The Book

 

 

 

 

This blog comments on Canadian (and occasionally comparative) national security law to update my National Security Law textbook and now also my 2015 book, False Security: The Radicalization of Anti-terrorism, co-authored with Kent Roach.

Please also see www.antiterrorlaw.ca for Bill C-51-related analyses by Craig Forcese and Kent Roach.

For narrated lectures on various topics in national security law, please visit my 2017 "national security nutshell" series, available through iTunes.

Please also visit my archive of "secret law" in the security area.

By Craig Forcese

Full Professor
Faculty of Law

Email: cforcese[at]uottawa.ca

Twitter: @cforcese

 

National Security Law Blog Search
Subscribe to National Security Law Blog

Best Law School/
Law Professor Blog Award

 

Most Recent Blog Postings
Monday
Oct022017

A One-Word Fix: Bill C-59, the Constitution & Communications Security Establishment Activities

As the parliamentary season starts, I have begun working up more detailed thinking on bill C-59, the government's massive national security law overhaul. A lot of this bill is about heading off constitutional and other legal train-wrecks. But it also includes measured moves into new areas, with attention to drafting these powers in manners that (hopefully) will not ignite new legal controversies. In some respect, it is about getting the law out of the way as a source of doubt, at the cost of accepting more structural checks and balances.

In a first note, I set out observations on the new "intelligence commissioner" process for CSE foreign intelligence activities. The focus here is on the question of whether C-59 is enough to cure the constitutional objections to CSE's current manner of operating. For what it is worth, I think it is one word away from doing that.

The Shiny Bauble of Ministerial Responsibility

There is another issue not addressed in the paper. Does the presence of the intelligence commissioner constitute an erosion of ministerial responsibility? This seems to be a recurring issue in some parts of Ottawa. I am not entirely sure everyone means the same thing in discussing the concept, but what it means is: a minister answerable in Parliament for subordinates, and responsible for the conduct of those subordinates.

Those who have read some of my public law work will know that my view on ministerial responsibility in Canadian government in relation to the second half of the above sentence is: "What a wonderful idea. Too bad it doesn't exist." As I concluded after surveying practice between 1950 and 2009, it is rare to the point of being unknown for ministers to resign in response to wrongdoings committed by their subordinates, at least officially. (Senator Forsey arrived at similar conclusions in his notable 1985 work, The Question of Confidence). The buck-stops-here concept of ministerial responsibility is a magnificent myth, not a reality. There is a reason why Donald Savoie called one his books "Breaking the Bargain".

So, it seems a bad idea to preserve a myth by insisting on a form of unilateral executive oversight of CSE activities that is almost certainly unconstitutional without the interpostion of an independent judicial officer.

And in the area of CSE, there are several additional exhibits tending to suggest that the status quo is a bad idea.  First, on information and belief, the minister of national defence's office has not had the internal capacity (at least in the past) to "red team" thoroughly CSE authorizations to intercept private communications.  Put another way, I fear ministerial oversight has been modest.

Second, so modest has been ministerial oversight in this area that when the Snowden disclosures came out and there were revelations of CSE collection of Wifi information from Toronto airport, it was CSE's review body that stepped most vocally into the breach to offer conclusions and observations. Put another way, the review body took bullets, something that should never happen in a world with functional ministerial responsibility.

Third, C-59 does not actually remove the minister from the driver's seat. It just puts the intelligence commissioner in the back seat, looking over the minister's shoulder.  Unlike with conventional warrants, which judges shape (albeit with input from government lawyers), the C-59 system requires the minister to kick first at the authorization can, and set the terms and conditions.  Only then does the intelligence commissioner review and bless (or not). This is a double-lock system in which the minister turns the key first. It is not one in which the ministers is subordinated. Instead, he or she is watched.

As my article suggests, I think this is probably the most clever way to square the constitution with CSE's rather sui generis activities.  Take it away, and you run the real risk that the current system ends up at the Supreme Court. That Court has, of late, rarely turned down an opportunity to apply new understandings of privacy rules to new technology. Leaving it to the Court to speak first on this issue -- and perhaps narrow the range of options -- would be a huge mistake.

Added to which: a court finding that CSE's activities since (probably well before) 2001 have been unconstitutional would be disastrous for CSE. Indeed, even as we need to call upon it to do more in the area of cybersecurity and cyberassurance in the public and private sectors, its reputation would be shattered.  And those private sector companies that touch it with a ten foot pole risk collateral reputational injury.  Put another way, C-59 needs to solve the problem of a CSE currently tied to the tracks, with a Charter train rumbling toward it.

So you need to be a real risk-lover to preserve a status quo that a) does not include much, if any, real ministerial responsibility, but b) has managed to produce a lot of reputation-damaging fall-out.

Tuesday
Sep262017

Rethinking Intelligence Sharing and Torture

The government released yesterday revamped ministerial directions on intelligence sharing that may implicate mistreatment. The new directions reach CSIS, CBSA and RCMP (the agencies under the Public Safety Portfolio). We should hope for and expect the roll-out of equivalents for other departments and agencies (such as CSE and GAC).

The standards Canada should apply in sharing and receiving intelligence from foreign agencies which may engage in mistreatment (torture or cruel, inhuman or degrading treatment) is a longstanding debate. I rehearse the history in a 2014 article. I have blogged regularly on the issue in this space (keyword search "torture" in the site search field).  And Roach and I cover the topic in our 2015 book, False Security.

Here, I offer up a few quick process thoughts and a few quick substance thoughts tied to the latest development.

1. Process

Up to now, it has been difficult to figure out a) what the government policy was and b) how it was applied. We know about earlier policies because of dogged access to information applications and work by, chiefly, Jim Bronskill. In assessing actual conduct under the policies, it's been like pulling teeth. In terms of public reporting, the best we've had it SIRC's short assessment from last year. And that was confined to CSIS.

The 2017 directions are notable for several reasons.  First, they were proactively released, in keeping with the government's new transparency pledge. Ministerial directions are, in essence, law, because of the manner in which governing statutes give them legal imprimatur. That they have been held close to the chest, and if released, redacted, has been a major irritation -- and should be concerning in a society governed by the rule of law. So A+ on the proactive release.

Second, the directions themselves impose transparency expectations. Key features include the following requirements:

19. Transparency about the use of this Direction is a key principle. In accordance with Principle 4 of the Government's National Security Transparency Commitment, CSIS is expected to publish information that explains how this Direction is implemented, including how risk assessments are conducted, in line with Canadian values, including those expressed by the Canadian Charter of Rights and Freedoms.

The agencies are to compile annual reports on their performance under the directions.  This will be classified, but shared with the minister and the review bodies. But also:

27. This report, in an unclassified format, will be released publicly, containing the contents described above to the extent possible without compromising the national interest, the effectiveness of operations, or the safety or security of an individual.

Maybe you need to have spent a career banging up against agency insularity, but I regard this too as a big deal.  We'll wait and see how thorough these reports are, but so far an A+ for the principle.

2. Content

Background

Intelligence sharing needs to be divided into "in-bound" (coming from foreign partners) and "out-bound" (disclosed to foreign partners).  Out-bound is the most fraught historically and legally. Sharing information in knowledge of risk that it might lead to someone's torture opens the door to a violation of Canada's international obligations (depending on how you define "complicity" in the Torture Convention), constitutional law (depending on the application of causality principles suggested in cases like Suresh) and international and domestic criminal law (depending on the scope of the intent requirement in aiding and abetting concepts).  I discuss all this in the 2014 article noted above. 

Out-bound intel sharing was at the heart of the Arar, Almalki, Elmaati and Nureddin matters -- which were tragic for the victims, tarnishing for the services and expensive in terms of liability and reputation for the government.

We have gone back and forth on the standard to be applied to outbound intel sharing for years.  In 2002, for instance, internal CSIS policies provided: “if there are allegations of human rights abuses, the Service always ensures to use a cautious approach when liaising with the foreign agency and closely scrutinizes the content of the information provided to, or obtained from, the foreign agency” either “in an effort to avoid instances where the security intelligence information exchanged with the latter is used in the commission of acts which would be regarded as human rights violations” or “to ensure none of the security intelligence information exchanged with the latter is used in the commission of acts which would be regarded as human rights violations.”

Various accountability bodies have questioned the effectiveness of these operational policies.  In its 2004-5 annual report, the Security Intelligence Review Committee doubted CSIS could meet the human rights standards expressed in its 2002 policy.

In May 2009, the minister of public safety issued a specific ministerial direction on CSIS information-sharing with foreign agencies.  This document provided:

 so as to avoid any complicity in the use of torture, CSIS is directed to

  • not knowingly rely upon information which is derived from the use of torture, and to have in place reasonable and appropriate measures to identify information that is likely to have been derived form the use of torture;
  • take all other reasonable measures to reduce the risk that any action on the part of the Service might promote or condone, or be seen to promote or condone the use of torture, including, where appropriate, the seeking of assurances when sharing information with foreign agencies.

This standard was revised again in 2011. The 2011 version began with a section on “Canada’s legal obligations”, defined several key terms, established “information sharing principles” and then provided a road map for approving both in-bound and out-bound information sharing “when there is a substantial risk of mistreatment in sharing information”.

Having acknowledged the international, statutory and constitutional prohibitions on torture, the instruments defined “mistreatment” to include both torture and CID treatment or punishment.  “Substantial risk” of such treatment meant a “personal, present and foreseeable risk of mistreatment” that is “real and must be based on something more than mere theory or speculation” that typically arises when “it is more likely than not that there will be mistreatment”.  The latter test was not, however, to be “applied rigidly because in some cases, particularly where the risk is of severe harm, the ‘substantial risk’ standard may be satisfied at a lower level of probability”.

The information-sharing principles applicable to CSIS, RCMP and CBSA included an obligation to avoid “complicity in mistreatment by foreign entities” as well as a requirement to assess the accuracy and reliability of information received from partner agencies.  Approvals for information-sharing was to be indexed to the level of risk of mistreatment.

Where the risk of sending or soliciting information from a foreign entity was substantial, and it was unclear that the risk could be mitigated by caveats and assurances, the CSIS director, the RCMP commissioner or the CBSA president decided on the information-sharing.  These officials considered a list of factors in arriving at their decisions, including the national security interest, the basis for believing a substantial risk existed, measures to mitigate that risk and the views of other departments, including Foreign Affairs.  The matter might also be referred to the minister.  The minister or the director “shall authorize the sharing of information with the foreign entity only in accordance with” the direction and “Canada’s legal obligations”.

For use of in-bound information, the 2011 directions noted that in exceptional circumstances CSIS, RCMP and CBSA could share information from foreign entities that likely stemmed from mistreatment: “When there is a serious risk of loss of life, injury, or substantial damage or destruction of property, CSIS [RCMP or CBSA] will make the protection of life and property its priority.”  As a prudential measure, “[m]easures will also be taken to ensure that the information which may have been derived through mistreatment is accurately described, and that its reliability is properly characterized. Caveats will be imposed on information shared with both domestic and foreign recipients to restrict their use of information, as appropriate.”

Bottom line: the 2011 directions for both out-bound and in-bound had "in case of emergency, break glass" permissions to share information even where torture risk remained high (or in the case of in-bound, even when it had occurred). Hence the criticism.

For me, the out-bound sharing was the most doubtful, because the link to complicity was more acute and the causal consequences more evident. I have urged that in-bound raises different issues. It is not enough to argue, as many human rights advocates do, that use creates a "marketplace" for torture. That is a good sound bite, but a bad analogy. And to the extent people conflate any use with complicity, they stretches the complicity concept beyond both it legal and plain meaning. (And I would accuse the UN Committee Against Torture of invoking implausible understandings of complicity, contributing to the unfortunate sense that the UN human rights bodies are norm entrepreneurs with an indifferent commitment to law.)

On the dilemmas of in-bound, see some of my discussion here and in my 2014 article.

There are, however, some bright lines for in-bound, beyond complicity. For instance, it can't be used as evidence. Art 15 of the UN Torture Convention provides: "Each State Party shall ensure that any statement which is established to have been made as a result of torture shall not be invoked as evidence in any proceedings, except against a person accused of torture as evidence that the statement was made."

In 2006, a group of academics and human rights groups struggled with what other standards should guide in-bound use, beyond this Art 15 expectation. Even that group (which included Canada's chief international human rights groups of the period) chose not to endorse an absolute bar on in-bound use. This is what we came up with, codified as the Ottawa Principles on Human Rights and Anti-terrorism (principle 4.3.2):

Information, data, or intelligence that has been obtained through torture or cruel, inhuman or degrading treatment or punishment may not be used as a basis for:

  

(a) the deprivation of liberty;
(b) the transfer, through any means, of an individual from the custody of one state to another;
(c) the designation of an individual as a person of
interest, a security threat or a terrorist or by any other description purporting to link that individual to
terrorist activities; or
(d) the deprivation of any other internationally protected human right.

 

2017 Directions

So what is new in the 2017 directions? For out-bound, the "in case of emergency break glass" prospect is now gone: "If that substantial risk [of mistreatment] cannot be mitigated, information will not be disclosed to that foreign entity." So too when information is requested of a foreign service: "If that substantial risk cannot be mitigated, information will not be requested from that foreign entity."

This an important shift. It amounts to a moral choice about the primacy given to the prohibition on torture. Much will turn on what "mitigation" may mean (for example, would mitigation include doubtful possibilities like "we will tell the Americans and they will tell the Egyptians". )  But if the new checks and balances and transparency discussed above work, these are dilemmas that will regularly be "red teamed" by independent reviewers. [There will be lots of application issues. For instance, Paul Champ raises an excellent point about the definition of substantial risk, which reads in part "a personal, present and foreseeable risk of mistreatment." In Badesha this month, the Supreme Court declined to limit review of torture risk on extradition to this highly personalized assessment, and refused to foreclose "the possibility that there may be cases in which general evidence of pervasive and systemic human rights abuses in the receiving state can form the basis for a finding that the person sought faces a substantial risk of torture or mistreatment."]

On in-bound, there is no absolute bar on use. The information can never be used in a proceeding or "in any way that creates a substantial risk of further mistreatment".  But the "in case of emergency break glass" prospect remains: generally, the information could not be used to deprive someone of their rights or freedoms, except where "it is necessary to prevent loss of life or significant personal injury." So does this line up with the Ottawa Principles? Well, I struggle to imagine a deprivation of a right or freedom that would occur independent of "a judicial, administrative, or other proceeding", for which the suspect in-bound information cannot be used. So the result might be something like:

Ottawa Principles

2017 Direction

Cannot be used as basis for:

 

(a) the deprivation of liberty;

In Canada, would require use in a proceeding (criminal, civil, administrative, warrant or threat reduction, peace bond, preventive detention – all are proceedings). I would argue that passport revocation and no fly listing is a proceeding captured by this same limitation. Therefore, use in these contexts is barred. Maybe the initial detention under preventive detention in exigent circumstances, prior to show cause review by the court? But to justify detention on evidence could then never use in front of the court would be very suspect.

(b) the transfer, through any means, of an individual from the custody of one state to another; 

In Canada, would require use in a proceeding. Therefore barred.

(c) the designation of an individual as a person of interest, a security threat or a terrorist or by any other description purporting to link that individual to terrorist activities; or

This is the thorny issue.  See below.

(d) the deprivation of any other internationally protected human right. 

 

In Canada, would almost certainly require use in a proceeding. Therefore barred.

 

Paragraph c) is the headache. For instance, CSIS may commence an investigation on reasonable grounds to suspect a threat to the security of Canada. If in-bound information constitutes the basis for that reasonable suspicion, nothing in the directions would appear to preclude an investigation, subject to the requirement that the feared security threat is one related to loss of life or significant personal injury. (Or potentially even without this requirement if there is no risk of deprivation of someones rights or freedoms, which is the more likely prospect if we are simply talking about an investigation.)

Now to be clear, CSIS could never get a search warrant using this in-bound information -- that would require a proceeding. But it will collect open source information, perhaps follow a target and flag a person in a dataset of some sort.

People will debate whether this is appropriate. Again, be careful about calling this "complicity". And be careful of overreaching and arguing that this violates Canada's legal obligations.  And note also that if the investigation culminates in some proceeding, the in-bound information cannot be used in it.  Still, the tainted in-bound information seeds an investigation. It seems to me, at the very least, there should be standards on cleaning out this data trail if the investigation turns up nothing. The directions provide that tainted in-bound information needs to be caveated and its reliability properly categorised. But more than that, if there is an authorized use, which turns into a goose chase, then it seems to me that any person flagged by that information or in the deadend investigation it sparked should be protected from forever being in some government security database. That is, there should be a scrubbing. I fear otherwise that even caveated information will prove fungible and the genesis of fruit of poisoned trees down the path.

Monday
Sep112017

Government Proposals for Reforming National Security Criminal and Civil Trials

In August, the government circulated a targetted consultation document propoing a series of changes to the way in which national security secrets are kept in criminal and civil proceedings. This is very inside-baseball stuff, but essentially the government is responding to long-standing concerns about "intelligence-to-evidence", the thorniest matter in Canadian national security law.

The criminal law changes would reform the Canada Evidence Act, s.38 process to, among other things, open the door to provincial superior court trial judges, allowing them to participate more fully in it. (Section 38 allows the government to block disclosure of national security secrets in legal proceedings. This preserves sensitive information from exposure, but there is a trade-off: the government cannot then use these same secrets in the legal proceeding to defend or prosecute a case.) The civil law proposals echo these Canada Evidence Act changes, but then also propose "closed material proceedings" (CMP). The latter is a novel proposal. Basically, CMP would allow secret trials in civil cases: the government could use secrets in closed proceedings on the merits of the case, in a closed hearing from which the public and the other litigants are excluded.

Kent Roach and I have prepared a brief response to these proposals, generally supporting the criminal law reforms, but also urging that the need for reform here is as much operational as legal. We also express doubts about the closed material proceedings proposal.  Our paper is posted here. The abstract for that paper is as follows:

This paper responds to the government’s proposals for redressing the “intelligence-to-evidence” (I2E) dilemma in national security judicial proceedings, discussed in its targeted consultation document distributed in August 2017. The paper urges the need for not just law reform, but also operational reform in terms of how police and the Canadian Security Intelligence Service (CSIS) manage their "parallel" national security investigations. We renew our doubts about the parallel investigation and the dangers it poses for national security. The paper supports the government's proposed changes to the Canada Evidence Act, s.38 national security confidentiality procedures for criminal trials. In particular, it agrees that trial court judges should be able to make and modify s.38 non-disclosure orders. It urges, however, that Parliament codify the Stinchcombe disclosure rules, and their application to national security proceedings, and not simply double-down by codifying the O'Connor "third party" rule -- something that may reinforce parallel police/CSIS investigations. The paper expresses considerable skepticism for the "closed material proceeding" (CMP) proposal in civil trials implicating national security proceedings. These would produce, in essence, secret civil trials. We suspect secret civil trials would be challenged on division of power grounds, under s.96 of the Constitution Act 1867 and even under the Charter and the open court principle and, if it remains applicable, the Canadian Bill of Rights. More immediately, the CMP proposal seems likely to make a bill responding to neglected criminal law I2E issues much more controversial than it needs to be.