Share

CSIS metadata breach: Ralph Goodale ‘pursuing criticism’ with spy agency management

Public Safety Minister Ralph Goodale suggested today that there may be consequences for the senior management of Canada’s spy agency after a Federal Court decision found CSIS broke the law in failing to destroy potentially sensitive personal information.

“I take very seriously the explicit finding by [Federal Court] Justice Noel that CSIS had failed in its duty to be candid with the court,” he told reporters before entering question period.

“I will be pursuing that criticism with the executive management of the service,” he said. 

The ruling Thursday found that the Canadian Security and Intelligence Service illegally kept potentially revealing electronic data it collected over a 10-year period, breaching its duty to inform the court, since the information was gathered using judicial warrants.

Because the metadata — which can include information like email addresses or telephone numbers contacted at a specific date or time, but not the content of the messages or calls themselves — was not related to a security threat, it should have been destroyed.

“Canadians need to have confidence that all the departments and agencies of the government of Canada are being effective at keeping Canadians safe, and equally that they are safeguarding our rights and freedoms, including privacy and the rule of law,” the minister said.

“From the service and from the department of justice, a strong and timely remedial plan is required to reassure the Federal Court about the issue of candour.”

Goodale says CSIS must be forthcoming with the Federal Court2:33

The federal government is not appealing the Federal Court ruling. Goodale said Friday he welcomed the decision.

“The court’s insight and guidance are timely, coming in the midst of the public consultations on Canada’s national security framework,” he said, pointing out later that Canadians haven’t been given a chance to be heard on privacy concerns like this until now.

SIRC will monitor compliance

The spy agency can legally intercept communications and collect third-party data associated with those communications when it’s required for an investigation. But data can’t be studied or kept unless it relates to a specific threat.

CSIS has blocked all access to and analysis of this data as a result of the ruling, Goodale said. 

“I am asking the SIRC (Security Intelligence Review Committee) to monitor the situation carefully to ensure compliance.” 

The minister said this privacy breach was first raised in SIRC’s 2014-15 report, which was delayed because of the election. He eventually tabled it last January.

The minister said he became fully aware of the issue when the Federal Court judgment was made available to him in preliminary form a few weeks ago.

“The law is the law and all government agencies must comply with the law of the government of Canada,” he said.

CSIS Info Sharing

CSIS director Michel Coulombe told reporters Thursday that the spy agency, in consultation with the justice department, interpreted legislation as allowing for the retention of associated data. “It is now clear the Federal Court disagrees with this interpretation,” he said. (Adrian Wyld/Canadian Press)

When asked whether anyone could be fired over this, the minister said he would discuss with CSIS executives how they might plan to respond.

“(CSIS) director (Michel) Coulombe is abundantly aware of my expectations in this matter,” he said, adding later that this ruling has exposed a “serious defect” in records management that needs to be fixed.

At a hastily called news conference late Thursday to respond to the ruling, Coulombe said he deeply regrets the court’s “serious concerns.” The agency accepted the court’s decision, he told reporters, and has “taken immediate actions to respond.”

Future committee could review use

The future use and analysis of metadata are part of the ongoing national security review. While it could be useful to keep Canada safe from threats, “privacy is a fundamental Canadian value,” Goodale said.

The parliamentary oversight committee the Liberals are setting up — legislation to implement it, Bill C-22, is currently before the House — could offer a future safeguard.

It will have “extraordinary authority,” Goodale said, and unlike SIRC, could review not just past activities of security agencies but also ongoing operations.

“Timeliness is a critical concern here,” the minister said.

But at an earlier press conference, two NDP MPs suggested the the new committee won’t be independent enough.

The prime minister and cabinet would appoint its members and hand-pick its chair, justice critic Murray Rankin said, while controlling the information it receives and potentially blocking investigations into certain areas. Reports could be revised without notifying the public, he warned.

“Surely that’s not good enough for Canada in the 21st century,” Rankin said, especially with the cyber-security concerns noted by the judge in this case. 

“Metadata is the new frontier for privacy protection,” he said.

Rankin calls the court ruling on CSIS “Disturbing”1:48

New Democrats are proposing amendments they say would give the intended watchdog more teeth and claws.

Thursday’s judgement shows that the parliamentary oversight committee needs the power to summon witnesses, compel testimony under oath and require the production of documents, Rankin said.  

Public safety critic Matthew Dubé said that despite what former minister Stockwell Day said on CBC News Network’s Power Politics Thursday, the Federal Court ruling said that in 2006, the former Conservative minister was made aware of this data collection.

We have to imagine that Goodale was briefed too, Dubé said. “We want to know: what did the minister know?” 

“The Liberals were elected realizing … that there were problems with C-51, with how this was all taking place, and promised more oversight and promised more accountability,” he said.

“If the minister was aware of this, and continued under the status quo that had been put in place under the previous government, that in and of itself is a problem, given what they promised.”

Coulombe and Day on who knew what when1:50

Article source: http://www.cbc.ca/news/politics/csis-metadata-privacy-breach-1.3836605?cmp=rss