This short paper prepared as a brief to the House of Commons Standing Committee on Access to Information and Privacy and Ethics outlines the weaknesses of the Security of Canada Information Sharing Act (SoCISA), enacted as part of Bill C-51 in 2015. It proposes a wholesale renovation of national security information-sharing laws. Short of this, the paper proposes a number of detailed amendments to the SoCISA adding precision, coherence and more meaningful privacy protections to this awkwardly drafted instrument.
My part of a brief to the House of Commons Standing Committee on Public Safety and National Security, this paper endorses the proposed Canadian National Security and Intelligence Committee of Parliamentarians, but does so with an important caveat. In this last respect, it focuses on constraints imposed by bill C-22 on access by the committee to certain sorts of classified information. It raises concerns that these constraints may limit the effectiveness of the committee. Also contained in this document is annex comparing the proposed bill C-22 committee with analogues in the UK, Australia and New Zealand. The table in the annex includes details on: general features (such as membership and appointment); mandate and jurisdiction; reporting; access to information; and interface with expert review bodies.
Many Shades of Secrecy: Challenges and Conundrums in the World of Canadian National Security Secrecy
The Conference Board of Canada
November 8 2016
Let me start my opening remarks with two quotations. The first is from the Cardinal Richelieu in 1641: “Secrecy is the first essential in affairs of the State.” Why? Well because control on information may give governments a leg-up over their international rivals, preserve them from their enemies and insulate them from domestic opponents.
But of course, what was virtue in Cardinal Richelieu’s day may be vice in today’s modern democracies. We require openness and transparency preserve citizens from the malfeasance, incompetence, corruption and expedient behaviour of incumbent governments.
And so my second quote, this one from U.S. Supreme Court Justice Louis Brandeis in 1914: “sunlight is said to be the best of disinfectants.”
Those two quotes encapsulate the enduring tension in the area of secrecy law and policy. The dilemma of any government information regime lies in balancing the strong public interest in disclosure in all areas, including national security, against legitimate refusals to disclose.
As a 2003 senate committee noted in a study of airport security, seeking assurances that secure doors at airports are actually locked is a proper public concern. Demanding disclosure of the combination codes to those doors would not be.
And so in my few moments today, I wish to discuss what I see to be the chief challenges for Canada in achieving this sort of balance in the area of secrecy and national security.
Challenge 1: The Decline of “Practical Secrecy”
Most of you are probably aware of the mosaic theory, often used to justify government secrecy in court and other proceedings. The mosaic theory posits that even innocuous pieces of information should be preserved from disclosure because they are capable of being pieced together by an omniscient watcher to create a mosaic. And that mosaic creates a security peril greater than the sum of the individual pieces of information.
There is a certain skepticism within the Federal Court about this theory, but setting that aside, let me propose that the mosaic theory nicely encapsulates the challenge of secrecy in an information rich environment, in which big data techniques now allow the analysis of massive quantities of data.
Big data, along with the digitalization of information that it depends on, reduces the effect of what I’ll call “practical secrecy”. This is secrecy that stems, not from law or policy, but simply the traditional difficulty of collecting and analyzing huge volumes of data. Many things have been secret, not because they are consciously held secret, but because of the practical difficulty in finding the information. Things once written down in notebooks scattered in disparate locations are now found as digitized documents webbed together and searched by information technology and easily copied with perfect fidelity.
And as the Snowden experience, and Wikileaks before it (and now, again, in the US election) suggest, these documents can be distributed with an ease without historical parallel. Many of you may have heard of the concept of Massive Open Online Courses (MOOCs): these are distance learning university courses leveraging information technology to permit massive world-wide enrollment.
Well, in the world of government secrecy, we seem to have reached the era of Mass Open Online Leaks (MOOLs)
In sum: much secrecy was once about air gaps that were the product of technological limitations. Those air gaps are disappearing.
Challenge 2: Compensating with Secrecy Policy and Law
And that brings me to a second challenge: faced with both the risk of conventional secrecy breaches and now MOOLs, the temptation is to restore and enhance air gaps through new laws and policies: Make sure a future Snowden can’t conduct a data dump with a few clicks of the mouse.
Setting aside the fact that we probably don’t have a law right now that would work for many leaks (or at least the ones that have been done through the media), there is a broader problem of policy coherence.
For one thing, there is a trade-off. That is because those same technological tools, the permanent amalgamation of digitized data and big data tools are potentially advantageous from a security perspective. There is a reason why, since 2006, CSIS was compiling data into the Operational Data Analysis Centre, at least partially illegally as it turns out from last Thursday’s Federal Court ruling. There is a reason why the last government pushed through the Security of Canada Information Sharing Act. Whatever you think about it architecture – and I think that Act’s drafting is close to incoherent – it purpose was a plausible one: marshal information resources in a manner that allows them to be exploited to predict threats. In other words: amalgamate. And so security imperatives demands amalgamation, fuelling the elimination of air gaps and heightening the risk of MOOLs.
And I think policy coherence is this area is complicated, perhaps even more, by more traditional problems. The first, I’ll call “knee-jerk secrecy”. In national security matters, secrecy is a default setting, rather than stemming from principled decision-making. Secrecy claims are usually built around boiler-plate doctrines like the mosaic theory, or the third-party rule, otherwise known as originator control, or a general invocation of source protection or protection of means and methods. Information pigeon-holded into one or more of these vast categories is often denied disclosure, even when its disclosure would not actually be prejudicial to any bona fide security interest. And we know this because in those rare instances where such matters have come to court or before commissions of inquiry, judges have repeatedly noted the security service’s propensity to overclaim secrecy.
And that crying wolf has a cost. It means that when real secrets do need to be preserved, the credibility of that claim might nevertheless be suspect. In the Arar Commission context, the government sought to redact references to the CIA from the final report, and fought for those redactions all the way to Federal Court. The Court rejected this and related redactions, ones that were embarrassing to the government (such as the fact that CSIS knew that the US had rendered Arar to Syria “to have their way with him”). In response to the Federal Court decision, the Globe and Mail penned an editorial that began: “The next time the Canadian government tells you it has secrets it needs to keep to protect national security, feel free to laugh out loud”.
Put another way, excess secrecy erodes what my colleague Wesley Wark calls the “social licence” of security services. Jim Judd, when director of CSIS made a similar point: “there is a risk that, absent adequate public dialogue and a surfeit of secrecy, the justification for action by governments against terrorism will be undermined or misunderstood. This in turn can put in jeopardy the legitimacy of the government response.”
Let me compound this critique with a related point, this one averting to Justice Brandeis’s quip about information being the best disinfectant: secrecy intelligence services are unusually insulated from accountability. There is no natural “red team” second-guessing their manner of operating. And so we try to put in place proxies, such as special review bodies allowed into the secrecy tent. But our specialized review bodies primarily focus on what is called “propriety review”: compliance with law and ministerial directive. No-one truly scrutinizes the security and intelligence community on “efficacy” grounds: how well they do their job. That happens only during periodic ad hoc commissions of inquiry, and the answer over the last decade is that the services often do not do that well at their job. But recommendations such as those of the Air India inquiry then die with the commission of inquiry. And we muddle along, outpaced by operational reform in places like the United Kingdom.
One of the chief reasons I support the current government’s bill C-22 and the creation of a national security committee of parliamentarians is this: it opens the door, for the first time, to all-of-government review by a standing body able to follow the thread of its inquiry across departments and to conduct efficacy review, as well as the more classic propriety review. And this body will endure, and will be capable of follow-up in a manner impossible for ad hoc commissions of inquiry.
But in truth, secrecy issues risk confounding that function. The committee must have robust access to secret information. Unless the committee can access information allowing it to follow trails, it will give the appearance of accountability without the substance. And right now, the committee will be encumbered by a triple lock on the performance of its duties – largely through limitations on its access to information.
And so I fear, still, that secrecy will prevent the red teaming of the security & intel community required to drive necessary reform.
Challenge 3: Reconciling Secrecy with Streamlined National Security Investigations
And so it is on this question of reform that I wish to conclude. This is my third challenge tied to secrecy: Canada’s awkward management of national security investigations. Famously, CSIS and RCMP continue a long-standing tradition of parallel investigations, joined awkwardly if at all through de-confliction protocols such as One Vision 2.0, and disclosure and advisory letters. We do this in Canada, even as other jurisdictions have realized that contemporary security threats – and especially terrorism – require blended, even seamless investigations leveraging all the assets of different services. This is most evident in practices in the UK, especially after 7/7 – practices that are credited by at least some observers as part of the reason why the UK has staved off a mass attack during the ISIS period, even while confronted by a terrifying security environment.
The question then is: why does Canada continue to favour a sub-optimal, siloed model, at best tempered with complicated and choreographed work-arounds? The short answer is: secrecy. While under One Vision 2.0, RCMP supplies all its investigative material to CSIS, CSIS is much less forthcoming and retains a discretion to limit information flows to RCMP. In other words, it keeps secrets from the police. This is not about jealous agencies. It is instead a practice stemming from the differential levels of secrecy these two services can exercise. RCMP is part of the criminal justice system, and so is subject to broad criminal justice disclosure rules in the event charges are brought – and bringing charges is the raison-d’etre of a police force. CSIS is not part of this system, and fights tooth and nail to stay out of it. And so to obviate the risk of disclosure in criminal proceedings, it maintains its distance from the police – a distance measured in carefully limited information flows.
The result is what the Air India inquiry labelled “the less is more” pattern of information sharing by CSIS to police. And that inquiry condemned this practice. Rightly, because it is unwieldy, bureaucratic and dangerous in a dynamic security environment.
Fixing this problem – at core a secrecy problem – and solving what is known in the jargon as “intelligence to evidence” should be the priority of any government serious about national security. Some of the fix may be legal. But after picking away at this issue now for years, I am now persuaded much of it is cultural. It requires a cultural shift. And by cultural change, I mean an appreciation by CSIS that whatever the breadth of our disclosure rules, there are robust protections against disclosure truly prejudicial to national security. In other words, do not exaggerate legal risk. But more than that, an appreciation that they are, in fact, in the evidence collecting business – much as MI5 now collects automatically to evidential standards and works in a continuum with the criminal justice system, not in a parallel universe from it. And collecting to evidential standards, if done with proper premeditation, can mean collecting information in a way that disclosure need not betray sensitive means, methods and sources. Put another way, anticipate disclosure and manage for it. Do not assume secrecy. Because achieving absolute secrecy in the area of national security investigations amounts to winning the battle and losing the war when it means we are unable to put bad guys in jail because of it – or even worse, stop them before they act.
 Louis D. Brandeis, Other People’s Money and How the Bankers Use It (New York: Frederick A. Stokes Company, 1914) at 92.
 Standing Senate Committee on National Security and Defence, Myth of Security at 12.
 Jim Judd, Director of CSIS, “How Should a Democracy Respond to Domestic Terrorist Threats.”