Conservatives Still Weak on Oversight

Canadians, quite reasonably, expect that they can trust the government to respect privacy laws. Unfortunately, this simply does not seem to be a priority for the Conservatives.

Canadians need better oversight of Communications Security Establishment Canada to address the disturbingly casual attitude that the Conservatives have towards privacy.  

CSEC’s primary role is to protect national security. To do this, it obtains foreign intelligence; keeps the Canadian government’s digital data safe from cyber-attacks; and where possible, assists other federal security agencies. This role is in part carried out via monitoring foreign electronic communications.

CSEC has a very clear mandate, which includes a prohibition on spying on Canadians, and its activities are monitored by an independent commissioner. Recent reports from the CSEC commissioner regarding the agency’s activities are troubling.

In August 2013, the commissioner for CSEC issued a report which indicated that surveillance activities may have been directed at Canadians. Further, the report was highly critical of the agency’s incomplete record keeping and noted that efforts to better clarify the agency’s authority seemed to be at a standstill.

Just this month, there were allegations that CSEC targeted the Brazilian government’s Ministry of Mines and Energy and additionally that CSEC had held confidential meetings with Canadian energy companies.

Just how this relates to national security is unclear. Prime Minister Stephen Harper, Defence Minister Rob Nicholson and CSEC Commissioner John Forster have been noticeably silent on this question.

In June, I requested that an emergency debate be held so that Parliament could ensure that the CSEC is subject to proper parliamentary oversight. This debate was refused by the speaker.

Later, NDP defence critic Jack Harris wrote to Defence Minister Rob Nicholson seeking clarification of the agency’s activities and calling for immediate action to ensure improved Parliamentary oversight of CSEC, including requesting a public review of the adequacy of CSEC’s current method of reporting. Despite numerous attempts we remain shut out of obtaining any clear answers from the government.

New Democrats aren’t the only ones concerned about CSEC’s activities. Former CSEC chief John Adams also recently underscored the need to provide more openness to Canadians about the agency’s operations through increased Parliamentary scrutiny. Privacy Commissioner Jennifer Stoddart reiterated concerns that Canadians know very little about CSEC’s operations. Incidents of secret briefings with corporate stakeholders only add to the need for greater transparency.

This certainly isn’t the first time that privacy advocates have sounded alarm bells in recent years. In February 2012, the Conservative government introduced Bill C-30 which granted unwarranted access to Canadians’ personal information such as Internet Protocol addresses.

People across Canada raised concerns about increased government surveillance with no corresponding increase in oversight. Bill C-30 and CSEC’s questionable activities threaten the fragile but essential balance between national security and privacy protections.

The Conservatives’ careless attitude towards transparency and the privacy of Canadians doesn’t end there. Since the Conservatives came to power, there have been over 3,000 privacy breaches which have compromised the personal information of over one million Canadians.

Employees from Human Resources and Skills Development Canada lost a USB key containing the personal information of over half a million Canadians in November of 2012, but there was no formal investigation until January 2013.

Worse yet, it was only after questioning from the NDP that it was revealed that there had been thousands of other data breaches across the federal government, many of which were never disclosed to either the privacy commissioner or the thousands of Canadians who were put at risk.

Curiously, the Conservatives saw no contradiction between their claims about taking their responsibility to protect Canadians’ privacy seriously and the conspicuous absence of any measures to address this in their recent Throne Speech.

Canadians need more than lip service from government when it comes to ensuring that their personal information is secure. We need action, and as digital issues critic I have repeatedly called on this government to bring Canada’s privacy laws into the digital age and introduced legislation to this effect.  

Government has a duty to protect the privacy of Canadians. Canadians expect and deserve better—the Conservative government must exercise greater accountability in its handling of the personal information of Canadians.