Chapter 4: Review of the Department of National Defence and the Canadian Armed Forces' Intelligence Activities
National Security and Intelligence Committee of Parliamentarians Annual Report 2018

lntroduction

148. The Committee reviewed the intelligence activities of the Department of National Defence/Canadian Armed Forces (DND/CAF) conducted in support of the defence mandate. This review is important for a number of reasons. Defence intelligence is critical to the success of CAF operations and the fulfillment of the DND/CAF mandate: for the defence of Canada; the defence of North America (with the United States); the promotion of international peace and security; and, supporting lawful requests from other government departments for defence intelligence support. The defence intelligence function in DND/CAF is largely unknown to Canadians. Furthermore, an independent, external review of the defence intelligence program has never been conducted. In terms of resources, the DND/CAF intelligence program is among the largest in the Canadian security and intelligence community and is forecast to grow over the next several years. It includes the full spectrum of intelligence activities, which means that DND/CAF may carry out all manner of intelligence activities, such as signals intelligence, human intelligence, counter-intelligence, and intelligence assessment.

149. Such intelligence activities are also carried out by other members of Canada's security and intelligence community, including the Communications Security Establishment (CSE), the Canadian Security Intelligence Service (CSIS), or the Royal Canadian Mounted Police (RCMP) - that have a legislative mandate tailored to their area of responsibility. While each organization has unique areas of responsibility, DND/CAF does not have the same kind of statutory structure supporting its intelligence activities; instead, it operates under an authority framework where defence intelligence activities are carried out under aspects of the National Defence Act and the Crown prerogative.

150. The previous chapter described many of the risks inherent in the conduct of intelligence activities. These risks include the disclosure of intelligence targets, causing damage to Canada's foreign relations, or the disclosure of intelligence sources, putting individuals at risk of physical harm. Like ail intelligence activities, defence intelligence contains the same risks, albeit not always in the same areas and to the same degree as other organizations whose mandates touch more closely on the rights of Canadians. ^{Footnote 1} The mitigation of these risks requires unique structures to support ministerial control and accountability.

151. The Committee did not conduct an in-depth examination of any specific area of defence intelligence activity. The breadth of the DND/CAF mandate and the scope of its intelligence activities are too broad for a single review. It first needed to gain an overall understand of defence intelligence activities. As a result, the Committee decided to limit its review to two parts. The first was an exploration of the types of intelligence activities conducted by DND/CAF and the structure of its intelligence organization. The second was an examination of the authorities under which DND/CAF intelligence activities are conducted. The Committee believes that this review will help improve Canadians' and Parliament's awareness and knowledge of the DND/CAF defence intelligence mandate and activities. It can also set the stage for future reviews by the Committee and by the proposed National Security and Intelligence Review Agency (NSIRA). ^{Footnote 2}

152. Following an initial DND site visit in March, the Committee started its review in April 2018. The initial focus was on three questions:

• What are the DND/CAF intelligence activities?
• Under what authorities are these activities conducted?
• To what accountability mechanisms are these activities subject?

153. Between April 27 and December 4, 2018, the Committee received and reviewed more than 4,500 pages of material from DND/CAF (bath classified and unclassified), including legal opinions, ministerial letters, ministerial directives, functional and operational guidance documents, training manuals, briefing notes, presentations, operational authorizations and directions, and intelligence reporting. It also received numerous written responses and working-level briefings, including in the development and use of sensitive defence intelligence capabilities; legal authorities and the Crown prerogative; human intelligence; and counter-intelligence. The Committee supplemented this material with separate academic and legal research.

154. In addition to two general briefings on the role and activities of DND/CAF, the Committee received four specific briefings from DND/CAF officials during this review. The first was on the Crown prerogative and its use in authorizing the development and use of defence intelligence capabilities in CAF operations. The second was on the central role that defence intelligence plays in planning and conducting operations, which focused on the full spectrum of DND/CAF intelligence activities ***. The third and fourth were on the question of providing DND/CAF with an explicit statutory mandate for defence intelligence activities.

155. The Committee received information from other government departments. This included CSE regarding the Ministerial Directive on the Integrated SIGINT [Signals Intelligence] Operations Model, which establishes the framework under which CSE delegates to CAF its authority to collect foreign intelligence ***; the Department of Justice regarding the Crown prerogative and authority for defence intelligence; Global Affairs Canada regarding interdepartmental consultations with DND/CAF on ***; and CSIS regarding its engagements with DND/CAF *** pursuant to section 12 of the CSIS Act.

156. This chapter details the Committee's findings. It discusses DND/CAF defence intelligence activities and how they support CAF operations from early deployment planning through to the day-to- day conduct of military operations. It describes how defence intelligence activities are authorized and conducted domestically and internationally. It also describes the internal administrative system developed by DND/CAF with respect to the governance of intelligence activities. This system consists of ministerial direction, ministerial authorization, internal oversight committees, internal reviews, policy, administrative orders, and doctrine. ^{Footnote 3} This system is also bolstered by statutory obligations stemming from the chain of command, which DND/CAF describes as a system of command and control applicable to CAF members, pursuant to subsection 18(2) of the National Defence Act and the Code of Service Discipline (Part III of the National Defence Act). This system of command and control obligates CAF members to comply with lawful orders and directions and is described by DND/CAF as a foundational element through which the accountability and compliance of defence intelligence activities are maintained. ^{Footnote 4}

157. The defence intelligence program is a legitimate part of the DND/CAF mandate for the defence of Canada and Canadian interests abroad. The Committee recognizes that, at any given time, the Government can call upon the CAF to undertake missions for the protection of Canada and Canadians and to maintain international peace and stability, and that defence intelligence activities are an integral part of ensuring the success of DND/CAF missions and operations. Paragraph 170 of this chapter lists DND/CAF defence intelligence activities and their use as part of the defence mandate.

158. The Committee recognizes that DND/CAF's administrative system of governance over defence intelligence activities is an important component of risk mitigation for intelligence operations and to ensure appropriate control and accountability over defence intelligence activities. That said, the Committee identified weaknesses in that system. These include: a lack of standardized processes for determining a ‘nexus’ between the use of a defence intelligence activity and a legally authorized mission of the CAF, and for interdepartmental consultations regarding the use and deployment of sensitive defence intelligence activities; limited formal measurement of compliance with Ministerial Direction by the principal oversight body within DND/CAF; and gaps in existing external review of defence intelligence activities. The Committee believes that these weaknesses undermine the system of governance and accountability that DND/CAF has implemented over defence intelligence activities. The Committee makes four findings and three recommendations.

159. This chapter begins by detailing the rationale behind the Committee's decision to conduct a review of DND/CAF defence intelligence activities. The chapter continues with a discussion of the authorities under which defence intelligence activities are conducted, and closes with a discussion of the benefits and risks of placing defence intelligence activities under statute.

Background: The rationale for review

Importance of increasing public knowledge of defence intelligence activities

160. The Committee's decision to conduct a review of defence intelligence was based on a number of considerations. The first was that the defence intelligence program within DND/CAF has not received the same parliamentary or public attention as other aspects of DND/CAF activities, or as other intelligence organizations, that is, CSIS and CSE. This gap is reflected in academic research on defence intelligence in Canada. As Canadian academic Wesley Wark noted in his study of the evolution of military intelligence in Canada, "the almost nonexistent state of literature on the history of Canadian military intelligence and the fragmentary nature of the available archival record rule out documenting this [evolution] in full detail." ^{Footnote 5} The same is true of other Westminster governments, such as the United Kingdom:

[Defence Intelligence has not] yet experienced the levels of public or academic ... interest or concern that has propelled the enthusiastic scrutiny of the national agencies and Cabinet Office central intelligence machinery… Intelligence scholarship is at the point of little more than a first pass or two at the question of defence intelligence in the UK, and this represents barely a scratch on the surface of the far larger question of the role and status of defence intelligence institutions globally and comparatively. Even in the British case, the unexplored territory remains daunting in its scale. ^{Footnote 6}

DND/CAF resources devoted to defence intelligence

161. The second consideration was that the DND/CAF intelligence program is among the largest in Canada. According to the National Intelligence Expenditure Review, discussed in Chapter 3 of this report, DND/CAF expenditures in support of Government of Canada intelligence priorities were the *** in Canada in 2016-2017 at *** (CSIS spent $582 million). This figure represented nearly *** percent of the total recorded departmental expenditures of just over $19 billion. ^{Footnote 7} The same is true for human resources: the number of full-time employees DND/CAF devoted to government intelligence priorities was *** (CSIS had ***), with an additional *** personnel devoted to work in other areas of the DND/CAF intelligence program (for a total of *** personnel). DND/CAF has an additional *** unstaffed intelligence positions and is expected to increase its human resources by a further 300 personnel under the Defence Policy, Strong, Secure, Engaged.

Authorities for the full spectrum of defence intelligence activities

162. The third consideration was that DND/CAF conducts a broader range of intelligence activities than any other Canadian intelligence organization. The Defence Policy describes the Canadian Forces Intelligence Command as "the only entity within the Government of Canada that employs the full spectrum of intelligence collection capabilities while providing multi-source analysis." It commits to build these capabilities further. Many of the defence intelligence activities conducted in support of DND/CAF operations are similar to activities conducted by CSIS, CSE, and the RCMP, specifically activities in the areas of human intelligence, signals intelligence, counter-intelligence, open-source intelligence, and *** . ^{Footnote 8} As paragraph 221 outlines, these are also the defence intelligence activity areas that DND/CAF has defined as sensitive. While these activities are similar or identical, they are conducted in accordance with each agency or department's respective legislative mandate and authorities. In this context, the Committee wanted to better understand the authorities under which DND/CAF conducts its activities.

Risks associated with intelligence activities

163. The fourth consideration was the risks that intelligence activities entail. Intelligence is almost always classified in order to protect sources and methods. The disclosure of an intelligence target, such as a foreign state, could cause significant damage to Canada's foreign relations. The disclosure of a source or a method of collection could put an individual at risk of physical harm or could lead targets to change their behaviour, causing a loss of vital intelligence and potentially significant resources that were invested to obtain access to that source. Intelligence activities may also affect the rights of Canadians through, for example, intrusive investigative methods or through the sharing of information (or intelligence), which may lead to improper treatment. The magnitude of this risk is reflected in the 2018 Ministerial Direction on Avoiding Complicity in Mistreatment by Foreign Entities. ^{Footnote 9} The Committee wanted to better understand how these risks are mitigated in the DND/CAF context.

The absence of independent external review of defence intelligence

164. The fifth consideration was that the DND/CAF intelligence program is not subject to independent, external review. ^{Footnote 10} The Committee believes that independent, external review of security and intelligence activities is a foundational part of improving public confidence and trust in the activities of security and intelligence agencies. Review enhances accountability and transparency. Independent, external organizations have reviewed CSIS and CSE activities for some time. Their experience shows that review improves the operations of the reviewed organizations and increases the trust of Canadians that security and intelligence agencies act in accordance with the law, are accountable for their actions, and respect Canadians' rights and freedoms. The Committee's decision to conduct an exploratory review of DND/CAF intelligence activities would help to address the gap in independent external review.

Defence intelligence: Definitions, structure, and activities

165. In this review, the Committee's objective was to understand what intelligence is in the DND and CAF context, who conducts intelligence activities, and how, where, and by whom it is used. This section provides relevant definitions and describes the structure and activities of defence intelligence. The next section describes the authorities under which those activities are conducted.

Defence intelligence: Definitions, structure, and activities

166. DND/CAF defines intelligence broadly. The Defence Policy identifies the role of intelligence in all aspects of national defence decision-making, describing intelligence as fundamental to the conduct of any domestic or international operation. ^{Footnote 11} At its broadest level, defence intelligence is defined as encompassing "all intelligence activity conducted by or within the DND and the CAF, and [including] joint, maritime, land, air, space and cyber intelligence, from the tactical to the strategic level (as well as the geopolitical, economic, scientific, technical and security intelligence [level]) where such intelligence supports the defence mission and the Government of Canada's broader responsibilities as it relates to national defence, national security and foreign affairs." ^{Footnote 12}

167. More specifically, DND/CAF defines intelligence and defence intelligence as:

• Intelligence: the product resulting from processing information concerning foreign nations, hostile (or potentially hostile) forces, or areas of actual or potential operations. The term 'intelligence' is also applied broadly to intelligence activities that result in the product (for example, an intelligence report), and to the organizations engaged in intelligence activities. ^{Footnote 13}
• Defence Intelligence: all intelligence in support of military objectives and planning, either international or domestic, and including strategic, operational, and tactical intelligence for a spectrum of activities from the formulation of military policies, plans, and direction, to a commander's understanding of adversarial capabilities and intentions, to specific threats and hazards a commander may face in achieving a specific mission or objective. ^{Footnote 14}

168. DND/CAF also defines three levels of intelligence: strategic, operational, and tactical. These levels support the formulation of military policies and plans to inform Government decision-making and to achieve strategic objectives; provide the detailed information required to broadly plan military operations; and support the ongoing use of military forces to achieve specific objectives when deployed. ^{Footnote 15}

The defence intelligence program

169. The DND/CAF intelligence program currently employs more than *** personnel (regular force, reserve force, and civilian) from within an allotted staffing envelope of nearly *** positions. These personnel are spread across the constituent elements of the Defence Intelligence program: the National Intelligence Organizations, the CAF Services, and the Environmental Commands: ^{Footnote 16}

National Intelligence Organizations:

• Chief of Defence Intelligence (CDI): As the functional authority for defence intelligence, ^{Footnote 17} responsible for providing intelligence advice; generating specialist intelligence personnel, equipment, and connectivity for CAF operations; and ensuring defence intelligence activities are carried out in a responsive, efficient, and accountable manner.
• Canadian Forces Intelligence Command: Responsible for providing strategic intelligence advice, products, and services; developing future defence intelligence capabilities; and generating specialist intelligence personnel, equipment, and connectivity for operations.
• Canadian Forces Information Operations Group: Responsible for the coordination, development, and employment of capabilities for the collection and production of signals intelligence.

CAF Services:

• Royal Canadian Navy: Maintains operational intelligence support for deployed maritime forces.
• Canadian Army: Maintains land intelligence staff within the Canadian Army staff at National Defence Headquarters and within its divisional headquarters; also includes an intelligence regiment, an electronic warfare regiment, and five reserve companies.
• Royal Canadian Air Force: Maintains an air intelligence staff at Headquarters, within several air divisions, many wings, and some squadrons.

Environmental Commands:

• Canadian Joint Operations Command: Responsible for all operations, except those conducted solely by Canadian Special Operations Forces Command elements under the direct authority of the Chief of the Defence Staff.
• Canadian Special Operations Forces Command: Responsible for all special operations, including responding to terrorist threats to Canadians and Canadian interests around the world.
• North American Aerospace Defence Command (NORAD): Responsible to the Canadian and United States governments for the execution of missions assigned to NORAD, including aerospace warning, aerospace control, and maritime warning.

Defence intelligence activities

170. DND/CAF maintains a large defence intelligence program that includes a range of intelligence activities. DND/CAF describes these activities as essential in establishing comprehensive situational awareness for the protection of deployed forces, DND installations, and personnel, and for supporting the achievement of mission objectives in all operational environments. DND/CAF's current defence intelligence activities include: ^{Footnote 18}

• Signals Intelligence (SIGINT): Derived from the interception, collection, processing, and analysis of communications and data links, including email, mobile, and telephone communications. SIGINT also includes intelligence derived from electromagnetic emissions and instrumentation signals from things such as radar, missile guidance, and command systems. ^{Footnote 19} As a practical example, [*** This section describes an example of how SIGINT was used in support of an operation. ***]. ^{Footnote 20}
• Imagery Intelligence: Derived from the collection and analysis of hand-held and satellite imagery (for example, mapping data or bomb damage and data assessments using imagery).
• Geospatial Intelligence: Derived from the collection and analysis of various geomatics' sensors and data, including analysis of maps, charts, or nautical information for intelligence purposes. As a practical example, geospatial and imagery intelligence [*** This section describes an example of how geospatial intelligence was used in support of an operation.***] ^{Footnote 21}
• Human Intelligence (HUMINT): Derived from the collection and analysis of information from human sources. HUMINT activities are conducted by specialized units and include ***, and the interrogation of detained individuals. DND/CAF also defines HUMINT activities to include the normal interaction of CAF members with a local population on deployment, the overt diplomatic engagement with foreign counterparts conducted by its defence attaches, and structured interviews of specific Canadians by CAF HUMINT personnel. ^{Footnote 22} As a practical example, [*** This section describes an example of how HUMINT was used in support of an operation.***]. ^{Footnote 23}
• Counter-lntelligence: Activities concerned with identifying and countering threats to the security of DND/CAF personnel, property, and information by hostile intelligence services, organizations, or individuals. DND/CAF describes its efforts in this area as entailing "the full-spectrum of [counter-intelligence] activities for the purpose of identifying threats to the security of DND/CAF." ^{Footnote 24}
• Measurement and Signatures Intelligence: Derived from the collection and analysis of signatures (unique characteristics) of fixed and dynamic targets (for example, ***).
• Technical Intelligence: Derived from information concerning the capabilities and operation of foreign technology that may have a practical military application. This can include ***.
• Medical Intelligence: Derived from the study of medical, bio-scientific, epidemiological, and environmental information for the purpose of protecting deployed forces. This can include analysis of the impact of disease and environmental hazards on military forces.
• Meteorology-Oceanography: Derived from the study of atmospheric chemistry and physics (weather) and physical and biological aspects of the ocean. This deals predominantly with the environmental impact of climatic conditions on personnel, platforms, weapons, sensors, communications, and mission planning.
• Open-Source Intelligence: Derived from the press and other media, reference material, journals, publications, and other unclassified material.
• [*** This section describes a specific intelligence activity. ***]

Defence intelligence authorities

171. The previous section defined intelligence in the DND/CAF context and described the structure of the DND/CAF defence intelligence program and its activities. This section focuses on the authorities under which DND/CAF conducts its defence intelligence activities and how those authorities support departmental and ministerial accountability for their use.

172. In the most general terms, the authority to create military forces is found in the Constitution Act, 1867, which assigns the federal Parliament legislative authority over defence. Parliament has exercised this authority by adopting the National Defence Act, which gives the Minister of National Defence the management and direction of the CAF and all matters relating to national defence. For specific deployments of military forces, the Government authorizes the use of the CAF through a decision by the Prime Minister, Cabinet, or one or more ministers (this decision is referred to as an exercise of the Crown prerogative, itself a source of legal authority that is described below). The authority to conduct defence intelligence activities comes from the specific decision to deploy military forces. As DND/CAF notes, "The authority to conduct defence intelligence activities is implicit when the CAF is legally mandated, pursuant to legislation or an exercise of the Crown Prerogative, to conduct military operations and other defence activities." [emphasis added] ^{Footnote 25} Neither the National Defence Act nor any other statute contains provisions that specifically govern the conduct of defence intelligence activities by DND/CAF.

173. The deployment of the CAF, which includes the conduct of defence intelligence activities, is governed and constrained by Canadian and international law. The CAF Judge Advocate General put it simply in her remarks to the Committee:

• All CAF operations are authorized by law.
• All CAF operations are conducted in accordance with the law; and while the sources of legal authority will vary depending on the type of mission:
  • all domestic operations must have a legal basis in Canadian law and be conducted in accordance with Canadian law; and
  • all international operations must have both a legal basis under Canadian law and a legal basis under international law. They must also be conducted in accordance with both Canadian law and with the applicable international law. ^{Footnote 26}

Authorities for defence intelligence activities conducted in Canada

174. Defence intelligence activities support CAF domestic operations in the Canadian Area of Operations (which includes Canada's territorial waters and land, including in the Arctic). These operations are authorized either by statute or an exercise of the Crown prerogative (discussed in detail below). Domestic operations are conducted to:

• Assert Canada's sovereignty: The CAF detects and deters the activities of foreign states or hostile entities directed toward actual or potential attack, or other acts of aggression against Canada. As an example of intelligence used to support such operations, the CAF may intercept radio communications of *** aircraft approaching Canadian airspace, permitting the Air Force to intercept them as they approach Canada.
• Respond to requests for assistance by civil authorities: The CAF responds to requests for assistance from civil authorities, in cases such as natural disasters or emergencies. These operations are subject to Canadian laws, including the National Defence Act. For example, the CAF may conduct overflights as part of preparations to respond to requests for assistance in battling forest tires.
• Identify and counter threats to the security of DND employees, CAF members, and DND and CAF property and information: DND/CAF identifies and counters threats posed by hostile intelligence services, organizations, or individuals that may engage in espionage, sabotage, subversion, terrorist activities, organized crime, and other criminal activities. ^{Footnote 27} For example, the CAF counter intelligence unit may investigate a soldier who has suspicious links to a foreign state.

175. Where intelligence activities are used to support such domestic operations, their scope is circumscribed by law, by the specific responsibilities of various departments and agencies, and by the balance of jurisdiction between federal and provincial authorities. In terms of domestic legislation, DND identified several significant sources of law, including: ^{Footnote 28}

• The National Defence Act: Subsection 273.6 of the Act permits DND/CAF to provide public service and assistance to law enforcement, and Part VI of the Act defines when the CAF can come to the Aid of the Civil Power (that is, to respond to riots or disturbances of the peace that cannot be handled without the assistance of CAF). ^{Footnote 29}
• The Canadian Charter of Rights and Freedoms: DND/CAF intelligence activities must not violate the provisions of the Charter, particularly section 7 (the right to life, liberty, and security of the person) and section 8 (the right against unreasonable search and seizure).
• The Criminal Code: DND/CAF intelligence activities must not violate the Criminal Code, including sections dealing with search warrants and the interception of private communications.
• The Access to Information Act and Privacy Act: DND/CAF intelligence collection activities and storage practices must comply with the provisions of the Access to Information Act and Privacy Act.

Authorities for defence intelligence activities conducted in international operations

176. In most cases, CAF domestic operations are conducted in support of other government departments and agencies and at the formal request of their minister. In such cases, these operations, including defence intelligence activities, are conducted pursuant to the legal authorities of the supported entity. As the CAF Judge Advocate General stated, this means, “When acting in support of another organization, the Canadian Armed Forces has no more powers than those of the supported agency.” ^{Footnote 30} ln short, the CAF can conduct an intelligence activity (for example, intercept radio communications) only to support another government department (for example, the RCMP) if that department itself has the authority (for example, a court warrant) to conduct that activity.

177. To illustrate how these authorities and constraints work in practice, DND/CAF provided legal opinions specific to the defence intelligence legal framework, and operational examples of domestic operations. The first example was in regard to intelligence assistance for [*** This text refers to an event in Canada ***]. In this case, the Solicitor General (now the Minister of Public Safety and Emergency Preparedness), on behalf of the RCMP, requested “the use of [DND/CAF] personnel and equipment in support of the RCMP in its law enforcement security duties [*** This section describes the type of assistance sought by the RCMP, and the result which was that the assistance was not provided.***].” ^{Footnote 31} The second example was DND/CAF assistance for the [*** This text refers to an event in Canada***]. In that case, the Minister of Public Safety and Emergency Preparedness requested that the CAF provide support to the RCMP, including intelligence related to ***. The Minister of National Defence agreed to provide assistance pursuant to subsection 273.6 of the National Defence Act.

Authorities for defence intelligence activities conducted in international operations

178. Defence intelligence activities in support of CAF international operations are subject to similar constraints. Generally, DND noted that the specific instrument of domestic or international law that may affect a defence intelligence activity varies by circumstance. These circumstances include the location of an operation; whether it is conducted under the auspices of an invitation from a foreign state or under the auspices of a United Nations resolution; whether the operation is conducted in relation to a recognized international armed conflict, to which specific instruments of international law and international humanitarian law apply; and whether a particular activity is recognized as contrary to international law or international humanitarian law. In short, the legal instrument that affects the conduct of an intelligence activity varies by the circumstances of the mission.

179. Canadian law follows the CAF. Whether employed in Canada or deployed on operations abroad, CAF personnel are subject to the Code of Service Discipline (which delineates service offences and includes any offence under any federal statute, in accordance with section 130 of the National Defence Act). ^{Footnote 32} This means that if a CAF member commits a service offence abroad, he or she may be charged and tried in Canada's military justice system. The CAF is also subject to instruments of international law that could involve defence intelligence activities, including:

• the United Nations Charter;
• the Geneva Conventions; and
• the Law of Armed Conflict.

180. To illustrate how these authorities and constraints work in practice, DND/CAF provided operational examples from the CAF deployment ***. The first example, SIGINT activities in international operations, speak to the manner in which Canadian law follows the CAF. When deployed, the CAF collects SIGINT [*** This text provides an example and some objectives of the use of SIGINT. ***] The authority to conduct this foreign intelligence activity is found in Canadian domestic legislation, specifically Part V.1 of the National Defence Act (Communications Security Establishment), which is the statutory basis of CSE. For deployed operations, the Minister of National Defence has delegated the authority to conduct SIGINT activities from CSE to the CAF through the Ministerial Directive on the Integrated SIGINT Operations Model. This means that CAF SIGINT activities are subject to the same restrictions as CSE authorities under Part V.1 of the National Defence Act, ^{Footnote 33} including that they cannot be directed at Canadians, are subject to relevant ministerial authorizations, and are subject to review for lawfulness by the Office of the CSE Commissioner. ^{Footnote 34} In short, the CAF authority to conduct SIGINT activities *** derives from the Government's decision to deploy forces ***; the actual conduct of those activities is shaped (in this case, both enabled and limited) by Canadian domestic legislation, ministerial direction, and ministerial authorization.

181. The second example, CAF HUMINT activities ***, speaks to the manner in which CAF activities are subject to instruments of international law. In that context, a *** HUMINT *** provides intelligence that may help fulfill the objectives of the CAF mission, such as [*** This text provides some objectives of the use of HUMINT. ***]. CAF HUMINT activities are subject to operational doctrine, which references sources of international law, such as the Protocols to the Geneva Conventions, which prohibits the recruitment and use of children in hostilities, for example as intelligence sources or agents. ^{Footnote 35} Like the authority for the CAF to conduct SIGINT activities, the authority to conduct HUMINT activities is derived from the Government decision to deploy forces ***. The actual conduct of HUMINT activities must be authorized by the Minister of National Defence in each case and is limited by specific sources of domestic and international law (such as the Additional Protocols to the Geneva Conventions). ^{Footnote 36}

NSICOP assessment

182. The Committee recognizes that DND/CAF conducts defence intelligence activities under a unique and complex authority structure. At its simplest, the DND/CAF authority to conduct intelligence activities derives from the Government's exercise of the Crown prerogative to deploy the CAF. DND/CAF conduct of those activities is governed by domestic (i.e., section 273.6 and Part VI of the National Defence Act) and international legal instruments; ministerial direction and ministerial authorization; the DND/CAF internal administrative governance system of policies, procedures, and functional directives; and orders given through the military chain of command. The Committee turns next to an examination of the nature and use of the Crown prerogative and the content of DND/CAF's existing administrative structure of governance for defence intelligence activities.

What is the Crown prerogative?

183. In addition to the authorities provided by the Constitution Act, 1867, and the National Defence Act, the main source of authority for the deployment of the CAF, and the derivative authority for the conduct of associated defence intelligence activities, is known as the Crown prerogative. The Crown prerogative is a source of executive power and privilege accorded by common law to the Crown. ^{Footnote 37} British constitutional theorist A. V. Dicey describes the Crown prerogative as the “residue of discretionary or arbitrary authority, which at any time is left in the hands of the Crown.” ^{Footnote 38} Put simply, the Crown prerogative is the authority exercised by the government to make decisions in areas where the prerogative has not been displaced, or otherwise limited, by Parliament through the enactment of statute, or by the courts.

184. The Crown prerogative is not unlimited. ln the Canadian context, the Privy Council Office has tracked the degree to which the Crown prerogative has been reduced over time by Parliament through legislation, noting that “the history of parliamentary government has been a process of narrowing the exercise of the prerogative authority by subjecting it increasingly to the pre-eminence of the statutory authority, substituting the authority of the Crown in Parliament for the authority of the Crown alone.” ^{Footnote 39} As the Supreme Court of Canada has observed, “[o]nce a statute occupies the ground formerly occupied by the prerogative power, the Crown must comply with the terms of the statute.” ^{Footnote 40} A recent and relevant example of the Crown prerogative being displaced by Parliament in an area of intelligence is the continuance of CSE in legislation. Prior to 2001, CSE had conducted its activities under the Crown prerogative authority of two orders in council. ^{Footnote 41} In December 2001, Parliament passed the Anti-terrorism Act, which amended the National Defence Act to incorporate in statute the mandate, authorities, and legal limitations of CSE's activities.

185. Court decisions have further constrained the Crown prerogative in a variety of ways. Until recently, the exercise of prerogative powers was subject to judicial review only on very narrow grounds - if a prerogative power was asserted, courts would determine whether such power actually existed, its extent, and whether it had been displaced or limited by statute. ln the last decades, the scope of judicial review of prerogative powers has expanded as a consequence of the passage of the Canadian Charter of Rights and Freedoms, after which the Supreme Court of Canada ruled that executive decisions, including exercises of the Crown prerogative, were amenable to judicial review under the Charter where they affect an individual's constitutional rights. ^{Footnote 42} Even apart from the Charter, the expanding scope of judicial review and Crown liability made courts increasingly unwilling to insulate government action from judicial scrutiny merely on the grounds that the authority is derived from the prerogative. For example, the Ontario Court of Appeal held that “the exercise of the prerogative will be justiciable, or amenable to the judicial process, if its subject matter affects the rights or legitimate expectations of an individual.” ^{Footnote 43} The Court referred to a “spectrum of reviewability,” whereby matters of “high policy,” such as the decision to sign treaties or go to war, remained largely beyond the purview of the courts, subject only ta judicial review on Charter grounds. ^{Footnote 44}

186. Nonetheless, while the Crown prerogative has been displaced or limited by Parliament or the courts, there are still areas in which the Crown prerogative is the only source of authority. These include powers relating ta foreign affairs, such as declaring war and the making of treaties, and powers relating to the armed forces.45 How the prerogative of defence is exercised has evolved over time to reflect principles of parliamentary accountability. As explained by professor Craig Forcese:

In Canada's division of powers, the federal Parliament has exclusive authority over defence. Parliament has enacted the National Defence Act (NDA), which puts the [CAF] on a statutory footing. Constitutionally, the command of the military vests with the Governor General.

However, in keeping with the constitutional conventions of responsible government, the Governor General does not decide when and where to deploy the CAF. ln practice, this power is exercised by the federal Cabinet under the leadership of the Prime Minister. ^{Footnote 46}

187. Forcese also describes at least two areas where Canadian law has limited, although possibly not wholly displaced, the prerogative as it relates to some DND/CAF functions. These include:

• the deployment of the CAF pursuant to an executive order under the Emergencies Act: Such a deployment would be subject to parliamentary scrutiny as a result of that statute's system of parliamentary review; and
• the deployment of the CAF pursuant to subsection 273.6 (Public Service and Assistance to Law Enforcement) and Part VI (Aid of the Civil Power) of the National Defence Act: These provisions of the Act have limited though not wholly replaced two analogous federal orders in council (which are themselves instances of the exercise of the Crown prerogative): the Canadian Forces Assistance to Provincial Police Forces Directions, which established a federal system of approving CAF assistance to provincial law enforcement agencies; and the Canadian Forces Armed Assistance Directions, which is the means by which the Commissioner of the RCMP or the Minister of Public Safety can request the assistance of the CAF's elite Special Forces and anti-terrorism unit (JTF2). ^{Footnote 47}

188. Notwithstanding the evolution of the Crown prerogative, specifically that many of the Crown's immunities and privileges have been narrowed or eliminated by statute and the courts, including in the area of defence, neither the National Defence Act nor any other statute works to limit or displace the Crown prerogative to deploy the CAF on international missions. The Crown prerogative remains the source of authority for these deployments. ^{Footnote 48}

The exercise of the Crown prerogative

189. Four primary actors can exercise the Crown prerogative to employ the CAF. According to the Office of the Judge Advocate General, these are: Cabinet, the Prime Minister, the Minister of National Defence, acting independently, or with the concurrence of the Minister of Foreign Affairs. Each of these actors has exercised the Crown prerogative that resulted in the use of defence intelligence activities in the course of a CAF operation. ^{Footnote 49}

The Crown prerogative and defence intelligence

190. DND/CAF relies on the Crown prerogative as the authority for the conduct of defence intelligence activities and has stated that “the Crown prerogative is an efficient, effective and adaptable source of legal authority for military operations and defence activities that provides government with the ability to recognize and respond to crises around the world quickly and flexibly.” ^{Footnote 50} It has stated that the authority to conduct defence intelligence is implicit when the CAF is legally mandated, pursuant to legislation or an exercise of the Crown prerogative, to conduct military operations and other defence activities. ^{Footnote 51} This means that defence intelligence activities may be authorized in the context of CAF deployments. The Defence Policy states, “Intelligence is Canada's first line of defence. The defence of Canada, the ability to operate effectively overseas, and the capacity to engage internationally are heavily dependent on the systematic collection, coordination, fusion, production and dissemination of defence intelligence.” ^{Footnote 52} DND/CAF has also stated that ***." ^{Footnote 53}

191. The Committee was briefed on two notable examples where DND/CAF, under the authority of the Crown prerogative, developed a new defence intelligence activity or created a new domain of military operations. ln the case of intelligence activities, DND/CAF stated that its CAF HUMINT capability had evolved as an operational area of defence intelligence since the Canadian ***. ^{Footnote 54} When the Minister of National Defence authorized the creation *** for use in ***, he did so under the authority of the Crown prerogative, and consistent with the DND/CAF's internal administrative obligation that each *** of HUMINT capabilities be approved by the Minister. ^{Footnote 55}

192. With respect to domains of military operations, DND/CAF stated that in 2015 it received Government approval to develop new capabilities for active cyber operations, to be conducted in accordance with Government direction. DND/CAF described this as the development of a new domain of military operations, analogous to the air, land, or sea domains, and that the “***.” ^{Footnote 56} DND officials noted that they sought Government approval because of the requirement for new resources, and because those new capabilities could affect the interests of other organizations, namely Global Affairs Canada (foreign policy considerations) and CSE (existing cyber technical and operational expertise). ^{Footnote 57}

193. DND/CAF stated that the conduct of defence intelligence activities under the Crown prerogative is subject to the requirement for a “nexus,” or a “reasonable connection,” between defence intelligence activities and a defence mission. [*** Information in paragraphs 193, 194 and 195 has been removed in its entirety.***]

*** ^{Footnote 58}

194. *** ^{Footnote 59}

195. Questions regarding the Crown prerogative and defence intelligence have persisted. *** ^{Footnote 60}

***

*** ^{Footnote 61}

196. In 2013, DND/CAF formalized the requirement for a nexus in the Ministerial Directive on Defence Intelligence, which states, “There [must] be a clear nexus between the nature and scope of the defence intelligence activity and DND/CF's mandated defence operations or activities.” ^{Footnote 62} ln explaining the meaning of the nexus requirement, DND/CAF officials stated that the deployment and use of a particular intelligence activity must have a clear connection to the objectives of the mission. DND/CAF also stated that the requirement for a clear nexus between a defence intelligence activity and the legally mandated mission serves as “a constraint on defence intelligence activities.” ^{Footnote 63}

197. DND/CAF responded to questions from the Committee on how nexus is determined and how the resulting constraint works in practice. DND/CAF stated that there is no statutory requirement for a nexus between a defence intelligence activity and a legally-mandated mission: it is a policy requirement found in the Ministerial Directive on Defence Intelligence. DND/CAF described nexus as “a term of art,” and noted that it does not have a standard guideline or standardized process for determining a nexus. ^{Footnote 64} Rather, DND/CAF stated that the process of defining a nexus begins with the Government's authorization of a mission, which serves as a “macro-nexus” for defence intelligence activities. ^{Footnote 65}

198. Nexus is then refined through the operational planning process, a formal procedure to assess mission requirements for forces and assets, including defence intelligence capabilities. As part of this process, DND/CAF considers issues like the threat facing CAF personnel, the availability of intelligence personnel and equipment, and the commander's assessment of mission needs and where Canadian personnel could contribute to coalition objectives. These assessments are subject to rigorous legal and policy review to ensure that the use of defence intelligence activities is linked, in each case, to the legally authorized mandate of the mission. DND/CAF stated that the planning process is “synonymous with the determination of nexus” ^{Footnote 66} and that nexus is defined on a case-by-case basis to ensure maximum flexibility for commanders. Any constraints identified in this process, and under a specific nexus, are codified through the chain of command and operational orders, which impose a lawful requirement on CAF personnel to adhere to those constraints. ^{Footnote 67} NSICOP asked if there was an element of proportionality in the determination of a nexus — to which DND/CAF stated that it does not view nexus as a proportional constraint on defence intelligence activities; rather, that it functions as a means to customize intelligence-gathering activities to the needs and legal mandate of each mission. ^{Footnote 68}

NSICOP assessment of nexus

199. The Committee believes it is important that the conduct of defence intelligence activities be governed by a comprehensive authority framework. It has observed that components of this framework are already in place. For example, DND/CAF SIGINT activities run the risk of intercepting private communications. These risks are mitigated through the Ministerial Directive on the Integrated SIGINT Operations Model, which establishes the framework whereby the CAF conducts foreign intelligence activities under CSE authorities, subject to the same limitations imposed on CSE through the National Defence Act. Components of the framework also exist in the area of CAF HUMINT operations: for example, conducting interrogations of detainees could entail risks of running afoul of domestic or international legal standards. DND/CAF has mitigated these risks in several ways: for example, the conduct of HUMINT activities must be authorized by the Minister in each case and HUMINT operations are subject to oversight at multiple levels. ln the same vein, the requirement for a nexus between the authority of the mission and the activities undertaken in support of it is meant to address the risks identified *** concerning the collection of intelligence beyond what is necessary.

200. The Committee spent considerable time trying to understand the meaning of nexus and how it is determined. Beyond the notion that nexus means a reasonable connection between a legally mandated mission and the defence intelligence activity undertaken in support of it, NSICOP is not convinced that the authority framework provides sufficient guidance to determine the connection. DND/CAF acknowledged it does not have a standard process or test for determining it.

201. That said, NSICOP fully agrees that the requirement for a nexus is important and should function as a constraint on defence intelligence activities. ln its view, however, the determination of a nexus can only function as a constraint on defence intelligence activities if it is defined according to clear principles. NSICOP offers two principles that are well-established in law and could be adapted to the unique circumstances of DND/CAF. The first is ‘reasonableness’ — how should DND/CAF officials determine whether the use of a specific defence intelligence capability is ‘reasonable’ in the context of a legally mandated mission? The second is ‘proportionality’ — how should DND/CAF officials determine which defence intelligence activities are proportional to the objectives of the mission? Given the importance of the identification of a nexus as one of two conditions that must be met before using defence intelligence activities (see paragraph 208), the development of standard guidelines for determining nexus would fill a significant gap, help ensure consistency in decision-making and enhance the transparency of the process.

Governance and oversight of defence intelligence

202. This section describes the mechanisms DND/CAF has put in place to ensure the governance and accountability of its defence intelligence activities, and the internal review and oversight of those activities.

203. As discussed in Chapter 3 on intelligence priorities, the processes that are put in place to govern intelligence activities are fundamental to ensuring accountability over intelligence activities and operations. In the context of the Crown prerogative, DND/CAF has developed an internal governance structure and administrative system to address risks in the collection of intelligence and to ensure accountability. Such a system is important. *** ^{Footnote 69} The Ministerial Directive on Defence Intelligence makes the same point:

It is imperative that the governance and accountability of defence intelligence activity keep pace with the ongoing evolution of intelligence activity and of [ Government of Canada] security and intelligence community standards. ^{Footnote 70}

204. The administrative system consists of five primary mechanisms through which direction and guidance is given for the conduct of defence intelligence activities. These mechanisms have been used to establish several governance bodies to provide oversight and accountability of defence intelligence activities. These mechanisms include:

• Ministerial Directive on Defence Intelligence: This directive sets the principal value of intelligence to national defence, national security, and foreign affairs; outlines the authorities for defence intelligence activities; and provides a strategic framework for policy and legal authorities for defence intelligence. ^{Footnote 71}
• Ministerial Directive on Defence Intelligence Priorities: This directive is based on the biannual process of setting the Government of Canada intelligence priorities and provides direction to the Deputy Minister and Chief of the Defence Staff to focus defence intelligence collection, analysis, production, and assessment on specific issues. ^{Footnote 72}
• Ministerial Direction on Avoiding Complicity in Mistreatment by Foreign Entities: This direction prohibits the disclosure or requesting of information that would result in a substantial risk of mistreatment of an individual by a foreign entity, and certain uses of information that was likely obtained through the mistreatment of an individual by a foreign entity. ^{Footnote 73}
• Ministerial authorizations: These are sought to conduct sensitive defence intelligence activities, including HUMINT and SIGINT activities. ^{Footnote 74}
• CDI functional directives: The CDI provides functional direction to the Defence Intelligence Program to ensure that defence intelligence activities are carried out in a responsive, efficient, and accountable manner. To date, 26 functional directives have been issued pertaining to the oversight, conduct, development, and employment of defence intelligence capabilities and activities, spanning all of the capability areas of the Program.

205. The Committee recognizes the importance of each of these mechanisms. For the purposes of this review, however, it will focus on the Ministerial Directive on Defence Intelligence for its foundational role in the development, use, and oversight of defence intelligence capabilities. (The importance of the Ministerial Directive on Defence Intelligence Priorities is also discussed as part of the Committee's review of the Government's intelligence priorities in Chapter 3, and functional directives from the CDI are referenced below, as required.)

The Ministerial Directive on Defence Intelligence

206. The Ministerial Directive on Defence Intelligence (hereafter, the Ministerial Directive) establishes the accountability of the Minister, in authorizing defence intelligence activities, to Parliament and as a Minister of the Crown. The Ministerial Directive also establishes the accountability of DND and CAF officials to the Minister in the conduct and oversight of defence intelligence activities.

207. The Ministerial Directive states that DND/CAF may develop, generate, and employ such intelligence capabilities as are required to enable lawful, timely, and effective decisions. ^{Footnote 75} Such decisions would support the core roles and missions of the CAF, including: the defence of Canada; the defence of North America (with the United States); the promotion of international peace and security; CAF capability development, including research and development and defence procurement; and lawful requests from other government departments for defence intelligence support.

208. The Ministerial Directive states that the authorities, mandate, and mission in regard to defence intelligence are tied to two principles:

• there must be a clear nexus between the nature and scope of the defence intelligence activity conducted and the legally mandated defence operations or activities; and
• where lawfully requested, the activity must comply with the mandate and authority of the requesting body.

209. The Ministerial Directive provides clear direction on the line of accountability to the Minister regarding defence intelligence, and includes both the Chief of the Defence Staff and the Deputy Minister of National Defence. The Chief of the Defence Staff is accountable to the Minister for the generation of CAF capabilities, specifically including defence intelligence capabilities. This includes oversight and control of defence intelligence activities. The Deputy Minister is accountable for the provision of policy advice in all defence intelligence matters, including the alignment of defence intelligence activities with wider Government policies and initiatives and on matters of international defence relations. The Ministerial Directive also directs the Deputy Minister and the Chief of the Defence Staff to work collaboratively across their respective areas of responsibility and accountability to “ensure that appropriate policies, directives and oversight structures are developed and implemented to maintain the maximum possible responsiveness, effectiveness and accountability of defence intelligence.”

210. The Ministerial Directive obligates the Deputy Minister and the Chief of the Defence Staff to keep the Minister informed of defence intelligence activities in accordance with the Minister's mandate and responsibilities. The Ministerial Directive states that the Deputy Minister and the Chief of the Defence Staff must conduct “appropriate interdepartmental and legal consultations” before authorizing or initiating any defence intelligence activity they consider sensitive or that may involve:

• national security or sovereignty;
• any serious threat to the lives and/or legal or constitutional rights of persons in Canada and Canadian citizens around the world, or to the rights of individuals more broadly as recognized by international law;
• any serious threat to the protection and/or advancement of Canada's foreign relations and reputation abroad;
• any potential risk of exposure, real or perceived, of the [Government of Canada], DND or [the CAF] to any significant domestic or international legal liability, or to circumstances that would contravene the DND/CF Code of Values and Ethics; and
• all matters or activities that may entail significant financial commitments outside of Government of Canada investments and expenditures.

211. The Committee sought additional information from DND/CAF, on three key areas of the Ministerial Directive:

• Ministerial responsibilities and accountability: through what means, and how often, has DND/CAF advised the Minister of the use or development of defence intelligence capabilities or arrangements that may be sensitive and engage the risks outlined in the Ministerial Directive?
• Determining the sensitivity of defence intelligence activities: how does DND/CAF measure or evaluate the sensitivity of specific defence intelligence activities or arrangements?
• Interdepartmental and legal consultations: what degree of interdepartmental and legal consultation takes place regarding the use and development of defence intelligence capabilities? How does DND/CAF mitigate risks or concerns raised in those consultations?

212. The Committee considers each of these areas below.

Ministerial responsibilities and accountability

213. As outlined above, the Ministerial Directive provides direction to the Deputy Minister and the Chief of the Defence Staff across a range of areas related to defence intelligence activities, and on their obligations to the Minister. The governance of defence intelligence is a key area, as it constitutes a critical element of the accountability framework for the Minister and his or her official for defence intelligence activities. ^{Footnote 76}

214. The Minister of National Defence included in the Ministerial Directive an obligation for the Deputy Minister and the Chief of the Defence Staff to report annually on “defence intelligence governance, performance, strategic priorities, major program and special project initiatives, and any policy, legal and management issues of significance.” The Ministerial Directive also indicates that the Commander, Canadian Forces Intelligence Command (that is, the CDI) is accountable to the Deputy Minister and the Chief of the Defence Staff for producing scheduled and ad hoc reports on compliance with functional direction. To date, DND/CAF has produced annual reports to the Minister of National Defence on the defence intelligence program for the years 2015, 2016, and 2017.

Annual Reporting on governance, performance, and priorities

215. The 2015 Annual Report on Defence Intelligence to the Minister of National Defence identified the Defence Intelligence Management Committee (DIMC), chaired by the CDI, as the principal internal governance entity enabling the CDI to provide coordinated strategic direction and oversight of defence intelligence and through which issues concerning strategic direction, oversight, and compliance may be brought forward to the Deputy Minister and Chief of the Defence Staff for consideration. ^{Footnote 77} The DIMC's role in enabling the CDI to provide strategic direction and oversight of defence intelligence is also referenced in the 2016 and 2017 annual reports. ^{Footnote 78} The DIMC terms of reference and DND/CAF documentation on the defence intelligence governance structure indicate the DIMC is also meant to consider proposals or plans for intelligence capabilities or relationships that are sensitive, or the use or employment of sensitive intelligence collection capabilities and relationships, and to brief the Deputy Minister or the Chief of the Defence Staff when contemplating, or seeking approval for, the development and use of sensitive defence intelligence capabilities and activities. ^{Footnote 79}

216. DND/CAF has acknowledged that the DIMC did not work as fully intended. ^{Footnote 80} ln the course of the review, DND/CAF demonstrated that the Minister of National Defence is consulted on and approves the use of specific sensitive defence intelligence capabilities. However, these consultations did not arise as a result of work done at the DIMC, because, as DND/CAF stated, it was more suited to dealing with the management of the defence intelligence enterprise, such as policy development, priority setting, and human resources matters. It also suffered from an overly broad membership and met too infrequently (not more than quarterly) to fulfill its intended role. Instead, DND/CAF brought defence intelligence matters considered to be sensitive directly to the Deputy Minister, the Chief of the Defence Staff, or the Minister for consideration or decision. ^{Footnote 81}

217. DND/CAF also informed the Committee that it has had no program to measure compliance with the Ministerial Directive and has done limited formal measurement of compliance, but that it exercises oversight and compliance through the chain of command and with discipline-specific oversight bodies for particularly sensitive intelligence activities (outlined in paragraph 221, below). DND/CAF stated that two new internal bodies are being established to provide centralized oversight of defence intelligence activities: the Directorate of Intelligence Review, Compliance and Disclosure, which will establish a formal program of compliance for the entire defence intelligence program; and the Defence Intelligence Oversight Board, which will be chaired by the Deputy Minister and the Chief of the Defence Staff, will convene three times per year, and will report to the Minister through a dedicated section of the Annual Report on Defence Intelligence to the Minister of National Defence. ^{Footnote 82} The annual reports on defence intelligence did not raise the fact that the DIMC did not fulfill its intended role, nor that this posed potential challenges for the oversight of defence intelligence activities.

NSICOP assessment

218. Consistent with obligations for annual reporting in the Ministerial Directive, DND/CAF has provided annual reports on defence intelligence to the Minister of National Defence since 2015. As noted in paragraph 210, each report must inform the Minister of significant issues related to governance, performance, strategic priorities, major program and special project initiatives, and policy, legal, and management issues pertaining to defence intelligence. ln the Committee's view, the fact that the DIMC did not “undertake a key role in monitoring compliance and communicating sensitive issues to senior decision-makers” ^{Footnote 83} is a governance and management issue of significance, one that DND/CAF is now addressing through the creation of two separate bodies. The annual reports do not address other important obligations in the Ministerial Directive, such as legal or interdepartmental consultations that have been undertaken due to the magnitude of risks to Canada's foreign relations or reputation, or threats to the rights of Canadian citizens, which may have arisen as a result of the authorization or initiation of defence intelligence activities or relationships. The Committee believes that including elements such as these in future annual reports would enhance the Minister's accountability for defence intelligence activities.

219. Though these bodies are in their early stages, the Committee believes that the establishment of the Directorate of Intelligence Review, Compliance and Disclosure, and the Defence Intelligence Oversight Board should enhance DND/CAF's tracking and measurement of compliance, and will support the Minister in his accountability for the defence intelligence program.

Determining the sensitivity of defence intelligence activities

220. The Ministerial Directive includes specific requirements with respect to sensitive issues. As outlined in paragraph 209, the Ministerial Directive obligates the Deputy Minister and the Chief of the Defence Staff to engage in interdepartmental and legal consultations before authorizing or initiating any defence intelligence activity they consider to be sensitive, or that may impact Canada's national security or sovereignty, threaten the lives and constitutional rights of persons in Canada and Canadian citizens around the world, or threaten Canada's foreign relations and reputation abroad.

221. DND/CAF described its understanding and definition of “sensitive” in relation to defence intelligence capabilities as “requiring special protection from disclosure that could cause embarrassment, [or] threaten or compromise security.” ^{Footnote 84} Each defence intelligence activity area considered to be sensitive has an identified internal oversight body, prescribed consultations and varying reporting requirements, as listed in Table 3.

Governance of human intelligence (HUMINT)

222. This section details one of the sensitive defence intelligence activity areas for which ministerial authorizations are required to enable their use ***: HUMINT *** activities.

223. ALL HUMINT personnel for operations *** must be approved by the Minister of National Defence. ALL HUMINT activities are subject to formal oversight by the Chief of the Defence Staff HUMINT Authorization Board, chaired by the Chief of the Defence Staff. The Board convenes annually to review the overall conduct of HUMINT operations (***). The Board includes representation from across the defence intelligence program, the Judge Advocate General, and CSIS. ^{Footnote 85} Annual reports on *** operations are produced for the Chief of the Defence Staff, who briefs the Minister, and the HUMINT program is subject to regular staff assistance visits to ensure the activities comply with policy and direction. ^{Footnote 86}

224. Guidance and direction for HUMINT *** operations come from COI functional directives, such as COI Functional Directive: CF Policy Framework for the Conduct of HUMINT Activities. Among other things, this COI directive stipulates that ministerial authorization is required for [*** This text lists conditions imposed by the directive.***]; and that the Minister or the Chief of the Defence Staff may order an external review of such operations. ^{Footnote 87}

225. In the case of HUMINT *** operations ***, the ministerial authorization directed the Chief of the Defence Staff to “conduct *** human intelligence (HUMINT) operations in support of ***.” The Minister also directed that, “an External Review *** be conducted and a classified report prepared for the [Minister] annually, to provide assurance of [CAF] compliance with the [Minister's] Letter of Approval and associated directives issued by the chain of command.” ^{Footnote 88}

226. In accordance with the Minister's direction, three external reviews of HUMINT *** operations *** were conducted by an external contractor ***. The contractor identified specific issues, including instances of non-compliance with senior-level direction, and errors, omissions, and ambiguities in the official documentation recording chain of command decisions. Recommendations were made to improve reporting to the Minister of National Defence, and to improve rigour, quality control, and review and oversight ***. The reviews also recommended that the COI directive on CF HUMINT *** be revised to mitigate “divergent interpretations of [the COI Directive… which] contributed to instances of non-compliance.” ^{Footnote 89} DND/CAF accepted the recommendations and revised the functional directive.

227. The CAF did not conduct HUM INT activities in operations between ***. ***, the Minister authorized HUMINT *** operations *** late that year. [*** The following text describes an order by the Chief of the Defence Staff to conduct a review of HUMINT operations, and that DND/CAF did not do so in any of the following three years.***]. ^{Footnote 90} ***. ^{Footnote 91}

Internal evaluations of defence intelligence activities

228. Since 2001, defence intelligence activities have been subject to three internal evaluations

229. The 2015 internal evaluation of defence intelligence was conducted by DND/CAF's Review Services group and covered the 2009-2014 period. The internal review focused on an examination of immediate outcomes, intelligence activities, governance, and coordination among the elements of the defence intelligence organization at that time. It assessed that there was an ongoing and demonstrable need for defence intelligence, and that the defence intelligence program remained relevant in an evolving threat environment by producing actionable defence intelligence for DND/CAF and the Government of Canada, and as a key enabler of military operations. The evaluation also noted areas for improvement. These included the governance of the defence intelligence program, including consolidating and generating governance documentation; updating CAF doctrine and clarifying CDI roles and responsibilities; and developing new human resources strategies for defence intelligence (particularly for civilian analysts). The 2015 evaluation concluded that defence intelligence was well aligned with government roles, responsibilities, and priorities, and the conduct of defence intelligence activities was appropriate for supporting the Government's right to self-defence. ^{Footnote 92}

230. DND/CAF also conducted audits and reviews of specific defence intelligence activities. The first was a two-phase internal audit of the *** by DND Review Services in 2013-2014. Operated by the Canadian Forces Intelligence Command, *** assesses the threat posed by ***. ^{Footnote 93} The second was the aforementioned external reviews of the CAF's HUMINT *** operations ***, to ensure that the operations complied with all policies and directives.

NSICOP Assessment

231. DND/CAF has addressed recommendations from its internal evaluations, audits, and reviews. For example, it created the position of Chief of Defence Intelligence in December 2005 to respond to the 2004 Defence Intelligence Review, and established the COI as the functional authority for the defence intelligence program in 2013 with the creation of the Canadian Forces Intelligence Command. It continued to expand and update its governance documentation and implemented a human resources strategy in 2016 for the recruitment and career development of defence intelligence analysts to respond to the 2015 review. ^{Footnote 94}

232. In its briefings to the Committee and as articulated in the Defence Policy, DND/CAF acknowledged the importance of civilian review of national security and intelligence activities. ^{Footnote 95} However, neither NSICOP nor NSIRA (in its proposed legislation) has a statutory obligation to conduct regular reviews of DND/CAF defence intelligence activities. As a result, gaps in ongoing, external review will remain; risks arising from the absence of external review can only be said to be partially mitigated.

Interdepartmental and legal consultations

233. The Ministerial Directive requires officials to conduct interdepartmental and legal consultations prior to authorizing and initiating sensitive defence intelligence activities. DND/CAF stated that consultations with their legal services take place at all levels as a matter of practice, and noted that, “Interdepartmental consultations take place where [defence intelligence] activities impact the mandate of other government departments and agencies, or vice versa.” ^{Footnote 96}

234. DND/CAF provided an illustrative list of specific issues and activities on which it consulted legal counsel and other government departments within the last two years. These included

• HUMINT activities - consulted the Judge Advocate General and Canadian Forces Legal Advisor and
• CSIS;
• SIGINT activities — consulted the Judge Advocate General and Canadian Forces Legal Advisor and CSE;
• Counter-Intelligence activities — consulted the Judge Advocate General and Canadian Forces Legal Advisor, CSIS, and the RCMP;
• *** activities - consulted the Judge Advocate General and Canadian Forces Legal Advisor, Global
• Affairs Canada, CSIS, CSE, the Canada Border Services Agency, and Immigration, Refugees and Citizenship Canada;
• Policy governing *** — consulted the Judge Advocate General and Canadian Forces Legal Advisor,
• CSIS, and CSE; and
• Implementation of the Ministerial Direction on Avoiding Complicity in Mistreatment by Foreign Entities — consulted the Judge Advocate General and Canadian Forces Legal Advisor, Global Affairs Canada, CSIS, the RCMP, and CSE. ^{Footnote 97}

235. The Committee asked DND/CAF to provide specific examples of consultations with other government departments, consistent with the Ministerial Directive's requirement. DND/CAF provided one example, below, which raised systemic issues related to the procedure DND/CAF uses for interdepartmental consultation, notably that DND/CAF does not have a standard process to engage other departments with regard to defence intelligence activities as part of the planning and execution of deployed operations. ^{Footnote 98}

236. [*** Paragraphs 236, 237 and 238 were revised to remove information that may be injurious and to ensure readability. The paragraphs describe an example where DND/CAF informed the Minister of National Defence that it would consult Global Affairs Canada, consistent with the 2013 Ministerial Directive on Defence Intelligence. The Ministerial Directive states, “the CDS and/or the DM must undertake appropriate interdepartmental and legal consultations before authorizing or initiating any defence intelligence activity that they consider to be particularly sensitive, or that is likely to present a significant impact on any of the following areas: … any serious threat to the protection and/or advancement of Canada's foreign relations and reputation abroad…” Neither DND/CAF nor Global Affairs Canada could provide the Committee a record of that consultation. DND/CAF stated that it had no standard process for interdepartmental consultations in such cases, but that the consultations happen informally on a day-to-day basis at the staff level. Global Affairs Canada stated that, had it been consulted, it would have conducted assessments in certain areas, including of implications for Canada's foreign relations.***]. ^{Footnote 99} ***. ^{Footnote 100}

237. ***. ^{Footnote 101} ***. ^{Footnote 102}

238. ***. ^{Footnote 103} ***. ^{Footnote 104} ***. ^{Footnote 105}

NSICOP assessment

239. [*** This paragraph was revised to remove information that may be injurious and to ensure readability. The paragraph describes the Committee's assessment of one of two issues of importance. The first is that DND/CAF made its own determination of the foreign relations risks associated with an activity. Global Affairs Canada is the organization responsible for assessing those risks. While DND/CAF asserted that consultations with Global Affairs Canada are routine and institutionalized, it did not provide evidence in this example that it consulted the department, contrary to the requirements of the Ministerial Directive. As a result, Global Affairs Canada did not conduct its own assessment.***]. ^{Footnote 106} *** ^{Footnote 107}

240. The second issue is the absence of a formal process for interdepartmental consultations on the use of defence intelligence activities in operations. The Committee is concerned that the absence of such a process, at least in this case, resulted in the inability of DND/CAF to produce a record of an interdepartmental consultation required by ministerial direction.

Defence intelligence: The question of legislation

241. As Parliamentarians, we have been struck throughout the course of our work by the different authority structures that govern Canada's security and intelligence organizations and how these authority structures have evolved over time. The Committee's decision to conduct a review of DND/CAF intelligence activities was driven in part by the need to understand the authorities under which those activities were conducted. Paragraphs 171 to 200 examined the authority framework for DND/CAF defence intelligence activities. NSICOP notes that the current framework does not include an act of Parliament, given that defence intelligence activities are grounded in the Crown prerogative. Consistent with the Committee's mandate to review Canada's legislative framework for national security and intelligence, the question that is posed is legitimate: should consideration be given to placing DND/CAF intelligence activities on a statutory footing?

242. This review has also given rise to questions of comparison, both domestically and internationally: where are the activities and authorities of different organizations similar and different, and why? As discussed in this chapter, DND/CAF, CSIS, and CSE all conduct similar intelligence activities, albeit under different mandates and authorities. CSIS and CSE were given statutory bases in 1984 and 2001, respectively. Legislation for both organizations was carefully constructed to account for very different mandates, operating environments, and operational risks. The Committee summarizes these changes below, and following that, considers the question of whether the Government should provide DND/CAF with an explicit statutory basis for the conduct of defence intelligence activities in support of military operations.

243. Internationally, other countries have considered the role of their parliaments or legislatures in approving or constraining military activities. ^{Footnote 108} Most inquiries or studies in Commonwealth countries centered on the legislative displacement of the Crown prerogative with regard to decisions for the deployment of forces. ^{Footnote 109} To NSICOP’s knowledge, no detailed analysis has been conducted in relation to parliamentary roles in regard to defence intelligence activities. None of Canada's Five Eyes partners have legislated parliamentary (for Commonwealth members) or congressional (for the United States) roles in approving a government's decision to deploy armed forces abroad. ^{Footnote 110} The United Kingdom has come closest, although its government is not legally required to receive parliamentary approval prior to the deployment of armed forces. ^{Footnote 111} U.K. parliamentary committees have studied this issue at length since 2003 and proposed a number of means to formalize Parliament's role in legislation, though none of those efforts have closely examined the question of legislation for defence intelligence activities.

Canadian legislative context: CSIS and CSE

244. Prior to 1984, the RCMP Security Service was responsible for investigating and countering threats to Canada's national security. Over time, the RCMP's Security Service was increasingly subject to criticism on the grounds that it abused its powers and lacked accountability. Between 1966 and 1981, six major commissions of inquiry examined the RCMP Security Service's activities. The most important of these was the McDonald Commission (1981), which recommended a new institutional architecture to ensure greater accountability over the RCMP Security Service. Among the chief areas of concern for the McDonald Commission was the lack of a legislative mandate for the organization. The Commissioner stated:

We think that a point in Canadian history has been reached when both the requirements of security and the requirements of democracy would be best served by embodying the mandate of Canada's security intelligence agency in an Act of Parliament A service of this importance must not be left to be regulated, as it is now, by administrative guidelines. Parliamentary democracy requires that a government service of this importance be explicitly approved by the Parliament of Canada. ^{Footnote 112}

245. In response to the McDonald Commission, the Canadian government enacted the Canadian Security Intelligence Service Act. The Act provided for the creation of CSIS with a statutory mandate to collect, analyze, and retain intelligence “respecting activities that may on reasonable grounds be suspected of constituting threats to the security of Canada.” ^{Footnote 113} Among other things, the Act defines key terms, such as “threats to the security of Canada”; describes CSIS's duties and functions; imposes specific limitations on its activities; provides an authority mechanism, judicial warrants, to fulfill its duties and defines the information that must be provided to satisfy the Court; and provides for independent review of CSIS activities. ^{Footnote 114} Over the years, CSIS has received ministerial direction to ensure the governance and accountability of the organization, and has elaborated legal requirements for its activities through policies and procedures.

246. Providing a statutory footing for national security and intelligence activities that had previously been conducted under the Crown prerogative has not been done solely in response to abuses of power or authority by a security agency. The evolution of CSE's authority structure from the Crown prerogative to a statutory basis is one such example. The first exercise of the Crown prerogative that created CSE occurred in 1946, when the government issued a secret order in council that created the Communications Branch of the National Research Council of Canada (the CBNRC). In 1975, a second order in council renamed the CBNRC as the Communications Security Establishment and moved the organization to the National Defence portfolio. ^{Footnote 115}

247. In 1990, a Special Committee of the House of Commons expressed concern about the substantial powers exercised by CSE in light of the fact it had been established by order in council, and lacked any statutory mandate or limitations. Accordingly, the Special Committee recommended in its report, In Flux But Not in Crisis, that CSE be established in statute. ^{Footnote 116} In 2001 the Government gave CSE a statutory mandate when it added Part V.1 to the National Defence Act, which addressed the Special Committee's earlier recommendations and responded to the need for enhancements to CSE's Crown prerogative based authorities after the attacks of September 11, 2001. ^{Footnote 117} Among other things, Part V.1 of the National Defence Act defines key terms, such as foreign intelligence; describes CSE's three-part mandate; imposes specific limitations on its activities; provides an authority mechanism, ministerial authorizations, to permit the interception of private communications while conducting certain activities under its mandate, and imposes conditions that must be satisfied for an authorization to be issued; and provides for independent review of CSE activities. ^{Footnote 118} Like CSIS, CSE has received ministerial direction to ensure governance and accountability to its minister, and has fleshed out that direction through policies and procedures to ensure the legal compliance of its activities.

248. When gaps are identified in CSIS or CSE authorities, the responsible ministers bring a proposal to Cabinet for consideration and the Government tables legislative amendments for parliamentary scrutiny. These processes are rigorous. They ensure that ministers may consider the implications for broad government priorities and the specific interests of their departments, and ensure that Parliament may consider broad public policy implications for Canadians. As examples, legislative amendments made in 2015 clarified CSIS authority to perform its duties and functions outside of Canada, and provided CSIS with authority to take measures to reduce threats to the security of Canada. ^{Footnote 119} ln its present form, Bill C-59 proposes significant changes to the mandate of CSE, including providing CSE with authority to conduct foreign intelligence, and defensive and active cyber operations.

Risks raised by DND/CAF

249. Through several appearances before the Committee and written feedback, DND/CAF raised a number of concerns with creating an explicit statutory framework for defence intelligence:

• Comparisons to CSIS and CSE are inappropriate. DND/CAF stated that Committee comparisons between DND/CAF defence intelligence activities and the conduct of intelligence activities by dedicated intelligence organizations, CSIS and CSE, is a “fundamental flaw” of this review, as “DND/CAF does not run an intelligence agency.” Comparisons are also inappropriate because, “Intelligence is the primary reason these organizations exist, whereas defence intelligence is but one aspect of the spectrum of activities conducted by DND/CAF in support of military operations and the defence of Canada.” ^{Footnote 120}
• The risks inherent in DND/CAF defence intelligence activities are different than those of CSIS and CSE intelligence activities. DND/CAF stated that “the legislative frameworks of [CSIS and CSE] were created to govern the collection and use of intelligence activities as a result of concerns over the rights of Canadians. These concerns do not exist in the case of DND/CAF given its lack of investigative powers.” ^{Footnote 121}
• Risks to the Crown prerogative outside of defence intelligence activities. DND/CAF stated that displacing the Crown prerogative as the authority basis for defence intelligence risks displacing the prerogative in other areas of defence. ^{Footnote 122}
• Risks to cooperation and information sharing. DND/CAF stated that a statutory framework for defence intelligence may undermine operational cooperation and information sharing with Canada's closest allies. ^{Footnote 123}
• Risks to operational flexibility. DND/CAF stated that a statutory framework for defence intelligence may undermine operational flexibility. ^{Footnote 124}

NSICOP Assessment

250. The Committee examined the experience of CSIS and CSE as their authority frameworks evolved from Crown prerogative to statute. It also deliberated at length about the risks raised by DND/CAF, concerns that deserve careful consideration. On balance, however, the Committee's review has shown that there are legitimate reasons for considering providing DND/CAF with an explicit statutory basis for the conduct of defence intelligence activities. DND/CAF has one of the largest intelligence programs in Canada, measured by personnel and expenditures. Under that program, DND/CAF conducts “full spectrum” intelligence activities, including intelligence assessment and intelligence collection using sensitive methods, notably SIGINT, HUMINT , counter-intelligence investigations, and *** — the only entity in Canada to conduct all activities within a single organization. Considerable risks are associated with each of those activities, including, in some cases, risks to the rights of Canadians.

251. DND/CAF relies on the Crown prerogative for implicit authority to conduct its defence intelligence activities. Unlike CSIS and CSE, its mandate, authorities, limitations, and accountability mechanisms are unknown to Canadians and have not been subject to parliamentary scrutiny. They are, instead, defined through internal administrative policies. The absence of a statutory basis means that authorities to conduct new defence intelligence activities are similarly not subject to parliamentary scrutiny. Parliament may have exclusive authority over defence, but it has not examined the important issues of authorities for defence intelligence activities or limitations on or expansion of powers. Unlike CSIS and CSE, DND/CAF conducts intelligence activities that are not subject to regular review by an independent and external body. Review can, among other things, strengthen accountability for an organization's compliance with the law. NSICOP believes this absence of a statutory basis is an anomaly in Canada's legislative framework for intelligence.

252. Based on the review of the structures, authorities, and governance of DND/CAF defence intelligence activities, NSICOP believes that providing a statutory basis for defence intelligence activities would entail significant benefits. These benefits include strengthening parliamentary scrutiny over an essentially unknown area of public policy that is critical to Canada's security and sovereignty; clarifying the extent and limitations of DND/CAF authorities; defining key terms; formalizing requirements for interdepartmental consultations; and identifying accountability mechanisms, such as reporting requirements to the Minister and regular and independent review. NSICOP fully recognizes that legislation for defence intelligence activities would have to be carefully crafted to account for DND/CAF's unique mandate, and that its obligations under international law must be taken into consideration.

Conclusion

253. The Committee's focus in this chapter was threefold. The first, to define the nature, scale, and scope of defence intelligence activities; the second, to determine the authority framework under which these activities are conducted; and the third, to determine the governance structure employed by DND/CAF to ensure oversight and accountability of defence intelligence. The Committee made no findings in the first of those areas: it recognizes the vital role that defence intelligence plays in the defence mandate. This is especially true with regard to the planning and conduct of operations, protection of CAF members, and the deployment of forces on operations.

254. The Committee believes that DND/CAF's administrative system of governance over defence intelligence activities is an important component of mitigating risk in intelligence operations and ensuring appropriate control and accountability. That said, the Committee found a number of weaknesses in that system, and has made findings and recommendations that it believes will improve the governance and accountability of DND/CAF defence intelligence activities.

255. With respect to the question of legislation, the Committee has endeavored to present both the risks and the benefits of placing defence intelligence on a statutory footing. The Committee's call for the Government to give serious consideration to legislation is a reflection of its analysis of these important issues.

Findings

256. The Committee makes the following findings:

Recommendations

257. The Committee makes the following recommendations:

Addendum: 2019 Special Report on DND/CAF collection of information on Canadians as part of the defence intelligence program

258. On October 26, 2018, DND/CAF provided the Committee with a new Chief of Defence Intelligence Functional Directive: Guidance on the Collection of Canadian Citizen Information, which was promulgated on August 31, 2018. DND/CAF did not provide this new directive proactively, despite its clear relevance to the terms of reference for the NSICOP review DND/CAF defence intelligence activities. DND/CAF stated that not providing the functional directive was an oversight, an explanation that the Committee accepts.

259. Nonetheless, NSICOP believes that the subject of this functional directive is of considerable importance and merits further analysis as part of DND/CAF's broader suite of directives and policies concerning defence intelligence activities. NSICOP also believes that additional study of the DND/CAF defence intelligence program will be of benefit to an ongoing evaluation of the authority structure and governance of the defence intelligence program. The Committee has therefore decided to finalize this chapter of its Annual Report and conduct a separate review of DND/CAF authority and directives to collect, use, retain, and disseminate information and intelligence on Canadians as part of defence intelligence activities.

260. Pursuant to Section 21(2) of the NSICOP Act, the Committee will provide a Special Report to the Prime Minister and the Minister of National Defence in 2019.

Appendix A: Ministerial Directive on Defence Intelligence