BP-343E

THE COMMUNICATIONS SECURITY ESTABLISHMENT -
CANADA'S MOST SECRET INTELLIGENCE AGENCY

 

Prepared by Philip Rosen
Senior Analyst
September 1993

 


TABLE OF CONTENTS

 

INTRODUCTION

HISTORY OF THE CSE

THE CSE TODAY

MANDATE OF THE CSE

ACCOUNTABILITY OF THE CSE

REFORM PROPOSALS

CONCLUSION


 

THE COMMUNICATIONS SECURITY ESTABLISHMENT -
CANADA'S MOST SECRET INTELLIGENCE AGENCY

 

INTRODUCTION

Recent years have seen dramatic changes in many parts of the world. The Soviet Union has disintegrated and, with the resurgence of competing nationalisms, its constituent republics have gone in different directions. Eastern Europe is almost unrecognizable as the result of unpredicted events. The Cold War is over and the former strategic and ideological tensions that characterized it are now a mere memory. These quickly-changing developments have been challenging for political leaders in all countries. Old political movements and institutions are rapidly being replaced by new ones whose origins and destinations are difficult to analyze using past knowledge and experience. This accelerating rate of change represents a major challenge to the security and intelligence agencies that exist to provide information and advice to policy-makers in their client government institutions.

David L. Christianson has provided the following concise definition of the functions of an intelligence organization:

Intelligence organizations provide foreknowledge to the national leadership ... by gathering intelligence information from a myriad of sources, evaluating this information to determine its accuracy, analyzing the information from all available sources, and finally producing and disseminating an intelligence product or report to the consumer.(1)

The Government of Canada has recently defined foreign intelligence in the following terms:

Foreign intelligence refers to intelligence or information concerning the capabilities, intentions or activities of foreign states, corporations, or persons. It may include information of a political, economic, military, scientific, or social nature, and can produce information with security implications.(2)

This paper is about the Communications Security Establishment (CSE), one of a galaxy of agencies in Canada that fit most, if not all, the elements of these definitions of an intelligence organization with responsibility for foreign intelligence. The CSE is one of the most secret and secretive organizations in Canada. What is known about it - for example, what appears in this paper - must be pieced together from disparate sources. Unlike the Canadian Security Intelligence Service (CSIS) and the RCMP, the CSE has no governing statute setting out its mandate, powers and control/accountability mechanisms. In general terms, the CSE has a dual mandate; one, Signals Intelligence (SIGINT), is offensive in nature; the other, Information or Communications Security (INFOSEC or COMSEC), is defensive. There will be more about these issues later in the paper.

Canada is not the only country to have a foreign intelligence agency like the CSE. In the United States, the agency is called the National Security Agency; in the United Kingdom, it is called the Government Communications Headquarters; in Australia, it is called the Defence Signals Directorate; and in New Zealand, it is called the Government Communications Security Bureau.

This paper first sets out a concise history of the CSE from its origins to the present day, including information on its budgets, person-years and operation. Next, the CSE's mandate and accountability for its operations are addressed. Several proposals for the reform of the CSE, offered over the years by diverse sources, are outlined and some conclusions are offered.

HISTORY OF THE CSE

The CSE has its roots in cryptographic and cryptanalytical developments during World War II. It was established in June 1941 as the Examination Unit of the National Research Council and was located in the house next to what was then the Prime Minister's residence on Laurier Avenue in Ottawa. It was felt that in this location the necessary security precautions would not attract undue public attention. For the first part of its existence, the Examination Unit was given particular responsibility for intercepting and analyzing the communications of Vichy France and Germany. With the entry of Japan into the Second World War, the Unit was also given some responsibility for the decryption of that country's communications. It is estimated that by 1944 the Examination Unit had 45 staff members, among whom were a number of classicists and chess players, people capable of thinking in cypher.(3)

In September 1945, U.S. President Truman concluded that peacetime SIGINT operations were necessary and there would have to be collaboration in this area with other countries. In December 1945, Canadian authorities came to the same conclusion. At some point thereafter, the Examination Unit was renamed the Communications Branch of the National Research Council.(4)

In 1947, the UK/USA Security Agreement came into force. The parties to that agreement were, and still are, the U.S., Great Britain, Canada, Australia and New Zealand. This agreement, the content of which has never been made public and which is still classified as "top secret," divided up spheres of cryptographic influence and responsibility with the U.S. and Great Britain designated as "first parties" and the remaining signatories as "second parties." This appears to mean that the processing and analysis of raw signals intelligence data provided by "second parties" is largely carried out by the "first parties." Canada was assigned responsibility for the northern part of the former Soviet Union and parts of Europe. The contents of the UK/USA Agreement, which themselves may not exist on paper, are kept up-to-date in a top secret handbook called International Regulations on SIGINT. In 1948, Canada entered into a similar bilateral arrangement with the U.S. called the CANUSA Agreement.(5)

The existence and functions of the Communications Branch of the National Research Council did not come to public attention until 1974, when they were revealed on a CBC television program. Canada's part in the UK/USA Agreement was revealed only on 24 March 1975, in responses by the Honourable C.M. Drury, then Minister of State for Science and Technology, to questions before the House of Commons Standing Committee on Miscellaneous Estimates.(6)

As of 1 April 1975, "control and supervision" of the now-renamed Communications Security Establishment was transferred by Order in Council under the Public Service Rearrangement and Transfer of Duties Act(7) from the National Research Council to the Department of National Defence.(8) At that time, the CSE was believed to have between 250 and 300 civilian employees, and a budget of approximately $5 million annually. By 1983, it was believed to have about 580 civilian employees.(9)

The existence of the CSE was officially acknowledged for the first time by the Government of Canada when the Honourable Jean-Luc Pépin, then Minister of State for External Relations, made the following statement to the Special Senate Committee on the Canadian Security Intelligence Service on 22 September 1983:

The Communications Security Establishment advises on, and provides the means of ensuring the security of federal government communications. It also provides, with the support of the Canadian Forces Supplementary Radio System, a service of signals intelligence in support of Canada's foreign and defence policies. I should explain that "signals intelligence" is the term given to information gathered about foreign countries by intercepting and studying their radio, radar, and other electronic transmissions.(10)

 

THE CSE TODAY

The CSE's budget allotment is not made public. In response to questions before the House of Commons Standing Committee on Public Accounts on 10 October 1991, a CSE representative indicated that the agency's INFOSEC/COMSEC activities represented 20% or 22% of its budget, or about $20 to 25 million annually.(11) It may on this basis be concluded that in 1991 the CSE's budget was in the $100 to $125 million a year range. This does not tell the whole story; the Department of National Defence, Canadian Forces, contributed, it was estimated, in 1991 an additional $150 million in personnel and other support to the CSE's SIGINT activities.(12)

In April 1991, the Department of National Defence indicated, in response to questions, that the Public Service Staff Relations Board had made public the following data with respect to CSE person-years:

 

Fiscal Year Number of CSE Employees
1984-85 648
1985-86 639
1986-87 713
1987-88 748
1988-89 816
1989-90        826(13)

 

These figures in themselves were somewhat misleading as they did not include the CSE's exempt personnel and did not indicate the contribution of the Department of National Defence, Canadian Forces, to the CSE's SIGINT activities. It was estimated in 1991 that the CSE itself had about 850 employees and that the Canadian Forces assigned about 1,100 persons to operate monitoring stations in Canada, Bermuda and Germany.(14) In June 1993, it was established that the CSE itself at that time had 875 employees.(15)

In 1991, it was established that CSE monitoring stations were located in the following places: Argentia and Gander in Newfoundland, Leitrim Canadian Forces Station near Ottawa, Massett Canadian Forces Station in B.C., and Canadian Forces Station Alert at the tip of Ellesmere Island (the most northerly permanent military facility in the world) as well as in Bermuda.(16)

MANDATE OF THE CSE

As stated earlier, the CSE has a two-part mandate - Signals Intelligence (SIGINT) and Communications or Information Security (COMSEC or INFOSEC). Ward Elcock, Deputy Clerk, Security and Intelligence, and Counsel, Privy Council Office, on 20 April 1990 described the two roles of CSE during testimony before the House of Commons Special CSIS Review Committee as follows:

One of those is sometimes known as the COMSEC role, which deals with the security of the communications of the Government of Canada. The second responsibility is the collection of signals intelligence, which is intended to provide the government with foreign intelligence on the diplomatic, military, economic, security, and commercial activities, intentions, and capabilities of foreign governments, individuals and corporations.(17)

The government described the CSE's two-part mandate as follows in its 1991 Response to the 1990 Report of the House of Commons Special CSIS Review Committee:

The Establishment is responsible for two programs:

  • information technology security (INFOSEC); and

  • signals intelligence (SIGINT).

Under the INFOSEC program, CSE provides technical advice, guidance and service to the government on the means of ensuring federal government telecommunications security and on aspects of electronic data processing security. Under the SIGINT program, CSE, with the support of the Canadian Forces Supplementary Radio System, collects, studies and reports on foreign radio, foreign radar and other foreign electronic emissions in order to provide foreign intelligence to the government.(18)

As indicated earlier, the CSE in 1991 expended about 20% or 22% of its budget on INFOSEC or COMSEC activities. In April 1991, a representative of the Department of National Defence stated the following about the CSE's INFOSEC responsibility:

... CSE fulfils its INFOSEC responsibility to government by:

  • the provision of keying material;

  • efforts to prevent compromising emanations from electronic equipment;

  • advice to Canadian industry to assist in development of secure communications and EDP systems;

  • INFOSEC training and education to government.(19)

The CSE has an important INFOSEC/COMSEC role to play under the government's Security Policy. This Treasury Board initiative sets out the means by which employees are to be security-cleared and steps that are to be taken to assure the security of government information and other assets. In guidelines setting out the government-wide role of different agencies and departments, the CSE is given the following responsibilities:

The Communications Security Establishment is responsible for:

(a) developing standards on communications-electronic security (COMSEC) for the approval of Treasury Board and advising on their application;

(b) developing, approving, issuing and advising on the application of technical standards on COMSEC and for the protection of signals intelligence and cryptographic information and material;

(c) providing cryptographic material and documentation to appropriate government institutions;

(d) international agreements in the communications-electronic security and signals intelligence programs and approving the release of classified or controlled COMSEC information and assets to government and non-government entities;

(e) providing advice and guidance on the planning, acquisition, installation and procedures for using COMSEC systems;

(f) providing advice on threat and risk assessments, when requested;

(g) reporting to Treasury Board, when requested, on the state of COMSEC in the government;

(h) inspecting, testing and evaluating COMSEC systems and procedures, other than for DND, and, on request, reviewing government telecommunications to assess adherence to prescribed COMSEC practices;

(i) classifying signals intelligence and cryptographic information and material, and establishing procedures for the systematic review of such classified information and material for declassification or downgrading;

(j) approving the allocation of positions requiring special access (SA) to signals intelligence information and material, and maintaining the inventory of personnel cleared for access to such information and material; and

(k) providing a research and development and evaluation capability on security aspects of computer hardware, software and communications systems to ensure that information is available to the government on the security of computer systems and their use in government.(20)

There are no equivalent detailed descriptions of the CSE's SIGINT mandate upon which 80% of its budget is spent and upon which most of the assistance provided by the Department of National Defence, Canadian Forces, is probably expended. Reliance will thus have to be placed on less detailed, more generic, descriptions of SIGINT activities. Granatstein and Stafford have described the CSE's SIGINT mandate as follows:

The Signals Intelligence Programme, according to an internal CSE document, "involves the collection and processing of foreign radio, radar and other electromagnetic transmissions." This means that CSE listens in to radio and telephone communications between embassies in Ottawa and their home countries, or between embassies and their consulates; monitors all national and international telephone calls; listens in to many foreign radio communications; and reads the electromagnetic transmissions from embassy typewriters, word processors, etc.(21)

Abram Shulsky has defined Signals Intelligence in more general terms as follows:

Signals intelligence (or SIGINT) is the generic term given to the process of deriving intelligence from the interception of electromagnetic (radio) waves, generally referred to as signals. It may be subdivided according to the type of electromagnetic wave being intercepted:

  • The interception of, and derivation of information from, foreign communications signals (radio messages) by other than the intended recipients is known as communications intelligence, or COMINT.

  • The interception, processing, and analysis of foreign telemetry (radio signals that relay information from sensors on board a test vehicle to the test engineers concerning the vehicle's flight and performance characteristics) are known as telemetry intelligence, or TELINT.

  • The interception, processing, and analysis of noncommunications electromagnetic radiations coming from a piece of military equipment (such as a radar) while it operates are known as electronic intelligence, or ELINT.

  • In principle, any electromagnetic wave, emitted either as a necessary part or as a by-product of the functioning of a piece of electrical equipment, is subject to interception by a receiver that is properly placed and sufficiently sensitive.(22)

Little more is known in detail about the CSE's mandate. It entered into a COMSEC Memorandum of Understanding (MOU) with the RCMP as of 31 October 1989 (under the Government Security Policy) and two SIGINT MOUs with CSIS (under sections 12 (security intelligence) and 16 (foreign intelligence in Canada) of the CSIS Act).(23) It also has an MOU with the Department of External Affairs.(24) These documents establish and structure any arrangements necessary to ensure that government institutions working together in common areas of activity collaborate effectively, exchange information and do not duplicate each other's efforts.

ACCOUNTABILITY OF THE CSE

The government in its 1991 Response to the 1990 Report of the House of Commons Special CSIS Review Committee described the CSE's accountability scheme as follows:

The Minister of National Defence is accountable to Parliament for CSE. The Minister approves CSE's major capital expenditures, its annual Multi-Year Operation Plan, and (with CCSI [Cabinet Committee on Security and Intelligence]) major CSE initiatives with significant policy or legal implications.

The Chief of CSE is accountable to the Deputy Minister of National Defence for financial and administrative matters, and to the Deputy Clerk (Security and Intelligence, and Counsel) in the PCO for policy and operational matters.

In addition, arrangements have been put in place to ensure that CSE responds to the government's foreign intelligence requirements in a manner that is lawful, effective and sensitive to changes in international relationships. These include the following:

CSE has in-house legal counsel from the Department of Justice, and consults with senior Justice officials on legal issues;

  • CSE consults frequently with senior officials in the Privy Council Office, the Department of National Defence and the Department of External Affairs;

  • CSE is subject to internal Department of National Defence administrative review mechanisms; and

  • CSE submits its strategic plan and all new policy proposals for review by ICSI [Interdepartmental Committee on Security and Intelligence], which in turn reports to CCSI.

Thus, a broad accountability system for CSE is in place. Nevertheless such an accountability system can always be improved and the government has been considering providing the Minister of National Defence with some additional capacity for review of CSE. Once a decision is taken on the most appropriate approach, an announcement will be made.(25)

This was the government Response to the 1990 House of Commons Special CSIS Review Committee recommendation (No. 87) that the CSE be established formally by statute and that the Security Intelligence Review Committee (SIRC) be empowered to monitor and review it. So far, no announcement has been made as to whether and how the Minister of National Defence is to be provided with additional capacity to review the CSE. It was indicated in June 1993 that this matter was still under consideration and that an announcement would be made in due course.(26)

REFORM PROPOSALS

Over the years, serious concerns have been expressed about the technical capacity of the CSE to intercept communications of all forms and the potential for violation of the rights and freedoms of Canadians. Similarly, there is a level of dissatisfaction in some quarters with the level of public accountability for CSE activities and for the expenditure of the public funds allocated to it.

Although these concerns have come from different sources at different times, there is little evidence that the CSE infringes on the rights and freedoms of Canadians through its SIGINT activities. There has also been no public evidence of financial mismanagement, or administrative inefficiency or operational inefficacy. In fact, whenever CSE representatives are pressed on these issues in public, they stress that they do not act in violation of the rights and freedoms of Canadians and are fully accountable for their expenditure of public funds.

Because the CSE is such a secret and secretive government institution, however, it is almost impossible for outsiders to evaluate the reliability of such reassurances about the exercise of its functions. The mandate, control and accountability of CSE are not founded on a statutory basis. The 1975 Order in Council transferring responsibility for the CSE from the National Research Council to the Department of National Defence dealt only with administrative responsibility, not mandate, powers, control or accountability. To respond to this situation, several reform proposals have been made.

In its 1981 report, the Commission of Inquiry Concerning Certain Activities of the Royal Canadian Mounted Police recommended that an Advisory Council on Security and Intelligence be established and that the scope of its review powers should extend to all federal government organizations employed to collect intelligence through clandestine means (except for the RCMP and other federal police forces).(27) Had this proposal, which was not accepted in its entirety by the government of the day, been implemented, it would likely have caught the CSE in its ambit; however, it would by itself have been inadequate unless the CSE's mandate and powers had been established by Act of Parliament.

The Special Senate Committee on the Canadian Security Intelligence Service dealt indirectly with the CSE in its 1983 report. It proposed that the Canadian Security Intelligence Service (CSIS), whose founding legislation it was then considering, should be given the "operational monopoly" of foreign intelligence activities engaged in by the CSE and other similar organizations.(28) This proposal, which was not accepted by the government of the day, would have had the effect of subjecting CSE activities to the review or oversight jurisdiction of the Security Intelligence Review Committee; however, this proposal did not define operational monopoly.

In its 1989 submission to the House of Commons Special CSIS Review Committee, the Security Intelligence Review Committee recommended that Parliament consider enacting legislation to provide for the independent monitoring of other components of Canada's intelligence network in addition to CSIS, which is already subject to oversight by SIRC itself.(29) Unfortunately, the submission provided no further details to buttress its proposal and did not deal with the CSE directly, but rather by implication.

As was seen earlier in this paper, these reform proposals were echoed in 1990, when the House of Commons Special CSIS Review Committee recommended that SIRC's review jurisdiction be extended to include the CSE, which should be given a statutory basis.

A variation on these proposals was made by John Starnes, the Director of the RCMP Security Service in the early 1970s, when he recently urged that responsibility for the CSE be transferred by Order in Council from the Department of National Defence to CSIS.(30) This step would subject the CSE to the same control and accountability mechanisms (ministerial direction, Federal Court warrant approval, Inspector General auditing and SIRC review) as CSIS. It would affect CSIS itself, since its statutory basis may not be adequate to allow for such an easy administrative integration of the CSE into the Service. Such a proposal would also have the effect of giving CSIS a foreign intelligence mandate, thus changing the nature of that organization.

The reform proposals made for CSE thus far have been inadequate. Effective proposals must address in detail the mandate and powers of the organization and the means necessary to control it and keep it accountable, assuming its continued existence is deemed necessary; the agency must also be provided with a basis in law founded on an Act of Parliament.

CONCLUSION

As can be seen from the contents of this paper, not much is known about the detailed functions of the CSE and the resources available to it. Minimal as it has been, the public debate about this government institution has centred on the capacity of the CSE to violate the rights and freedoms of Canadians and on the need to ensure that it is accountable to Parliament.

Ward Elcock told the House of Commons Sub-Committee on National Security in June 1993 that:

CSE is a foreign intelligence collection agency. The very nature of its work depends upon a degree of secrecy. To the extent to which its work is not secret, it loses its capacity to function and to collect information that is of use and of value to the Government of Canada.(31)

This statement puts the key issue into its most basic terms: how can a government institution that functions most effectively in the shadows be held publicly accountable without compromising its efficacy? This question is especially important when it relates to an agency with the capacity to violate the rights and freedoms of Canadians.

As indicated at the outset of this paper, there have been dramatic changes in the political situation in many parts of the world. Now that the Cold War is over, many new security and intelligence issues are coming to the fore. As a result, countries are considering major adjustments to their security and intelligence agencies. As Wesley Wark has put it:

It is legitimate to ask ... why should any of these roles fall into the hands of intelligence services, rather than some other kind of organization?(32)

Indeed, why should these functions, if they are indeed still necessary, be performed by such an agency? And can such an agency be made publicly accountable to Parliament without compromising its primary mandate? These are the important questions that must be answered to ensure the effective protection of the rights and freedoms of Canadians.


(1) David L. Christianson, "Signals Intelligence," from Gerald W. Hopple and Bruce W. Watson (eds.), The Military Intelligence Community, Westview Press, Boulder, Colorado, 1986, p. 39.

(2) Solicitor General of Canada, On Course: National Security for the 1990s, Supply and Services Canada, Ottawa, 1991, p. 51 (cited as On Course (1991)).

(3) For a more detailed history of the Examination Unit of the National Research Council, see: J.L. Granatstein and David Stafford, Spy Wars: Espionage and Canada from Gouzenko to Glasnost, Key Porter Books, Toronto, 1990, p. 20-46; Peter St. John, "Canada's Accession to the Allied Intelligence Community 1940-45," Conflict Quarterly, Vol. 4, No. 4, Fall 1984, p. 5-21; and Wesley K. Wark, "Cryptographic Innocence: The Origins of Signals Intelligence in Canada in the Second World War," Journal of Contemporary History, Vol. 22, 1987, p. 639-665.

(4) Granatstein and Stafford (1990), p. 44-45.

(5) Ibid., p. 45-46; James Littleton, Target Nation: Canada and the Western Intelligence Network, Lester and Orpen Dennys, Toronto, 1986, p. 94-95; and Jeffrey T. Richelson and Desmond Ball, The Ties That Bind - Intelligence Co-operation Between the UKUSA Countries, 2nd ed., Unwin Hyman, Boston, 1990, p. 89.

(6) Littleton (1986), p. 95; and House of Commons, Standing Committee on Miscellaneous Estimates, Proceedings, 24 March 1975, 18:17-18:21 (C.M. Drury).

(7) R.S.C. 1985, Ch. P-34.

(8) Canada Gazette, Pt. II, Vol. 109, No. 3, p. 233, P.C. 1975-95.

(9)  Richelson and Ball (1990), p. 89.

(10) Senate, Special Committee on the Canadian Security Intelligence Service, Proceedings, 22 September 1983, 11:19 (Lean-Luc Pépin).

(11) House of Commons, Standing Committee on Public Accounts, Proceedings, 10 October 1991, 7:12-7:16.

(12) Peter Moon, "Secrecy Shrouds Spy Agency," Globe & Mail (Toronto), 27 May 1991.

(13) Private Communication.

(14) Moon (1991).

(15) House of Commons, Sub-Committee on National Security, Proceedings, June 1993, 11:9 (Ward Elcock).

(16) Richelson and Ball (1990), p. 354-355; and Private Communication.

(17) As reproduced in: Canadian Association for Security and Intelligence Studies, Newsletter, No. 16, p. 20-21.

(18) On Course (1991), p. 54.

(19) Private Communication.

(20) Treasury Board of Canada, Secretariat, Administrative Policy Manual, Information and Administrative Management, Security, Supply and Services Canada, Ottawa, 1991, Item 2.2.3, p. 5-7. (At the time of writing, the security policy was under review.)

(21) Granatstein and Stafford (1990), p. 22.

(22) Abram N. Shulsky, Silent Warfare: Understanding the World of Intelligence, Brassey's (U.S.) Inc., Washington, 1991, p. 24-25.

(23) Letter from Ward Elcock, Deputy Clerk, Security and Intelligence, and Counsel, Privy Council to Blaine Thacker, M.P., Chairman, Sub-Committee on National Security, 13 April 1992.

(24) House of Commons, Sub-Committee on National Security, Proceedings, June 1993, 11:5-6 (Ward Elcock).

(25) On Course (1991), p. 54-55. The Cabinet Committee on Security and Intelligence is chaired by the Prime Minister, while the Interdepartmental Committee on Security and Intelligence is made up of senior public servants and chaired by the Clerk of the Privy Council.

(26) House of Commons, Sub-Committee on National Security, Proceedings, June 1993, 11:8 (Ward Elcock).

(27) Commission of Inquiry Concerning Certain Activities of the Royal Canadian Mounted Police, Freedom and Security under the Law, Second Report - Volume 2, Supply and Services Canada, Ottawa, 1981, p. 885.

(28) Senate, Special Committee on the Canadian Security Intelligence Service, Report, Delicate Balance: A Security Intelligence Service in a Democratic Society, Supply and Services Canada, Ottawa, 1983, p. 18-19.

(29) Security Intelligence Review Committee, Annual Report, 1988-89, Supply and Services Canada, Ottawa, 1989, p. 70.

(30) John Starnes, "Cryptography Unit Would be More Accountable under CSIS," Ottawa Citizen, 17 July 1991. A similar proposal was made by the Honourable Jean-Jacques Blais, a former Solicitor General and member of SIRC, in "Committee Should be Expanded to Review Other Agencies," Ottawa Citizen, 2 July 1992, although he placed his emphasis on expanding SIRC so that it could monitor the CSE.

(31) House of Commons, Sub-Committee on National Security, Proceedings, June 1993, 11:10 (Ward Elcock).

(32) Wesley K. Wark, "The Intelligence Revolution and the Future," Queen's Quarterly, Vol. 100, No. 2, Summer 1993, 273, at p. 284.