The Book

 

 

 

 

This blog comments on Canadian (and occasionally comparative) national security law to update my National Security Law textbook and now also my 2015 book, False Security: The Radicalization of Anti-terrorism, co-authored with Kent Roach.

Please also see www.antiterrorlaw.ca for Bill C-51-related analyses by Craig Forcese and Kent Roach.

For narrated lectures on various topics in national security law, please visit my 2017 "national security nutshell" series, available through iTunes.

Please also visit my archive of "secret law" in the security area.

By Craig Forcese

Full Professor
Faculty of Law

Email: cforcese[at]uottawa.ca

Twitter: @cforcese

 

National Security Law Blog Search
Subscribe to National Security Law Blog

Best Law School/
Law Professor Blog Award

 

Most Recent Blog Postings
« Bill C-51: Still Baking With the Wrong Recipe on the Charter of Rights & Freedoms | Main | Bill C-51: What Did We Learn About the Government's Intentions from the Clause-by-Clause »
Thursday
Apr162015

Bill C-51: Catching up on the "Catching Up with Our Allies" Justification for new CSIS powers

One of the recurring government talking points in the C-51 debate has been, in relation to the new CSIS powers, "we are only catching up with our allies".  This statement has puzzled and perplexed and I have raised preliminary concerns about its accuracy before. 

We have repeatedly suggested that the government release details supporting this claim, but (par for the course in this debate) it has so far ignored such requests (despite the fact that any memorandum on such a topic would be on foreign and comparative law, would not be Canadian legal advice and thus presumptively not solicitor-client privileged). 

The closest we have to details appeared in a recent and rather misleading one page document on C-51 that some government MPs have posted on their website (more on that below).

Neither Kent Roach or I purport to be specialists in foreign law, and so we have done our best to share what we know about the government claims with those who are (that is, lawyers, professors and sometimes security service members in the countries named by the Canadian government).  This blog entry represents a running tally of what has been said on this topic and what we have discovered. 

Again, we invite amplifications or corrections from those who actually know something about the laws of the countries listed.  We are doing our best, but appreciate any corrections.

Setting the Ground Rules

First, some basic methodological rules. 

1. What is the CSIS Power in Question?

Bill C-51 provides that CSIS may take “measure, within or outside Canada” to "reduce" threats to the security of Canada (broadly defined).  These measures may include things that would violate Canadian law or our constitutionalized bill of rights -- if such conduct is first blessed by a court in the form of a warrant, issued in a secret proceeding ex parte, and without appeal.  In issuing such a warrant, the judge may authorize CSIS "to do any other thing that is reasonably necessary to take those [threat reduction] measures".
 
The only constraint is that the CSIS threat reduction measure must inflict no bodily harm, no obstruction of justice and no violation of sexual integrity. The measures must also be "reasonable and proportional in the circumstances, having regard to the nature of the threat, the nature of the measures and the reasonable
availability of other means to reduce the threat."
 
These powers are not tied to investigating crimes or collecting intelligence — they are about threat reduction, tied to the vast concept of “threats to the security of Canada” in the CSIS Act (basically, anti-terrorism, sabotage/espionage, “foreign influence activities” and subversion).  And, as the language above suggests, CSIS can take these measures either in Canada, or abroad (and despite any foreign law).

2. So What Does this Mean for Foreign Comparisons

Given all this, it is not methodologically or logically sound to justify this new CSIS power by committing any of the following errors:

Category 1. the power by foreign services to gather intelligence.  CSIS already has powers to collect intelligence that include the power to conduct search and seizures for this purpose under warrant.That is not what C-51 is about -- it is about powers to "reduce" (aka disrupt) threats, using physical/kinetic means and not by spying.  And so pointing to special powers that foreign agencies have for intelligence collection purposes does not justify bill C-51.

Category 2. foreign peace office/law enforcement powers to detect or prevent crimes. 

The Canadian police already have the power, under the Criminal Code s.25.1, to violate criminal laws where engaged in a criminal investigation, subject to the requirement not to inflict bodily harm, obstruct justice or violate sexual integrity. (This power is the obvious model for the new C-51 CSIS powers, but it is much narrower and subject to back-end public reporting obligations that do not exist for the CSIS power.  See our discussion here.)  The RCMP also have the responsibility under the Security Offences Act to apprehend the commission of national security offences. 

With these legal rules, the highly preemptive nature of most terrorism offences, and the concept of intelligence led policing, the RCMP is in the business of disrupting/preventing feared terrorist acts, in the broadest sense of the term. 

And so any comparison to a foreign country that has police services that perform this same function is logically not relevant in terms of justifying giving disruption powers to CSIS, a classic security intelligence organization.  (This kind of argument could also demonstrate a lack of familiarity with existing Canadian police powers.)

Category 3. powers a foreign intelligence service may exercise in its international operations.  Foreign intelligence services do have the power to violate foreign laws in their foreign operations (CIA, MI6). But they won't have the same power to violate domestic laws or to operate domestically. 

A person who points to these foreign powers to justify similar powers, to be exercised domestically, by CSIS misunderstands the reason why most states separate their foreign and domestic intelligence operations.  And, more than that, what an agency can do abroad is simply no precedent for what CSIS should be able to do domestically.  In other words, a precedent for CSIS's domestic law breaking, threat reduction powers must itself involve domestic, law breaking, threat reduction powers.  Anything else compares apples to oranges.

Category 4. misinterpreting foreign law or failing to define adequately what is meant by terms "disruption" or "threat reduction". It is important to understand that different states apply different understandings to similar terms.  When some states speak of "prevention" they may mean something very different from what is actually on the table with C-51 and CSIS's proposed threat reduction powers.

Category 5. comparing a limited domestic power to be conducted in full compliance with law/human rights norms with a power by CSIS to break the law and violate the Charter (with warrant).  It is important to understand the scope of any disruption power a foreign service may have.  Even if it can perform a threat reduction activity analogous to what is at issue in C-51, a modest power that does not not allow the service to exceed the law or human rights is no justification for bill C-51, which proposes exactly that.

Category 6. comparing the proposed CSIS power to a country whose security services operate without a legal superstructure and whose conduct is a bit of a mystery.

What has the government said?

So far, this is what the government has said about foreign states:

Minister Blaney said this during is opening statement to the Commons committee:

Currently CSIS can detect security threats but is unable to take action unlike most allies are doing. With the new threat disruption mandate, CSIS would be authorized to take direct action to disrupt threats to the security of Canada at home and abroad like most of our allies, such as Sweden, Norway, Finland, Denmark, France, United States, United Kingdom, and Australia. It's about time, Mr. Chair.

He said this at the Senate committee:

Senator White: Thanks to all of you for being here today.

Minister Blaney, the U.S., U.K., Finland and Norway, for example, allow their respective security agencies to disrupt, in one form or another, criminal and/or terrorist activities.

Mr. Blaney: That’s correct.

On clause-by-clause in the Commons committee, government officials were asked this question by Parliamentarians:

Hon. Wayne Easter: Thank you, Mr. Chair.
   
Then my question would be do any of our Five Eye partners, United States, Australia, New Zealand or U.K. give these kinds of disruptive powers to their equivalents of CSIS and do they allow their agencies to supercede either domestic law or constitutional rights?
    
Mr. John Davies: Yes—not New Zealand, but the others, Australia, U.K., U.S. absolutely have equivalent powers. The minister mentioned that in his remarks when he was at the committee.

And some government Members of Parliament have now posted the following on their websites:

Some have alleged that the Conservative Government is not correct in stating that other allies allow their national security agencies to disrupt threats. What allies can do this work?
 
In the US the Central Intelligence Agency can, pursuant to the National Security Act, conduct domestic threat disruption with an executive order. In the United Kingdom, MI5 can, pursuant to section 1 of the Security Service Act conduct any activity to protect national security. The Norwegian Police Security Service has a mandate to prevent and investigate any crime against the state, including terrorism. The Finnish Security Intelligence Service is mandated to prevent crimes that may endanger the governmental or political system, and internal or external security, pursuant to section 10 of the Act on Police Administration. We must ensure that CSIS has the same tools to keep Canadians safe. [emphasis in original]

What have we learned?

So far, we have spoken to one former security service employee and four security or law professors in the United Kingdom (who in some cases have in turn spoken to other security service personnel).  We have spoken to three law professors in the Australia, or members of their research teams.  We received input from one French law professor.  We have received information from two law professors in the United States.  And we have exchanged notes with one law professor in Sweden, with expertise in Nordic law. These are people specializing in security or terrorism law.  Helene Buzzetti, a journalist with Le Devoir, has spoken to embassy officials from many of the countries named in the government statements above.  We have also done our earnest best to read foreign laws. This is what we have have learned so far in table form.  More detailed discussions follow. 

To summarize: we have found precisely no instance of a true precedent for the C-51 CSIS powers.  In every instance, the Canadian government's comparison with a foreign agency constitutes one or more of the methodological errors noted above.  We repeat our initial concern: Canada is not "catching up to allies".  It appears to be on an adventure of its own.  Again, we welcome corrections if we are misunderstanding foreign law.

Summary Table

State (agency)

Threat Reduction Analogy?

Power to Violate Laws/Human Rights?

Category Error Committed by Canadian Government

Australia (ASIO)

No. Powers tied to intelligence collection.

N/A

Category 1 Error: Justifying CSIS threat reduction powers by pointing to foreign intelligence collection powers

Denmark

No. Powers ties to intelligence collection

N/A

Category 1 Error: Justifying CSIS threat reduction powers by pointing to foreign intelligence collection powers

Finland

Yes, to some extent in the exercise of a law enforcement function analogous to what our own Canadian police do anyway

No

Category 2 Error: Justifying CSIS threat reduction powers by pointing to foreign police powers analogous to what our own police do anyway

 

Category 5. Comparing a limited domestic power to be conducted in full compliance with law/human rights norms with a power by CSIS to break the law and violate the Charter (with warrant).

France

N/A (because powers not prescribed by law)

N/A (because powers not prescribed by law)

Category 6. Comparing the proposed CSIS powers to a country whose security services operate without a legal superstructure and whose conduct is a bit of a mystery.

Norway

Yes, to some extent in the exercise of a law enforcement function analogous to what our own Canadian police do anyway

No

Category 2 Error: Justifying CSIS threat reduction powers by pointing to foreign police powers analogous to what our own police do anyway

 

Category 5. comparing a limited domestic power to be conducted in full compliance with law/human rights norms with a power by CSIS to break the law and violate the Charter (with warrant).

Sweden

Yes, to some extent in the exercise of a law enforcement function analogous to what our own Canadian police do anyway

No

Category 2 Error: Justifying CSIS threat reduction powers by pointing to foreign police powers analogous to what our own police do anyway

 

Category 5. Comparing a limited domestic power to be conducted in full compliance with law/human rights norms with a power by CSIS to break the law and violate the Charter (with warrant).

United Kingdom (MI5)

Not truly. It plays a more active role that CSIS but does not have legal powers of the scope at issue in C-51

No

Category 4. Misinterpreting foreign law or failing to define adequately what is meant by terms "disruption" or "threat reduction"

Category 5. Comparing a limited domestic power to be conducted in full compliance with law/human rights norms with a power by CSIS to break the law and violate the Charter (with warrant).

United Kingdom (MI6)

Yes

Yes, in limited circumstances, but may only do so internationally

Category 3. Justifying CSIS law breaking powers to those a foreign intelligence service may only exercise in its international operations. 

United States (US)

Perhaps

No.

Category 3. Justifying CSIS law breaking powers to those a foreign intelligence service may only exercise in its international operations.

Category 5. Comparing a limited domestic power to be conducted in full compliance with law/constitutional norms with a power by CSIS to break the law and violate the Charter (with warrant).

 

Australia

So far, Australia comes closest to having a power equivalent to the CSIS C-51 proposal.  Except it's not really close.  Australia's CSIS equivalent, ASIO, has new powers to conduct "Special Intelligence Operations" (SIOs).  In conducting these operations, ASIO is immunized for law breaking, subject to a requirement it not induce a crime or cause serious injury, torture, commit a sexual offence or cause significant lor or serious damage to property.  So far, this sounds like the C-51 CSIS proposal.

Except for this: these SIOs may be authorized by executive approval where an operation will assist ASIO "in the performance of one or more special intelligence functions".  The latter are, in turn, listed in paragraphs 17(1)(a), (b), (e) or (f) of the ASIO Act: 

(a)  to obtain, correlate and evaluate intelligence relevant to security;

(b)  for purposes relevant to security, to communicate any such intelligence to such persons, and in such manner, as are appropriate to those purposes;

(e)  to obtain within Australia foreign intelligence pursuant to section 27A or 27B of this Act or section 11A, 11B or 11C of the Telecommunications (Interception and Access) Act 1979, and to communicate any such intelligence in accordance with this Act or the Telecommunications (Interception and Access) Act 1979; and

(f)  to co‑operate with and assist bodies referred to in section 19A in accordance with that section [including a law enforcement agency].

As confirmed by the law professors to whom we have spoken, this means that SIOs are aimed at intelligence gathering.  This is not threat reduction.  Put another way, Australia has amped up the intelligence function of its domestic intelligence service.  It has not converted its domestic intelligence service into a threat disruption agency. 

ASIO also has a new power to conduct, under ministerial warrant, an invasion of computer systems that might amount to disruption of computer systems: "if there is reasonable cause to believe that data relevant to the prejudicial activities of the identified person may be accessible by using a computer or other electronic equipment, or a data storage device, brought to or found on the subject premises—use the computer, equipment or device for the purpose of obtaining access to any such data and, if necessary to achieve that purpose, add, copy, delete or alter other data in the computer, equipment or device". 

Again, this is no anology to the C-51 CSIS proposal.  For one thing, it is (supremely) more limited, and carefully codified than the almost endlessly open textured proposal in bill C-51.  For another, it too is tied to an intelligence purpose: the computer access warrant can only be issued where it will "substantially assist the collection of intelligence".  So again, this is not threat disruption per se.  It is about intelligence collection.

Similar observations might be made about other ASIO powers to, e.g., detain.  They are tied to intelligence investigations, not threat reduction per se, and indeed limited to intelligence investigations in relation to terrorism.  The closest analogy in Canadian law would be the investigative hearings provisions in the Criminal Code, involving police.

All of this is to say that the Canadian government's comparison to Australia seems to constitute a Category 1 error, per the methodological guidelines above.

This is not to say that the Australian powers are benign.  They are very controversial.  But if the government does want to give CSIS the sort of powers that ASIO has, then let's have that debate.  Because what it's proposing goes well beyond the ASIO powers, and therefore, Australia is no precedent.

Denmark

In her Le Devoir article here, behind a paywall at this time, Ms Buzzetti contacted the Danish embassy and spoke to the political attache.  On that basis, she reports: PET, the domestic Danish intelligence service has no disruption powers.

PET's website contains a framework statutory document listing the agency's functions.  Those functions include a reference to "preventive measures".  But in the detailed description ("F. preventive security"), none of the activities sound anything like disruption or threat reduction "measures" of the sort at issue for CSIS in C-51.  That is, it does not look like PET can act physically, unilaterally to prevent security risks, and instead gathers intelligence and helps coordinate activities by other agencies.

Finland

As noted above, Canadian government MPs are now claiming "The Finnish Security Intelligence Service is mandated to prevent crimes that may endanger the governmental or political system, and internal or external security, pursuant to section 10 of the Act on Police Administration."

The Finnish embassy did not respond to Ms. Buzzetti.  We have conducted our own research and consulted with others.  A complicating issue for Norway, Sweden and Finland is the degree of overlap between police and security intelligence.  The two functions tend to be blended -- and the Finnish service was until 2010, the "Security Police".  These Nordic service appear, therefore, to be hybrid police and intelligence agencies. Seemingly for this reason, SUPO (the rebranded Finnish security intelligence service) has functions determined by police legislation.  Section 10 of the Act on Police Administration (p. 4) reads:

The Finish Security Intelligence Service is tasked with preventing undertakings and crimes that may endanger the governmental and political system and internal or external security, and with investigating such crimes.  The Finnish Security Intelligence Service shall also maintain and develop the overall preparedness for preventing activities endangering national security.  The matters investigated by the Finnish Security Intelligence Service shall be determined by the National Police Board.

Based on a review of SUPO's website, the Service does describe itself as carrying out "preventive security work" which "comprises security clearances as well as steering and counselling activities.  The objective of the operations is to develop preventive, comprehensive and methodological security activities among authorities, communities and enterprises.  Supervisory and counselling activities include general security education and expert assistance on, for example, facility and information security" (p.29)

SUPO also has powers granted by the Finnish Police Act for the prevention and detection of crimes, especially in terms of terrorist offences (p.16). 

We must, however, avoid a Category 2 error by claiming that because SUPO has police style preventive powers, so too must CSIS.  SUPO seems to be performing a classic police role in relation to codified crimes (and indeed, the Finnish terrorism crimes appear in some respect to be narrower than our own).  That classic police role tied to crimes is not justification for a much more expansive C-51 style function, to "threat reduce" tied to broadly defined national security preoccupations.

Citing SUPO as a precedent for C-51 only make senses if SUPO is filling a gap not currently covered by a combination of CSIS and our own police services.  Is there such a gap?

Having reviewed a translation of the Police Act (Finnish version here), it does not appear that SUPO, in performing its hybridized security police functions, has any greater powers than does the RCMP in Canada -- and indeed probably has less.  What the Police Act means by "prevent" lines up with the sort of peace office arrest powers Canadian police exercise every day.

But critically, there appears to be no suggestion that SUPO has some sort of special, unique disruption power above and beyond regular police powers or that it can by-pass the law, in the way C-51 anticipates being available for CSIS.

This assessment is consistent with that of Professor Iain Cameron, Uppsala University law school, Sweden.  Professor Cameron is familiar with the security law of the Nordic countries.  He writes in relation to Sweden, Finland and Norway:

The Swedish security police mandate is framed in similar ways to the Norwegian and Finnish mandates you quote. It certainly does NOT mean that the Swedish police is permitted to violate any (minor or major) laws, when it is trying to prevent security crime. Even the use of fake identities - when police go undercover and infiltrate - is subject to supervision by the oversight body in Sweden. I am almost certain that the same position is taken on disruption in Norway and Finland. Of course, there are occasional rumours that the security police use covert human sources (informants) not simply passively, but occasionally actively (to infiltrate). Infiltration as such is not explicitly regulated in the law - even though I wrote a report for the government commission of inquiry that the ECHR requires this, and this was the inquiry's conclusion too. Defences exist of necessity (nödvärn) in the criminal law, but there is no question of permission being given in advance to commit crimes/disrupt.

In sum, the Canadian government appears not to have a compelling case in pointing to Finland as justification for C-51.

France

Ms. Buzzetti concludes that France, in fact, of all the countries she investigates, may have an intelligence service with disruptive powers.  She spoke to the French embassy.  But that embassy was unable to confirm whether the services have disruptive powers because these services operate in a "legislative void".  In fact, a new French bill is trying to fill an aspect of this legislative void.  In the wake of that bill, France is now in the midst of a heated political debate, focusing particularly on surveillance and privacy but not on more kinetic powers. 

Our French colleague confirms the information from the French embassy and tells us that the legislative void for the intelligence services will not be fully filled by this bill because it focuses on information issues and not physical measures.  In the past the DGSE (the foreign intelligence service) has reportedly acted physically to reduce threats on direct orders from the executive, and in a manner not actually authorized by French law.

On the basis of this information, we think using France as a precedent for the CSIS powers would be unpersuasive (and indeed concerning) and amounts to a Category 6 error.

Norway and Sweden

As noted, Norway and Sweden have security police services with police powers, analogous to those exercised in Canada by the RCMP.  It is a Category 2 mistake to point to this police powers and say that CSIS needs them.  Moreover, per Professor Cameron's comments these powers do not appear to reach as far as the sort of law-violating conduct sanctioned by C-51. 

United Kingdom

Some Canadian government MPs now have statements on their websites claiming "In the United Kingdom, MI5 can, pursuant to section 1 of the Security Service Act conduct any activity to protect national security."  We have shared these comments with colleagues in the United Kingdom.  Their reaction is best described as "astonishment".  Section 1 of the Security Service Act specifies the mandate of MI5, but does not spell out its powers.  In other words, it does not authorize anything, it just describe the jurisdiction of MI5.  At any rate, s.1 does not say that MI5 can conduct "any activity".

As compared to CSIS, our interlocutors report that MI5 is more active and less passive. That is, MI5 is not strictly a passive watcher and collector.

That said, persons with experience in the UK security system do not believe that MI5 has the range of powers in play with C-51 for CSIS.  They also report that MI5 activity must be lawful. Here, the key piece of legislation governing the specifics is RIPA 2000. MI5 investigations must accord with the Human Rights Act 1998, and investigative activity is conducted under RIPA by warrant or via internal authorisation. RIPA is about surveillance activities.

Our United Kingdom interlocutors are consistent in stating that MI5 does not have the power to do threat reduction of the sort at issue in C-51 (that is, measures that may break laws or violate human rights protections).  It is not, in other words, a precedent for C-51, and to claim it as such is a Category 4 error.

MI6 -- the foreign intelligence service -- operates outside of the UK.  Here, under the Intelligence Services Act, conduct that would render someone lible civilly or criminally in the United Kingdom may be exonerated for international operations through prior authorization by the Secretary of State.  Pointing to this overseas activity power to justify CSIS domestic powers is a Category 3 error.

In sum, our interlocutors report that neither intelligence service has legal powers to carry out domestic disruption activities involving the breaking of law and the violating of human rights, with warrant or without.

United States

The FBI is a law enforcement body, with police powers.  It would, therefore, be a Category 2 error to point to the FBI police powers as justifying CSIS's C-51 expanded role.  Police roles in Canada are already amply exercised in Canada by our own police agencies.

The CIA is a foreign intelligence agency that does also perform covert, physical actions including overseas use of force that would be unlawful if committed in the United States.  It would be a Category 3 error to point to this fact to justify CSIS domestic powers. 

However, the one page speaking note document posted by some Canadian government MPs on their websites claims: "In the US the Central Intelligence Agency can, pursuant to the National Security Act, conduct domestic threat disruption with an executive order." 

CIA is generally prohibited from conflating its intelligence functions with other activities.  The National Security Act, in codified version at 50 USC Code § 3036(d)(1), specifies that the CIA shall collect intelligence, "except that the Director of the Central Intelligence Agency shall have no police, subpoena, or law enforcement powers or internal security functions" (emphasis added).

It would appear, though, that the Canadian government has simply looked to 50 USC Code § 3036(d)(4), specifying that the CIA director shall "perform such other functions and duties related to intelligence affecting the national security as the President or the Director of National Intelligence may direct".   

Executive Order 12223 (as amended) is the relevant executive instrument, and appears to spell out the CIA's powers in section 1.7.  Our interlocutors were persuaded that a domestic covert operation would never happen now in the United States, and that the National Security Act limitations on "internal security" should also constrain the exercise internal covert action activities. 

This may be opaque legal ground.  The Order does not appear emphatically to limit "covert action activities" to foreign activities.  It does, however, require presidential approval, and a presidential conclusion that no other agency is more likely to achieve the objective.  And more than that, in a statement that would be true even if not included in the Executive Order, section 2.8 specifies that: "Nothing in this Order shall be construed to authorize any activity in violation of the Constitution or statutes of the United States."

In other words, even if the CIA were authorized by a presidential order to conduct a domestic covert activity, it's conduct could not violate US law or the US Constitution. So pointing to the CIA is a variant on a Catagory 5 mistake.

We would add, again, that our US interlocutors would be astonished if the CIA were actually authorized by the president to conduct a domestic covert operation, and we suspect that such conduct would be subject to rapid legal challenge given the ambiguity of the National Security Act.

It follows, again, that the US experience is not adequate precedent for Bill C-51.