CIPPIC joined the Citizen Lab today in releasing a detailed analysis of Bill C-59 which, among other things, seeks to comprehensively modernize the Communication Security Establishment (CSE)'s legal framework. The CSE, Canada's foreign intelligence agency, is granted expansive powers and a mandate that is intended to be 'foreign facing', a tradeoff intended to limit safeguards applied to the Establishment while limiting its ability to impact on Canadians. The Bill C-59 reforms in many ways improve the CSE's current operational regime, by requiring the CSE to operate in a proportionate manner and under some independent control for the first time. Ultimately, while the Bill modernizes many of the CSE's powers and capabilities, it remains stuck in the past with respect to its oversight and control regime—a regime that remains driven by executive authority. The report suggests over 50 reforms to the Bill, with varying degrees of impact. Of particular concern is the Bill's open embrace of mass and bulk surveillance practices, a range of newly introduced exceptions that will grant the CSE more scope to operate domestically, a new domestic private sector cybersecurity regime, and new cyber operation powers that would allow the CSE to disrupt and undermine security, the integrity of communications networks and human rights in Canada and abroad.
At the same time, the report points to deficiencies in the independent control and oversight mechanism proposed by Bill C-59. The embodiment of these mechanisms (the Intelligence Commissioner) is presented as a quasi-judicial check on the Minister's otherwise broad powers to authorize the CSE's activities. However, the Commissioner lacks the independence and scope of oversight necessary to meaningfully carry out the function envisioned for it. Notably, while the Commissioner may now refuse some authorizations as issued by the Minister of National Defence, the process remains largely driven by the executive branch of government. The Commissioner lacks basic fact-finding powers, mechanisms for direct adversarial input, formalized appeal mechanisms and even the obligation to issue reasons when approving a ministerial authorization. The scope of Commissioner oversight is similarly deficient. As others have noted, Commissioner approval is only required if CSE activities would otherwise violate a law of Canada or the Charter, a triggering mechanism that falls well short, allowing significant invasive CSE conduct to fall outside the scope of Commissioner control. Critically, Bill C-59 introduces a range of new cyber operation powers that could well be the most invasive in the Establishment's toolkit, yet these fall altogether outside the scope of Commissioner control. As Bill C-59 continues to make its way through parliamentary committee, it is hoped that some of these issues (and others itemized in a civil society coalition statement) will be addressed.
Image Credit: Gautier Poupeau, "Magnifying Glass [Loupe], 1963, Roy Lichtenstein", July 14, 2013, CC-BY-2.0, Flickr
Facial recognition is a highly controversial technology that is transforming border crossings around the world by fuelling an unprecedented level of surveillance & too-often racially biased automated processing of travellers. In a 
Today, the Supreme Court of Canada issued R v Reeves, 
The Electronic Frontier Foundation (EFF) 
At a time when our electronic devices contain an over-more detailed window every facet of our lives, international travel poses a growing challenge to privacy as the expansive powers granted to our border control agents are leveraged with increasing frequency to search our digital repositories. The BC Civil Liberties Association (
CIPPIC joined the Electronic Frontier Foundation (EFF) and European Digital Rights (EDRi) in spearheading a 
Encryption is vital to maintaining the integrity of communications and computing systems in modern life. It is not only essential for securing trust in e-commerce systems, but also, in the digital age, integral to the realization of a wide range of human rights. In spite of the critical importance of encryption, some law enforcement and intelligence agencies view cryptography as a barrier to their investigative and intelligence-gathering activities, and have therefore called for limits on the public availability and use of uncompromised and secure encryption. This paper seeks to examine the parameters of this debate, with particular attention to its Canadian components and implications.
As Bill C-59, the National Security Act, 2017, winds its way through committee (SECU), the Government has made available a lightly redacted copy of its briefing notes developed in support of the Bill. A central point of contention in Bill C-59 is the proposed CSE Act, which will provide a new and comprehensive framework for the CSE, Canada's foreign signals intelligence agency. Elements of this framework are long overdue, such as its creation of NSIRA, which will have far-reaching capabilities to review the CSE's activities, and an Intelligence Commissioner which, if properly empowered, will provide an independent check on some of the CSE's activities. However, as we (jointly with the 
The Supreme Court of Canada issued its long-awaited decisions in R v Marakah, 
CIPPIC has helped organize .jpg){kind=link}