Remarks by CSE Deputy Chief, Policy and Communications at the 18th Annual Privacy and Security Conference

Good afternoon.  First, I want to thank the organizers for the invitation to participate in this panel.  The discussion we’re going to have over the next hour is very timely and important for CSE, and for the country.

In the 5 minutes I have for opening remarks I thought I would take a few moments to talk about CSE’s authorities.  And I know we’re here to talk about the public trust, so I want to outline some of the ways CSE is working to build and maintain that trust.

It’s probably fair to say that CSE is not well understood in the public sphere, no doubt due to CSE’s not-so-surprising secretive history.  But more and more our organization has come to realize the merits of being more transparent in public, and we are making every effort to increase our public profile.  My appearance here is part of that effort.  In the past year we’ve taken a few other steps to be more open about what we do… so we’ve launched a Twitter account, we’ve given a technical briefing for the media, we are starting to do some media interviews (including two last week with national papers), and we’re participating as speakers at symposia, conferences and in classrooms, and then posting those speaking points online.   

These may seem like small steps, but we are learning how we can best share what we do without jeopardizing our effectiveness.  We know that increased openness and accountability will help to dispel myths and misunderstandings about CSE’s activities. 

CSE is one of Canada’s key security and intelligence organizations and this year we are marking our 70th anniversary.  Our mandate is set out in the National Defence Act, and we report to the Minister of National Defence.

Our mandate is comprised of THREE parts, which I will oversimplify as follows:  Part A involves the collection of foreign signals intelligence to meet the Government’s intelligence priorities.  Part B is the protection of the cyber networks, electronic information and infrastructures of importance to the Government of Canada.  And Part C is the provision of technical and operational assistance to federal law enforcement and security agencies, like the RCMP and CSIS, in the performance of their lawful duties.  

In terms of SECRECY VERSUS OPENNESS…

It’s easier to summarize CSE’s legal framework and some of the contributions that CSE has made to Canadian national interests than it is to discuss CSE’s operational activities.  For example, if we were to explain what methods we use to protect government systems in our cyber defence work, we would be handing our adversaries our playbook.  And that puts Canadians’ information… your information… at risk.

There is a legitimate need for certain details about intelligence agencies’ operational activities to be protected from disclosure.  We recognize, though, that the public trust that Canadians have in their intelligence agencies has to be built on openness and public discussion about the value of intelligence for the country.

So let me outline a few ways our work contributes directly to the protection of Canada, Canadians and our allies.

  • CSE’s intelligence supports and helps to protect Canadian military personnel and diplomats serving abroad.
  • We help to identify foreign-based extremist networks that seek to recruit, radicalize and train individuals to carry out terrorist attacks in Canada and abroad.
  • We block over 100 million malicious cyber actions against the Government of Canada every day, which protects the personal information that Canadians share with their government. And,
  • Our cyber defence information sharing helps to prevent significant losses to the Canadian economy, has protected Canada’s most sensitive information, and has helped Canadian businesses protect their systems and information

Now… The principles of lawfulness and privacy are critical to CSE’s work and we take the protection of privacy very seriously.  It is a fundamental part of CSE’s organizational culture and is embedded within our operational structures, policies and processes.  In fact, our foundational operational policy, the one that overarches all others, is called Protecting the Privacy of Canadians and Ensuring Legal Compliance in the Conduct of CSE Activities.

We are required by law to implement measures to protect the privacy of Canadians and we have a number of measures in place to make sure that happens, starting with the directives we receive from our Minister.

One more quick point related to transparency and accountability - Bill already covered the importance of Expert Review in his opening remarks, and also made passing reference to a new National Security and Intelligence Committee of Parliamentarians, as we know that specific legislation about the committee is being considered and debated in Ottawa.  We view this as a positive development for transparency, accountability, and trust across the intelligence community.  We are stronger as a country when the people we’ve elected understand the impact of our work and can make educated decisions based on knowledge.  So we’re anticipating some good conversations with the new committee as another means to tell our story. 

As I wrap up, I want to point out something that may be obvious, but is not always considered.  CSE is comprised of dedicated, talented, highly skilled, public servants… your fellow Canadians.  CSE employees are well aware of the importance of privacy protection measures, because those measures also protect their own privacy, and the privacy of their friends and families. 

So, thank you again for the invitation to this panel.  We need this type of discussion to take place across the country if we’re serious about understanding the balance between security and privacy.