This is my first blog post in a long time, and hopefully the start of a resumed commitment to this project. I am cross-linking the post to my new blog site, which is easier for me to use and maintain. This will be my last blog post on the blogger site, though I will keep the page around as an archive.
On to today's post:
The following is a very rough set of notes on a recent Auditor General's Report. It is written with my current work on security certificates in mind.
- Mike
On March 31, 2009, the Office of the Auditor General (AG) of Canada issued a Status Report that included a chapter on National Security: Intelligence and Information Sharing. This chapter is concerned with the implementation status of recommendations made in two previous AG reports, a 2003 report on independent review mechanisms for security and intelligence bodies and a 2004 report on intelligence management. The latest report covers 14 departments and agencies, and addresses a range of issues, though the media response has focused on the finding that “Transport Canada may still be allowing high-risk individuals with criminal links to be cleared for access to restricted areas at airports” (AG 2009, p. 3). The discussion of intelligence sharing arrangements between government departments is of general interest, with the AG finding that the flow of information between agencies is still uneven. By virtue of the nature of the AG mandate, emphasis is put on progress towards the goal of developing a fluid information sharing system, with little attention paid to the socio-political ramifications of the ongoing shift towards an intelligence-based governing framework.
As Regards Security Certificates:
The AG Report does not specifically mention security certificates at all. Nor does it take into account the recent Federal Court jurisprudence (from certificate cases) that deals with issues such as intelligence disclosure and retention or the ‘covert informer shield’ for intelligence sources, or the implications of intelligence-gathering related to compliance monitoring in certificate cases. The discussion of intelligence sharing also excludes any references to the Charkaoui # 2 SCC ruling. I would suggest that this reflects a failure to appreciate the extent to which the legal battles over security certificates have shaped - and continue to shape - the Canadian (in)security field.
Despite this, the Report does touch on several issues of relevance to a discussion of security certificates, particularly as regards the role of the Canada Border Services Agency (CBSA - one of the 14 ‘intelligence departments and agencies’ under scrutiny by the Auditor General). Among its many other duties, CBSA is responsible for the enforcement of security certificates and with the monitoring of detainees on conditional release. The Report adds some additional weight to the ongoing debate over national security accountability reform, and - of particular importance - the review and oversight of the CBSA.
CBSA Review
The Report notes that the CBSA does not have a separate review body charged with monitoring its intelligence activities. This puts CBSA in a category with DFAIT and DND, as agencies that openly claim to be engaging in ‘security intelligence’ activities, but are not subject to review or oversight in this regard. Indeed, CBSA stands out as an agency with an obvious and critical lack of any meaningful review body, despite the fact that it engages in both policing and intelligence-gathering, as well as immigration detention, all at the federal level. By contrast, Canada’s federal police force (the RCMP), its primary intelligence service (CSIS), and its federal correctional service (CSC) all have review, oversight, and / or ombudsman bodies. The need for effective review of CBSA’s national security activities was addressed by Commissioner O’Connor in his Inquiry into the Actions of Canadian Officials in Relation to Maher Arar, and O’Connor made a number of sensible recommendations - including the expansion of the mandate of the Security Intelligence Review Committee (SIRC) to include CBSA. To date, the Government has yet to act on this recommendation, and I have seen nothing to indicate that CBSA is voluntarily working towards developing a review capacity.
CBSA is clearly in need of a robust review body, for a variety of reasons. While the Auditor General’s Report does not call for the creation of such a body, it does point to a core principle that should be referenced in efforts to create one - the principle of proportionality. In its 2003 Report, and in reference to SIRC, the Commission of Public Complaints against the RCMP, and the Commissioner of CSE, the Office of the Auditor General recommended that “security and intelligence agencies be subject to levels of external review and reporting that is proportionate to their level of intrusion into the privacy of individuals” (AG 2009, p. 1). The AG Report notes that this principle has been endorsed by background papers prepared by Public Safety Canada regarding the activities of Canadian intelligence agencies.
CBSA is part of Canada’s ‘intelligence community’, and it has it’s own intelligence directorate. It gathers and processes intelligence, and distributes it to / receives it from partners. For example, CBSA’s security certificate case monitoring manual notes that:
The use of the listed tools in the collection of information and evidence is directed toward proving or disproving a breach of conditions. Even when a breach of conditions is not apparent, the information may be beneficial for intelligence purposes.Where possible, monitoring officers should attempt to gather intelligence for use by headquarters, the regions and other government departments.[...] Intelligence provides a useful tool in risk-based management of the ISSC, so it is key to involve intelligence specialists in the management of these cases (CBSA case monitoring manual, s. 9.13)
We know from the security certificate cases that this combination compliance monitoring / intelligence gathering can be incredibly invasive, and can directly - and negatively - impact the privacy of the families and associates of persons subject to security certificates. The Federal Court has held that where certain bail conditions are concerned, the ostensibly voluntary participation of the family in the monitoring agreement effectively waives their reasonable expectation of a right to privacy. Mr. Mahjoub has recently ‘voluntarily’ returned to solitary indefinite detention, rather than continue to expose his family to that level of intrusive surveillance.
If we apply the principle of proportionality endorsed by both the Auditor General and - in a parallel context - Public Safety Canada, whereby review should be commensurate with the level of intrusion, it is clear that CBSA represents the opposite of the gold standard. The Agency has the power to be pervasively invasive in its intelligence activities, and has no review body whatsoever - for its national security activities or its ‘normal’ operations. Complaints about CBSA’s intelligence activities are dealt with in-house or, as has been the case since 2006, through Federal Court jurisprudence in the individual security certificate cases. In fact, the Federal Court, already involved in the administration of the secret portion of certificate proceedings by virtue of its role as the gatekeeper of information, has taken on the role of a strictly-reactive, inconsistent, and inadequate pseudo-review body for CBSA. Security certificate hearings regularly involve ‘revelations’ about the nature of CBSA’s activities, coupled with Federal Court decisions about their reasonableness. Most of these matters could and should be handled more effectively - and with the care they clearly deserve - by a dedicated review body.
Review of Integrated Activities
I have previously emphasized the importance of developing an effective integrated national security review framework for Canada. For example, in an October 2008 op-ed on the Iacobucci Inquiry, in Embassy Magazine, Wade Deisman and I stated:
“... as the O'Connor and Iacobucci inquiry reports show, the transnationalization of security sector operations has not been accompanied by a comparable revolution in accountability and oversight capacities. CSIS and the RCMP have their own review or oversight mechanisms, but the specificity of these institutions makes them anachronisms in a context defined by multi-agency, transnational operations. How can rigid accountability structures be expected to govern complex, integrated activities?The answer is that they can't. And this is the major lesson that we must take from the Iacobucci Inquiry, and the Arar Inquiry before it: While both reports found deficiencies to exist within agencies, the real problems occurred in that murky space between them. It is these murky spaces that give root to the branching problem of accountability gaps identified by both inquiries.”
Commissioner O’Connor made some thorough recommendations regarding the review of integrated national security activities - including intelligence activities - but the Government has yet to take action on this. The Office of the Auditor General has expressed similar concerns about integrated review gaps, both in previous reports and in the May 2009 Report. The AG Report notes that
“Because the external review agencies have a mandate to review only single agencies, but more and more security work is done by joint task forces, there is an increased potential for review agencies to be unable to access the entire record of an investigation” (AG 2009, p.9).
This is, in part, attributed by the AG to a lack of coordination around information sharing between agencies. But the larger picture is still one of agency-specific review bodies attempting to respond to integrated, multiagency security activities and intelligence flows.
Security Certificate cases are a prime example of this. They involve complex, multi-year interactions between CSIS, the CBSA, and a variety of other departments and agencies (CSC, RCMP, DFAIT, provincial agencies, etc.). Some of these collaborative activities are governed by Memoranda of Understanding (such as the MOU between CBSA and CSC regarding the operation of the Kingston Immigration Holding Centre) or formal letters (such as the letter that sets out the relationship between CSIS and CBSA regarding wiretapping and electronic intercepts related to security certificate bail monitoring). Other activities seem more informal, and the terrain is constantly shifting in response to jurisprudence around the security certificate cases, making for a very fluid dynamic; what is standard operating procedure one day - for example, the interception of solicitor-client telephone conversations - may be discontinued on the next. While the agency-specific review bodies can engage with those parts of the puzzle that fit their mandate, there is no single entity tasked with reviewing the security certificate process in its entirety.
Combined with the findings of various previous reports, the Office of the Auditor General’s finding of deficiencies in review potential for integrated activities can be drawn on to support a call for meaningful supra-agency national security review body. Such a body would - drawing on O’Connor’s recommendations - be in position to coordinate the review of complex activities like security certificate cases.
Conclusion:
The creation of a review body for the CBSA’s national security (and / or other) activities and / or the development of an integrated review body with the mandate to review the various processes related to security certificates would not be solutions to the problems inherent in the certificate mechanism. However, they would definitely be steps in the right direction. A strong CBSA review body is particularly necessary, as the Agency is presently operating beyond the scope of meaningful independent review. If the Government is serious about developing a meaningful intelligence review framework (and, in the current political context, this is far from evident), then review capacities should match intelligence capacities, according to a principle of proportionality, rather than being tied to agency-specific stovepipes. In other words, it is the intelligence-related activities of agencies / departments that require oversight, not just the activities of intelligence agencies. The findings of the May 2009 Auditor General’s Report can be cited in support of this argument.
No comments:
Post a Comment