Saturday, December 31, 2016

A century of Canadian SIGINT

The Communications Security Establishment recently celebrated its 70th birthday, but Canada's SIGINT history began well before September 1946.

As I've mentioned before, Canadian SIGINT activities during the Second World War laid the foundations for Canada's participation in the post-war Five Eyes SIGINT alliance. But WWII wasn't the beginning of the story either.

In fact, the first recorded Canadian SIGINT activity took place on or about the 1st of January 1917, exactly one century ago.

According to Major Rob Martin (Cracking the Code, Winter 2004),
the earliest record of Canadian Corps intercept of German communications—predominantly telephone (non-wireless)—occurred about 1 January 1917, at "No 6 Post", Neuville St. Vaast
Regular monitoring of German radio communications began later in 1917 and continued until at least August 1918.
At demobilization, however, the fledgling wireless intercept elements suffered the same fate as many other Canadian Expeditionary Force (C.E.F.) wartime establishments—they were struck off strength—and no effort was made to create or sustain any organic Canadian Army capability in wireless intelligence, strategic or tactical, until the spring of 1938...

[Update 17 January 2017: Oops, judging from the comment below, 1917 may have been the start of army SIGINT activities, but Canadian naval SIGINT activities began shortly after the beginning of the First World War.]

Image source

Friday, December 30, 2016

ATIpper #3: Second Party privacy incidents

As the CSE Commissioner stated in his last report, "the unintentional sharing or inclusion in a [SIGINT] report... of unminimized Canadian identity information"—such as the name, telephone number, or e-mail address of a Canadian individual or organization—constitutes a "privacy incident". (Other errors, such as unknowingly querying information related to Canadians, are also classified as privacy incidents.)

Privacy incidents are reported to be rare, but publicly available statistical information about their prevalence is, in my experience, even rarer.

That's why it is especially interesting to see this comment about the prevalence of privacy incidents in end product reports issued by Canada's Five Eyes allies (from Access release A-2015-00067, p. 43):

"Despite the vast amount of data shared between the Five Eyes agencies, privacy incidents are exceedingly rare. In an average year the likelihood of a privacy incident occurring in a Second Party end product report is less than one tenth of one percent (0.08%)."

That is a very low number.

It's worth noting, however, that the Five Eyes agencies issue something on the order of 200,000 end product reports per year, maybe even more, so this equates to something like 160 incidents per year, or nearly one every second day.

Thursday, December 29, 2016

ATIpper #2: A flock of CROs

More from the Access to Information (ATI) files:

One of the primary ways CSE disseminates its intelligence products is through Client Relations Officers (CROs) embedded with various customer departments and agencies.

Here's the list of customers that hosted CROs in November 2015 (from Access release A-2015-00067, p. 40):

The list includes the usual outfits you might expect to be SIGINT consumers, but also a few that might be a little more surprising.
  • Privy Council Office/Prime Minister's Office (PCO/PMO)
  • Department of Foreign Affairs, Trade and Development (DFATD), now Global Affairs
  • Department of National Defence (DND)
  • Canadian Security Intelligence Service (CSIS)
  • Public Safety Canada
  • Industry, now Innovation, Science and Economic Development
  • Aboriginal Affairs and Northern Development (AAND), now Indigenous and Northern Affairs
  • Natural Resources Canada (NRCan)
  • Department of Fisheries and Oceans (DFO)
  • Canadian Border Services Agency (CBSA)
  • Agriculture and Agri-Food Canada/Canadian Food Inspection Agency (AAFC/CFIA)
  • Transport
  • Environment, now Environment and Climate Change Canada
  • Finance
Interestingly, the RCMP isn't on the list of organizations hosting CROs. The Mounties had a CRO in 2006, and they're certainly still a significant SIGINT client, so maybe they were left off the list by mistake.

Also worthy of note is the introductory comment noting that "CSE is an intelligence collector and compiler; CSE does not currently conduct intelligence assessments." Currently?

Does CSE harbour ambitions to change that role?

[Or, as Stephanie Carvin speculates, might they have produced assessments at some time in the past?

A 1990 document does mention that CSE "also provides long-term military assessments and conference papers", which presumably were related primarily to Soviet and Warsaw Pact forces at that time. But the Cold War was just wrapping up by 1990, so that role may well have ended not long afterwards.]

Wednesday, December 28, 2016

ATIpper #1: Supercomputers

Recently I've been reading a whole lot of CSE documents released to various people under the Access to Information (ATI) Act. As you might expect, such releases are normally very heavily redacted, but quite often there is still some useful, or at least interesting, information left clinging to the skeletonized remains.

Such tidbits aren't the stuff of headlines, but they can shed some intriguing light on little-known aspects of this little-known agency, so I've decided to publish such items on the blog on a regular (or maybe semi-regular) basis.

Herewith, from Access request A-2015-00067 (p. 10), I give you ATIpper #1:

This excerpt from a November 2015 briefing for the then-new Defence Minister makes it official: CSE's new headquarters has the "Largest concentration of supercomputers in Canada"!

(How do you even measure that? RMax per cubic metre?)

Never mind, the point is clear: CSE has a lot of supercomputer capability.

I wrote more about CSE and supercomputers here.

Sunday, December 11, 2016

CSE and ELINT support to Canadian Forces

David Pugliese has written an article on ELINT support by CSE to the Canadian Forces ("Ottawa’s electronic spy agency helping military track someone in Canada, censored documents reveal," Ottawa Citizen, 11 December 2016). ELINT, or electronic intelligence, is SIGINT collected from non-communications electronic transmissions such as radar signals.

The article reports that
Canada’s electronic eavesdropping agency has been brought in to support the Canadian military for an operation within the country, according to documents obtained by the Ottawa Citizen.

The Department of National Defence confirms it has requested such assistance but is tight-lipped about the details, adding that it conducts its intelligence activities within existing laws or directives from the government.

The request for an intelligence-gathering operation by the Communications Security Establishment was for the period starting Jan. 1, 2016 and ending on Dec. 31, the heavily censored briefing note said. The request was filed last year with DND deputy minister John Forster, the former head of the CSE.

The request was made by then Maj.-Gen. Paul Wynnyk, who was commander of the Canadian Forces Intelligence Command.

“I formally request the support of the Communications Security Establishment in the ongoing provision of domestic operational Electronics Intelligence support to DND/CAF,” wrote Wynnyk, who has been since promoted and appointed commander of the Canadian Army.

The document was obtained by the Citizen using the Access to Information law.

In making his request, Wynnyk cited a ministerial directive on electronic intelligence assistance in support of law enforcement and security agencies as well as the National Defence Act.

I'm quoted extensively in the article, but I don't think the issue is actually as mysterious as I thought when I was discussing it with Pugliese.

Another document recently released under the Access to Information Act, the CSE Commissioner's 19 March 2015 report on Canadian Armed Forces Cyber Support Detachments, contains some useful background information on CSE's ELINT support activities.

According to that report, DND and the Canadian Forces "require the use of ELINT information to monitor air, ground and maritime activity in and around Canadian territory for various national defence, security, and sovereignty purposes." The primary use of the information is probably to assist in the detection and identification of unknown aircraft and ships in or around Canadian territory.

The report goes on to note that "CSE provides ELINT associated with foreign entities outside the 12-nautical mile limit", i.e. outside Canadian territory, under its foreign-intelligence mandate (Mandate A). But "ELINT coverage within the 12-nautical mile limit", because it involves persons in Canada, can only be collected by CSE under its assistance to federal law enforcement or security agencies mandate (Mandate C), which requires a formal request from the agency seeking the information.

"For some time, CSE did not provide ELINT access to the military within the Canadian borders because of CSE's interpretation of Part V.1 of the [National Defence Act]" (the act spelling out CSE's mandate).

However, in October 2009 the Minister of National Defence signed a Ministerial Directive on Electronic Intelligence (ELINT) Assistance in Support of Law Enforcement and Security Agencies directing CSE to provide ELINT support under Mandate C when formally requested to do so.

As a result, every year the Commander of the Canadian Armed Forces Intelligence Command submits
an annual request on the first day of December to CSE for the provision of ELINT pertaining specifically to the Canadian territory. The annual request is intended to broadly cover routine activities such as [redacted.] The request should identify all standing CAF Contingency Operations on, or contiguous to, Canadian territory, as well as anticipated annual events.
So there you have it.

Sunday, December 04, 2016

CSE and Lawful Access After Snowden

Wesley Wark, a visiting professor at the University of Ottawa and one of Canada's foremost experts on intelligence agencies, has written a new working paper on CSE and Lawful Access After Snowden.

The paper covers a lot of ground, but its fundamental purpose is to consider "what the Snowden revelations tell us about the national security and democratic challenges of providing for legitimate access by intelligence services, and in particular by a signals intelligence agency, to communications, including the private communications of Canadians," and to make a series of suggestions for the way ahead.

It begins with a survey of the Canadian-related material in the Snowden documents published to date. It then examines CSE's role, the function of the CSE Commissioner, and various proposals to improve review and transparency regarding the agency's operations. It ends by recommending five factors that the author argues should be considered in future efforts to ensure both lawfulness and democratic legitimacy in CSE's operations:
  • "The first consideration is that more attention needs to be paid to the privacy risks attendant on the conduct of CSE’s cyber security mandate, particularly in the context of the potential blurring, as the Snowden CSE documents suggest, of defensive and offensive cyber security operations and the ongoing march of technological change."
  • "A second consideration is that for lawful access to be advanced when it comes to CSE SIGINT, there is an absolute requirement to change the laws governing CSE operations and to find [ways] better to keep enabling legislation evergreen, so as to avoid the obsolescence that has crept over the CSE statute since 2001."
  • "A third consideration involves a recognition of the need for greater transparency on the part of key actors who can provide a public rationale for the necessity of CSE activities under its mandates."
  • "A fourth consideration is that the Canadian discourse on CSE and SIGINT, prompted in large part by the Snowden leaks, must in future include an elaboration and discussion of the value proposition represented by intelligence activities for Canadian security"—i.e., what do Canadians want and expect these activities to achieve?
  • "A fifth and final consideration is related to an energized and better informed discussion of intelligence. The Canadian security and intelligence community, and its political masters, need to embrace a doctrine of 'just intelligence.' Such a doctrine could provide a broad guidance framework to ensure the democratic legitimacy of intelligence as well as help ensure an ethical and law‐abiding culture is sustained within intelligence and security agencies."
The proposed "Just Intelligence" doctrine—a suggestion that picks up on earlier proposals by former GCHQ Director David Omand and others—would be modeled on traditional "Just War" theory, but modified for the intelligence context.

This suggestion and the others are explained in greater detail in the text.

All in all, there is a lot to digest in the piece, but it is well worth the read.