Sunday, April 23, 2017

CANUSA Agreement declassified

In 1949, Canada and the United States signed the CANUSA Agreement, codifying the extraordinarily close cooperation between the two countries on communications intelligence collection, processing, and dissemination.

The agreement was laid out in a Top Secret codeword-classified exchange of letters between G.G. (Bill) Crean, the Chairman of the Communications Research Committee (the interdepartmental committee that governed Canadian SIGINT policy), and Major General Charles P. Cabell, the Chairman of the equivalent U.S. body, the United States Communications Intelligence Board.

It was based closely on the U.S.-U.K. BRUSA Agreement of 1946, which was later renamed the UKUSA Agreement and is considered the foundational document of the Five Eyes SIGINT alliance.

The UKUSA Agreement was declassified and published online in 2010 along with most of its appendices and annexures, although some had significant redactions.

The CANUSA Agreement, by contrast, remained classified—until now.

Here is the full text of the agreement, minus as many as 83 pages of appendices and annexures, as released under Access to Information request A-2016-00131.

Kudos to the Communications Security Establishment for finally releasing this important historical document.

I usually leach off other people's access requests for the documents I cite on this blog, but in this case I put up my own five bucks to make a formal request since the public shaming I tried in January didn't seem to be working any better than the gentle persuasion I tried in November.

And, to be clear, the five bucks was only partly successful.

I asked for the appendices and annexures to the agreement to be released as well, but evidently that proposition was too great a shock to the system over there. This, despite the fact that (as I pointed out here) the 27 March 1953 version of Appendix B has been available online since 2015.

That particular horse probably got out by mistake, but it's not going to go back in the barn, pardners. Why pretend otherwise?

Another point: I also asked for the release of "all subsequent modified or amended versions of that agreement up to the present day."

We know from this document that the agreement was "revised slightly in 1960", but we don't know in what way.

And we still don't. Maybe the 1960 version was somewhere in those 83 pages that CSE redacted.

On the plus side, the Dominion is safe from whatever ill consequences would ensue if that specific 57-year-old horse ever got out.

But enough with the nay-saying.

At the risk of riding my metaphor off in all directions, I shouldn't look a gift (or, technically, five-dollar) horse in the mouth.

The CANUSA Agreement has finally been released into the wild. And that's a good thing.


Update 31 March 2019: See here for a substantial part of the appendices.

Sunday, April 09, 2017

CBNRC's mini-SHAMROCK



From August 1945 to May 1975 the NSA's SHAMROCK program collected most of the cable traffic passing between the United States and international locations and processed their contents for foreign intelligence — and occasionally domestic intelligence — purposes. Public outrage following the program's exposure in the mid-1970s led to the passage of the 1978 Foreign Intelligence Surveillance Act.

Just before that all happened, however, Canada sought to establish its own mini-SHAMROCK program.

Canadian government documents indicate that in the early 1970s the Communications Branch of the National Research Council (CBNRC, as CSE was called in those days) set up a test cable monitoring operation in Montreal. The Canadian program, which has not previously been revealed, was run in cooperation with the Canadian Overseas Telecommunications Corporation (COTC), the Crown corporation that had a monopoly on overseas telephone, telex, and telegram services from Canada at that time. (COTC was renamed Teleglobe Canada in 1975 and was later privatized, eventually becoming part of Tata Communications.)

Canada had long been a regular consumer of the cable traffic collected on international circuits around the world by its U.S. and U.K. allies, but its own SIGINT activities were focused almost entirely on the radio communications of the Soviet Union, particularly those in the Arctic.

At the beginning of the 1970s, this posture was seen as not fully meeting Canadian needs.

CBNRC reportedly was unable to contribute much during the October Crisis in 1970, as it had virtually no capacity to monitor Canadian communications. Ottawa wanted desperately to know more about "revolutionary elements" in Canada, including any links they might have to other countries. Intelligence consumers were also interested in more Canadian-related foreign and economic intelligence than we could get from our allies.

The documentary evidence is sparse, but a pilot project for monitoring cross-border cable communications appears to have been set up at COTC's Montreal facilities, which were the gateway for Canadian transatlantic communications, in 1971 or perhaps a little earlier.

A draft memorandum on "The Canadian Intelligence Program" written for the Cabinet Committee on Security and Intelligence in April 1972 reported that "a survey is being carried out to determine the value of arrangements with the Canadian Overseas Telecommunications Corporation by which we would have the opportunity to examine messages between Canada and locations abroad which would (1) clarify links between revolutionary activities abroad, (2) provide information concerning known revolutionary elements, and (3) contribute intelligence about foreign and economic affairs of direct interest to Canada."



Later that month, CBNRC sought approval to convert the test operation to full operational status during the coming fiscal year, 1973-74. But with the intelligence program review still underway and fiscal pressures being felt all across the government, the Cabinet declined to give the project the go ahead that year.

The following two excerpts tell that part of the tale.

In the first, Intelligence Advisory Committee chairman A.F. (Bert) Hart discusses CBNRC's proposal for funds "for additional activities related to placing two test operations (Moscow and COTC Montreal) on a full operational basis in the fiscal year 1973/74" and comments that the plan may have to be revised.



(The Moscow operation, Canada's first intercept site inside an embassy, was unrelated to the COTC project.)

The second excerpt, taken from the History of CBNRC, shows that the Cabinet did in fact decline to approve the extra expenditures required to go fully operational that year.



The decision to restrict the SIGINT budget to Level A presumably meant that the COTC Montreal operation did not go fully operational in 1973-74, unless internal budget reallocations or Supplementary Estimates later provided for it.

The proposal was not dead, however, and it is possible that the budget planning for 1974-75 approved an operational capability. The available records don't answer this question.

Either way, though, it was moot.

On 14 January 1974, the Protection of Privacy Act received Royal Assent, adding Section VI (Invasion of Privacy) to the Criminal Code, and trampling CBNRC's mini-SHAMROCK proposal in the process.

According to the History of CBNRC, nobody had asked CBNRC what effect the new act might have on SIGINT collection:

"in 1971 the [Director of Communications Security (DCS), the External Affairs official in charge of the Canadian SIGINT program], without any discussion with CBNRC, assured his Under-Secretary, and through him his Minister, that the clause in the current draft bill on Protection of Privacy which forbade the interception of "private" communications in and out of Canada would not have any bad effects on Canadian intelligence. This official opinion was to wipe out for the remainder of CB's existence traffic useful in such studies as [redacted]."



Additional details of the story can be found in other sections of the History:

"Legislation in Canada and the US affected CB's activities in a more basic way. A Protection of Privacy Bill was being drafted by the Canadian Department of Justice in 1971. The Department of External Affairs queried some aspects of the draft bill which might affect legitimate intelligence interests adversely. Copies of the queries, which went out over the signature of the Under-Secretary of State for External Affairs (USSEA), went to the Cabinet Secretary, the Chief of the Defence Staff (CDS) and the Director General of the Security Service (DGSS) in the RCMP, but not to Director CB. After receiving answers from Justice, the USSEA told his Minister in June that "radio communications would not come within the prohibition" against the interception of "private communications". Also, the "use or disclosure" of communications intercepted outside Canada would not constitute an offence, because such an act would not be "wilful", as being based on selection from a mass of material picked up without any "mens rea". He also told his Minister that relevant information would be made available to intelligence authorities (presumably including CB), even if obtained for specifically security purposes under a warrant issued by the Solicitor General. However, these did not all turn out to be the interpretations of several subsequent Solicitors General and Ministers of Justice."




One of the effects of the Protection of Privacy Act was to end CBNRC access to telephone, telegram, and telex messages with one or more ends in Canada, as these were by definition "private communications". CBNRC was prohibited both from collecting the messages itself and from asking its allies to collect the traffic for it.



(Under the Department of Justice's current interpretation of the law, CSE is in fact permitted to receive one-end Canadian traffic intercepted by Canada's allies. However, it is not permitted to ask those allies to target the communications of specific Canadians or persons in Canada except when it is at the request of a federal law enforcement or security agency operating under a warrant. Whether the same interpretations were applied in 1974 is not clear.)

The paragraph 4.25 that was cited in the preceding excerpt summed up the situation in 1975, as CBNRC became CSE: "[T]hings were still humming in most areas except in the ability to produce SIGINT on the subject [redacted; presumably "International Trade", but possibly also the collection of intelligence on "revolutionary elements"] which had been given a high priority by the intelligence community. Here unfortunately a strict interpretation of the new Protection of Privacy Act meant that the main source of information on this subject, that is [redacted] was now regarded as taboo. Some work was beginning to be done on selected foreign [redacted] but this new plant only reached its full flowering after the conversion from CBNRC to CSE, and so will have to be matter for a later history."



(The final sentence of this excerpt may or may not apply to the private communications issue: it could be a reference to the expansion in collection from embassy sites that began in the early 1980s.)

By mid-1975, it was not just CSE's mini-SHAMROCK program that was dead: the original U.S. SHAMROCK program had itself been shut down, although elements of it would soon enough be started up again following the passage of the Foreign Intelligence Surveillance Act.

It's likely that CSE did get permission to access cross-border traffic for certain purposes later in the 1970s or the years that followed. Communications that transited through Canada on their way between Europe and the Far East may have been considered fair game, for example. Such communications were a significant source of revenue for COTC, or Teleglobe Canada as it was known by then.

But it wasn't until the passage of the Anti-Terrorism Act in 2001 that CSE regained broad-based access for foreign intelligence purposes to communications that begin or end in Canada (and, even then, only when collected in the course of targeting non-Canadians located outside Canada).