Metadata and our Mandate
The CSE is mandated to help protect Canada and Canadians in three ways:
- We collect foreign signals intelligence based on Government of Canada intelligence priorities;
- We help protect electronic information, systems and networks of importance to Canada; and
- We assist federal law enforcement and security agencies, under their lawful authorities.
In order to fulfill this mandate, the National Defence Act authorizes CSE to collect communications metadata. Metadata is critical to understand the communications environments in which we operate and helps ensure we are directing our intelligence activities at foreign entities outside of Canada.
We’re selective in gathering metadata, collecting and analysing subsets of metadata to:
- Understand complex and constantly changing communications networks;
- Discover and analyse foreign intelligence targets and their social networks; and
- Identify cyber threats.
What is metadata?
Metadata is the context, but not the content of a communication. It is information used by computer systems to identify, describe, manage or route communications across networks. For example, metadata can refer to an internet protocol address or a phone number or the time of a transmission or the location of a device. The complexity of technology used on global networks and the speed with which technology is advancing mean that communications metadata is constantly evolving. While metadata reveals a certain amount of information about devices, users and transmissions, it is contextual and does not expose the content of emails, phone calls or text messages.
Why do we need metadata?
For 70 years, metadata has been vital to the successful delivery of our mission. We operate in the global communications network, and metadata helps us characterize how foreign threat actors, such as terrorist groups, cyber actors or hostile intelligence agencies, use networks and systems. Only when we have understood how they communicate, can we discover the motivations, intentions, capabilities and activities of these actors, and work with our Government of Canada clients to stop threats before they materialize. The metadata is essential to ensuring that we are directing our activities at foreign adversaries, thus mitigating the risks of intercepting private communications from Canada or involving Canadians.
What we don’t do with Metadata…
CSE does not collect or use metadata to target or otherwise direct signals intelligence or cyber defence activities at Canadians or anyone in Canada, as such activity is prohibited in the National Defence Act.
Metadata and Signals Intelligence
CSE is a foreign intelligence agency, and must direct its signals intelligence activities exclusively against foreign targets outside of Canada, and in accordance with the Government of Canada intelligence priorities of the day. Given that intelligence targets are dispersed in the vast global network or networks, the collection and use of certain pools of communications metadata can help us hone our intelligence investigations and better pinpoint the networks on which foreign targets operate and how they communicate. Only then can we begin to engineer solutions to collect information and provide important insights to the Government. Without metadata, we would not be able to effectively direct our resources and capabilities to keep Canada and Canadians safe and secure. In the end, the more relevant information, including metadata, we have, the more certain we are in targeting foreign entities outside Canada.
Metadata and Cyber Defence
CSE plays a vital role in protecting electronic information, systems and networks of importance to the Government. Every day, CSE analysts use metadata to discover and defend against cyber threats to Canadian networks. Malicious cyber actors are constantly evolving their techniques to exploit the private communications of Canadians, the intellectual property of our companies, and the secrets of our Government. At CSE, we work to uncover these threats by searching for clues in metadata that uncover malicious activity and, in the case of Government of Canada networks, stop their efforts to exploit the information under our control, including Canadians’ personal information.
Given the interconnected, global nature of communications networks, some metadata associated with Canadian communications is likely to be present in the subsets of metadata collected by CSE. We, as Canadians, know the importance of protecting Canadian privacy interests in all of our activities and the National Defence Act requires that CSE have measures in place to protect the privacy of Canadians. CSE has a culture of compliance with the law, ministerial authorizations and directives, and our own policies, including a suite of measures that provide robust protection. As part of these protective measures, CSE:
- focuses collection of metadata to areas of the global network that are most likely to provide foreign intelligence, and avoids collection in areas that are not expected to be predominantly foreign in nature;
- limits the length of time that metadata can be retained;
- restricts access to metadata stores to only trained CSE operational and policy officials, and only for authorized analytic activities;
- prohibits searches for information about Canadians anywhere or individuals in Canada;
- respects the privacy rights of Canadians when sharing information, including suppressing any identifying information about Canadians in foreign intelligence reporting;
- audits and reports on compliance with these activities; and
- cooperates with the CSE Commissioner in the review of metadata activities.
Technology is constantly evolving, and CSE never stops adapting to these changes, striving to stay ahead. We do this to not only support our mandate to protect Canada and Canadians, but also to protect the privacy of Canadians. The collection and analysis of metadata are vital to CSE’s efforts to protect Canada and Canadians, but the protection of Canadians’ privacy interests are equally important.