About this Project

This blog comments on Canadian (and occasionally comparative) national security law to update my National Security Law textbook and now also my 2015 book, False Security: The Radicalization of Anti-terrorism, co-authored with Kent Roach.

Please also see www.antiterrorlaw.ca for Bill C-51-related analyses by Craig Forcese and Kent Roach.

For narrated lectures on various topics in national security law, please visit my 2017 "national security nutshell" series, available through iTunes.


For a continuing conversation on Canadian national security law and policy, please join Stephanie Carvin and me at A Podcast Called INTREPID.


Please also visit my archive of "secret law" in the security area.

By Craig Forcese

Full Professor
Faculty of Law

Email: cforcese[at]uottawa.ca

Twitter: @cforcese


National Security Law Blog Search
Subscribe to National Security Law Blog

Best Law School/
Law Professor Blog Award


Most Recent Blog Postings

Latest Book: Available from Irwin Law in April 2018.


Canada's Foreign Intelligence Desert

The recent flare-up in relations between Canada and the Kingdom of Saudi Arabia (KSA) places into sudden relief the challenges in Canada's foreign intelligence architecture. It follows hard on the heels of a Federal Court decision affirming the Canadian Security Intelligence Service (CSIS) can only collect foreign intelligence "within Canada". That case is discussed at length here and on Episode 48 of A Podcast Called INTREPID.

Just to be clear: CSIS may investigate threats to the security of Canada anywhere. "Threats to the security of Canada" are espionage, sabotage, foreign influenced activity (within or relating to Canada, and detrimental to Canada), terrorism and (in principle) subversion (in practice, CSIS has not run a counter-subversion program since the 1980s).

"Security intelligence" is *not* intelligence on the foreign, economic or defence policy or posture of another country, unless it falls within one of the categories listed above. Rather, these broader classes of information are "foreign intelligence" (defined, obliquely, in the CSIS Act as: "intelligence relating to the capabilities, intentions or activities of [foreigners or foreign states or groups]").

Canada's electronic intelligence service, the Communications Security Establishment (CSE), has the mandate to collect foreign intelligence, anywhere. But it does so electronically, through the "global information infrastructure" (defined in the National Defence Act as including "electromagnetic emissions, communications systems, information technology systems and networks, and any data or technical information carried on, contained in or relating to those emissions, systems or networks"). CSE does not collect HUMINT (intelligence from human sources).

For its part, Global Affairs Canada does collect diplomatic information, but is not per se an intelligence service. The scope of its collection activities is not well-documented and murky to an outsider like me. It is my understanding that GAC's Associate Deputy Minister for “International Security” manages a “threat assessment and intelligence services division” and that GAC possesses a Global Security Reporting Program (GSRP). My assumption, though, is that GAC will not run confidential sources, for a host of reasons.

In its reported form, the KSA spat is not a security intelligence matter -- unless you count that terrible, threatening tweet picturing an Air Canada jet flying toward the Toronto skyline. But understanding what is going on in KSA is clearly of foreign intelligence interest.

I would assume Global Affairs is feeding diplomatic intelligence into the decision-making process. I assume CSE is involved in signals intelligence. But beyond what Global Affairs is doing through its diplomatic networks, no Canadian intelligence agency can collect information from confidential sources outside of Canada on "the capabilities, intentions or activities of" the KSA.

This is a different sort of "gap" than the one at issue in the recent Federal Court case (which seemingly dealt with footloose communications, not extraterritorial confidential human sources). And it is a gap of longstanding duration, regularly discussed every decade or so.

We have muddled through so far with no human foreign intelligence service because of our minor footprint in foreign relations and because of close, allied relations.

But those allied relations are not what they used to be. I have precisely zero confidence that non-security intelligence sharing with the United Kingdom or the United States on a matter like the KSA is done in Canada's interest, rather than the interests of the UK and US. And that means intelligence-sharing may be selective. And even if it is not currently selective, it could well be selective in the future. We do not control the spigots.

Should we?

Creating an enhanced human foreign intelligence capacity is no small thing. In the past, I expressed considerable skepticism it was worth the risk, or that we could pull it off without starving more important activities of resources.

But the geopolitical situation is more complicated now than at any time since the Second World War, with a move toward multipolarity rather than the near-unipolarity of the post-Cold War and the bipolarity of the Cold War. States may realign in keeping with Viscount Palmerston's old adage that a state has no permanent friends or permanent enemies, just permanent interests.

It is not clear to me that Canada knows what its permanent interests are -- even (what for me is the unambiguous) need to remain a permanent friend of the United States is under strain among the commenting class.

But we may also not have the tools to preserve those permanent interests, anyway. If revisionist states see Canada as the runt of the Western litter and as a low-cost place for target-practice, a better understanding of the world seems wise. I am, therefore, no longer sure that building an enhanced foreign intelligence capacity is just one of those shiny baubles, distracting from more important things.

How to do this is another question. (It would be useful to know, for example, what exactly GAC does in this space rather than treat it as a black box.)

These are all questions now worth serious study.


"9/11esque" Tweets and the Saudi Spat

With INTREPID Podcast on vacation, I'm going old-school and engaging in thought expermients via blog. Except for everyone who (quite properly) threw their phones into the lake, most people are likely aware of the sudden contretemps between Canada and Saudi Arabia. I am in no position to evaluate the foreign relations dimension of this. The people you need to follow on this are @thomasjuneau and @b_momani. However, there was one development in this spat that caught my (academic) lawyer's eye:

1. Terrorist Promotion and Advocacy

A twitter account reportedly with some sort of affiliation with the Saudi government tweeted (then deleted, modified and apologized for) an image of a large Air Canada plane flying low toward the Toronto skyline, with the CN Tower straight ahead. It was captioned: "Sticking one's nose where it doesn't belong! As the Arabic saying goes: 'He who interferes with what doesn't concern him finds what doesn't please him.'". Not surprisingly, given that 15 of the 19 9/11 hijackers were Saudi nationals, the (predictable and perhaps intended) reaction in Canada was that this image alluded 9/11, in a threatening manner. (For more on this tweet, see here). Saudi tweeters asserted (in response) they simply meant to signify the return home to Toronto (500 or so km from the capital) of Canada's expelled ambassador to the Kingdom.

I do not need here to discuss the (de)merits of twitter diplomacy, and the downside of inflaming public sentiment. I instead find this an opportune time to conduct a legal thought experiment: would a tweet like this be prosecutable under the Criminal Code?

At first blush, this is a silly question. Indeed, it is a silly question at second blush. It is, however, a question that must be posed, given the speech crime introduced by Bill C-51 to the Criminal Code in 2015:

 (1) Every person who, by communicating statements, knowingly advocates or promotes the commission of terrorism offences in general — other than an offence under this section — while knowing that any of those offences will be committed or being reckless as to whether any of those offences may be committed, as a result of such communication, is guilty of an indictable offence and is liable to imprisonment for a term of not more than five years.

2. A Doubtful Law

Elsewhere, Kent Roach and I condemn this excessive offence as unnecessarily uncertain and (in our view) constitutionally doubtful. The Harper government chose to draft this crime without the features of the hate speech provisions in s.319 of the Criminal Code that allowed the latter to survive (barely) constitutional challenge in cases like Keegstra. Specifically, the "wilful promotion of hate" offence depends on the promotion being "wilful" (not just knowing) and then there are defences (for things like public interest). The Supreme Court accepted an interpretation of "wilful" requiring that the accused subjectively "desires promotion of hatred or foresees such a consequence as certain or substantially certain to result from an act done in order to achieve some other purpose". Put another way, they need to want the pernicious outcome, or be essentially certain it will come about.

The s.83.221 speech crime requires mere "knowing", not "wilful". I can know that I am promoting a bad thing, without desiring that this bad thing come about. For example, as a classroom reading, I may knowingly promote Frantz Fanon's writings about the necessity of violence in anti-colonial struggles. I may not wish that this violence ensue -- I am not willfully promoting it, in other words. But I intend to promote (encourage) consideration of the content, even if only for pedagogical purposes. I am knowingly promoting it. And maybe I think that he's right, and that anti-colonial type struggles (say in apartheid South Africa) do require violence to be successful and I say it. Arguably, that gets me promoting the "commission". And I don't know who is sitting in my classrooms, with malevolent designs, or reading whatever book I have written reproducing Fanon's passage. (Which we actually did, in False Security, in describing this same problem of uncertainty and overbreadth.) So I am surely reckless. Added to which: no one really understands what "terrorism offences in general" mean. But I am pretty sure that some of Frantz Fanon's writings would fall within the uncertain limits of this concept and are about the commission of terrorism offences in general. And I have no defences, as I would if I were (merely) promoting hatred. So a pedagogical motive isn't going to help me.

This hypothetical may be a reach, but it's easy to come up with others that would be more directly implicated by this offence and still be a long way away from actual violence or threats of violence -- the sort of thing that is not protected speech.

This is not, in other words, an offence that follows the sort of pattern for speech crimes that have been found constitutional. It seems likely a court would give it the narrowest possible read if it were ever used. But even so, it sits on the books blinking red, occasionally justifying wiretap warrants. Not a great look.

I have never been entirely sure what sort of truly bad speech the new crime is intended to capture that isn't captured by the many other terror and non-terror crimes that can penalize speech of various sorts. But whatever that bad speech might be, the provision surely captures a lot of speech that is constitutionally protected because very remote from actual violence or threats of violence. (I shouldn't have to worry about assigning Frantz Fanon to my students. Not that I do. I teach law.)

But maybe they wanted to go after this kind of tweet?

3. Would the Law Reach the Tweet?

I and others have urged that the unworkable provision needs to be rolled back. And that is what bill C-59 does, converting the crime from a promotion offence into a (perhaps redundant) version of a counselling offence.  But that is another story. For our purposes here, would a tweet like the Saudi tweet violate the law, as it stands at present?

Sure, in theory. The offence does reach imagery. If (like many Canadians) a court were to see the image, with its caption, as "promoting" (encouraging) the commission of "terrorism offences in general", then it also seems likely that tweeting it to the world in a highly politicized dispute with Canada is "reckless as to whether any of those offences may be committed". All that is left is whether the promotion was "knowing"? It doesn't matter if the tweeters didn't want a terror attack. All that matters: Would the twitters know (subjectively) that what they were doing was promoting terrorism offences in general. Well, I guess not if they really believed that all they were doing was portraying the premature landing of the ambassador's airplane in downtown Toronto. Perhaps they did not know that Billy Bishop airport can't handle big jets?

You can see why this would get silly. But still, in principle, I see no reason why, on the letter of the law, the crime could not reach the tweet.

4. Would the Law Reach These Tweeters?

Now, it is true that on the facts of this case -- involving foreign authors -- things get even more complicated. Terrorism offences are extraterritorial, but they are not so sweepingly extraterritorial as to reach conduct by a non-national with no connection to Canada. Still, it is not necessarily clear to me how to define the territoriality of a tweet. Part of the actus reus surely reaches Canada, which may be enough to create the real and substantial link which the Supreme Court discusses in Libman. Not that I'd want to be the prosecutor to have to argue all these complexities.

But that is neither here nor there. Because of course, this is an academic question. No Canadian police officer will ever lay hands on the authors of the tweet -- its not like they'll be an extradition granted even if it were possible to seek one. And if those authors were government officials, and this tweet was construed as an official act of state, it would enjoy state immunity under international law (though not under the State Immunity Act, which does not apply to criminal law).

I guess another interesting subset of this question: could the Charter free speech protections extend to limit the application to those who speak abroad, of what (as I believe) is a constitutionally-excessive law?  Foreigners overseas are not likely to have Charter free speech protections. Still, it would be the height of absurdity to apply a law that is unconstitutional to the prosecution in Canada of persons who are not themselves protected by the Charter because of where they uttered the communication for which they are being prosecuted. We have long settled that even corporations can challenge laws under Charter rights reserved to human beings, where the law is equally capable of capturing both human beings and corporations. The same logic would apply here.

As I say, this is all academic. Still, it is pretty stupid that we have a law that could put a person into jail for 5 years for nothing more than an offensive tweet. You may not like the tweet. I don't. It made my mild-mannered blood boil. And you'd be right to condemn it. But to have an offence that would jail someone for it? That would be...a little bit like Saudi Arabia putting a blogger and his relatives into prison.





Oh, What Tangled Webs the CSIS Act Weaves: The Federal Court's Latest Decision on CSIS's Foreign Intelligence Mandate

The Federal Court this week released a lengthy decision that, unusually, dealt with CSIS’s s.16 “foreign intelligence” mandate. In so doing, it proved, once again, that an Act mostly left fallow for a generation spits up weeds.

The decision is deeply redacted, and we know precisely nothing about the target, subject-matter issue or investigative technique at issue. And that means there is no way for me judge whether I think the Court “got it right”. But the underlying storyline is easy enough to imagine, even if the precise specifics are secret. And the policy issues can be surfaced with a hypothetical.

Who Was the Target?

The target was a foreigner physically in Canada. They could not be Canadian (or a Canadian permanent resident) – CSIS cannot investigate a Canadian or Canadian permanent resident under its s.16 mandate. And they had to be in Canada. This was a warrant application. A warrant would only be required, constitutionally, if the foreigner was in Canada. And besides, if the foreigner was overseas, CSE could have targeted him or her under its foreign intelligence mandate, Mandate A.  But CSE cannot direct its foreign intelligence activities at any person in Canada. So bottom line: the person was in Canada.

What was the Foreigner in Canada in Doing?

We do not know what our foreigner in Canada – who we shall call Bob – was doing. We do know what Bob was not doing. He was not involved in terrorism, espionage, sabotage or foreign-influenced activities (at least not foreign-influenced activities within Canada or related to Canada, while detrimental to the interests of Canada). And I suppose for the sake of completeness, I should add Bob was not involved in subversion of the Canadian government. Because if Bob was involved in any of these things, he would pose a “threat to the security of Canada” and this would have been a s.12 CSIS “security intelligence” investigation.

But it was a s.16 investigation.  Which means that Bob was being investigated to collect information or intelligence relating to the capabilities, intentions or activities of any foreign state or group of foreign states or some foreign person. This is what is called “foreign intelligence”. Basically, that means anything other than security intelligence.

Bob from Mordor

So, because all the good parts in the decision are redacted, let’s make up our hypothetical: Bob was a diplomat from the Embassy of Mordor, who was in fact from the Mordor Acquisition and Liaison Intelligence Collation Entity (MALICE).  And while in Canada, Bob was part of an intelligence operation designed to influence the Government of Isengard, in a manner advantageous to Mordor.

Global Affairs Canada, which has an obvious interest in developments in Isengard, wants to get a handle on this foreign influence campaign. And so, it turns to CSIS. There is no clear way an investigation into this influence op falls within a “threat to the security of Canada”.  (I suppose in some cases, it would be so egregious as to be “detrimental to the interests of Canada”, even though directed at a third state, but you can only bend that language so far.)

So, under s.16, the Minister of Foreign Affairs requests, and the Minister of Public Safety agrees, that CSIS will conduct a foreign intelligence investigation.  But s.16 also says that CSIS may only engage in foreign intelligence collection “within Canada”.

Alice of Isengard

That works fine, to a point. Bob is in Canada. But his chief asset in Isengard is Alice, someone who has influential contacts in the National Repressive Ring Association (NRRA). And Alice is not in Canada.  And moreover, Bob and Alice have 1990s style operational security.  When they communicate, they do so by logging into Gondor Mail (G-Mail), an email service in Gondor.  And they modify draft emails in an email account to which they both have access, housed on G-Mail’s Gondor-based servers.

The Warrant on Bob

CSIS wants to monitor Bob’s communications in Canada. Now Bob is a foreigner, but as noted, he has Charter s.8 rights. And so CSIS needs a warrant.  And CSIS wants, with that warrant, to wiretap not just Bob’s phone but also access his email communications. But, nuts, the G-Mail servers are overseas. And CSIS is no position to somehow insert keystroke logging on Bob’s embassy computer. And so, the only way (I shall assume, because I am not a tech-guy) to access the G-Mail draft folder is by hacking into the Gondor-based servers.

Now, pursuant to Mandate C, CSE can provide the technical wherewithal to do this. But CSIS needs to have lawful authority to seek this CSE assistance, meaning if CSIS needs a warrant, CSIS has to have one.

Whether CSIS needs a warrant may be a close call. If the communication is outside Canada, then perhaps the Charter does not apply because it generally does not apply extraterritorially. After all, if Bob were physically outside Canada, he would enjoy no Charter rights.  (The Hape exception would apply only if Canada were in violation of its international human rights obligations -- not clear cut here – and, says earlier Federal Court jurisprudence, where the victim was a Canadian – not true here.).

So, is it too much to say that CSIS's intercept of Bob’s Gondor communications doesn’t require a warrant?  Hmmm. Maybe. But this might still be a “private communication” under the Criminal Code (and I could easily change the facts so that it would be). And if so, the fact that one side of this communication starts in Canada is enough to require a judicial authorization process.  So not much relief there.  And besides, CSIS remembers the infamous Re X case and decides it is better to go to court now, to avoid a train wreck later.

So CSIS does the appropriate thing and concludes it probably needs a warrant. And more than that, it might also reasonably argue that on our facts (communication commences in Canada, travelling overseas through Canada etc) the collection really was “within Canada, enough”, and thus squares with s.16 of the Act. (A view that would be consistent with: the assumption that the Charter applies to Bob’s transiting communications, and the concept of private communication in the Criminal Code, and arguably the concept of territoriality in cases like R. v. Libman.)

But there is also another view: the content of what CSIS is intercepting is not in Canada. It can only be accessed by reaching out electronically across Canadian borders to Gondor, all the way over in Middle Earth.

So, what’s the answer? How do we read “within Canada” in s.16? Well, obviously it means “within Canada”, but what does that mean for footloose-communications? The redactions are thick in this case, and we really don’t know what sort of extraterritorial activity was at issue. But after a lengthy and seemingly exhaustive statutory interpretation exercise, the Federal Court says: this [REDACTED FOR PAGES] extraterritorial CSIS intrusive investigative activity was not within Canada.

Let's assume that hacking into Bob's Gondor Mail would also exceed whatever threshold of impermissible extraterritoriality was at issue in the Federal Court case. That is, it too would not be "within Canada". So, CSIS, in our story, you are out of luck. Maybe you should just ask Gondor to collect and share the Gondor Mail communications itself?  But do you want to rely on Denethor II, son of Echtelion II, Steward of Gondor? In The Two Towers, he struck me as a bit unhinged, to be honest.  And perhaps he was a little too inclined to appeasement to Mordor.

The CSE Knock-On Effect

Ok, then. Open Door Number 2: if the communication is not “within Canada”, then that must mean that CSE can, in fact, collect under Mandate A (foreign intelligence). Surely, if the communication being targeted is not within Canada (and involves no one, but foreigners), then CSE collection activities are not being “directed at Canadians or any person in Canada” (the quoted phrase being a stipulation that limits what CSE can do under Mandate A).  But hold that “surely”.  It is a bit disingenuous to say: “so we are investigating Bob, who is a person in Canada, and we are specifically interested in Bob, and that is why we are doing this collection activity, but when we go after this particular communication, we are not directing collection at Bob, the person in Canada”.  That seems too clever by half.

And anyway, the Federal Court has a collateral discussion in this case with knock-on implications that will make life for CSE very difficult. Basically, intrusive activity overseas of the sort at issue in the case (whatever they may be) constitute an extraterritorial exercise of enforcement jurisdiction. Done without the consent of the territorial state, this violates international law. And Canadian statutes will be read to comply with international law, unless they explicitly derogate from it. And neither the CSIS Act (for s.16, but not for s.12) nor the current National Defence Act (for CSE) nor the proposed Bill C-59 CSE Act derogate from international law. (On the latter issue, see my discussion here.)

So CSE, you have no legislative jurisdiction to engage in extraterritorial activities of (at minimum) the same degree or more intrusive than the ones at issue in this Federal Court case.  Which means you can kiss Mandate A and B goodbye under the current National Defence Act, to the extent they exceed this threshold (which, reading between the redactions, is quite low). And unless you amend bill C-59, you can also kiss those defensive and active cyber powers away.  Unless, that is, you just want to plow ahead and see what the Intelligence Commissioner, the new National Security and Intelligence Review Agency, and the National Security and Intelligence Committee of Parliamentarians have to say about this issue. This, in my view, would be insane, since a quick flick of the legislative pen could cure this problem for you, CSE.

Fixing the CSIS Act

As for CSIS, well, you could roll the dice and appeal. Or you too could fix this by legislative amendment (which is what happened to the s.12 power when this same issue arose a decade ago, and was resolved by 2015’s C-44). 

But let’s be clear here: if you want CSIS to have its current extraterritorial security intelligence functions (plus its post-2015 threat reductions powers) and now extraterritorial foreign intelligence functions, you are creating, essentially, a blended MI5/MI6.  And until recently, it was considered a bad idea to put security intelligence and a full foreign intelligence function in the same agency: rule-of-law security intelligence should be kept segregated from somewhat-less-than-rule-of-law James Bond.

So, we might wish, finally, to do some serious thinking about design issues, accountability issues, resource issues, training issues, etc, before we knee-jerk amend the CSIS Act (yet again). So, enter a ponderous process of deliberation. On the other hand, this is not a situation you want to leave hanging. Because in my story, Bob from MALICE is still out there, swanning away on Gondor Mail. (In truth, I don’t know how important that prospect is – it took to 2018 before this issue got to court, and yet presumably the technological dilemma I describe here could have arisen decades ago. So maybe this case won’t have much practical effect.)

But bottom line: sometimes national security law is hard. And perhaps it is sometimes harder than it has to be. I think it’s often hard because we don’t update the statute law enough. But that’s just me.