective review. First, regarding reasonable thresholds, I recommend that the bill be amended to ensure that only information which is "necessary" is shared, rather than the proposed threshold of "relevance". It is the standard of "relevance" which exposes the personal information of law-abiding citizens, ordinary Canadians, and not only of those people who are suspected of participating in terrorist activities. Notions of proportionality and balance dictate that this change be made in order to prevent overbroad sharing of information.

It has been suggested that this recommendation would require departments to become experts in national security to appropriately assess the necessity of the information prior to sharing it. There is a simple solution to this: amend the bill to obligate receiving departments to conduct such an assessment upon receipt of the information, and regularly thereafter, and immediately destroy information that is not necessary to fulfil their mandate. Replacing relevance by necessity would also address the discrepancy between the threshold of one of the main recipients, CSIS, and others; CSIS's enabling legislation confines it to collecting information which is "strictly necessary". If necessity is good enough for CSIS, why would it not apply to all recipient agencies?

[English]

My second concern relates to oversight. I remain concerned that 14 of the 17 receiving agencies are not subject to effective independent review. Furthermore, while national security agencies will be able to share information much more easily, existing review or oversight bodies, my office included, are hidebound by jurisdictional limitations and prohibitions against information sharing amongst themselves.

While my office will have a role in reviewing how the provisions of this bill will take effect, I wish to reiterate that the Privacy Act confines my compliance activities to matters which involve personal information. Therefore, no review body has jurisdiction to review the general lawfulness or the effectiveness of the activities of 14 of the 17 receiving agencies.

Furthermore, given the breadth of the information sharing contemplated by this bill and my other responsibilities under the Privacy Act and PIPEDA, the private sector privacy legislation, my office's review may not be fully effective with its current level of resources. I will try to adjust our work priorities as much as possible, but directing my review powers towards activities related to Bill C-51 will likely come at the expense of reviewing other important programs and initiatives, both in the public and the private sectors.

Some final observations: The Minister of Public Safety has indicated that there are several privacy protections envisaged by Bill C-51. While I agree that there are some protections, I believe they fall quite short of what a balanced approach would require. For example, the minister has referred to privacy impact assessments. These are useful risk mitigation tools, but as policy instruments, they do not have the power of law behind them. In fact, their use is discretionary.

Furthermore, on the issue of records retention and how long information shared under C-51 will be kept by receiving institutions, we have heard that such details may be prescribed in regulations. In my view, this is a weak safeguard as nothing would preclude the adoption of very long periods of retention.

In my view, Parliament has an important role to ensure that if information-sharing powers are greatly increased through the law, as they are with Bill C-51, commensurate information protection safeguards should also be adopted as enforceable legal standards and not in policies or in general principles such as those found in the preamble to Part 1.

This is why, in addition to raising thresholds to "necessity," I recommend that information-sharing agreements be required and be in writing and that records be duly kept during their use so that oversight bodies like my office can conduct meaningful review. I also recommend that the law require that information sharing under Bill C-51 be retained by receiving institutions only as long as necessary.

These are my remarks. I look forward to your questions.

The Chair: Thank you, sir.

Senator Mitchell: Thank you, Mr. Therrien. I want to say I really appreciate the clarity of your presentation. I would like to draw attention to the letter that you sent to Senator Lang, which I thought was exceptionally good, very clear. I draw it to the attention of the public and whoever is watching this because it lays out the issues extremely well. It is excellent. Thank you for your effort.

I was struck by the fact that in your letter — I think it was in your letter — you mention the implications of the broadness of these exchanges — and I hate to use the word "parameters" because they're so broad that you can hardly call them parameters — for the sanctity and the protection of CRA tax information, which has always historically been extremely well defined and guarded. Now you are saying that there's some question about that. It started to make me think, and maybe you could comment.

Would it be possible, under the breadth of this, for CRA, which is one of the receiving institutions, to in turn just do a review of all charitable donations that all Canadians have made to several different kinds of charities and then give that information to CSIS, without any regard for how they might use it or whether it is necessary? Or it is just a fishing trip?

Mr. Therrien: Thank you. I will start by saying, as I say in my submission, that I recognize that enhanced information sharing could lead to the identification of new threats and, therefore, is a reasonable objective of this legislation.

I do not have problems with the objective and the fact that it is believed that enhanced information sharing may find new threats and therefore better protect Canadians.

My concerns have to do with what you say is the breadth of the parameters. The government has, in large part, justified the legislation using examples that tend to demonstrate that current law creates impediments to sharing information about suspected terrorists, individuals whom the state already believes are involved in terrorism.

If it were only that, that would be fine. My main difficulty with the bill is the breadth of the information sharing permitted and the fact that, with a view to detecting and identifying new threats, information from all government departments — someone mentioned about 100 departments — will be able to be shared with 17 national security agencies, not because the information relates to suspected criminals or threats or terrorists, but because by sharing that mass of information, if analyzed, that information may identify terrorism threats.

That's where I think questions of proportionality and balance come into the picture. Do we want as a society that the information of all individuals, who are law-abiding individuals, be sent to national security agencies in the hope and with a view to identifying new threats? Is that the balance that we want to seek?

To go back to your point about tax information, among the information that could be shared with the 17 national security agencies is information from any and all departments, including tax information held by the revenue department.

It is well known that if you want to understand terrorism, follow the money, or if you want to understand crime, follow the money. It is certainly conceivable that one or more of the 17 national security agencies who will receive information under Bill C-51 will ask for quite a lot of information from the revenue department in the hope of identifying new threats. They may find some, but is it a balanced legislation that would provide for that scope of information to be sent to national security agencies? That's my main question.

Senator Mitchell: And, of course, they don't need a warrant to do that.

Mr. Therrien: No, they do not.

Senator Mitchell: You mentioned that the government did some things to justify this bill, and it's also using you as justification in answering concerns about oversight, saying, "Well, we have the Privacy Commissioner and we have the Auditor General." But how often do you get to review each of the 100 departments that can share information and each of the 17 that can receive information? Do you review all 117 departments — there is some overlap — every year for their privacy, or is it five years that you might get to every one, or every 15 years? It seems like a lot of work.

Mr. Therrien: It's all based on a risk assessment that we perform. Theoretically, we have the authority to review the activities of all departments listed in the Privacy Act for compliance by these departments for their collection and information management practices, but there are about 100 departments, so we cannot be everywhere at once. We have to choose where to do our investigations.

With Bill C-51, an important new set of responsibilities will be given to my office. I intend to do the best I can to investigate these information management practices, but I fear very much that something will give in this risk management process.

I do intend to give more priority to the implementation of Bill C-51, but I question whether I have the resources to be fully effective in that review. I heard the Minister of Public Safety say that the role of the Office of the Privacy Commissioner will be greater than ever with Bill C-51. I see that I have statutory responsibilities. We'll do what we can with the resources we have, but I think it will be very difficult to balance all of these responsibilities.

Senator Runciman: Welcome, commissioner. I gather this is something you said at some point, perhaps to the media, thinking the scope is excessive and suggesting that 17 departments and agencies covered by the security of Canada information sharing act would be able to share all personal information of any Canadian, including tax or travel information. I gather you believe the sharing of information is not restricted to national security matters.

The legislation says it applies in relation to "activities that undermine the security of Canada." I gather you don't accept that as an area that would preclude the suggestions you're talking about in terms of gathering information.

Mr. Therrien: I don't believe I have said that the sharing of information would be permitted outside of national security. I think I've said that massive amounts of information could be shared with the 17 receiving institutions with a view to detecting new threats, so information about people who are not necessarily threats but with a view to identifying new threats.

Among the examples I've given is the issue of travellers. There are areas of the world that are of concern in terms of Canadians travelling there for terrorist or other nefarious activities. Under this bill, it's entirely conceivable, and I think it is likely, that one or more of the 17 institutions will ask the Canada Border Services Agency, for instance, for considerable information about any and all travellers from Canada to these regions, not because each and every of these people is a terrorism threat but because among the thousands or tens of thousands of people who travel there, there may be.

So the purpose is national security related; it is to detect and identify new threats to national security. The bill does not allow the sharing of information beyond national security, but national security is defined very broadly. Among other things, it is defined in terms of detecting new threats among a population of people who may not be suspected terrorists.

Senator Runciman: The latest witness was Justice Major, who headed up the Air India commission, and he indicated to the committee the dangers of not having access to this kind of information. If we'd had information sharing, which back then was a problem for CSIS and the RCMP — it led to a failure to prevent the attack and negatively impacted on the ability to prosecute the offenders.

You made the comment in your opening statement with respect to necessary versus relevant. I'm sure that you appreciate that counterterrorism activities and preventive activities are far more intelligence-focused than criminal investigations. As such, being aware of potentially relevant information — the appropriate criteria, which I think are built into this act — is critically important to the future safety of the country.

Obviously, "necessary" and "relevant" are subjective terms, but I think relevance is an appropriate term to be using when we're talking about the kinds of threats posed to this country.

Mr. Therrien: I understand that combatting terrorism is based on intelligence.

As to the views of Mr. Justice Major, as I have said here just now, I recognize that some form of enhanced information sharing is a reasonable objective. My concerns have to do with scope and breadth. It is one thing to facilitate information sharing between CSIS and the RCMP or any of the three primary national security agencies and others about suspected terrorists. It is quite another to allow information sharing to the 17 on any and all Canadians. That's where I think the balance is lost.

Senator Runciman: I go back to some previous testimony here. We had Deputy Commissioner Cabana from the RCMP as a witness, and I am going to quote him:

The information-sharing provisions that are found in . . .

— Bill C-51—

. . . currently do not change much in terms of our current practices. We have well-established operating procedures that have been developed over many years based on recommendations from a number of commissions. We share in accordance with the current legal framework, including the Privacy Act and based on consistent use. That's not going to change.

The CSIS director said almost the same thing. I'm wondering if your concerns are perhaps not shared by the people who are going to be responsible for ensuring the safety of this country.

Mr. Therrien: The short answer would be that we would not be here if this legislation was not intended to change somehow the way in which information sharing is practised in this country. So obviously this bill is intended to achieve greater information sharing. I have difficulty with the notion that this bill nuances, clarifies or only changes marginally what is happening currently.

Senator Stewart Olsen: I did have some questions on your mandate, but those have been answered, I think. Are you actually saying that you have the mandate to conduct these reviews, but you're worried about your resources to carry forward?

Mr. Therrien: It's more than that. It's that in part. So you've just heard from three review bodies whose jurisdiction is limited to three national security agencies. My mandate crosses over departments, so I can review the activities of all departments subject to the Privacy Act, and there are many more than the three. But my review is limited to whether personal information is collected, used and shared in accordance with the law. So in terms of the number of institutions, I have a broader mandate in terms of the types of issues that I can review. They are more limited. For example, I cannot review whether the activities of the 17 institutions are generally lawful, something that SIRC can do vis-à-vis CSIS. And I cannot make recommendations or review the appropriateness or the effectiveness of the practices of the 17 institutions.

For instance, in the United States, just as a point of comparison, a number of years ago a new board called the Privacy and Civil Liberties Oversight Board was created within the White House. That board, which is independent, has jurisdiction over all national security agencies, like I do, a broad number of institutions, but its jurisdiction is not limited to privacy. It extends to constitutional matters, legal matters and matters of effectiveness. For instance, that body recently reported that something akin to what Bill C-51 would call for, that is, the bulk collection of metadata for telephone conversations in the United States, was not effective in identifying threats to national security.

So in the U.S. there is a board with broad jurisdiction in terms of the number of institutions and the types of issues that it can examine. In Canada, I have a broad mandate in terms of the number of institutions, but much narrower in terms of the types of issues. Other bodies like the three you just heard from have broader jurisdiction in terms of the matters, but narrower in terms of the number of institutions.

The bottom line is that 14 of the 17 institutions that will receive information under this legislation are not subject to dedicated review. I can review them for certain activities but not for general lawfulness or effectiveness.

Senator Stewart Olsen: Coming back to my question, you do have the authority and the mandate to do your job, which is reviewing for privacy.

Mr. Therrien: Yes.

Senator Stewart Olsen: I see what you're saying and where you're going. I just want the make sure that you had the authority to do your job in protecting Canadians' privacy.

Mr. Therrien: In terms of the collection of information and sharing of information practices of federal government institutions, yes, I do.

Senator Stewart Olsen: Thank you.

The Chair: Senator Beyak.

Senator Beyak: Once again, chair, the presentations have been so thorough, my questions have all been answered. Thank you.

Senator Jaffer: Thank you for your presentation. I have a number of questions and the chair will tell me when to stop, of course.

The concern I have is the 17 agencies sharing information and how, with the limited resources you have, you are going to be able to monitor to make sure that the privacy rights of Canadians are protected. As you know, this information can be shared with foreign governments. We know we cannot enforce anything internationally, but how will we protect the rights of Canadians once they have been shared with others? I feel you will come after the horse has left the barn. So how are we going to protect rights?

The thing that really concerns me is the act gives immunity to the agencies. It very clearly says:

No civil proceedings lie against any person for their disclosure in good faith of information under this Act.

If there is another Arar situation, he's not going to get compensation because now they are protected under the act. So I'm concerned as to when you are going to review. Obviously they are not going to give you the information before it is sent out. So when are you going to review the information and how are you going to protect the privacy rights of Canadians?

Mr. Therrien: I will start with another piece of legislation that was before Parliament, Bill C-44. Bill C-51 deals with information sharing within the Canadian family, between federal institutions. So it does not directly impact on sharing with other states. Bill C-44, which has extraterritorial jurisdiction for CSIS, does deal with that issue more directly and I recommended then that there be some statutory limits to sharing to prevent an Arar type of situation. So that would be the most direct legal rule that would address that problem.

Returning to Bill C-51, again it deals with information sharing between federal entities in Canada, so that in itself does not lead to a risk of mistreatment by another state.

I'm going to go back to issue of information-sharing agreements. If there were an obligation to reach information-sharing agreements between federal departments, and if I was consulted on the content of these agreements, as I'm recommending, there could be a discussion with federal institutions that these agreements would say something about the risk of sharing with other governments once information leaves federal department A to federal department B, and B possibly shares it with another state. That is in part why I recommended that there be written agreements so that these types of issues can be discussed between institutions that reach these agreements and my office to try to reduce the risk of these mistreatments.

Senator Jaffer: I got what you were saying about information sharing between departments and agreements. Would you also suggest that there needs to be an information sharing agreement with a foreign state that we share the information with?

Mr. Therrien: Absolutely. That is a bit beyond the scope of this bill, but absolutely.

Senator Jaffer: You said in the past that Bill C-51 casts a wide net and that all Canadians would be caught in this web. I want to ask you about balance and proportion. Do you feel that Bill C-51 adequately balances our security with our right to privacy?

Mr. Therrien: As I think I said a few minutes ago, the answer is no. I'm afraid that this bill is not balanced. Again, I see the need for enhanced information sharing, but I am very concerned that the way in which Bill C-51 tries to achieve that purpose is not balanced and not proportional.

The Chair: I would like to pursue a question, which Senator Stewart Olsen spoke to briefly, on the sharing of information between the 17 agencies. Nothing in this proposed legislation precludes protocols or memorandums of understanding being developed between the departments to ensure that there is a commonality of sharing of agreements between the various departments. Is that not correct? There is nothing that precludes them doing that.

Mr. Therrien: That's correct, but one of my concerns with the way in which this bill is drafted is that the rules whereby information sharing is enhanced are in the statute as enforceable legal standards. You say that there is nothing that precludes agreements. That is true, but there is no balance in this bill as between rules enhancing information, which are legal standards, and potential safeguards, which are left to policies, regulations and best practices. A balanced bill, in my view, would ensure that the information sharing enhancements would be balanced in the statute. I think that a role for parliamentarians is to ensure proper balance between enhancing information sharing and protecting rights of individuals, including privacy rights.

The Chair: Obviously we're all concerned about trying to reach that balance. I don't think anyone would argue that point.

I want to go back to responsibility and your comments earlier in respect of not having the ability to evaluate the effectiveness, which I believe was the word you used, in respect of the 17 departments. You have legal responsibility under the Privacy Act and under the Personal Information Protection of Electronic Documents Act to investigate, if required, in respect of the personal rights of a Canadian or Canadians if you see that you have a responsibility to do that. Is that correct?

Mr. Therrien: That's correct.

The Chair: There is nothing inhibiting that.

Mr. Therrien: No, other than that this will be added to my plate, and I intend to give priority to it. Unfortunately, other things will be set aside because of this.

The Chair: I don't understand. We have various oversight organizations with certain responsibilities to review the responsibilities undertaken within their departments or within their scope of responsibility. Although they may have gotten information from other departments, at the end of the day they're the responsible agents. It's not your intention to take on that responsibility, is it, when you say to check the effectiveness of the end results of any given investigation?

Mr. Therrien: I see two things. First, there is no one to verify the effectiveness of these practices for 14 of the 17. I'm not saying that it should be me, but there is no one with that jurisdiction.

Second, yes, I have a mandate in terms of ensuring compliance with privacy in principle, but it will be difficult to verify whether that is happening on the ground given the breadth of information that will be shared and the number of institutions. Yes, I have responsibilities, but it will be very challenging to fulfill these responsibilities. I intend, of course, to do the best I can with the resources I have.

Senator Mitchell: I don't know if you have read the CBA submission or analysis.

Mr. Therrien: I have not.

Senator Mitchell: I will see that you get it because I think you'll find it very interesting. They point out that the proposed security of Canada information sharing act is theoretically subordinate to your act, the Privacy Act, but that in fact the Privacy Act allows disclosures authorized by any other act. It's an interesting tautology that your powers actually may not limit in any way what this new act will allow in terms of information sharing. Maybe it's saying the same, but it's an interesting tautology. The government is arguing that the Privacy Act will oversee this, but the Privacy Act doesn't. The Privacy Act in fact allows for disclosure under any other given act.

Mr. Therrien: I agree that there is a tautology. Briefly, Bill C-51, clause 5 in particular, which is the key provision, starts with "Subject to any provision of any other Act," which is a reference in part to the Privacy Act. The Privacy Act then says there are limits to the purposes for which information may be shared, but one of the purposes for which information may be shared is if it's in accordance with another act, of which Bill C-51 is such an act. It is a tautology.

In the end, it's fairly clear that a court seized with these provisions would try to see Parliament's intent; and Parliament's intent pretty clearly is to enhance information sharing within the confines of the new SCISA, clause 5 in particular. The fact that clause 5 of Bill C-51 starts with "Subject to any provision of any other Act," including the Privacy Act, is not much of a limitation.

The Chair: Colleagues, I want to thank our witnesses, who are excused.

I should inform committee members that we will go until a quarter to four. There will be a bus out front to take us to the Senate Chamber as we have Royal Assent at 4 o'clock.

Joining us for our final panel of the day are Mr. Ronald Atkey, first Chair of the Security Intelligence Review Committee; and Mr. Paul Cavalluzzo, lawyer and former senior counsel at the O'Connor commission.

Gentlemen, welcome to the committee. I understand that each of you has an opening statement. I would like to begin with you, Mr. Atkey. I assume you can hear me.

Hon. Ronald G. Atkey, Professor of Law, Osgoode Hall Law School, York University, as an individual: Thank you, Mr. Chairman and senators. I'm honoured to be invited to appear before you today on this important bill which has captured the attention of so many, both in Canada, across the country and internationally.

My interest and background concerning this subject is set forth in my short-form resume which was filed in both official languages with the committee, so I won't go into that. In the interests of time I will omit any information along that line, and you should feel free to ask me any questions when I finish.

Given that the government and one opposition party have already indicated support in principle for this bill, I want to indicate at the outset that I am not here to destroy the bill. Rather, I want to assist in proposing some practical amendments that will improve it and perhaps save its constitutional legitimacy and integrity.

Like so many others in Canada, I accept, based on known evidence, that the current terrorist threat to Canada's security is real and that enhanced measures are necessary for major agencies such as CSIS, RCMP, CBSA and Transport Canada to combat this threat.

In a few minutes today I want to deal with three important matters. First I will deal with constitutionality and the independence of the judiciary. Second, I want to talk about effective review by SIRC, the body which I originally chaired. Third, I want to talk about parliamentary overview, which should interest this committee.

Going to the first matter, constitutionality, I want to point out that the bill, Part 4, authorizes the Federal Court to issue a warrant to CSIS to take measures that may contravene a right or freedom guaranteed by the Canadian Charter of Rights and Freedoms. This provision, in my opinion, is clearly unconstitutional and will be struck down by the courts. The existing Charter already has a built-in limitations clause authorizing reasonable limits where necessary in a free and democratic society, and proportionality applies to those limits based on almost 33 years of jurisprudence before the Supreme Court of Canada.

If Parliament wants to invoke the notwithstanding clause, it is free to do so under our Constitution, although no federal Parliament has had the courage or the need to do so since the Charter was proclaimed in 1982.

But why is the government provoking an avoidable constitutional challenge? Canadian judges are fiercely independent and are not agents of the government who can be mandated to authorize measures at all costs to protect against terrorist acts. Federal Court judges have carefully authorized or rejected wiretap applications since 1984, under the existing section 21 of the CSIS Act. I've seen some of those applications and judicial decisions. The process of judicial control of wiretap warrants applications works.

Why, in drafting new parallel provisions in sections 12.1 and 21.1 of Bill C-51 respecting additional measures or additional powers to be given to CSIS, do you need to instruct the judges to totally ignore the Charter and to allow CSIS to violate constitutional obligations in order to take these measures beyond wiretaps? The notion of Parliament authorizing a Charter breach, short of using the notwithstanding clause, is clearly unconstitutional and is not consistent with our constitutional tradition in Canada and the way section 1 of the Charter operates.

Now, gentlemen and ladies, you can avoid this constitutional mess simply by redrafting section 21.1 of Bill C-51 to provide that any warrant that permits CSIS to take measures thereunder will not contravene a right or freedom guaranteed by the Canadian Charter of Rights and Freedoms. That's point number one.

Point number two, I want to deal with effective review by SIRC and others. I have publicly defended the structure of SIRC, established in 1984 as the CSIS watchdog. It was effective at the beginning, even though there were growing pains as CSIS broke off from the RCMP and struggled initially to incorporate women and outsiders. The SIRC structure has worked well, where the only body being reviewed was CSIS and the monitoring of CSIS's extraordinary power was manageable.

But things have changed over 30 years. First, the CSIS budget, personnel and powers have grown exponentially, while the watchdog budget remains pretty much the same. That changed as of Tuesday with the budget, and I'm very pleased to see that the government accepted previous advice to increase the budget of SIRC by doubling it. That's necessary and understandable, and I won't refer to that again.

But an important part of this review discussion — some use the term "oversight," and I will come to that — is that the debate on C-51 has caused the public to reflect unfavourably on the scattered and uneven nature of review concerning a variety of federal agencies involved in security matters. There have been concerns about independent review of the RCMP and CSEC, and the absence of independent review of important agencies such as the CBSA, Transport Canada, DFAIT, CIC and 20-odd other federal agencies, not to mention provincial and municipal police forces involved in security intelligence matters. Whether we need a national security or federal security czar to supervise, monitor and coordinate security agencies, as exists and is done in the United States, or to develop a super SIRC with extended powers of review and accompanying budget, or to have statutory gateways to achieve accountability, as recommended by the O'Connor report in 2006 — and my colleague, Mr. Cavalluzzo, will address that — this is an issue that cannot be left aside as Parliament gallops ahead on C-51.

This is not a question of oversight, which has become misused as a term. Responsibility for the planning and the conduct of antiterrorist activities in accordance with the law remains, in the first instance, subject to ministerial approval and approval of warrants by judges, based on court applications submitted by appropriate agencies under the detailed requirements of the relevant legislation. That is oversight.

Review bodies do not approve operations in advance. They do ensure accountability after the event to ensure that, hopefully, all agencies exercising security functions are effective and operate within the law. They engage the public through annual reports tabled in Parliament, with a minimum of redactions for reasons of protecting individuals or methods of operation.

Now, let me talk to the last point on parliamentary overview. Many people have asked what the responsibilities are in Parliament, other than to ensure that Bill C-51 is improved to allow the legislation to go forward to assist government agencies to deal effectively with the terrorist threat while protecting fundamental rights and freedoms under the Charter.

Ladies and gentlemen, I have been both a parliamentarian and a professional watchdog. The answer to whether Parliament or specialized agencies should have the power to review our security agencies is easy for me. I believe Canadians should have both under our system of government.

Parliament is the ultimate watchdog and is directly accountable to the people. The party having the most number of seats at each general election usually is called to form the government, but Parliament remains the watchdog. Never forget that.

There is nothing inconsistent in having a specialized, security-cleared watchdog, created by Parliament, covering the effectiveness and legality of various agencies involved in security work; and having a committee of security-cleared parliamentarians charged to oversee the whole system, that is, to take a prompt overview when problems occur, which they inevitably will in this business, and to delegate investigative responsibility to the appropriate specialized watchdog.

Ladies and gentlemen, there are three bills currently before Parliament calling for a committee of parliamentarians on national security. Oddly, the one I like the best is Bill S-220, introduced by former Conservative Senator Hugh Segal, which calls for a committee of nine — three from the Senate and six from the House of Commons — to be appointed by the government, but after consultation with opposition parties and approval of the appointment by resolution of their respective houses. There are provisions for appropriate security and confidentiality of each member of the committee, and the mandate is to review the legislative, regulatory, policy and administrative framework for intelligence and national security in Canada. The committee would have access to virtually any information under the control of federal departments and agencies, except cabinet confidence.

Why not simply absorb Bill S-220 into this discussion and provide for it to come into force, say, January 1, 2016, after the next federal election? That will go a long way to satisfying the severe critics of Bill C-51.

At the same time, you can provide a mandatory review of Bill C-51 after a period of three or four years and have this committee established, having access to all secret information, including the classified versions of any relevant reports prepared by existing or new relevant review bodies. All parts of Bill C-51 would be on the table during the review process by the parliamentary committee, as would be normal when dealing with extraordinary legislation such as this. In this way, I believe Parliament could fulfill its role as an effective watchdog.

Remember that a parliamentary committee was required to review the original CSIS Act in 1989, five years after its enactment. There was original concern that the powers granted to CSIS in 1984 were too dangerous, too broad, and a lot of the arguments heard today were heard then. SIRC made submissions then and concluded generally, as did others on the committee, that we believed that the CSIS Act had worked quite well, although they did have suggestions for improvement of the legislation. And some of those have been made.

This parliamentary committee could set up a mandatory five-year review process. I think the mandate for that is even stronger today, and that would give Canadians a lot of comfort in terms of the dangerous provisions that you are considering.

Thank you for allowing me to present these comments, and I would welcome your questions.

The Chair: Thank you.

Mr. Cavalluzzo.

Paul Cavalluzzo, Senior Partner, Cavalluzzo Shilton McIntyre Cornish LLP, as an individual: Senators, thank you very much for the opportunity to come before you to deal with this very important piece of legislation, Bill C-51.

In the limited time I have, I want to focus on two areas: One is oversight and review, and the other is information sharing. I have experience as a special advocate. If there are any questions relating to that, please do not hesitate to ask me, as we filed a brief with you on the special advocates.

Now, having been commission council to the Arar inquiry and having been a special advocate for a number of years, I can attest to the fact that national security agencies, whether police or intelligence, make honest mistakes. Mr. Arar's case is the prime example of that, when inaccurate information was passed on to the Americans by Canadian agencies, which the Americans unfortunately relied upon and which led to his rendering to Syria and torture for a year. So the ramifications are unbelievable in terms of the impact on the human being and human dignity.

Unfortunately, in the last week or so we have heard that there was a debate within the CIA at the time as to whether Mr. Arar was guilty or not. At that time, unfortunately, a superior rued the day and sent him off to Jordan and then on to Syria, where he was tortured.

So these agencies do mistakes. I'm not suggesting that they're made in bad faith, but they are human beings like the rest of us and do make mistakes, which in my view call for effective and robust overview.

Of course, the point of review is to ensure accountability. The other important thing is that CSIS, like other agencies, is a government body. We should ensure that these bodies are kept within the limits of the powers that were granted to them by Parliament, and that's all we're doing with respect to reviews, ensuring that Canadian values are maintained.

As Mr. Atkey said, we all agree that terrorism is a real threat. However, the level of the threat must be kept in perspective, as the Supreme Court of Canada said in an important case: "In the end, it would be a Pyrrhic victory if terrorism were defeated at the cost of sacrificing our commitment to those values" that are fundamental to Canadian society.

Why is robust review required? Because these agencies operate in a particular manner. First of all, they operate in secret.

Second, even when courts and bodies review their conduct, those proceedings are held in secret.

Third, these agencies deal in intelligence — not evidence but intelligence. Some people have, perhaps facetiously, referred to intelligence as glorified rumours. Intelligence is not always correct. As a result of that, for these agencies that act on intelligence, mistakes are inevitable.

The other aspects of these investigations which are important and call for robust review are the issues you heard of just now, the privacy concerns and the fact that very personal information is shared amongst Canadian agencies which will be enhanced by Bill C-51, but also with foreign agencies as was done in Mr. Arar's case.

Now, the question before you is with all of these enhanced powers given to CSIS and other agencies, is enhanced review in oversight called for? In my respectful view, it clearly is. As a matter of logic, it seems to me that when the agency under review's power is increased, then the review agency's power as well should be increased.

The government, at this point in time, says there are two reasons you don't need increased review. One is that judges now are going to be doing it. Secondly, SIRC is doing a good job. That's the Security Intelligence Review Committee.

I don't think either of those arguments have merit. As far as judges are concerned, judges are going to be dealing with this new power given to CSIS only when CSIS decides that what it wants to do will violate the Charter or another law. If it doesn't make that decision, it doesn't have to go to a judge or a court for judicial authorization.

The other matter is that the judge will be approving — and I agree with Mr. Atkey — a clear violation of the Constitution. In my view, a judge cannot authorize a violation of the Charter. The Charter is the supreme law of the land.

I say this as well with no criticism of SIRC because SIRC recognizes the problems it has, and they're twofold. They were given to the government recently in a report made by SIRC to the federal government. The first is one of resources.

SIRC has 18 full-time employees and CSIS has 3,200. We can go on and on and on. There has to be some kind of adjustment in terms of resources. I was happy to see that SIRC's budget is going to be increased. Whether that is sufficient, I think you should review that very carefully. But the question of resources is something that can be dealt with either with money or with political will.

The other problem is the more substantial problem in terms of SIRC's oversight, and that is that SIRC has a siloed jurisdiction. SIRC can only review the activities of CSIS. As we know, national security investigations now are all integrated. We have the RCMP working with CBSA, CSIS, Immigration Canada and so on and so forth. The problem recognized by SIRC is that with this siloed jurisdiction, you cannot effectively review a national security investigation because so many agencies are involved.

Is there an answer to that? Is there a solution? Once again, in my respectful submission, there is. Justice O'Connor, in the 2006 Arar report, suggested an independent extensive review mechanism which would not cost a lot of money or create a new bureaucracy. It would enhance the powers of SIRC; it would make other agencies responsible for CBSA and other groups that do not have oversight and review at the present time; and it would create coordination so that we would have an all-of-government review for an all-of-government sharing of information and national security investigations.

I would ask you to look at that review mechanism, which is set out in the Arar report. In my submission, it is a very effective body which wouldn't cost a lot of money but would go a long way in ensuring effective review.

I'm not going to deal with the difference between oversight and review. Mr. Atkey has dealt with that. I want to close, though, with this important point of integrated sharing of information.

We all agree that our government bodies and agencies should be sharing information. The only question, in my view, is that there have to be effective controls. There have to be effective policies and protocols that ensure relevance, reliability and accuracy of that information. We have to have effective controls and policies up front. We also need, at the back end, integrated review so that this independent body can review how this personal information is shared to ensure it is done effectively and in accordance with our law, whether it be the Charter or the privacy laws.

I could go on, but I am sure you would like to ask questions of Mr. Atkey and myself, so I will shut it down now.

The Chair: Thank you, sir.

I will start with Senator Runciman.

Senator Runciman: Mr. Atkey, good to see you. Thank you for appearing before us today.

You talked about SIRC and your experience and background there. One of the problems they have had in the past, at least with one but perhaps more, was the whole issue of appointees to the board and conflict of interest. I am just wondering if you might want to take this opportunity to talk about the kinds of individuals, the qualifications, that sort of thing, you believe should qualify individuals for consideration for appointment. As well, how would you screen these folks, given the kinds of information they're going to be dealing with in this whole issue of potential conflicts?

Mr. Atkey: Thank you. That's an excellent question, Senator Runciman.

Integrity is the number one quality. I think individuals considered for appointment to SIRC should be security cleared "top secret." That should be a requirement. It hasn't always been done in the past and it should have been.

I carried my own security clearance as a cabinet minister forward when I became the first chair of SIRC, but there was not a formal new investigation done until a later point of time when I was working with Mr. Cavalluzzo on the Arar commission.

I think the government has to find men and women of integrity who have some experience in security intelligence. They don't have to be experts, but they have to have integrity and bring confidence to all the political parties that the thing is being properly reviewed, to give comfort to Canadians.

Senator Runciman: You have suggested amending the terrorism promotion offence. This is to limit the provision to speech that effectively is already criminal. That is a direct quote from you, I think.

I'm sure you understand that that offence is designed to fill a gap in the law, to capture people who actively encourage the commission of terrorism offences in general as opposed to a specific act.

Your suggestion — that's my conclusion anyway — would render the new offence meaningless. I could say that if that's the case, why bother?

Mr. Atkey: Senator, these are provisions that are delicate. The freedom of expression and the fair trial and due process provisions in our Constitution are eventually interpreted by the courts under the Charter, and I am concerned that this bill has not been totally Charter-proofed. I haven't received any assurance from anyone within the Department of Justice that they say 100 per cent this is Charter-proofed.

I gave one example at the beginning in terms of instructing the judges not to comply with the Charter, and I am willing to say — and I'm not a judge, but there are many legal observers in Canada — that that's unconstitutional.

The free-expression concerns I have are listed in my written submission, and I don't think it has been given a good Charter-proof scrub, which I think is necessary for precedent-setting legislation of this nature.

We can't be clairvoyant in all of this, but I think if you proceed with provisions that are in all likelihood going to be struck down by the courts, you are creating hurdles to the effective implementation and enforcement of this legislation. I think both you and members of the other house, as legislators, can take steps to perhaps ensure Charter compliance.

I cited in my written paper a couple of examples where I don't think they would pass muster under the Charter.

Senator Runciman: Both you and Mr. Cavalluzzo talked about your concerns regarding Charter breach in Part 4 where CSIS is required to obtain judicial authorization. I'm wondering if you're familiar with the Spencer case. Perhaps both of you would like to respond. How do you see that? It seems to me that Spencer endorsed what Part 4 is actually calling for.

Mr. Atkey: I'm not familiar with that case. I will defer to my colleague Mr. Cavalluzzo.

Mr. Cavalluzzo: I'm not familiar with Spencer either.

Senator Runciman: We talked earlier with Mr. Doucet from SIRC with respect to the mandate of CSIS — since you're an old hand; you've been there — and I didn't really get a clear answer from him. I know there is an interpretation of the mandate that gives SIRC express authority to summon witnesses and documents from other federal departments and agencies. He didn't get into this, but he said they're going to engage in a gap study. I wanted to talk to him about how many external complaints, other than security clearance denials, they investigate each year and how many they actually initiate. We also know that they can conduct ongoing investigations. They don't have to be after-the-fact reviews.

My point here, Mr. Atkey, is that a lot of the tools are already in place with SIRC. I wonder if they're being utilized or if there is some sort of misinterpretation of the ability that SIRC has and the activities that the agency itself can currently engage in as permitted by the act.

Mr. Atkey: Well, senator, it has been some 25 years since I've been within the precincts of SIRC, and what their current policies and practices are, I don't know. I can read the legislation and I know there is broad amplitude for them to conduct investigations on their own or to monitor particular departments of concern to deal with public servant complaints about loss of security clearance. It's a fairly fulsome mandate if they have the horses, as Mr. Cavalluzzo said.

SIRC operates as kind of a board of directors. They gather every month or so. It's the people working as investigators within the group that have security clearance that do the effective work.

CSIS does have powers now, under the existing law, to get wiretaps, and that's intrusive in many respects. It has to be done by judicial warrant. There are some 26 or 27 conditions that CSIS has to comply with in order to get that warrant.

Senator Runciman: I understand all that.

Mr. Atkey: There are provisions there, and SIRC does review that.

Senator Runciman: My point is that the comment that is on the record, and Mr. Doucet would not elaborate. He said that SIRC's mandate limits its reviews to CSIS. I guess a lot of this conversation surrounding Bill C-51 deals with oversight, a lot of concerns related to oversight. I'm wondering if that understanding of the mandate is an internal policy decision rather than a real interpretation of the abilities they do have currently, which are not being utilized.

Mr. Atkey: That's not an internal policy decision. That's based on a reading of the legislation. The CSIS Act was passed in 1984. The total area of their interest in review is CSIS. I can give you an example of that. It's a matter of public record.

We, as SIRC, wanted to review the Air India matter in 1984 through 1989. We were told that because it involved the RCMP and other agencies of the government at the time, it would be inappropriate and beyond our jurisdiction to do so, and that prevailed at that time. I think that's a pretty good, clear example of why CSIS is limited to its legislation within the scope that Mr. Cavalluzzo referred to.

Senator Mitchell: Thanks very much to both of you. I wish, Professor Atkey, you could be here. I've known of you since the 1970s and I studied your book on the modern perspective. I am struck by the fact that I'm actually old enough to think that once, in the past, the 1970s were modern, and so are you.

Mr. Atkey: Like it was yesterday.

Senator Mitchell: Just like it was yesterday, yes.

My first question is to Mr. Cavalluzzo on something you have not talked about but that you have done, and that's special advocacy. It is changed, it seems to me, in this act, and it looks like the access of the special advocate to processes and to information can be somewhat arbitrarily limited by the minister, by the processes that have been put in place by this act, and that there won't be a lot of recourse. Could you tell us what the danger of that is to people's rights?

Mr. Cavalluzzo: The danger is that the new provision provides that CSIS will determine what is relevant in terms of the information they give to the special advocate. The cases where the special advocates have successfully persuaded the judge, wherein the certificate would be quashed, were cases where they got all of the information. The information they relied upon, the government would not have thought to have been relevant at the time. So if you cut down the amount of information the SAs get to what the government thinks is relevant, it will restrict the amount of information the special advocate has and, on top of it, will in effect make them far less inferior in terms of adequately representing the interests of the person who is designated to be sent away if the government is successful. So the information is restricted.

The other question that I think is important and that we put in the brief is that in this new power that CSIS is given to go to a judge, in effect, to have the power and authority to disrupt a threat to the security of Canada, and indeed violate the Charter, I think that's an application that is so intrusive that the Federal Court judge should be given the discretion to appoint a special advocate, so that when the judge is hearing this important application there is at least an opposing argument so that we have a true adversarial process. As it presently stands, if you are going to keep that provision — and I strongly urge you to give a judge that discretion. You don't have to have a special advocate all the time, but if a judge deems it necessary, then you should have a top-secret lawyer opposing the position of the government, just to ensure that the rights of the individual are maintained.

Senator Mitchell: Under the act now, as it's written, the judge won't even have the discretion to do that.

Mr. Cavalluzzo: That's correct.

Senator Mitchell: This next one is for either one of you, but probably more to Mr. Atkey, and that's the question of disruption . Does that begin to turn CSIS into a police force? What kind of disruption could be authorized that would be consistent with the Charter of Rights?

Mr. Cavalluzzo: I can start on that. In my view, it brings the intelligence agency very dangerously close to becoming a police agency. The whole reason why CSIS was created in 1984 is that we wanted to separate the enforcement and the intelligence functions. They're getting, in my view, too close together.

The other important aspect in answering the question is that the act doesn't give any guidance as to what "disruption" means. That's a very vague and general term and leaves a lot of discretion to the Canadian official, which, in my view, once again, should be subject to robust review to ensure their decision was correct.

Mr. Atkey: They do engage in disruption under existing law. They have powers of wiretap, and a wiretap is a disruption. Hundreds and hundreds of wiretaps, which have been reviewed by SIRC, have been authorized by the minister and have been carefully combed over by the judges. That power is an extraordinary power, which can be disruptive but which has been proven to be a useful security intelligence tool of CSIS.

The question is: What more do they need than the existing law? That's where I feed into Mr. Cavalluzzo's observation. Do they need to go and specifically break the law, and in what capacity? Do they need to trespass? Do they need to steal? Do they need to cheat and lie on forms submitted, other than, of course, the exceptions, which are bodily harm and interfering with the course of the administration of justice, or sexual orientation?

The question before you is: Are there existing disruptive powers that are sufficient for them to currently do their job, or should they be expanded?

[Translation]

Senator Dagenais: My question is for Mr. Atkey.

Can you hear me well? Do you have translation?

Mr. Atkey: Yes, thank you.

Senator Dagenais: You were Canada's first Security Intelligence Review Committee Chair and, without wanting to date you, 30 years have already passed since then. Canadians' security concerns have changed a great deal with the arrival of new terrorist threats. In your experience with the limits that we place on members of the Canadian Security Intelligence Service, do you believe that changes need to be made to our laws which could facilitate work on the ground, but that would not impinge upon citizens' privacy?

[English]

Mr. Atkey: The questions that are being raised are that CSIS as a body is reviewed, and I don't think the structure of SIRC to review that is a problem. I think a sound structure that was put in place 1983-84 when the legislation was passed by a prior Parliament.

I think the bigger danger, which both Mr. Cavalluzzo and I have talked about, is the fact that there are other agencies of the government engaged in important security work like CBSA, DFAIT and CIC, which have no external review at all. That's where the problem is and that's where the rights of Canadians are in jeopardy, in my view.

[Translation]

Senator Dagenais: I have a second question for you. Obviously, those who defend privacy often refer to a particular era where a certain barn was burned down. Do you believe that this type of activity could happen again today?

[English]

Mr. Atkey: That was the product of the 1970s. This is 2015. It's a long time ago, so I think no. I think the threat is a lot different, and I think enhanced measures are necessary for CSIS, certainly, an enhanced budget to carry out some of their operations and enhanced review mechanisms which the government has recognized are appropriate. The threats are different and more pervasive.

Does security trump privacy? Probably to a greater extent today in 2015 than in 1975.

The Chair: Colleagues, I'd like to ask a question that I raised with the other panels, and that is the warrants and the process that is undertaken for the purpose of obtaining a warrant. At the present time, it's up to the judge, the way I understand it, to require those that are applying for such a warrant to report back their findings at the end of the day, once they have completed what the warrant has authorized them to do.

Would you support the concept of a regulation being put in by the Governor General or by policy that when CSIS applies for a warrant, it's mandatory that they have a portion of that request to report back to the judge the results of the warrant and what they did with that warrant?

Mr. Atkey: Effectively, we have that under the existing legislation because in the warrants that are granted for a wiretap — and parallel language is used for the new intrusive warrant. It expires after a period of time. I believe it's 120 days, and then you can seek two renewals. In effect, it's reviewed every 120 days, and then it must expire at the end of two renewals, so there is that built-in coming back procedure and you have to convince the judge it should be carried on, and then it dies after a year.

The Chair: Perhaps you didn't understand the question or I didn't put it properly. The point I'm making is that within 90 days of completing their investigation that was authorized by the warrant, the requirement is to report back to the judge the results of what's taken place because of the warrant. Therefore, there is more accountability built in by the CSIS agents that are doing such work.

Mr. Atkey: That's an interesting concept. I think it may be more efficient to have SIRC ask for a report: "Okay, you've got these warrants, we've looked at them and the supporting material and the judge's order, how did it go? Was it effective?" I think that's an effective question for SIRC to answer and to report back to the minister if there have been inefficiencies and they have been getting warrants and invading privacy needlessly, or they have been conducting operations that cost a lot of money that are not very effective. That's SIRC's job.

The Chair: Thank you very much, Mr. Atkey and Mr. Cavalluzzo. Unfortunately, we're coming to the end of our time. Your testimony has been very informative. I'm going to call for adjournment as we're needed in the chamber.

(The committee adjourned.)

National Security, Defence and Veterans Affairs

Proceedings of the Standing Senate Committee on National Security and Defence

Issue 16 - Evidence - Meeting of April 23, 2015

Proceedings of the Standing Senate Committee on
National Security and Defence