ATIPs

This page includes links to various Access To Information and Privacy (ATIP) requests that I have received or obtained over the past several years. Each link, unless otherwise indicated, is to a locally hosted .pdf of the relevant ATIP. In some cases I indicate what is notable about a given ATIP or the language of the original request and, where possible, dates associated with the released records.

Agriculture and Agri Food Canada

A-2018-00107: AAFC Records on Canada–China Agricultural Trade, Canola Delays, and Huawei-Related Tensions. This release contains Agriculture and Agri-Food Canada records concerning Canada–China trade tensions in early 2019, including internal emails, media-monitoring material, proposed media lines, and background materials related to agricultural market access. The records include a translated transcript of Chinese Ambassador Lu Shaye’s January 2019 media interview following the arrest of Huawei executive Meng Wanzhou, as well as Reuters and Bloomberg reporting on delays affecting Canadian canola shipments to China. Of note, the package shows AAFC officials preparing and coordinating communications lines stating that Canada was not aware of any decision by Chinese authorities to stop companies from buying Canadian agricultural products, while emphasizing regular engagement with Canadian companies and continued monitoring of global, regional, and bilateral market conditions. The release also includes a draft list of high-visibility CFIA-related market access issues with China, including frozen boneless beef, chilled meat and beef offal, canola access, grain, pulses, oat grains, greenhouse tomatoes, pet food, feed additives, and other agriculture or food export matters. The file is heavily redacted and many pages are withheld or marked non-relevant, but it is useful for understanding how AAFC was tracking agricultural trade exposure during the post-Meng Wanzhou diplomatic dispute and how officials framed canola-related delays, market access, and China-facing trade messaging.

Canadian Armed Forces

A-2019-01680: JDN 2017-02, Canadian Armed Forces Joint Doctrine Note: Cyber Operations. Ottawa: Canadian Forces Warfare Centre, 2017, AND all correspondence, discussion and/or documentation related to this document (within the CAF) from January 01, 2020 to January 31, 2020. This is the 2017 version of the CAF’s Joint Doctrine Note (JDN) concerning Cyber Operations. This is a highly notable document, insofar as it discusses the Canadian posture towards conflict in cyberspace, and identifies key terms that were not previously discussed (e.g., defensive operations, defensive operations that are in CAF’s network, and defensive response operations when CAF must respond to an adversary), as well as the ways in which CAF considered developing and structuring its cyber-related activities. Emails included in this ATIP, at the end of the document, reveal that subsequent updates to the Doctrine Note have occurred, and this document can be helpfully read against Canada’s interpretation of international law in cyberspace and, also, Global Affairs Canada’s international cyber policy. Readers may, also, be interested in earlier assessments of Canada’s draft international cybersecurity strategy. Note that annotations exist within this ATIP.
A-2014-01133-CJOC Campaign Plan — Intelligence, Horizon 1: 2013/14–2018/19. This release contains a draft Canadian Joint Operations Command intelligence campaign plan for 2013/14–2018/19. The document sets out CJOC’s intelligence context, mission, vision, centre of gravity, critical intelligence functions, and five intelligence lines of operation intended to support CJOC’s command of Canadian Armed Forces operations at home and abroad. Of note, the plan frames CJOC intelligence as central to domestic, continental, and expeditionary operations, including operations in the Arctic and through NORAD, major events in Canada, terrorist attacks, support to civilian authorities during domestic crises, and deployed international operations. It emphasizes that CJOC intelligence must integrate across a broad CAF operational-intelligence architecture involving DND/CAF entities, CSE, CSIS, RCMP, CBSA, allied commands, and other partners. The plan also stresses the need to support emerging domains such as cyber and space, improve ISR and targeting functions, provide horizon scanning and warning, support deployed operations, shape the broader intelligence environment, and build liaison, partnership, and engagement mechanisms. The release is useful for understanding CJOC’s early post-creation intelligence planning, including how it sought to operationalize intelligence support, command integration, partner engagement, and capability development over a five-year horizon.
A-2013-00910: DND Approval Materials for NATO Cyber Defence Capability Action Team Participation. This release contains approval materials for Canadian participation in a NATO Cyber Defence Capability Action Team meeting held at NATO Headquarters in Brussels from June 30 to July 5, 2013. The records include a Vice Chief of the Defence Staff letter, a briefing note for the Deputy Minister, and an event/hospitality request form seeking approval for one Cyber Task Force representative to attend at an estimated departmental cost of $6,773. Of note, the briefing describes the Cyber Task Force as the principal Canadian participant in NATO’s Cyber Defence Capability Action Team, which was sponsored by the NATO Capability Panel and tasked with discussing, analyzing, and reporting on NATO cyber defence tasks. The materials frame the participation as supporting Canada’s development of military cyber capability, including lessons learned from operational deployments, national cyber planning, NATO burden-sharing, and the development of a NATO Cyber Defence Awareness, Education, Training, and Exercise Program. The release is brief, but useful for understanding early Canadian military engagement in NATO cyber defence capability-building and DND/CF efforts to translate allied cyber work into domestic cyber task force planning and training.
A-2013-00390: DND Innovation Transfer and Evaluation Agreement for SR-BioSpectra Biological Threat Detection. This release contains a February 2013 briefing note and related agreement materials concerning DND participation in testing the SR-BioSpectra standoff biological threat detection system under the Canadian Innovation Commercialization Program. The briefing seeks approval for DG Cyber to sign an Innovation Transfer and Evaluation Agreement so that a prototype developed by Institut National d’Optique could be delivered to DND’s Directorate of CBRN Defence for testing and assessment. Of note, SR-BioSpectra is described as a compact, transportable laser and optical fluorescence system intended to detect biological aerosols at standoff distances, with potential defence and security applications. The statement of work sets out planned testing in outdoor urban-like and indoor public-environment settings, including assessment of biological aerosol detection, false alarm rates, detection sensitivity, potential dual-mode biological/explosive detection, user-friendliness, deployment, operation, situational awareness, and operational suitability. The agreement also addresses PWGSC and DND roles, transfer of asset management and control, feedback and performance measurement, protection of assets, privacy and security responsibilities, and contractor support and training. The release is useful for understanding how DND evaluated pre-commercial CBRN sensing technologies, including operational testing requirements, federal innovation procurement processes, and the anticipated use of standoff detection tools for biological threat and explosive-related scenarios.
A-2013-00389: DND Briefing Note on Canadian Forces Cyber Operations Working Group Visit to the UK. This release contains a February 2013 briefing note seeking Deputy Minister approval for a Canadian Forces cyber operations working group visit to the United Kingdom. The proposed March 17–23, 2013 visit was intended to allow representatives from the Canadian Forces cyber operations community, including the Canadian Forces Cyber Task Force, Canadian Forces Information Operations Group / Joint Cyber Operations Team, and CSEC, to engage with UK cyber operations counterparts and stakeholders. Of note, the briefing frames the visit as supporting DND/CF’s development and implementation of a military capability to operate in the cyber environment. The note presents several engagement options, with comprehensive engagement identified as the preferred option, and states that the proposed expenditures were the best value for money and the most economical option. The release is brief and significantly redacted, but it is useful for understanding early DND/CF efforts to build military cyber operations capacity, coordinate with CSEC, and engage allied partners on cyber operations planning and capability development.
A-2013-00005: Canadian Forces National Counter-Intelligence Unit Summaries on Elicitation, Surveillance, OPSEC, and Cyber-Related Incidents. This release contains Canadian Forces National Counter-Intelligence Unit counter-intelligence summaries from 2011 and 2012. The records provide situational awareness reporting for DND and Canadian Forces personnel on domestic and international counter-intelligence incidents, including elicitation, unsolicited contacts, surveillance and profiling of Canadian Forces members, intrusion operations, operational security concerns, protest activity near defence facilities, controlled or hazardous material issues, and cyber-related incidents. Of note, the summaries repeatedly emphasize the vulnerability of Canadian Forces personnel to collection efforts through public exposure, travel, social contact, email, social media, and weak operational security practices. The records include examples involving unsolicited emails to DND/CF members, suspected surveillance or profiling while deployed or travelling, impersonation of Canadian Forces or public officials, spear-phishing attempts, and risks arising from online disclosure or social media activity. The release also includes references to broader security incidents such as Occupy-related activity, explosives thefts, alleged espionage charges, and the Stratfor/Anonymous breach involving compromised account information. The file is useful for understanding how Canadian military counter-intelligence officials framed personnel security, foreign intelligence service interest, cyber hygiene, OPSEC, and the everyday exposure of defence personnel to elicitation, surveillance, and digital compromise risks.

Canadian Security Intelligence Service

A-2021-364: All internal emails between senior CSIS officials from January 1, 2019 to January 1, 2020 regarding Russian foreign interference in Canada. This ATIP package only includes the 2018-2019 Annual Report to the Minister on Operational Activities, and is classified at the Top Secret/Canadian Eyes Only (CEO) level. It provides a highly-redacted discussion of the kinds of threats that CSIS identified and engaged with, as well as suggesting there are some kinds of issues associated with Canadian Extremist Travellers, s.16 challenges. The report documents the number of briefs or reports which were issued in alignment with various issue areas covered by CSIS and, also, denotes the number of security screening requests, and by type of request, during the period; it does not, however, provide information about the number of requests which were met. Page 57 reveals that CSIS had 311 s. 17(1)(b) agreements with 158 countries and territories, though redacted the number of active, dormant, restricted, restricted/dormant, or abeyance agreements. Finally, pages 58-63 provide a listing of many of CSIS’ domestic arrangements with federal agencies and provinces/provincial bodies. Of note, those agreements with the CSE include: Regarding s. 14 information (dated 2007-01-12), Regarding s. 16 information (1990-11-02), Regarding s. 12 information (1990-11-01), as well as Framework document; information sharing, intelligence collection and operational support (2011-12-14), Annex to the Framework MOU regarding certification & accreditation of facilities and systems processing SIGINT (2012-04-22), Annex 2 to the s. 12 MOU regarding s. 12.1 information (2016-06-13), and Addition of Annex B to the CSE Framework document: Integrated Internal Services initiative (2016-07-14).
A-2021-327: Copies of all CSIS and ITAC intelligence reports and briefs since June 1, 2020 to December 7, 2020 on security and the COVID-19 pandemic. This set of documents includes CSIS’s weekly newsletter as well as extensive discussions of the national security threat levels, and internal media bulletins, as well as specific analytic reports on ideologically motivated violent extremism. Documents also disclose the perceive threats to aviation security as a result of the COVID-19 pandemic. Of note, on page 15 under “Cyber” CSIS stated “there may be a heightened likelihood of a cyber attack impacting the Canadian electricity sector, given the connections between US and Canadian power grids. Moreover, Canadian allies in the United Kingdom and the United States have noted the presence of Russian state-sponsored actors on Internet infrastructure— including routers, switches and firewalls — which can be used to impact industrial control systems.”
A-2021-256: This is a re-release of an ATIP request from which the Globe and Mail article was written involving CSIS presentations to Universities in Canada, the association of CIO’s of Canadian Universities, and biopharma labs and agencies involved in the supply chain from April 2020 to June 2021, warning of international espionage. Page 3 makes it clear that CSIS is warning of ‘non-traditional intelligence collectors’ which include, “people without formal intelligence training but with a particular subject matter expertise such as businesspeople, scientists, researchers, and even students. These individuals know what is valuable and they are able to operate in business and research environments without raising suspicions.” Such individuals “can also be vulnerable to state demands if they return to an authoritarian country with a disregard for intellectual property rights and patents” and, moreover, there is a risk that universities “may unwittingly invite these non-traditional collectors into your front door, as you pursue business arrangements or R&D collaborations.”
A-2021-164: Please provide the following document: CSIS, Foreign Threats to Canadian Science and Technology. Aside from the title and classification (Secret//CEO) this document is entirely redacted.
A-2021-060: All records for the period between January 1, 2013 and April 29, 2021 related to the use (or potential use) of big data, big data analysis, algorithmic decision-making, algorithmic analytics, algorithmic analysis, predictive analytics, predictive analysis, and/or machine learning for the purpose of assessing or making determinations related to “risk of immigration and refugee applicants to Canada.”
Summaries of the US Senate Report on Examining the U.S. Capitol Attack and the US National Strategy for Countering Domestic Terrorism, and CSIS Considerations. This ATIP includes detailed discussion of sought-after powers for CSIS on page 4. Powers discussed include access to basic subscriber information, sharing classified information with law enforcement agencies, and possessing tools that enable the identification and disruption of IMVE-related threat actors operating online while simultaneously protecting Canadians’ privacy. Dated July 29, 2021.
A-2020-611: Speaking notes, briefing notes, communications and reports pertaining to CSIS monitoring of international students, student associations and universities with an emphasis on monitoring of Chinese, Russian, or Muslim students from January 1 2010 to March 22, 2020. This includes a 2019 memorandum entitled “Update on CSIS engagement with Muslim students” that followed from a CBC News story about Muslim university students being contacted by CSIS officers, and the issue within CSIS was heightened by an op-ed by two Toronto-based lawyers who wrote an op-ed that reinforced the CBC story’s narrative. In a subsequent meeting, where the lawyers explained to CSIS that students were discouraged from contacting lawyers, CSIS’ memorandum asserts the “CSIS assured the lawyers that the Service does not counsel individuals to avoid seeking legal advice.”
A-2020-462: All threat assessments/reports from July 1, 2020 to present that mention QAnon conspiracy, Proud Boys or other far-right groups and their presence in Canada or on social media. This has a number of internal threat reports associated with violence in the United States or Canada, though perhaps the most interesting element of this ATIP is in a report finishing the ATIP package entitled “White Supremacist/Neo-Nazi Women: Canadian Implications” that provides a detailed account of the role of women in supporting and promoting this ideology online. The only Canadian woman mentioned in the report is Laura Southern.
A-2020-390: Obtain a list of briefing notes received by the Director of CSIS or sent to the minister responsible for CSIS for the period from October 20, 2020 to December 13, 2020. This package release is 8 pages long and includes lists of all the briefings the Director was involved in. Notable ones include altering a s. 17(1)(b) foreign arrangements, Draft 2019-2020 Annual to the Minister on Operational Activities, Memorandum to Minister – Warrant Issues, and Min Memo – Renewal of Classes of Acts or Omissions.
A-2020-370: Intelligence studies/reports/briefs produced by CSIS in March 2020 and April 2020 on the coronavirus/COVID-19. This ATIP package includes regular CSIS reports which highlight issues or threats, broadly, around the world. These threats are not exclusively linked to the coronavirus and, in fact, generally address other threat-related activities.
A-2020-373: Copies of all CSIS and ITAC intelligence reports and briefs since June 1, 2020 on security and the COVID-19 pandemic.
A-2020-391: All documentation regarding geolocation and its illegal use by CSIS from the period from September 1, 2020 to December 11, 2020. This ATIP returned a copy of NSIRA’s classified (Secret) Annual report 2019-01. Of note, on page 4 is a report from NSIRA that recognizes that, “in SIRC’s review of CSIS’s use of Basic Identifying Information (BII) (SIRC Review 2018-09),3SIRC found that recent changes to the BII process brought about by Federal Court decisions have made the timely collection of BII challenging for CSIS.” Page 9 includes some mention of CSIS’ foreign station and their utility in understanding threats to Canada (though some reassurances from foreign entities hadn’t been sought or renewed since 2010). The same page makes reference to CSIS’ “practices for acquiring information from traditional and “non- traditional” Communication Service Providers (CSPs).” On page 10 we find that, “All Five-Eyes partners have faced challenges evaluating their disruption activities. SIRC found that CSIS is making efforts to improve its performance measurement, but that work remains to be done. Particular attention will have to be paid to assessing intermediate and strategic outcomes, leaving as little room as possible for subjectivity.” Notably, “SIRC found that incremental changes to Ministerial Direction and CSIS policies have collectively reduced the requirement to inform the Minister about foreign activities within Canada.”
A-2020-37: All CSIS and ITAC intelligence reports and briefs from January 1, 2020 to May 21, 2020 on security and the COVID-19 pandemic. This ATIP release contains dozens of weekly threat review reports from ITAC along with threat levels over the period. It is notable for identifying the issues which were surfaced through the reporting, though with a strong caveat that extensive redactions for news items tracked by ITAC were redacted across the release. The release also contains numerous CSIS Security Briefs, on topics such as conspiracy theorists, anarchists, alternative COVID-19 narratives, ideologically motivated violence and the pandemic, and more. Pages 81-90 include a high-redacted strategic briefing concerning COVID-19, labelled Top Secret, REDACTED, CSIS Eyes Only. Page 93-94 includes a high-level discussion/summary of the Nova Scotia shooter and the timeline of events reported at the time.
A-2019-1027: All documents related to COVID-19, PANDEMIC, VIRUS, EPIDEMIC and WUHAN for the period from December 1, 2019 to February 1, 2020. This large release contains reports and advisories concerning the COVID-19 pandemic. Of note, CSIS was updating its Pandemic Response Plan in November 2019 (Page 21), the plan itself which is dated December 2019 begins on page 35. The plan, itself, is principally concerned with a virulent flu and provides information on how the Service would respond in the face of a serious health event. The specific responsibilities of senior leadership (pages 42-47) are sometimes included and other times not (presumably due to redactions). On page 59 begins an updated April 2020 Pandemic Response Plan.
A-2019-675: Information pertaining to “Threat Reduction Measures” as defined in the CSIS Act, including historical examples of Threat Reduction Measures; documents relating to the approval process; examples of Threat Reduction Measures being used in combating disinformation (Especially during the recent 2019 Canadian federal election). This ATIP release includes the governing policy for conducting threat operations, and is dated June 21, 2019 and replaces s.12.1 Threat Reduction Measures (Version 2, dated 2017-11-20). While highly redacted it gives a sense of some of the processes involved in undertaking TRMs, including in exigent circumstances these operations being permissible based on verbal approval (page 8). In the accompanying FAQ, page 19 makes explicit that “the Communications Security Establishment (CSE) may assist the Service in undertaking a Threat Reduction Measure (TRM)”. Nothing in this ATIP release speaks specifically to using TRMs to address electoral interference, or mentions that such interference took place.
A-2018-997: Documents pertaining to Huawei and/or 5G technology. These documents include, from page 9-13, part of a slide deck that offers an introduction to 5G and its potential benefits; this may be used to understand how decision makers were informed of the capabilities of the technology as it interrelated with the Internet of Things and Artificial Intelligence. 5G was seen as an economic driver and, also, the document (Page 13) indicates that Canada was to begin planning for 6G technologies, with a recognition that Ericsson and Huawei–their Canadian divisions–were seen as leaders for domestic innovation. Dated 2018.
A-2018-524: A CSIS Developing Intelligence Issue document that provides brief and broad background on the positions held by opponents against the Trans Mountain Expansion project. Dated 2018.
A-2018-421: Documents completed from Jan. 1, 2018 to June 26, 2018 concerning potential threats to the energy industry/pipelines. Of note, on page 6 under ‘what does CSIS investigate?’: activities directed toward undermining the government of Canada by covert unlawful acts – but does not include lawful advocacy, protest or dissent, unless carried on in conjunction with espionage/sabotage/serious acts of politically, religiously or ideologically motivated violence. Dated 2018.
A-2018-122: Threats to the Montréal-Pierre Elliot Trudeau International Airport. This document contains a discussion of threats to Pierre-Elliot Trudeau airport. Page 4 notes that the two core threats to the airport include terrorism, as well as espionage/foreign interference. Other than noting a news report (CBC/Radio-Canada article) on detection of IMSI catchers are the airport, all espionage/foreign interference elements are redacted. Dated 2017.
A-2017-325. This document contains the entirety of CSIS’ advice for persons travelling outside of Canada, and generally provides security information when abroad.
A-2017-214: All documents created by the Forbearance Working Group, SGES working group, and forbearance program from Jan. 1 2016 to August 23, 2017. Page 3 notes that a party was making a forbearance request under the SGES on April 26, 2016 and that it was granted on July 25, 2016 (5-6). Page 20 reveals that the party that had previously requested forbearance, once again requested it in/around Feb 23, 2017. Dated 2016-2017.
A-2017-138: All documents produced or received by CSIS concerning what would happen to all of the data captured by devices used to intercept data and metadata from mobile devices, or any similar tool for the surveillance of cell phones or tracing tool. Per these documents, CSIS, under guidance from SIRC, was working to “further enhance feedback on the utility of IMSI operations, and based on these findings, that the 2012 internal assessments be updated to help guide the direction of this potentially promising program” (2). Per page 7, and in response to the Federal Court asserting that CSIS could not collect or retain certain technical identifiers indefinitely, the Service established new directions concerning the collection and retention of electronic identifiers. This mean that, as of Feb 13, 2017, CSIS could not use technical measures for the purpose of collecting identifiers under s.12 or s. 16 (though note: still could under s. 21), and that the retained identifiers had to be retroactively destroyed. At least some retained data which had previously been managed per DDO Directive on Long-Term Operational Data Retention, was to no longer be “considered as falling into the category of Potentially Exploitable.” Page 8-15 includes a memo pertaining to CSIS’s targeting procedures. Here, we find that there is a class of activities identified as “General Authority” which do not require a targeting authority, whereas Level 1 and Level 2 operational tools and techniques do require authorization. What is included in those levels is redacted as well as that where foreign states’ information is guiding a decision to potentially engage in targeting, CSIS is required to take into consideration the states’ or agency’s “human rights record … and the specific circumstances under which the information was obtained.” There are special rules for targeting underage individuals. Paged 16-19 includes a directive on long-term operational data retention. This is an updated directive, and adds a third kind of collected information to support the collection of non-warranted imagery and other non-warranted technical information. All data is classified as either Unpublished (that which doesn’t have intelligence value one year after collection and then destroyed, with all data defaulting ot this), Potentially Exploitable Information (which has not be Published but may be operationally relevant and thus kept per CSIS’ retention schedule) and Published (i.e. information which has been included in a report, or any data that is found relevant under s. 13, 15, or 16 of the Act; such data is subject to a formal data retention period). Page 18 explains that retention conditions do not apply to metadata or datasets that are received from a redacted source, save for that which contains solicitor-client privileged material and thus must be dealt with under CSIS’ protocols to determine if the information should be destroyed. Page 22 contains examples to explain retention and notes that if data is subject to two conditions (e.g., potentially exploitable vs published) that the longer of the two states prevails. Dated 2014-2017.
A-2017-90: Documents that were produced from March to June 2017 as a result of the CBC allegations on April 3, 2017 pertaining to devices known as Mobile Device Identifiers (MSI), Stingray, IMSI catcher, etc. and their use in Ottawa. On page 26 we learn that the CSIS legal department is looking to confirm/fact check CBC/Radio-Canada story, concerning IMSI Catchers. Otherwise, the released comments largely replicate CSIS ATIPs A-2017-18 and A-2017-19. Dated 2017.
A-2017-19: Documents from March 27, 2017 to April 6, 2017 concerning the CBC/Radio-Canada story on MDI devices (IMSI catchers) near Parliament Hill. This ATIP contains nothing of note given that the internal communications have largely been redacted. Dated 2017.
A-2017-18: Documents from January 1, 2016-July 20, 2017 concerning the use of MDI devices (IMSI Catchers) by Canadian security agencies. Of note, page 2 makes clear that CSIS is not always required to obtain warrants to use MDIs. On Page 14, CSIS recognises that in determining whether to use techniques like IMSI Catchers, they either rely on authority under S.12 of their Act or in a redacted situation apply for a warrant to the federal court under S.21 of their Act. Page 25 reveals that SIRC contacted CSIS for information following the release of the CBC/Radio-Canada story on IMSI Catchers near Parliament Hill and the Capital Region more generally. Dated 2017.
2016 – CSIS Materials on Intelligence, Evidence, Disclosure, and National Security Litigation. This release contains CSIS briefing materials, committee notes, and a memorandum concerning the challenges that arise when intelligence is used in, or becomes subject to disclosure through, criminal, administrative, and civil proceedings. The records focus on how CSIS information may be relied upon by the Government of Canada in enforcing or administering laws, while also creating risks that sensitive sources, methods, foreign-partner information, tradecraft, and operational interests may be exposed through litigation. Of note, the materials discuss the legal regimes used to protect sensitive information, including section 38 of the Canada Evidence Act, section 18.1 of the CSIS Act concerning human-source identity protection, Division 9 of the Immigration and Refugee Protection Act, the Prevention of Terrorist Travel Act, and the Secure Air Travel Act. The records emphasize that section 38 proceedings can be costly, bifurcated, uncertain, and may force the government to choose between disclosure, settlement, withdrawal, or weakened ability to defend a case. The release is useful for understanding CSIS’s internal framing of the “intelligence to evidence” problem, disclosure risk, security-certificate litigation, civil liability exposure, and inter-agency controls such as the One Vision framework for managing CSIS information shared with the RCMP.
A-2016-331: All records pertaining to research and application in the field of quantum research. This is a pair of research reports, one from 2016 and the other from 2012. The 2016 report is actually written for CSE, and presumably the 2012 report for CSIS. Both are future looking forecasts, with big picture assessments of what technologies or trends might have national security implications in the future. On the whole, the reports are not particularly interesting save for how the agencies might have thought about, or planned for, future changes in society and technology. Dated 2012 and 2016.
A-2016-185: Threat Reduction Activities. This ATIP contains materials pursuant to “Any documents, including but not limited to, records of discussion on all strategic case management or four pillars discussions regarding threat reduction activities (TRA).”
2016 – CSIS Records on Threat Reduction Cooperation Frameworks with GAC and RCMP. This release contains CSIS records responding to a request for final framework documents developed with key government partners following the creation of CSIS’s threat reduction mandate under section 12.1 of the CSIS Act. The disclosed materials include a CSIS–Global Affairs Canada enhanced consultation mechanism for threat reduction activities and the CSIS–RCMP One Vision 2.0 framework for cooperation. Of note, the CSIS–GAC material establishes consultation and reporting mechanisms where threat reduction measures may have a foreign-policy component, including intelligence assessments on intermediate and strategic outcomes. The One Vision 2.0 framework updates earlier CSIS–RCMP cooperation arrangements to account for CSIS’s new threat reduction powers, while preserving the separation between CSIS intelligence activities and RCMP criminal investigations. It sets out principles and processes for strategic case management, tactical deconfliction, disclosure under section 19 of the CSIS Act, Stinchcombe-related disclosure issues, record-keeping, and assessing whether CSIS threat reduction measures could affect current or future RCMP operations. The release is useful for understanding how CSIS operationalized post-C-51 threat reduction authorities through inter-agency consultation, deconfliction, disclosure controls, and documentation requirements.
2016 – CSIS Director Briefing Binder for SECU Appearance on the National Security Framework Consultations. This release contains a large CSIS briefing binder prepared for the Director’s October 6, 2016 appearance before the House of Commons Standing Committee on Public Safety and National Security concerning Canada’s national security framework and Green Paper consultations. The binder includes transmittal notes, tables of contents, hot-issue lines, committee notes, media summaries, prior testimony, and prepared responses on CSIS authorities, Bill C-51, threat reduction activities, SCISA, foreign information-sharing, accountability, cyber security, “going dark,” terrorism, foreign fighters, returnees, and intelligence-to-evidence issues. Of note, the materials show how CSIS framed the post-C-51 national security debate: defending threat reduction powers as useful but subject to legal, proportionality, partner-consultation, and review controls; emphasizing that SCISA did not expand CSIS’s collection mandate or “strictly necessary” threshold; and describing approximately two dozen threat reduction approvals, none requiring a warrant at that point. The binder also includes lines on information-sharing with Global Affairs Canada, human-rights risk assessment and Ministerial Direction, the Almalki/El Maati/Nureddin cases, the Aaron Driver incident, approximately 180 terrorism-related travellers abroad, roughly 60 returnees, and the limits of traveller/returnee numbers as a threat metric. It is useful for understanding CSIS’s public and parliamentary messaging in 2016 on national security reform, oversight, foreign cooperation, lawful access, encryption, cyber threats, datasets, SIRC findings, and the operational implications of Bill C-51.
Government Response to the ODAC Ruling. This 555 page ATIP includes communications following the ODAC federal court ruling. Highlights include the following. There is a transcript of for-background information provided to external CSIS stakeholders post-ODAC decision on pages 108-118. Page 159-172, in reference to the CSE Comissioner’s 2014-2015 report on the CSE, discusses how CSE cannot ascertain how much unredacted Canadian metadata was shared with 5-eyes partners, in contravention of the law (this was done unintentionally per the CSE Commissioner) (171), that FVEY partners were not asked to minimized the shared information b/c it was not believed to be sufficiently contextual to individual Canadians to raise a significant privacy concern (171), and that CSE does not clarify how long this was taking place (171-172). CSIS hold that, with regard to ODAC, “It is impossible to quantify the number of individuals linked to the associated data, much less identify personal data such as citizenship” (192) and that on page 194, “Neither metadata or associated data includes any information that could relate to content.” On page 378, when assessing the SIRC’s review of CSIS’ accessing taxpayer information without warrant, and with insufficient managerial controls, a proposed speaking point to the minister was that under SCISA no warrant would be required in the future. Between pages 398-400, CSIS outlined that ministers had received briefings, or mentions, of ODAC at least 7 times (including one verbal warning), and that while information about the legal basis of ODAC’s operations or associated data hadn’t been explicitly discussed, ODAC itself (insofar as it existed) had been raised. Page 400 includes each time CSIS could determine when a Minister or Deputy Minister had been advised. Page 445 has a sentence beginning “With these principles…”, indicates there are 2-3 major issues with how CSIS has handled the ODAC system, also suggesting that there are potential long-term consequences associated with CSIS’ handling of ODAC. Page 465 includes a discussion of CSIS’ collection of bulk datasets, and the fact that insufficient information existed to guide the lawful collection of ‘referential’ datasets, with the issue being that in at least one cases data was obtained that exceeded referentiality and thus constituted a collection (and would have required a warrant). At the time the assessment was conducted, there was “no evidence to indicate CSIS’s data acquisition program had appropriately considered the threshold of “strictly necessary” as required in the CSIS Act.” Page 467 suggests that CSIS used s.17 to establish a partnership with a foreign agency with which it lacked a formal s.17 arrangement. Broadly, much of the document includes CSIS doing the following: asserting that it needn’t notify the Federal Court regarding associated data and, upon being told that it violated its duty of candour, seeking to avoid blame by pointing to the number of times Ministers were notified, the PIA submitted to the OPC as sufficient to ‘explain’ the program to the Commissioner, etc. So it’s a document that outlines crisis communications and blame deferral. Dated 2016.
2015 ATIP Release – 117-2014-345: CSIS–CSEC Memoranda of Understanding and Cooperation Agreements. This release contains CSIS records responding to a request for ministerial directions, memoranda of understanding, and cooperation agreements between CSIS and the Communications Security Establishment Canada. The records include historical and more recent CSIS–CSEC agreements, ministerial approval materials, transmittal slips, briefing notes, meeting agendas, and draft or final framework arrangements concerning cooperation on information and intelligence collection, information sharing, and operational support. Of note, the materials show efforts to consolidate and modernize CSIS–CSEC cooperation frameworks, including arrangements connected to CSIS’s foreign intelligence activities under section 16 of the CSIS Act and CSEC assistance under its technical and operational assistance mandate. The disclosed MOU language emphasizes cooperation within each agency’s legal authorities and mandates, the protection of Canadians’ legal rights, safeguards for shared information, limits on third-party dissemination, respect for caveats and classifications, privacy and records-management obligations, joint management structures, dispute resolution, and the use of working agreements to operationalize specific cooperation areas. The release is heavily redacted and visually degraded in places, but it is useful for understanding the governance architecture behind CSIS–CSEC collaboration, including how the agencies structured information sharing, operational assistance, ministerial approval, and inter-agency accountability before later statutory reforms.
Project SITKA: Serious Criminality Associated to Large Public Order Events with National Implications. This document was principally created by the RCMP but was released by CSIS under provisions of the Privacy Act and/or Access to Information Act. The report summarizes RCMP intelligence gathering activities that were focused on aboriginal-rights issues, such as land claims, energy projects, and right advocacy. Dated March 16, 2015.
CSIS Policy: Conduct of Operations. This policy describes the Service’s stance regarding operations conducted pursuant to its national security mandate under Sections 12, 15, and 16 of the Canadian Security Intelligence Service Act (CSIS Act). It also provides additional principles and requirements that the Service and its employees will adhere to while working to achieve the commitments outlined in this policy. Notable details include a discussion that warrants are coordinated by the Warrant Acquisition Control and Requirements (WACR) unit of the DDO secretariat, which is responsible for reviewing paperwork before it is submitted to the courts. Further, under S. 15, collected data can be used for supporting S. 12 investigations, and where there is no pre-existing S.17 foreign partner agreement to share data, CSIS may share data in emergency situations without first consulting the Minister or Deputy Minister. The Deputy must be informed “as soon as possible”. Finally, “[t]he Service will weigh the need to use intrusive operational tools and techniques against potential damage to civil liberties or the activities of a Canadian Fundamental Institution (CFI). CFIs include, but are not limited to, post-secondary, political, religious and media organizations.” Dated January 10, 2014.
A-2012-362: CSIS Participation in Institute for Quantum Computing Policy Symposium on Digital Security. This release contains CSIS records concerning an invitation from the University of Waterloo’s Institute for Quantum Computing to attend a September 21, 2012 policy symposium on the future of digital security. The records include the invitation letter, CSIS’s acceptance, and logistical correspondence about hotel booking, airport transportation, and travel arrangements for Alan Jones, then Assistant Director, Technology at CSIS. Of note, the invitation frames the symposium as an invitation-only discussion among leaders from government, academia, and industry on future digital-security challenges and the potential impact of quantum mechanics and quantum technologies. The event was scheduled alongside the opening of IQC’s Mike & Ophelia Lazaridis Quantum-Nano Centre, and was intended to foster relationships, identify challenges, and support follow-up collaboration. The release is brief and administrative in nature, but is useful for documenting CSIS engagement with academic and technical communities on quantum computing, digital security, and emerging technology policy issues in the early 2010s.
A-2012-238: ITAC Threat Alerts on Anonymous, Cyber Activism, Terrorism, and Extremist Threats (All documents on terrorist and the use of cyberattacks to commit terrorist acts for the period from Nov 9 2010 to Nov 9 2012). This release contains Integrated Terrorism Assessment Centre threat alerts and weekly threat review materials from 2011–2012. The records include assessments concerning Anonymous threats against Toronto, hacktivist threats against Alberta’s oil sands, a proposed “electronic e-jihad” centre, ITAC’s *Canada: Biannual Update on Terrorist and Extremist Threats*, and weekly threat review extracts addressing international terrorism, violent attacks, Olympic-related reporting, and other security issues.

Of note, the cyber-related alerts describe Anonymous-style activity using distributed denial-of-service attacks, website defacement, data theft, doxing, and related tactics, including threats linked to Occupy Toronto and to companies associated with Alberta’s oil sands. The “electronic e-jihad” assessment describes online calls for cyber attacks against U.S., UK, and French targets, including SCADA/control systems, financial institutions, and large companies. The broader ITAC biannual assessment frames al-Qaeda-inspired terrorism as the principal threat to Canada, while also addressing AQAP, AQIM, Al Shabaab, Boko Haram, LTTE fundraising, Lashkar-e-Tayyiba, Hezbollah, domestic issue-based extremism, critical infrastructure, transportation, energy, telecommunications, and terrorist financing.

On page 9 there is a discussion of Anonymous using SQL injections as part of their hacking tools, and page 11 discusses a proposal in an online jihadist forum to attack SCADA systems. The release is useful for understanding how ITAC treated cyber activism, online extremist mobilization, terrorism, domestic extremism, and critical-infrastructure risk within early-2010s threat reporting. Dated 2011-2012.
A-2012-088: Most recent reports concerning terrorism and extremism; foreign espionage and interference; proliferation of WMDs; cyber security and support to Canada’s Northern Strategy. This release contains Canadian security threat assessments from 2011–2012, including ITAC’s Canada: Biannual Update on Terrorist and Extremist Threats, a CSIS Intelligence Assessment titled Cyber Threats and Security: An Overview, and a CSIS assessment on The Global Overview: Weapons of Mass Destruction (WMD) and Proliferation Threats. The records assess threats to Canada and Canadian interests from international terrorism, domestic issue-based extremism, cyber operations, and WMD proliferation.

Of note, the ITAC assessment identifies al-Qaeda-inspired terrorism as the principal terrorist threat, while also discussing AQAP, AQIM, Al Shabaab, Boko Haram, LTTE fundraising, Lashkar-e-Tayyiba, Hezbollah, Syria, Iran, the Sinai, terrorist financing, transportation and critical infrastructure risks, and domestic issue-based extremism involving environmental, anti-capitalist, anti-globalization, and far-right causes. The cyber assessment frames Canada’s public and private sectors as increasingly dependent on networked systems, with risks arising from social engineering, malware, compromised users, insiders, weak attribution, mobile devices, and attacks linked to geopolitical events or special events. The WMD assessment highlights nuclear proliferation as the most urgent concern, particularly Iran and North Korea, while also noting the possible misuse of chemical, biological, radiological, or nuclear materials by terrorist or extremist actors.

On page 11 we learn that “small number of domestic extremists continue to be associated with issue-based causes such as environmentalism, anti-capitalism, anti-globalization, and far-right racism.” Further, ““Aboriginal communities across Canada remain focused on key issues such as sovereignty and outstanding land claims. At times more radical members of Aboriginal warrior societies advocate violence as a means of drawing attention to these issues.” On pages 12-24, there is a discussion of vulnerable computer systems and the availability of exploit kits, and as well as a note that companies are reticent to disclose intrusions to government authorities. The release is useful for understanding how ITAC and CSIS framed Canada’s threat environment in the early 2010s across terrorism, domestic extremism, cyber vulnerability, critical infrastructure, and proliferation issues. Dated 2011-2012.
2012-[Redacted] Data Management Governance Plan. This release contains Canadian Security Intelligence Service records concerning data management and data governance within ODAC, including a July 2012 “Data Governance Plan” and related presentation materials. The records frame data governance as the management of data availability, usability, integrity, and security, emphasizing personnel, policies, procedures, organizational structures, defined responsibilities, and stakeholder communication as necessary to make data accurate, consistent, secure, and available for mission purposes. Of note, the materials describe ODAC’s role in increasing the number of datasets available to support CSIS analytical capacity and investigations, while emphasizing controls such as validated authority to collect, management of over-collection risks, metadata generation, data ownership, stewardship, documentation, and alignment with information lifecycle management principles. The release is useful for understanding how CSIS was internally conceptualizing dataset acquisition, bulk data governance, analytical support, and data quality controls before later public and legislative debates about CSIS datasets and the Service’s legal authorities. Portions of the document are redacted or visually degraded, but the disclosed material provides insight into early CSIS thinking about data governance frameworks, enterprise data management, and the operational use of datasets.
2012 CSIS Release on ITAC Multi-Issue Extremism Reporting: Police Brutality Protests and World Economic Forum. This release contains CSIS records responding to a request for Intelligence Assessment Branch, Integrated Threat Assessment Centre, Academic Outreach, and related operational materials concerning multi-issue extremism from December 2011 to April 2012. The disclosed records consist of ITAC assessment notes, in English and French, concerning the 2012 International Day Against Police Brutality in Montréal and the 2012 World Economic Forum in Davos, Switzerland. Of note, the materials describe protest activity associated with the Collectif opposé à la brutalité policière, including planned demonstrations in Montréal and related anti-police or anarchist organizing, as well as anticipated demonstrations surrounding the World Economic Forum. The WEF assessment also references prior left-wing or anarchist incidents in Europe, including claimed responsibility for small explosions or suspicious packages, while distinguishing those incidents from the Canadian presence at the forum. The release is useful for understanding how ITAC framed protest movements, anti-police-brutality activism, anti-globalization demonstrations, anarchist organizing, and large international events within “multi-issue extremism” reporting during the early 2010s.
2012 CSIS Release on ITAC Reporting Concerning Multi-Issue Extremism and Public Order Events. This release contains CSIS records responding to a request for documents from the Intelligence Assessment Branch, the Integrated Threat Assessment Centre, the Academic Outreach and Coordination Program, and operational coordination notes or reports concerning multi-issue extremism between December 2010 and April 2011. The disclosed material consists largely of ITAC assessment notes, in English and French, concerning major public events, protest activity, and travel by Canadian officials. Of note, the records include assessments related to the 2011 Canada Winter Games in Halifax, the International Day Against Police Brutality in Montréal, the “Day of Action against Extraction” marking the anniversary of the BP oil spill, the World Economic Forum in Davos, and Canadian government travel to Switzerland. The assessments draw heavily on open-source information about protest plans, activist networks, anti-globalization and environmental campaigns, and prior public-order incidents, while repeatedly noting that ITAC would continue monitoring and provide updates as necessary. The release is useful for understanding how Canadian security agencies framed “multi-issue extremism” in the early 2010s, including the treatment of protest movements, animal-rights and environmental activism, anti-police-brutality organizing, anti-extraction campaigning, and large public or international events within threat-assessment products.
A-2011-150: CSIS Ministerial Briefing Materials on Foreign Arrangements, Information Sharing, Threat Assessments, and Accountability Issues. (From correspondence exchanged between the Director of CSIS and the Minister of Public Safety between January 1, 2011 and February 8, 2012. This release has a number of noteworthy elements). This release contains a large set of CSIS briefing materials and correspondence prepared for the Minister of Public Safety in 2011 and early 2012. The records include memoranda on foreign liaison arrangements under section 17 of the CSIS Act, information-sharing with foreign entities, ATIP and Privacy Act administration, CSIS public reporting, Inspector General findings, court and disclosure issues, and selected threat-assessment matters, including LTTE activity, al-Qaeda-related reporting, human smuggling, the 2011 Cricket World Cup, and vandalism targeting Montréal-area Jewish institutions.

Of note, the file includes the 2011 Ministerial Direction on Information Sharing with Foreign Entities, which sets out principles for assessing and mitigating the risk that shared information could contribute to torture or other cruel, inhuman, or degrading treatment or punishment. The release also includes materials on CSIS foreign and domestic cooperation arrangements, including arrangements with foreign partners and with Public Works and Government Services Canada concerning ITAR-related security support. Several records address institutional accountability and legal-risk issues, including CSIS’s public report, ATIP delegation orders, the Tommy Douglas file litigation, the Inspector General’s 2010–2011 certificate, and the UK Justice and Security Green Paper.

On page 10 we learn there is, “… a noticeable increase in economic espionage is posing risks to our control over strategic critical infrastructure, and refers to ongoing efforts by some countries to illegally acquire and transfer technology from Canada, especially as it relates to weapons proliferations.” Moreover, “As Canada is one of the most technologically advanced countries in the world, we remain especially vulnerable to cyber threats and attacks” (11). Pages 49-56 provide an update to the rules for CSIS sharing information with foreign partners. Page 52, in particular, notes that in some cases, CSIS may need to share or act on information derived from “mistreatment” (i.e. torture). Pages 97-102 includes an assessment by CSIS of the UK’s Green Paper at the time on the issue of intelligence to evidence. This is presented as a summary of the matters raised in the UK, with some small elements of lesson drawing (e.g., “the liberal democratic state is limited in how far it can reconcile the equally important imperatives of national security and procedural fairness in the administration of justice…the public communications benefit can also be limited, particularly when interlocutors choose to frame the debate in an adversarial manner.”

The package is heavily redacted, but is useful for understanding CSIS’s 2011 governance environment: foreign liaison controls, information-sharing safeguards, ministerial oversight, public accountability, litigation/disclosure risk, and how CSIS briefed ministers on security threats and inter-agency cooperation. Dated 2011-2012.
A-2011-123: CSIS Intelligence Assessment on Cyber Threats and Security. This release contains a November 2011 CSIS intelligence assessment titled Cyber Threats and Security: An Overview. The assessment examines cyber threats to Canadian public- and private-sector systems, emphasizing Canada’s dependence on networked technologies, Internet-connected systems, mobile devices, removable media, cloud computing, and critical infrastructure networks. Of note, the assessment frames Stuxnet as a major turning point in cyber operations, demonstrating that attacks once considered unlikely could be mounted against sophisticated targets where attackers had sufficient knowledge, resources, and access. The report highlights vulnerabilities arising from insecure default configurations, rapid technology adoption, social engineering, spear-phishing, compromised users, remote access tools, and the difficulty of attributing activity across jurisdictions. It also discusses emerging concerns around Duqu, handheld devices, wireless-network exploitation, special events, online activity surrounding political or social tensions, hacking collectives such as Anonymous, and risks to financial-sector, public-sector, and private-sector systems. The release is useful for understanding how CSIS framed cyber threats in the early 2010s as national security, economic security, critical infrastructure, and attribution problems, rather than merely technical or criminal issues.
A-2011-114: CSIS Memorandum on Lawful Access Legislation and Telecommunications Interception Obligations (Includes references to CALEA, Interception standards, and regional interception standards bodies). This release contains a short October 2011 CSIS memorandum to the Minister concerning proposed lawful access legislation, formerly Bill C-52. The memo addresses concerns raised by portions of the telecommunications industry that they had not been adequately consulted and that Canadian telecommunications service providers could be required to purchase more expensive or complicated interception-capable equipment than their U.S. counterparts.

Of note, CSIS states that formal consultations with the telecommunications industry on lawful access had occurred in 2002, 2005, and 2007. The memorandum compares the Canadian proposal with the U.S. CALEA framework, emphasizing that the proposed Canadian legislation would not require government-defined technical standards for equipment, but would instead establish operational requirements while allowing providers to choose interception solutions that fit their networks, suppliers, and business plans. The memo also states that the proposed legislation would include transition periods, exemptions for smaller service providers, and possible compensation where interception thresholds were exceeded.

This memo outlines why the CSIS does not believe that the arguments being made by industry stakeholders about the difficulty and costs of building in interception capabilities are accurate. It argues that the TSPs will not be required to meet any standards and that this is a good thing, because it will provide TSPs with the option of meeting requirements however they see fit. Moreover, there is an assertion that this isn’t all that different from CALEA, though there is no specific rationale as to why that’s the case–the Canadian proposal was in excess of just CALEA-based information. The release is useful for understanding CSIS’s internal framing of lawful access debates, including industry consultation, intercept capability requirements, cost concerns, and comparisons between Canadian lawful access proposals and the U.S. CALEA model. Dated 2011.
A-2011-082: All information regarding CSIS involvement with the WikiLeaks Task Force from November 2010 to August 2011. This release contains records concerning the Canadian government’s response to the 2010–2011 WikiLeaks diplomatic cable releases. The materials include updates, emails, situation reports, media summaries, tasking notes, contact lists, and briefing materials related to the DFAIT WikiLeaks Task Force, with CSIS Intelligence Assessment Branch and other officials assisting in identifying cables of potential relevance to Canada or to specific government departments.

Of note, the records show officials tracking the number of WikiLeaks documents reviewed, identifying files of interest, coordinating with liaison officers across government, monitoring Canadian and international media coverage, and preparing response lines for questions about the leaks. The materials include summaries of cables involving Canada–U.S. relations, Afghanistan, Omar Khadr, CSIS-related reporting, Canadian missions, U.S. Embassy assessments, critical infrastructure and resource sites in Canada, and later WikiLeaks releases involving Canada-related diplomatic material. The release is useful for understanding how Canadian departments operationalized a rapid interdepartmental review process in response to WikiLeaks, including triage of leaked diplomatic material, assessment of potential Canadian policy or security implications, media monitoring, and coordination

This ATIP release mostly involved internal DFAIT assessments of the documents which were released about cables from Wikileaks. In aggregate, it showcases the number of people who were stood up into a ‘war room’ to assess cables and their potential damage towards Canadian interests, as well as media monitoring for how the Canadian and international media were covering the cables, with specific focus on the Canadian angle. Dated 2010.
A-2011-07-04: For the period of 2008 to present. Threat assessments produced by the Integrated Threat Assessment Centre relating to cyber security, cyber threats and cyber incidents including but not limited to malware, bots and other cyber attacks. Page 3 includes an assessment that was created in response to request from Canadian Electricity Association Security and Infrastructure Protection Committee. We learn that, on page 4, insider threats to power generation systems, as opposed to external actors, were seen as the most significant threat. A definition of cyber-terrorism is provided on page 17: “…cyber terrorism is defined as a computer-generated attack against other computers or computer-controlled systems via a communications network … Examples of cyber terrorism include computer hacking introducing viruses to vulnerable networks, web site defacing, denial of service (DoS), and distributed denial of service (DDoS) attacks.” Page 30 includes the definition of a backdoor: “Backdoor: a means of access to a computer and or program that bypasses security mechanisms. A programmer may install a backdoor so that the program can be accessed for means of troubleshooting or other purposes, but an attacker may exploit or use a backdoor to gain unauthorized access to information or install spyware.” Dated 2008-2010.
2011 – CSIS Memorandum on Lawful Access Legislation and Telecommunications Intercept Capability. This release contains a two-page October 2011 CSIS memorandum to the Minister concerning proposed lawful access legislation, formerly Bill C-52. The memo responds to telecommunications industry concerns that companies had not been adequately consulted and that Canadian service providers might be required to purchase more expensive or complicated interception-capable equipment than comparable U.S. requirements.

Of note, CSIS states that formal consultations with the telecommunications industry on lawful access took place in 2002, 2005, and 2007. The memo compares the proposed Canadian framework with the U.S. CALEA model, emphasizing that the Canadian proposal would establish operational interception requirements rather than government-imposed technical standards. It also notes that the legislation would include transition periods, exemptions for smaller service providers, continued interception obligations for providers with existing capabilities, and possible compensation where interception thresholds were exceeded. The release is useful for understanding CSIS’s internal framing of lawful access, industry consultation, intercept-capability obligations, cost concerns, and comparisons between Canadian lawful access proposals and the U.S. CALEA framework.
2009 – CSIS and ITAC Materials on Multi-Issue Extremism, Protest Activity, Critical Infrastructure, and Special Events. This release contains CSIS and ITAC materials concerning “multi-issue extremism” from roughly 2006–2010, including threat assessments, biannual terrorism/extremism updates, standing requirements, national update notes, and studies on animal-rights and environmental extremism. The records address events and issues including the 2007 North American Leaders’ Summit in Montebello, the 2010 Olympic and Paralympic Winter Games, anti-globalization and anti-Olympic protest activity, Aboriginal land-rights disputes, environmental and animal-rights activism, sabotage concerns, and threats to critical infrastructure. Of note, the materials show how CSIS and ITAC framed “multi-issue extremism” as activity associated with anti-globalization, anti-capitalist, anarchist, animal-rights, environmental, anti-war, anti-Olympic, and related causes where serious violence, sabotage, or threats could be used for political or ideological purposes. The release includes specific discussion of the Initiative de résistance internationaliste, Earth Liberation Front, Greenpeace actions, Sea Shepherd activity, Olympic Resistance Network-related protests, Aboriginal National Day of Action concerns, rail and energy infrastructure risks, and corporate or Olympic sponsor targeting. The file is heavily redacted in places, but is useful for understanding how Canadian security agencies categorized protest-adjacent movements, distinguished lawful activism from threat-related activity, and assessed possible links between direct action, sabotage, public-order events, and critical infrastructure protection.

Communications Security Establishment (CSE)

A-2019-00040: Cyber Defence Activities MA 2nd Semi-Annual Report 2018/19. This ATIP pertains to private communications (PCs) that were retained by the CSE in the course of undertaking defensive elements of its mandate. It makes clear CSE adopts an analyst-based approach to identifying PCs (and redacted how many PCs were collected) and that, due to a new method, there were fewer identified. Of note, communications which were “intentionally malicious” were not counted as PCs. Dated August 2019.
A-2019-00033: Directions for Data Science at CSE. This ATIP concerns data science activities that are being undertaken at the CSE, with all information being about the Tutte Institute or Applied Research at the CSE. Topics include the skills that are needed for data science at the CSE, a slide deck on what is data science/machine learning, and a discussion on page 72 that the Tutte Institute undertakes strategic research whereas the CSE undertakes applies research. Dated 2018.
A-2019-00025: Memorandum to the Minister of National Defence–Notification of Cyber Defence Defence Activities at [Redacted]. This ATIP concerns requests to the CSE to provide federal institutions with services under part B of the CSE’s mandate. It includes a letter from an unnamed agency requesting cyber defence services (note: this does not indicate defensive cyber operations, but cyber security services). The party responsible for this defensive work was the Director Autonomous Defence and Sensors at the Cyber Centre. Dated May-June 2019.
A-2019-00020: Social Media/WeChat Guidance. This ATIP addresses questions put to CSE about whether, and if so under what conditions, MPs should use WeChat. Page 26 includes a discussion of communications in the CSE, about the PMO asking for a sense of the kind(s) of advice that CSE would provide to MPs on using WeChat. This is in reaction to (page 27) a note that “…parties are encouraging the use of WeChat in their campaigning” to which an individual (presumably within CSE) responded with “Just heard about this … thought it was a joke. Thanks for flagging.” Dated June-July 2019.
A-2018-903: 2017 Security Review Program report and Public Safety Media Clippings. Pages 1-17 are highly redacted but indicate that telecommunications systems (likely those associated with Huawei) are subject to a review though no company is named. Material is from Fall of 2018.
A-2018-00041: Supply Chain Integrity. This is a slide deck prepared about supply chain integrity, with page 7 revealing the number of requests from SSC to the CSE about supply chain requests. In 2014-15 there were 449, 2015-16 were 704, 2016-17 were 868, and in 2017-2018 were 746. Dated late 2017 or 2018.
A-2018-00040: PIAs concerning SIMON (used to disseminate, retain and dispose of personal information for the purposes of personnel screening) as well as its Key Management Infrastructure. SIMON is used by the CSE’s Corporate Security Directorate (CSD) to both record information about personnel who have been screened as well as control access to SIGINT materials and, on page 8, the document notes it is used to track accesses managed by other organizations, and specifically refers to National Defence as TALENT KEYHOLE (TK). Page 45 reveals that Canadian Top Secret Network (CTSN) was formally known as MANDRAKE. Dated 2016-2017.
A-2018-00030: Response to CSE Commissioner’s Annual Review of the CSE Privacy Incidents File, Second Party Incidents File, and Minor Procedural Errors File. This ATIP discusses various errors made by the CSE over the course of the reviewed period. Of the 10 MPEFs, one led to a collection system collecting information that included Canadian-to-Canadian communications, though no information was collected before the problem was identified and rectified. In each of the 33 SPIF errors the CSE made requests to rectify the error, which sometimes arose as a result of the second party not appreciating Canadian policies. Some second parties received remedial education on Canadian policies but it is unclear whether this included all second parties or not. Page 6 reveals there were 48 PIFs, though none were material. In at least one case an employee untook an action that was “contrary to CSE policy” and that CSE’s response was “adequate”. In another instance, a collection tool caused Canadian person information to be collected into CSE repositories, though this appears to have been “satisfactorily identified and corrected.” Page 8 clarifies that the reviews undertaken by the CSE commissioner are done based on the instances the CSE has identified where a privacy incident took place and was recorded. Reviews of MPEF, PIF, and SPIF are meant to ensure that the Commissioner could assess whether there were trends in the kinds of violations being recorded, and are separate from the more in depth reviews of particular programs the Commissioner undertook.
A-2018-00018: Documents Pertaining to the 2018 G7 Meeting in Canada. This ATIP includes materials from CSE as well as other bodies, such as ITAC. Page 13-31 are from a CSE Cyber Threat Briefing, with page 16 denoting that key threats were from hacktivists, state actors, and cyber criminals. Page 32 recognizes that SS7 or SCADA could be targeted during event, telecommunications infrastructure or websites and other systems. Pages 30-40 of the document maritime and RCMP-assessed risks. The former focuses extensively on the risks activists may pose–and the marginal risks posed by terrorists–and similarly the RCMP focuses principally on the risks posed by activists on the right and left.
A-2017-00077: C-59 Briefing Binder. This release contains a November 2017 CSE briefing binder on Bill C-59, the proposed National Security Act, 2017, with a focus on the proposed stand-alone Communications Security Establishment Act. The binder includes backgrounders, speaking points, graphics, and a Charter Statement addressing CSE’s proposed authorities for foreign signals intelligence, cybersecurity and information assurance, assistance to federal security and intelligence partners, foreign cyber operations, metadata, publicly available information, SIGINT operations, and transparency and accountability.

Of note, the materials frame Bill C-59 as modernizing CSE’s legal authorities while adding new accountability structures, including review by the proposed National Security and Intelligence Review Agency, parliamentary review by NSICOP, and quasi-judicial approval of certain authorizations by the proposed Intelligence Commissioner. The binder explains proposed new powers for active and defensive cyber operations, broader cybersecurity assistance to non-federal systems designated as important to the Government of Canada, continued assistance to DND/CAF and federal law enforcement or security agencies, and clarified rules for acquiring, using, retaining, and disclosing information, including metadata and publicly available information. The release is useful for understanding how CSE explained the policy rationale, legal limits, privacy safeguards, and Charter considerations behind Bill C-59 and the proposed CSE Act before the legislation was enacted.

This ATIP includes the formal unclassified briefing binder associated with C-59, the Charter Statement associated with the legislation, and specific examples of how the different elements of the CSE’s mandate might be exercise (e.g., what was entailed in FORINT, Information Assurance, Assistance, and Active or Defensive Cyber Operations). Dated November 2017.
A-2017-00073: Briefing notes, bulletins, studies, media lines and PowerPoint decks from the 2017 calendar year speaking to why these fixes in C-59 are necessary and what roles and responsibilities at CSE may change plus any email correspondence Greta Bossenmaier or her designates may have had with Public Safety Canada officials on this subject matter in January 2017 and March 2017. Pages 7-8 offer an overview of examples the CSE presents as to operations it might undertake following the passage of C-59. On page 9 CSE asserts that the privacy ramification of collecting any PII from public sources about Canadians is low, because it’s public. Pages 9-10 generally, outlines all of the cases where the CSE prohibition on targeting Canadians or infrastructure in Canada can be ignored. Notably, this is indicated for almost every type of new activity the CSE would be empowered to engage in, following the passage of C-59. Page 11 discusses how academic outreach meets were to “simply attend” and if “nothing blows up” then “immediately forget the event ever happened and move to the next one[.]”
A-2017-00026: Briefing Note for Minister of DND-Response to the CSE Commissioner’s Review of CSE Cyber Defence Metadata Activities. This release contains CSE and ministerial records concerning the CSE Commissioner’s December 2016 Review of CSE Cyber Defence Metadata Activities. The package includes a briefing note for the Minister of National Defence, the Commissioner’s letter summarizing the review, and the Minister’s response. The review examined CSE’s use of metadata in an information technology security context, marking the third and final part of the Commissioner’s broader review of CSE metadata activities that began in 2013.

Of note, the Commissioner states that cyber defence metadata remained essential to CSE’s mandate to identify and mitigate sophisticated foreign malicious cyber threats affecting Government of Canada systems. The review describes CSE cyber defence activities as copying and storing a subset of Government of Canada client network data, including metadata, to identify anomalous or malicious cyber events, contextualize threats and malware, and develop mitigation advice. The Commissioner distinguishes this from unselected bulk metadata collection under CSE’s foreign intelligence mandate, noting that cyber defence activities acquire both content and metadata from Government of Canada networks in relation to cyber events. The records further state that CSE treats metadata capable of identifying a communicant or communication, such as email “from” and “to” fields or linked IP addresses, like a private communication and applies corresponding privacy-protection measures. Notably, This document includes a description of how CSE’s cyber threat detect systems operate, including that it extracts some metadata and content from communications and that such activities do not constitute bulk unselected collection. The collection of malicious code of social engineering prompts is treated by CSE as private communications at the time of writing.

The release is useful for understanding CSE’s cyber-defence metadata practices, the distinction between foreign-intelligence and cyber-defence metadata activities, and the oversight framing applied to metadata used to protect Government of Canada systems. Dated February 2017.
A-2017-00007: CSE Response to CBC article on IMSI Catchers and RCMP 2017 Briefing on IMSI Catchers. Page 11 includes the full PSC portfolio of responses; what the RCMP, CSIS, and PS generally asserted with regards to their agencies’ use of IMSI Catchers. They generally decline to provide information, and give standardized reasons for the refusal. Page 52 notes that the CSE is uncertain of the reliability of IMSI catcher catchers, and that someone will be looking into this and its likelihood of generating false positives. Page 54 details the conditions that are placed on policing uses of IMSI Catchers, with the recipient of the information being the Chief of CSE. Page 79, in response to whether CSE could assist RCMP or CSIS with IMSI Catchers, CSE declines to answer on the basis that doing so would entail commenting on an ongoing RCMP investigation.
A-2016-00101A | A-2016-00101B | A-2016-00101C | A-2016-00101D. This ATIP is broken into four parts (A, B, C, and D) and provides documents about briefing notes, memos, guidelines, presentations, privacy impact assessments, reports, and/or studies on policies pertaining to law enforcement agencies seeking electronic investigative assistance from intelligence agencies (under Mandate C). This release contains CSE records concerning policies for providing electronic investigative assistance to federal law enforcement and security agencies under Part (c) of CSE’s mandate. The records include a memorandum to CSE’s Policy Committee recommending approval of OPS-4, Policy on Assistance to Law Enforcement and Security Agencies under Part (c) of CSE’s Mandate, and the operational policy itself, effective August 2, 2016.

Of note, OPS-4 modernized and consolidated earlier procedures governing CSE assistance to law enforcement and security agencies, including OPS-4-1 and OPS-4-3, and reflected changes associated with the Protection of Canada from Terrorists Act and the Anti-terrorism Act, 2015. The policy sets out conditions for assistance, including written requests for assistance, confirmation that the requesting agency has lawful authority, legal/policy/disclosure risk assessment, record-keeping, treatment of sensitive law enforcement material, limits on use of Part (c) information for CSE’s foreign intelligence or cybersecurity mandates, and consequences for non-compliance. The release also includes portions of the CSE Commissioner’s 2015 review of CSE assistance to CSIS under section 16 of the CSIS Act, which found the reviewed assistance lawful and privacy-protective but recommended updates to outdated memoranda of understanding, removal of references to the former 1987 Tri-Ministerial MOU, and clearer documentation of processes, roles, and responsibilities. The file is useful for understanding CSE’s post-2015 governance framework for Mandate C assistance, CSIS section 16 support, request-for-assistance controls, disclosure-risk management, and privacy safeguards.
A-2015-00037: CSEC 2015 Report. This provides high-level summaries of CSE’s vision, mission, principles, and priorities. It contains extensive redactions, with information remaining addressing the new building CSE staff would be moving into, plans to generally strengthen the staff at CSE (e.g., by improving “transparency and accountability for decision making at CSEC within a renewed governance framework and improved resource management tools”), and ensure that by 2015 “cyber defence operations will fit seamlessly within the extended cryptologic enterprise, and ITS, SIGINT domestic and Five Eyes partners will continually share information critical to the protection of government systems.” Finally it is of note that CSE recognizes it had “delivered valued technology support to and strengthened partnerships with national security agencies and law enforcement” and that CSE was working “tirelessly” to secure additional funding for the CSE’s new building.
A-2015-00037: Everything You Never Wanted To Know About ATIP (Part 1 and Part 2). This document provides a detailed explanation to CSE employees about the rules and laws surrounding ATIP legislation. It includes a warning that CSE staff should be careful to manage information, including deleting transitory information once it is no longer required while preserving official documents. It, also, explains how to handle information under CSE’s control but which might have originated from another government (e.g., USA and NSA) or agency (e.g. Department of Justice). CSE employees are advised that, if they have a concern that an ATIP request relates to a security breach that they “speak with the ATIP Analyst identified in the ATIP request” who can, then, but the concern to the “attention of the Minister’s senior delegated officials […] for consideration.” These officials “are authorized to know the identity of the requestor.” Notably, in at least some cases “very motivated requestors are willing to pay over a million dollars in additional fees for the records they originally requested.” Dated after April 1, 2014.
A-2014-00107: Export Control Issues and 0-Days. This ATIP provides a short summary of export control issues associated with cyber proliferation along with a raft of internal emails sending different news stories about 0-days and cyber mercenaries, with some comments interspersed. Dated 2013-2014.
A-2014-00059: Briefing material directly related to the CBC story on January 30, 2014 that CSEC used airport WIFI to track Canadian travellers. Please search records from January 1, 2014 through May 1, 2014. This release contains CSE records concerning the January 2014 CBC story alleging that CSE had used airport Wi-Fi metadata to track Canadian travellers. The package includes the access request, media correspondence, internal emails, briefing notes, draft and final question-and-answer materials, speaking points, and a heavily redacted slide deck titled IP Profiling Analytics & Mission Impacts. The records relate to CSE’s use of historical metadata to build and test analytic models for identifying network activity patterns around public Internet access points, including airports, hotels, coffee shops, libraries, wireless gateways, and other travel-related nodes.

Of note, CSE’s public-response materials repeatedly state that the activity was not an operational surveillance program, did not involve monitoring airport operations, did not collect private communications content, and was intended to develop a mathematical or analytical model to help identify legitimate foreign intelligence targets such as terrorists, hostage-takers, and foreign intelligence agents. The records also show internal concern that further details would reveal classified SIGINT methods, capabilities, tradecraft, and sources. The released slide material is useful for understanding how CSE described IP profiling as a “needle-in-a-haystack” analytic, including contact chaining across air gaps, geo-hop profiling, modelling of public access-point patterns, and the operational value of distinguishing airports, hotels, enterprises, coffee shops, libraries, and wireless gateways. The file is heavily redacted but is important for understanding CSE’s post-Snowden public messaging on metadata, the legal/oversight framing around metadata analysis, and the technical logic behind the airport Wi-Fi controversy.

Most of the ATIP’s most interesting parts on on pp. 9-11 and pp. 14-18 and 37-44. Note that, apparently, the tool was to track terrorists, kidnappers, and foreign intelligence agents. This third category is new. (And noted on pp. 30). On pp. 14 there is a statement that the tool WAS used operationally, to the effect of “identify terrorist threats affecting Canadian and allied interests.” Thus, the assertions that this is ‘just’ an analyst model bely the fact that it was actually tested using dominantly Canadian data (firming up the position that Canada is CSE’s test population) and then implemented on the world (and, possibly, at home as RCMP/CSIS make requests for assistance). On pp. 27 they note that revealing the fact a Canadian airport was used as a seed “would be damaging in putting into question CSE’s SIGINT’s use of CND metadata”.
2014 – CSE Q&A Binder for Senate Security Committee Appearance on Metadata, Oversight, Privacy, Cyber Defence, and Agency Operations. This release contains CSE question-and-answer materials prepared for the Chief in advance of an early February 2014 appearance before the Senate security committee. The binder covers a wide range of anticipated issues, including CSE’s value to Canada, review and accountability, the unauthorized disclosure of the metadata / airport analytics deck, metadata collection and retention, privacy protection, information sharing with domestic and international partners, CSE’s Long-Term Accommodation project, personal information banks, ministerial authorizations, lawful access, cyber threats, CSE’s relationships with government departments and Five Eyes partners, and financial/accommodations issues. Of note, the materials include detailed response lines concerning the airport metadata controversy, emphasizing that the activity was described as an analytical model built from a snapshot of historical metadata, not an operation, and that it was not intended to identify Canadians or monitor airport operations. The binder also sets out CSE’s broader public messaging on metadata: that metadata is distinct from communications content, that it is needed to understand global communications infrastructure and direct foreign intelligence activities, and that CSE applies privacy safeguards, legal review, ministerial directives, and Commissioner oversight. The release is useful for understanding how CSE prepared to publicly defend its metadata practices, foreign intelligence mandate, privacy safeguards, external review regime, cyber-defence role, information-sharing practices, and post-Snowden institutional accountability narrative before parliamentary scrutiny.
A-2014-00043: OPS-1-7: Operational Procedures for Naming in SIGINT Reports.
A-2014-00013: Most recent copies of operational document OPS-1-11 and OPS-1-14.
A-2013-00129:A detailed cost breakdown of the $300-million dollar payment CSE incurred in 2014. This ATIP outlines how much was spent by the CSE in developing their new headquarters.
CSE Organisational Chart (Image). Dated December 5, 2013.
“CSEC101”: Foundational Learning Curriculum. Date January 2013.
OPS-1-14: Operational Procedures for Cyber Defence Operations Conducted Under Ministerial Authorization. Dated December 2012.
A-2012-01384: All internal audit and evaluation reports completed by or for Communications Security Establishment Canada in 2012. This release contains a 2011–2012 CSEC evaluation of the High Assurance Products and Services Program, which provided products, services, advice, guidance, certification recommendations, and cryptographic/key-management support to Government of Canada departments and agencies. The evaluation assessed the program’s relevance, operational effectiveness, governance, performance measurement, client service, internal service support, and alignment with CSEC’s mandate to protect electronic information and information infrastructure of importance to the Government of Canada.

Of note, the evaluation found that the High Assurance Program remained relevant and aligned with federal cyber security and information-protection priorities, but identified pressures involving governance complexity, prioritization, business planning, performance measurement, client feedback, internal service coordination, staffing, and resource constraints. The report recommended that CSEC improve business planning with internal service providers and develop better measures of the impact that internal services have on operations. The release also includes a partially disclosed CSEC Security Posture Assessment concerning the Department of National Defence, with most assessment results withheld. The file is useful for understanding CSEC’s role in high-assurance cryptographic products, COMSEC support, Government of Canada IT security assurance, internal program management, and interdepartmental cyber/information-security service delivery.
A-2012-01220: DRDC Report on Cyber Security Metrics and Canadian Research Capacity. This release contains an October 2012 Defence Research and Development Canada contractor report titled The State and Scientific Basis of Cyber Security Metrics: Including Canadian Perspectives. The report examines the state of enterprise cyber security metrics, including academic research, Canadian university work, Canadian industry offerings, and whether existing approaches provide a rigorous scientific basis for measuring cyber security. Of note, the report finds that cyber security metrics were still scientifically immature, with limited validated research and many practical metrics focused on counts, risks, compliance, vulnerability reporting, and situational awareness rather than robust measurement of security outcomes. It surveys Canadian and international academic work, identifies a relatively small but notable Canadian research base, and reviews Canadian vendors whose products use or generate security metrics, particularly through security information and event management systems. The report proposes a “methodological scientific framework” for enterprise cyber security metrics and concludes that SIEM technology could provide a practical foundation for a security dashboard, while recommending further work to make metrics more rigorous, repeatable, scientifically grounded, and useful for operational decision-making.
A-2012-00938: Emails from September 21, 2012 that mention Huawei and/or refer to a Globe and Mail story published Sept. 21, 2012: ‘Ottawa casts wary eye on Chinese giant.’ This release contains CSEC emails, media monitoring, draft media response lines, question period notes, and advice-for-the-Minister materials concerning media coverage of Huawei and foreign telecommunications equipment in 2012. Much of the package relates to a Globe and Mail story based on earlier ATIP releases about CSEC briefings on supply chain threats, foreign telecommunications equipment, and risks to Canadian government information infrastructure.

Of note, the records show CSEC coordinating public messaging with Public Safety, Industry Canada, National Defence, and other government communications officials in anticipation of media and parliamentary questions. The proposed lines emphasize that CSEC provides Government of Canada departments and agencies with advice, guidance, and services to protect electronic information and infrastructure, works with departments and the private sector to raise awareness of IT security threats, and is a key player in Canada’s Cyber Security Strategy. The materials avoid commenting on specific classified advice or particular companies, while acknowledging public concern about whether Huawei equipment could pose risks to Canada’s telecommunications networks.

Of note, on page 93, we find that “[t]oday, telecommunications equipment is undertaken by a small number of global vendors. Global manufacturing is susceptible to exploitation by foreign intelligence organizations seeking to exploit global supply chains for national advantages. The Communications Security Establishment Canada (CSEC) provides advice on a range of national security threats to the Government of Canada based on classified information that cannot be publicly disclosed.” The release is useful for understanding how CSEC and partner departments managed public communications around Huawei, supply chain security, telecommunications infrastructure, foreign ownership, cyber security, and the limits of what officials would disclose about classified technical advice.
A-2012-00776: Briefing Note notes to the Minister and DM, media lines, ministerial directives, and correspondence prepared or exchanged by CSEC regarding the ministerial directive that was created to guide the CSEC collection of information for 2011. This release contains CSEC materials prepared for the 2011–2012 renewal of Ministerial Authorizations and related Ministerial Directives, including briefing slides for the Minister of National Defence, memoranda seeking approval of an updated *Collection and Use of Metadata* Ministerial Directive, and correspondence notifying the CSE Commissioner of newly issued authorizations and directives. The records show CSEC seeking approval for new Ministerial Authorizations covering SIGINT and information-protection activities, while stating that the scope of the authorizations remained largely unchanged.

Of note, the materials describe the Ministerial Authorization regime as permitting CSEC activities that may risk incidental interception of private communications, subject to conditions intended to protect the privacy of Canadians. The updated metadata directive, signed November 21, 2011, defines metadata as information associated with a telecommunication and states that metadata acquired through foreign intelligence acquisition programs is subject to CSEC’s existing privacy-protection procedures, reporting protocols, and CSE Commissioner review. The package also includes briefing material on related Ministerial Directives, including assistance to federal law enforcement and security agencies, a framework directive, and metadata collection and use. The release is useful for understanding CSEC’s annual authorization process, ministerial governance of metadata activities, and public messaging on CSEC’s Long-Term Accommodation project, cyber-security role, oversight, and privacy protections.
A-2012-00690: Ministerial directives, final and draft media lines, memos and letters prepared or exchanged by CSEC regarding the ministerial directive that was created to guide the CSEC collection of “Information about Canadians” (metadata) for the period 2008. This release contains CSEC and Office of the CSE Commissioner records concerning the Commissioner’s review of CSEC metadata activities under the March 9, 2005 Ministerial Directive on the collection and use of metadata. The records include correspondence between CSEC, the Minister of National Defence, the National Security Advisor, and the CSE Commissioner; proposed CSEC management responses to OCSEC findings and recommendations; the Commissioner’s January 2008 review report; and a draft version of OPS-1-10, *Procedures for Metadata Analysis*.

Of note, the records show sustained disagreement and follow-up between CSEC and OCSEC about how metadata activities should be legally characterized, including whether certain activities were properly conducted under CSEC’s foreign intelligence mandate or assistance mandate. The Commissioner’s review raised concerns about legal authority, accounting for private communications, documentation, corporate record-keeping, management direction, and the need for clearer policies and procedures governing metadata activities. CSEC responses emphasize that some recommendations were accepted or already being addressed, including through OPS-1-10, new documentation requirements, and further review of policy instruments. The release is heavily redacted, but is useful for understanding pre-Snowden Canadian metadata governance, CSEC’s internal legal and policy debates, OCSEC’s oversight concerns, and the emergence of formal metadata-analysis procedures.
A-2012-00688: Ministerial directives, final and draft media lines, memos and letters prepared or exchanged by CSEC regarding the ministerial directive that was created to guide the CSEC collection of “Information about Canadians” (metadata) for the period 2005 and 2006. This release contains correspondence between CSE and the Office of the Communications Security Establishment Commissioner concerning legal advice related to CSE metadata activities. The package includes a November 2006 covering letter providing OCSEC with a copy of a legal opinion, while noting that the opinion was protected by solicitor-client privilege and that disclosure to the Commissioner did not waive that privilege. Most of the legal opinion itself is withheld under section 23 of the *Access to Information Act*.

Of note, the release also includes OCSEC correspondence requesting legal opinions and other legal documentation relevant to its review of CSE metadata activities, including activities defined and governed by a Ministerial Directive and draft operational procedures. The file includes a 2005 Ministerial Directive on CSE’s collection and use of metadata under foreign intelligence acquisition programs, defining metadata as information associated with a telecommunication used to identify, describe, manage, or route the telecommunication. The directive states that CSE would use and retain metadata under existing privacy-protection procedures, limit use to specified purposes, and be subject to review by the CSE Commissioner. The release is heavily redacted, but is useful for understanding the legal and oversight framework around CSE metadata activities, solicitor-client privilege, and ministerial governance of metadata collection before later public debates and legislative reforms.
A-2012-00543: Final Report Analysis of Darknet Space for Predictive Indicators of Cyber Threat Activity. This release contains a National Cyber Forensics and Training Alliance Canada final report, prepared in collaboration with Defence Research and Development Canada’s Centre for Security Science and Industry Canada, titled Analysis of Darknet Space for Predictive Indicators of Cyber Threat Activity. The report examines how darknet traffic, passive DNS data, malware feeds, phishing URLs, spam traps, and related cyber-intelligence sources could be used to identify, correlate, and predict cyber threat activity affecting government, critical infrastructure, financial institutions, Internet service providers, and other targets. Of note, the report reviews darknet concepts and threat categories, including advanced persistent threats, brand abuse, zero-day attacks, distributed denial of service, stolen information, child exploitation, and cyberterrorism. It also surveys darknet technologies and research projects, proposes an architecture for collecting and processing cyber-threat data, and describes experimental analysis of darknet packets, protocols, ports, operating systems, service providers, malicious domains, drop locations, malware command-and-control indicators, phishing URLs, and time-series patterns. The release is useful for understanding early Canadian work on automated cyber-intelligence generation, predictive indicators, darknet monitoring, and threat-correlation methods. Some sections, figures, and technical details are withheld under access-to-information exemptions, but the disclosed material provides substantial insight into the analytical methods and assumptions underlying the project.
A-2012-00397: CSEC Materials on Supply Chain Threats, Next-Generation Cellular Networks, and Huawei. This release contains CSEC presentation and briefing materials from 2012 concerning technology supply chain threats to Canada, with a particular focus on telecommunications infrastructure and Huawei’s commercial activities in the Canadian market. The records include a slide deck titled Supply Chain Threats to Canada, an overview of Huawei activities in Canada, and a briefing note on Government of Canada policy and engagement options related to Huawei.

Of note, the materials frame supply chain security as a cyber-security and national-security issue tied to procurement, telecommunications infrastructure, and the rollout of next-generation cellular networks. The slide deck identifies threat actors such as national governments, terrorists, industrial spies, organized crime groups, hacktivists, and “malfeasants,” and discusses Government of Canada efforts through a Technology Supply Chain Working Group to raise awareness, build IT security into procurement, and mitigate supply chain risks. The Huawei-specific materials note the company’s Canadian market entry in 2008, its role supplying commercial telecommunications equipment to Bell, Telus, Wind Mobile, and SaskTel, and its involvement in 3G, 4G/LTE, and consumer-grade technologies.

This highly-redacted document indicates that CSE was mindful of supply chain threats, and multiple slides in the deck discuss threats or risks associated with Huawei technologies. At the time the briefing was prepared IT security requirements were not frequently included in procurement processes which made it difficult for the government to protect information and services; proactively the government was working with PWGSC to finalize its IT security contract clauses with CSE, as well as developing recommendations for inclusion in all It contracts with the government of Canada. The release is heavily redacted, but is useful for understanding early Government of Canada and CSEC thinking about telecom supply chain risk, Huawei, procurement controls, and the security implications of foreign technology in Canadian critical communications infrastructure. Dated May 2012.
A-2012-00196: Briefing Note and Question Period notes to the Minister and DM, media lines, ministerial directives prepared or exchanged by CSEC regarding the suspension and resumption of domestic investigations for 2011. This release contains CSEC briefing and correspondence materials concerning the CSE Commissioner’s December 2010 review of CSEC activities conducted between October 2008 and October 2009. The records include a scenario note for the CSE Chief’s briefing to the National Security Advisor, correspondence to the Minister of National Defence, and a draft ministerial response to the Commissioner. The materials state that the review found CSEC complied with the law, Justice Canada advice, ministerial directives, and operational policies, and that the Commissioner made no recommendations for further improvements.

Of note, the materials describe the reviewed activities as having been suspended from April 2007 to October 2008, then resumed after the September 2008 approval of OPS-1-10, *Procedures for Metadata Analysis*. They also indicate that earlier reviews—including CSEC support to the RCMP, collection and use of metadata, and CSEC support to CSIS—had raised questions about whether some activities were better authorized under part (a) or part (c) of CSEC’s mandate, and whether they could affect the privacy of Canadians. The release also includes advice-for-the-Minister materials on CSEC public issues, including the Long-Term Accommodation project, contractor access, cyber security, OCSEC’s 2010–2011 annual report, collection of information about Canadians, CSEC’s move to stand-alone agency status, and oversight by the CSE Commissioner. The file is useful for understanding CSEC’s internal handling of metadata-analysis oversight, ministerial and National Security Advisor briefings, and public messaging around CSEC accountability and privacy issues in 2010–2012.
A-2012-00194: Briefing Note and Question Period notes to the Minister and DM, media lines, ministerial directives prepared or exchanged by CSEC regarding the suspension and resumption of domestic investigations for 2009. This release contains CSE-related briefing and review materials concerning foreign surveillance, CSIS warrants, and CSEC assistance to CSIS in relation to Canadians located abroad. The records include advice-for-the-Minister materials on Justice Mosley’s Federal Court decision permitting CSIS, with warrant authorization, to request CSEC assistance to intercept communications of Canadians outside Canada, as well as media response lines prepared in anticipation of public reporting on the issue. Of note, the materials emphasize that CSEC provides technical and operational assistance to CSIS under CSEC’s assistance mandate, that CSEC is bound by the legal limits imposed on CSIS when assisting it, and that all information obtained under the warrant belongs to CSIS. The release also includes Office of the CSE Commissioner correspondence and terms of reference for a review of CSEC activities related to metadata analysis, following earlier Commissioner reviews that recommended CSE reassess the legislative authority used for such activities, particularly where they involved information supplied by law enforcement and security agencies. The file is useful for understanding how CSEC, CSIS, and OCSEC framed assistance, metadata analysis, warrant-based foreign surveillance, privacy safeguards, and review jurisdiction in the period before later legislative reforms.
A-2012-00193: Briefing Note and Question Period notes to the Minister and DM, media lines, ministerial directives prepared or exchanged by CSEC regarding the suspension and resumption of domestic investigations for 2008. This release contains a March 15, 2004 Ministerial Directive from Minister of National Defence David Pratt to the Chief of the Communications Security Establishment authorizing CSE to establish a program under the *National Defence Act*. The directive sets out high-level expectations for program governance, including due diligence, risk management, approval processes involving the National Security Advisor and Minister, coordination with CSIS and other federal departments where necessary, and annual reporting through CSE’s Annual Report. Of note, the directive expressly refers to CSE’s collection and use of telecommunications-associated information, defined in the annex as “metadata,” and states that CSE may use and share information acquired under the program subject to Canadian law and conditions intended to protect the privacy of Canadians. The directive also states that CSE will not direct program activities at Canadians or any person in Canada, will apply existing procedures for the use and retention of communications and data, and that activities under the directive are subject to review by the CSE Commissioner. The release is heavily redacted, but is useful for understanding early ministerial authorization and governance of CSE metadata-related activities, including the relationship between metadata collection, privacy protections, inter-agency coordination, and executive approval frameworks.
A-2012-00188: Briefing Note and Question Period notes to the Minister and DM Minister, media lines, ministerial directives, and correspondence between the CSEC Chief and CSEC Commissioner regarding the ministerial directive that was created to guide the CSEC collection of information for 2009. This release contains October 2009 advice-for-the-Minister materials concerning media reporting on Federal Court Justice Richard Mosley’s January 2009 decision authorizing CSIS to investigate and collect information on Canadian citizens travelling abroad, with CSE assistance. The materials address concerns that the decision broadened the powers of Canada’s intelligence community and raised questions about how the rights of Canadians were being protected. Of note, the proposed response emphasizes that CSE is mandated to provide technical and operational assistance to federal law enforcement and security agencies, including CSIS, and that when providing such assistance CSE is subject to the legal limits imposed on the agency it assists. The materials further state that such assistance is subject to review by the CSE Commissioner and that all information obtained under the warrant belongs to CSIS. The release is brief, but useful for understanding how the government framed CSE’s assistance mandate, CSIS warrant-based foreign surveillance involving Canadians abroad, and the accountability relationship between CSIS authorities and CSE technical support.
A-2012-00187: Briefing Note and Question Period notes to the Minister and Deputy Minister, media lines, ministerial directives, and correspondence between the CSEC Chief and CSEC Commissioner regarding the ministerial directive that was created to guide the CSEC collection of information for 2008. This release contains April 2008 advice-for-the-Minister materials concerning public and parliamentary questions about CSE’s authority to target communications. The materials respond to media reporting and opposition questions alleging that CSE had broad powers to conduct surveillance of Canadians and that calls for clarification of CSE’s authorities had been ignored. Of note, the proposed response emphasizes that CSE is prohibited under the *National Defence Act* from targeting the communications of Canadians or any person in Canada, and that CSE directs its intelligence activities at foreign targets located outside Canada. The materials also state that, under a ministerial authorization, CSE may intercept communications of foreign targets outside Canada even where those communications originate or terminate in Canada, provided strict conditions are met, including measures to protect the privacy of Canadians. The release is brief, but useful for understanding how the government publicly framed CSE’s targeting authorities, ministerial authorization regime, privacy safeguards, CSE Commissioner review, and the need for legislative clarification in the pre-2019 CSE Act period.
A-2012-00186: Briefing Note and Question Period notes to the Minister and Deputy Minister, media lines, ministerial directives, and correspondence between the CSEC Chief and CSEC Commissioner regarding the ministerial directive that was created to guide the CSEC collection of information for 2007. This release contains short advice-for-the-Minister materials prepared in June 2007 concerning media reporting on the CSE Commissioner’s annual report. The materials address concerns attributed to Commissioner Charles Gonthier that the *National Defence Act* lacked sufficient clarity to ensure the privacy of Canadians was respected, including difficulty determining whether CSE was acting lawfully when it intercepted private telephone calls. Of note, the proposed response emphasizes that CSE was working with Department of Justice officials to clarify aspects of the legislation, while also stating that the Commissioner had found no evidence that CSE operated unlawfully. The materials further stress that the Office of the CSE Commissioner had full access to CSE information and personnel and could review any CSE activities. The release is brief, but useful for understanding how the government publicly framed early concerns about CSE’s statutory clarity, privacy protection, and independent review before later legislative reforms.
A-2012-00161: CSEC Ministerial Advice and Media Lines on Long-Term Accommodation, Cyber Security, Oversight, and Canadian Information. This release contains CSEC advice and media-response materials prepared for the Minister in 2011–2012. The records address anticipated questions concerning CSEC’s Long-Term Accommodation project, the use of contractors and public-private partnership arrangements, Plenary Group’s role in constructing the new CSEC facility, cyber compromises of Government of Canada systems, the 2010–2011 CSE Commissioner annual report, CSEC’s handling of Canadians’ personal information, and CSEC’s administrative place within government.

Of note, the materials repeatedly state that the LTA project would not put national security at risk, that contractors with access to sensitive information would be security-screened and bound by secrecy obligations, and that no CSEC employee would lose employment as a result of the project. The records also frame CSEC as a key partner in Canada’s Cyber Security Strategy, with a mandate to provide advice, guidance, and services to help protect Government of Canada electronic information and infrastructure. Page: 9-10: discuss that while the CSE Commissioner did raise concerns about the ways in which Canadians’ information was collected, and the program which was collecting it was halted, it has continued under refined policy guidance. At no point does CSE believe that it ran afoul of Canadian law. The package is useful for understanding CSEC’s public messaging after the 2011 cyber compromises affecting federal departments, its response to media attention around the CSE Commissioner’s discussion of “information about Canadians,” and its explanation of the 2011 administrative realignment making CSEC a stand-alone agency reporting directly to the Minister of National Defence.
A-2012-00041: CSEC Statistics on Support to Lawful Access Requests, 2009–2012. This release contains CSEC records responding to a request for statistical summaries of requests made under CSEC’s authority to provide technical and operational assistance to federal law enforcement and security agencies. The file includes a CSEC access-response letter and four pages of reporting titled Support to Lawful Access (SLA) Requests, covering requests received between January 1, 2009 and December 31, 2012. Of note, the disclosed reporting shows CSEC tracking SLA requests by requesting agency and request type, with categories including CSIS, RCMP, CBSA, DND, tools, processing, support to CSIS operations, support to RCMP operations, ELINT, and ITS. The year-by-year totals shown in the released table are 70 requests in 2009, 80 in 2010, 69 in 2011, and 75 in 2012, for a total of 294 SLA requests across the period. The substantive agency and request-type breakdowns are largely obscured or redacted under national security and law-enforcement-related exemptions, but the release is useful for documenting the existence of a CSEC reporting framework for Mandate C / lawful-access assistance, the scale of requests over the 2009–2012 period, and the kinds of operational-support categories CSEC used to classify assistance to federal partners.
CSEC Foundational Learning Curriculum. Dated approx 2012.
2012 – Memo Regarding Updated Collection and Use of Metadata Ministerial Directive. This release contains CSEC records concerning the 2011–2012 renewal of Ministerial Authorizations and related Ministerial Directives, including briefing slides for the Minister of National Defence, memoranda seeking approval of an updated *Collection and Use of Metadata* Ministerial Directive, and correspondence notifying the CSE Commissioner of newly issued authorizations and directives. The records show CSEC seeking approval for new Ministerial Authorizations covering SIGINT and information-protection activities, while stating that the scope of the authorizations remained largely unchanged.

Of note, the materials describe the Ministerial Authorization regime as permitting CSEC activities that may risk incidental interception of private communications, subject to conditions intended to protect the privacy of Canadians. The updated metadata directive, signed November 21, 2011, defines metadata as information associated with a telecommunication and states that metadata acquired through foreign intelligence acquisition programs is subject to CSEC’s existing privacy-protection procedures, reporting protocols, and CSE Commissioner review. The package also includes briefing material on related Ministerial Directives, including assistance to federal law enforcement and security agencies, a framework directive, and metadata collection and use. The release is useful for understanding CSEC’s annual authorization process, ministerial governance of metadata activities, and public messaging on CSEC’s Long-Term Accommodation project, cyber-security role, oversight, and privacy protections.

This document also denotes the number of Ministerial Authorizations being sought (1 SIGINT for supporting Canadian troops in Afghanistan, 1 SIGNT linked with CSE interception activities, and 2 SIGINT MAs for undisclosed interception activities.) Among the seven Ministerial Directives, there was one for assistance to federal law enforcement and security agencies, which updated a 2001 MD, and another on the Collection and Use of Metadata, which updated a 2005 MD on the same topic. There was no information bout other MDs. Dated 2011.
2012 CSEC Records on WikiLeaks Materials, Impact Assessment, and Coordinated Response Planning. This release contains CSEC records concerning the Government of Canada and CSEC response to the 2010 WikiLeaks diplomatic cable releases. The materials include email chains, DFAIT WikiLeaks Task Force situation reporting, CSEC memoranda for the Minister of National Defence, internal impact assessments, technical-security discussions, and an ITS coordinated response plan for anticipated releases of documents relating to malicious cyber activity and other issues of significance to CSEC. Of note, the records show CSEC coordinating with DFAIT and other federal stakeholders to obtain, process, classify, and assess leaked materials for Canadian relevance and potential operational impact.

The DFAIT situation reporting notes ongoing review of newly released cables, tracking of documents of “high Canadian interest,” and planning for rapid response as additional batches were expected. CSEC materials also indicate that SIGINT and ITS elements were assessing whether released documents affected CSEC interests, preparing briefing notes and response lines, liaising with Government of Canada clients, and maintaining monitoring and analysis workflows. The package includes repeated internal warnings not to access WikiLeaks directly, with concerns that the site may have been compromised, and describes use of controlled channels, task-force contacts, and secure communications to manage the response. The release is useful for understanding how CSEC operationalized leak-response procedures, interdepartmental coordination, document triage, security risk management, and ministerial reporting during the early WikiLeaks disclosures.
Quantum Computing from an IT Security Perspective. This 1-page ATIP provides a high-level description of Quantum Computing. It notes that its academic partnerships have “focused on University of Waterloo’s Institute for Quantum Computing (IQC).” Undated.
A-2011-00970: Review of CSEC’s acquisition and implementation of technologies as a means to protect the privacy of Canadians – June 11, 2008. This release contains a June 2008 report to the CSE Commissioner concerning CSEC’s acquisition and implementation of technology under subsection 273.64(2) of the *National Defence Act*. The review examined whether CSEC’s acquisition and use of selected systems complied with the law, respected ministerial authorities, and incorporated measures to protect the privacy of Canadians.

Of note, the review considered how CSEC assessed operational need, legal authority, privacy risk, targeting rules, and governance before acquiring or deploying new technology. It found that CSEC complied with the law in the areas examined and that the reviewed systems supported CSEC’s foreign intelligence and IT security mandates. However, the report also identified governance concerns, including that some IT security policy instruments and standard operating procedures were not current, formalized, or corporately approved during the review period. The file is heavily redacted, but is useful for understanding how the CSE Commissioner assessed CSEC’s technology acquisition processes, operational safeguards, privacy protections, targeting controls, and internal policy approval practices before later statutory reforms.
A-2011-00969: Definitions. This release contains a March 26, 2003 CSE definitions document classified Top Secret/COMINT. The document compiles operational, legal, policy, and technical definitions used in CSE SIGINT and COMINT activities, drawing from sources such as the National Defence Act, Criminal Code, Security of Information Act, Canadian SIGINT Security Standards, CSE operational procedures, and privacy/legal compliance materials.

Of note, the glossary includes definitions for terms central to CSE operations and compliance, including “Canadian,” “Canadian person,” “Canadian information,” “private communication,” “foreign intelligence,” “foreign communication,” “intercept,” “targeting,” “SIGINT,” “COMINT,” “COMSEC,” “special operational information,” “authorized organization,” “Second Party,” “Five Eyes” partner agencies, and related security-control concepts such as codewords, compartments, ORCON, indoctrination, breach of security, acceptable risk, and SIGINT secure areas. The release is useful for understanding the vocabulary CSE used in the early 2000s to structure legal compliance, privacy protections, targeting rules, information handling, and intelligence-sharing arrangements. Although some content remains redacted, the disclosed definitions provide a valuable reference point for interpreting other CSE policies, reviews, and oversight records from the same period. Dated March 2003.
A-2011-00968: CSE Commissioner Review of CSEC SIGINT Targeting Activities – March 15, 2011. This release contains a March 2011 review by the Office of the CSE Commissioner concerning CSEC SIGINT targeting activities under CSEC’s foreign intelligence mandate. The review examined CSEC’s processes, practices, authorities, targeting tools, analyst responsibilities, Government of Canada intelligence requirements, ministerial authorization requirements, legal compliance controls, and protections for the privacy of Canadians during the period from September 2008 to August 2009.

Of note, the review concluded that CSEC conducted the reviewed SIGINT targeting activities in accordance with the law, ministerial direction, and applicable policies and procedures. The report emphasizes that CSEC’s foreign intelligence activities were required not to be directed at Canadians or persons in Canada, and that targeting had to be connected to foreign entities located outside Canada and linked to Government of Canada intelligence priorities. The review also found that CSEC had developed policies, procedures, management controls, analyst guidance, and technical mechanisms to help demonstrate compliance and protect Canadian privacy, though it recommended that CSEC provide more specific guidance for certain targeting activities.

Some items to interest include: on page 4 target is defined as “to single out for collection or interception purposes.” On page 5 two kinds of targeting are noted; the first “allows SIGINT to direct its targeting activities at foreign entities located outside Canada and which are associated with foreign intelligence requirements”. The second is redacted. Per page 11 when the CSE provides to the CSE Commissioner the DoJ’s interpretations of law, used to justify CSE activities, the provision of such information does not constitute a waiver by CSE of its solicitor-client privilege. Finally, on page 58 we find that OPS-1, Protecting the Privacy of Canadians and Ensuring Legal Compliance in the Conduct of CSEC Activities is a cornerstone document for CSE protection of Canadians’ privacy. The release is heavily redacted, but is useful for understanding how the CSE Commissioner assessed CSEC targeting workflows, foreignness determinations, analyst decision-making, targeting-request validation, legal compliance, and privacy safeguards in the pre-CSE Act National Defence Act framework.
A-2011-00763: OPS-5-1 Operational Use of the Internet. This release contains a 2005 Communications Security Establishment procedure titled **OPS-5-1: Operational Use of the Internet**, classified Secret/COMINT before release. The document provides internal guidance on accessing the Internet for operational purposes, including identifying categories of Internet activity, associated risks, systems approved for those activities, accountability for approving and applying the procedures, and best practices for reducing operational and security risks.

Of note, the released portions describe Internet use as a source of unclassified information that could be incorporated into products or used as lead information for further research and analysis. The document distinguishes between activities such as non-sensitive web browsing, email, and web research using subscription services, and includes a matrix of approved systems versus Internet activities. It also references risks associated with attribution, unauthorized access, compromised systems, and “honeypots,” while emphasizing that staff were expected to use approved systems and follow internal procedures. The release is heavily redacted, with several pages withheld in full, but it is useful for understanding how CSE formalized operational Internet use, open-source research practices, and risk controls in the mid-2000s. Dated January 2005.
A-2011-00637: IT Security Bulletins. This release contains Communications Security Establishment Canada IT Security Bulletins and related information notes from 2011 concerning classified communications security, secure mobile messaging, departmental enclaves, and federal cyber-threat reporting. The records include guidance on the Government of Canada’s use of Suite B cryptographic algorithms for protecting classified information, including approved standards for SECRET and TOP SECRET communications, and references to NIST/FIPS standards and secure protocol implementations.

Of note, the package includes a detailed bulletin on BlackBerry PIN-to-PIN messaging that distinguishes between BlackBerry Enterprise Server and BlackBerry Internet Service use, explains how PIN-to-PIN messages can bypass normal departmental email security controls, and identifies risks including unsuitable use for sensitive messages, PIN address vulnerability, and exposure to malware or scanning. The release also includes guidance on securing SECRET communications in departmental local enclaves, including the use of commercial off-the-shelf private network equipment, as well as Government of Canada cyber flash / information notes concerning malware, phishing, emergency management notification systems, and timely cyber-threat reporting. The file is useful for understanding CSEC’s pre-Shared Services Canada / early cyber-strategy guidance on cryptographic standards, mobile device security, classified network architecture, and departmental cyber incident coordination. Dated March – September 2011.
A-2011-00566: OPS-1, OPS-1-13, OPS-3-1, and CSOI-4-3 — CSEC Operational Policies on Privacy, Legal Compliance, SIGINT, Data Handling, and Canadian Information. This release contains CSEC operational policy documents and instructions from 2010–2011 concerning privacy protections, legal compliance, SIGINT authorities, ministerial authorizations, targeting, reporting, retention, dissemination, and the handling of Canadian-related information. The records include OPS-1, Protecting the Privacy of Canadians and Ensuring Legal Compliance in the Conduct of CSEC Activities; OPS-3-1 Procedures for certain Mandate A and Mandate C activities; OPS-1-13 Procedures governing specified SIGINT programs and data handling; and CSOI-4-3, Protecting the Privacy of Canadians in the Use and Retention of Material for SIGINT.

Of note, the documents set out how CSEC described its statutory mandates: foreign intelligence collection under Mandate A, IT security/cyber defence activities under Mandate B, and assistance to federal law enforcement and security agencies under Mandate C. The policies repeatedly emphasize that Mandate A and B activities must not be directed at Canadians or persons in Canada and must include measures to protect Canadian privacy in the use, retention, reporting, and sharing of intercepted information. The records also address section 16 CSIS Act assistance, ministerial authorization conditions, SIGINT report release authorities, retention schedules, treatment of private communications, solicitor-client communications, “information about Canadians,” Canadian privacy-related information, and review by internal and external bodies, including the CSE Commissioner and Privacy Commissioner. The release is heavily redacted, but is useful for understanding CSEC’s pre-*CSE Act* internal compliance architecture for SIGINT, metadata/data-related activities, Canadian information handling, and privacy controls under the National Defence Act framework.

This ATIP contains a range of CSE policy documents, including: OPS-1: Protecting the Privacy of Canadians and Ensuring Legal Compliance in the Conduct of CSEC Activities, 1 December 2010; OPS-3-1: Procedures for [redacted], 14 January 2011; OPS-1-13: Procedures for [redacted], 1 December 2010; CSOI-4-3: Protecting the Privacy of Canadians in the Use and Retention of Material for SIGINT, 11 April 2011.
OPS-1-10: Procedures for Metadata Analysis (June 2006 draft).

Department of Justice

A-2017-0049: All memos, briefings and emails around MDI devices (IMSI Catchers) from the National Wiretap Experts Group. January 1, 2016 – Present. This document is entirely redacted; beyond suggesting (simply by way of the documents being released) that MDIs may have been discussed at the NWEG conference, there is no actual textual evidence in the documents that this had taken place.
A-2017-00048: All memos, briefings and emails around using information collected by MDI devices (IMSI Catchers) as evidence in a court of law. January 1, 2016 – Present. This ATIP contains a range of news articles over the course of a few years; all the emails that indicate what was said/discussed about the articles is entirely redacted.
A-2016-01742: Justice Canada Public and Stakeholder Submissions on the 2002 Lawful Access Consultation. This release contains Justice Canada records from the 2002 lawful access consultation process, including public emails, ministerial correspondence, and submissions from individuals, civil-liberties organizations, privacy offices, telecommunications and Internet-sector associations, technology companies, universities, and police services. The materials respond to proposals concerning Internet interception capability, production orders, subscriber and service-provider information, data preservation, interception of email, virus dissemination offences, and mechanisms for customer name and address or service-provider identification information.

Of note, many individual submissions strongly opposed the proposals, framing them as Internet surveillance, “Big Brother” monitoring, or an erosion of privacy and anonymity online. Recurring concerns include ISP obligations to retain or disclose user information, email interception, tracking of web activity, national databases of Internet identifiers, cost burdens on small ISPs, weak safeguards, and the risk that powers justified by terrorism or child-protection concerns could expand into routine policing. Stakeholder submissions add more developed positions: civil-liberties and privacy organizations argue for high thresholds, warrants, narrow tailoring, and Charter-sensitive safeguards; industry groups seek more time, clearer definitions, cost recovery, technical feasibility, and consultation on regulations; and police services emphasize operational needs around subscriber identification, intercept capability, assistance orders, and timely access to information. The release is useful for understanding the early-2000s Canadian lawful access debate, especially the clash between investigative modernization, telecommunications compliance burdens, privacy rights, anonymity, proportionality, and public mistrust of expanded state access to Internet communications data.
A-2016-00961: Public Safety, Justice, and RCMP Materials on Encryption, Password Compulsion, Cybercrime, and National Security Consultations. (Materials from May 2016 to September 19, 2016.) This release contains Public Safety Canada, Justice Canada, RCMP, and related materials from 2016 concerning encryption, cybercrime, lawful access, and national security consultations. The records include briefing and discussion materials on encryption challenges, media coverage and stakeholder commentary, Europol/ENISA materials on lawful criminal investigation and data protection, Canadian Association of Chiefs of Police materials advocating legislation to compel production of passwords or encryption keys, and excerpts from the federal national security consultation paper.

Of note, the materials show law enforcement framing encryption and password-protected devices as a growing impediment to criminal and national security investigations, particularly where judicially authorized searches cannot access relevant data. The CACP resolution sought a legislative mechanism, subject to judicial authorization, to compel the holder of an encryption key or password to reveal it to law enforcement. The records also include competing privacy and civil-liberties arguments, including media commentary warning that password compulsion may raise self-incrimination, overbreadth, and Charter concerns. The broader consultation materials situate encryption within a wider national security and cybercrime agenda, including cybercrime capacity, information sharing, threat reduction, passenger protection, terrorist propaganda, terrorist entity listings, and terrorist financing. The release is useful for understanding how Canadian officials and police organizations were positioning encryption, “going dark,” password compulsion, lawful access, and cybercrime investigative capacity in the post-Spencer, post-Bill C-51 policy environment.
A-2013-00248: Justice Canada Cybersecurity Practice Group Agenda on Lawful Access, UN Cybercrime Work, and Recent Jurisprudence (Agendas, minutes, research reports and briefing notes from January 1 to April 26). This release contains a single-page Justice Canada agenda for a January 23, 2013 Cybersecurity Practice Group / Groupe de pratique – sécurité cybernétique meeting. Of note, the agenda shows Justice officials coordinating discussion of lawful access, a United Nations cybercrime study update, recent jurisprudence, and a general roundtable. One substantive agenda item is redacted under advice and solicitor-client-related exemptions. The release is brief, but is useful for documenting Justice Canada’s continued internal cyber-law coordination in early 2013, including attention to lawful access, international cybercrime policy development, and emerging case law relevant to cyber investigations and related legal authorities.
A-2013-00247: Justice Canada Cybersecurity Working Group Agenda on Information Sharing, Internet Governance, IPv6, NAT/PAT, and Cybercrime. This release contains a short Justice Canada record concerning a June 20, 2012 Cybersecurity Working Group / Cyber Security Practice Group meeting. The file includes an email distributing the agenda and the bilingual meeting agenda itself.

Of note, the agenda shows Justice officials coordinating discussion of information sharing, international cybercrime work, ICANN, the transition from IPv4 to IPv6, network address translation and port address translation, and relevant jurisprudence, including R. v. Tse and R. v. Caza. The circulated agenda also references updates on UN, Commonwealth, and Quintet work on cybercrime, along with case briefs and a general roundtable. The release is brief, but is useful for documenting Justice Canada’s internal cyber-law coordination in 2012, including attention to Internet governance, technical network-identification issues, international cybercrime policy, and emerging Canadian jurisprudence relevant to lawful access and investigative powers.
A-2013-00246: Justice Canada Cybersecurity Practice Group Agendas and UN Report on ICTs in International Security. This release contains Department of Justice materials from 2011 concerning the Cybersecurity Practice Group and international cyber-security policy. The records include agendas for Cyber Security Practice Group meetings held in February, May, and September 2011, along with a copy of the 2010 United Nations General Assembly report of the Group of Governmental Experts on developments in information and telecommunications in the context of international security.

Of note, the practice group agendas show Justice officials using the forum to coordinate discussion of cybersecurity files, including terms of reference, Public Safety’s Cybersecurity Secretariat, CSEC’s cybersecurity mandate, Quintet Attorneys General discussions, and Commonwealth Law Ministers’ work. The attached UN report frames information and communications technologies as creating both security benefits and vulnerabilities, including risks to individuals, businesses, national infrastructure, governments, and international stability. It highlights attribution difficulties, malicious use of ICTs by criminals and potentially states, supply-chain concerns, terrorist use of ICTs, and the need for international cooperation, confidence-building, information exchange, capacity-building, and common terminology. The release is useful for documenting early Justice Canada cyber-policy coordination and the international norms context in which Canadian officials were considering cybercrime, cyber conflict, critical infrastructure protection, and state responsibility in cyberspace.
A-2012-01994: Justice Canada Materials on National Security Law and Section 38 of the Canada Evidence Act. This release contains Department of Justice materials concerning national security law developments and the protection of sensitive information in litigation. Much of the file is withheld under solicitor-client privilege and related exemptions, but the disclosed material includes correspondence and substantial French and English versions of an internal guide titled An Introduction to Section 38 of the Canada Evidence Act.

Of note, the disclosed guide explains the section 38 process for protecting “sensitive information” and “potentially injurious information” where disclosure in a proceeding could harm international relations, national defence, or national security. It describes the role of Justice’s National Security Group, notice obligations to the Attorney General of Canada, who qualifies as a participant or official, when notice must be given, what a notice should contain, the effect of notice, Attorney General decision-making, Federal Court applications, appeals, Attorney General certificates, and the Attorney General’s fiat. The guide also summarizes key jurisprudence and analytical concepts, including the Ribic balancing test, third-party rule, mosaic effect, ongoing and past investigations, human-source privilege, inadvertent disclosure, and possible disclosure orders. The release is useful for understanding Justice Canada’s internal approach to national-security confidentiality, litigation disclosure, intelligence-protection claims, and the relationship between open-court principles, fair-trial interests, and national security privilege.
A-2012-01946: Justice Canada Materials on Beyond the Border, Shiprider, and Next Generation Cross-Border Law Enforcement (Final versions of briefing notes, media lines and reports from January 2011 to February 28, 2013). This release contains Department of Justice materials from 2011–2013 concerning the “Next Generation” of integrated Canada–U.S. cross-border law enforcement. The records include briefing notes, approval slips, a Shiprider historical timeline, presentation materials on Beyond the Border Action Plan: Cross Border Law Enforcement Issues, and ministerial correspondence concerning border security, sovereignty, and integrated policing.

Of note, the materials frame Next Generation cross-border law enforcement as part of the Canada–U.S. Beyond the Border agenda and as an expansion from maritime Shiprider operations toward land-based, inland, and potentially broader integrated enforcement models. The documents describe specially trained and designated Canadian and U.S. officers working in integrated teams, with U.S. officers potentially designated as Canadian peace officers and operating under Canadian direction and control while in Canada. The materials also distinguish preclearance activities from Next Generation law enforcement operations, while linking both to the broader perimeter security and economic competitiveness agenda. The release is heavily redacted, but is useful for understanding Justice Canada’s role in assessing legal, sovereignty, liability, immunity, criminal jurisdiction, privacy, and operational issues arising from integrated cross-border policing after the *Beyond the Border* Action Plan.
A-2012-01725: Public Safety and Justice Materials on Anonymous, Hacktivism, and Ethical Hacking (Records from January 1 to December 31, 2012.) This release contains Public Safety Canada and Department of Justice materials from 2012 concerning the hacktivist collective Anonymous and broader legal and policy issues around ethical hacking, hacktivism, online civil disobedience, intrusion testing, security research, and counter-attack. The records include CCIRC’s March 2012 information note, *Overview of the Hacktivist Group “Anonymous”*, related correspondence, and a lengthy 2012 report titled *Ethical Hacking* prepared for Public Safety Canada’s National Cyber Security Division.

Of note, the CCIRC material describes Anonymous as a decentralized hacktivist movement targeting governments, companies, and individuals perceived to conflict with open Internet, civil-rights, anti-censorship, anti-corporate, or social-justice objectives. It summarizes past campaigns involving DDoS attacks, website defacement, doxing, data leaks, SQL injection, malware, social engineering, and tools such as LOIC, while identifying Canadian relevance through STRATFOR, Bills C-11/C-30, Toronto municipal issues, and private-sector projects such as the Keystone XL-related Project Tarmageddon. The *Ethical Hacking* report takes a broader analytical approach, distinguishing online civil disobedience, hacktivism, penetration testing/security activism, and counter-attack, and reviewing legal uncertainty, attribution, evidence collection, jurisdiction, real-time forensics, public-interest defences, security-research exemptions, and proportionality concerns. The release is useful for understanding how Canadian officials were assessing Anonymous-era hacktivism, cyber protest, civil disobedience, offensive and defensive security research, and the legal boundary between public-interest hacking and criminal cyber activity.
A-2012-01080: Justice Canada Research on Terrorist Speech, Terrorist Listings, Glorification, and De-Radicalization Programs (From January 1, 2008, to October 18, 2012). This release contains Department of Justice research materials from 2009–2011 concerning counter-terrorism law and policy. The records include Arthur J. Cockfield’s discussion paper *Fighting Terror while Preserving Free Speech*, a research note on “glorification of terrorism” leading to terrorist acts, a lengthy comparative study of terrorist listing procedures across the UN 1267 process, European Union, United Kingdom, United States, Australia, and New Zealand, and the opening portion of a Justice research summary on de-radicalization and counter-terrorism programs.

Of note, the free-speech paper examines whether Canada should regulate terrorist propaganda, hate speech, or expressive activities that encourage terrorism, while emphasizing Charter risks, overbreadth, evidentiary uncertainty, and the need to preserve legitimate expression. The research note on glorification concludes that the empirical basis for linking glorification-type expression to terrorist acts is limited and methodologically difficult, especially in the online context. The terrorist-listing study focuses heavily on due process, judicial review, secret evidence, delisting mechanisms, asset-freezing consequences, and the influence of cases such as *Kadi* on UN and EU listing regimes. The de-radicalization materials survey early programs in Canada, Germany, the Netherlands, the UK, Australia, Indonesia, and the United States. The release is useful for understanding how Justice Canada was assessing speech-based counter-terrorism measures, online radicalization concerns, terrorist designation regimes, rights-protective safeguards, and comparative counter-radicalization programming in the post-9/11 policy environment.
A-2011-01527: Public Safety Canada Materials on Customer Name and Address Information, Lawful Access Consultations, and Privacy Responses. This release contains Public Safety Canada and related stakeholder materials concerning proposed access to customer name and address information, commonly referred to as CNA or basic subscriber information. The records include correspondence from the Canadian Association of Chiefs of Police to the Minister of Public Safety, RCMP/NCECC briefing materials and Q&As, consultation planning documents, stakeholder lists, summaries of public consultation input, industry submissions, victim-advocacy submissions, and a detailed response from the Office of the Privacy Commissioner of Canada.

Of note, the law-enforcement and victim-advocacy materials argue that police and national security agencies needed a legislated administrative model to obtain basic identifiers—such as name, address, telephone number, email address, IP address, and service-provider identifiers—without seeking a warrant in every case. The materials emphasize child sexual exploitation investigations, time-sensitive victim rescue, inconsistent ISP cooperation, refusals, retention problems, and the resource burden of seeking judicial authorization for information characterized as “pre-warrant” or non-content identifying data. By contrast, the Privacy Commissioner’s response challenges several assumptions in the consultation paper, stresses that CNA can reveal sensitive information when linked to online activity, warns that disclosure without judicial authorization may impair privacy rights, and calls for stronger empirical justification, oversight, safeguards, and Charter-sensitive analysis. The release is useful for understanding the federal lawful access consultation record before Spencer, including the competing public safety, industry, victim-advocacy, and privacy arguments over warrantless access to subscriber information.
A-2011-01330: Justice Canada Briefing Materials on Organized Crime, Lawful Access, and Privacy Commissioner Concerns. This release contains Department of Justice briefing materials from 2009 concerning organized crime, lawful access, and Privacy Act reform. The records include a memorandum for the Minister responding to British Columbia ministers’ criminal justice priorities, and briefing materials prepared for a September 30, 2009 meeting with Privacy Commissioner Jennifer Stoddart.

Of note, the Justice materials frame lawful access as part of a broader modernization agenda responding to new communications technologies and Internet-enabled crime. They describe Bills C-46 and C-47 as introducing preservation demands and orders, production orders for transmission data, tracking-warrant reforms, computer-data assistance provisions, and telecommunications interception-capability requirements. The Privacy Commissioner briefing anticipates concerns about Privacy Act reform, camera surveillance, and lawful access, and argues that Bill C-46 would preserve judicial authorization requirements while Bill C-47’s proposed subscriber-information regime would apply administrative safeguards to information said to attract a lower expectation of privacy. The release is useful for understanding the federal government’s pre-Spencer positioning on lawful access, especially how Justice officials framed subscriber-information access, tracking data, preservation powers, privacy safeguards, and anticipated criticism from privacy commissioners.
A-2011-01305: RCMP/NCECC and Justice Materials on Lawful Access, Subscriber Information, and Privacy Concerns (October 1st, 2011 to the present (Nov 30th, 2011)). This release contains RCMP, National Child Exploitation Coordination Centre, and Department of Justice materials concerning lawful access proposals and police access to basic customer name and address information from telecommunications and Internet service providers. The records include an October 2007 NCECC submission to Public Safety Canada, NCECC comments on lawful access, Department of Justice briefing materials, and talking points prepared for a September 2009 meeting with Privacy Commissioner Jennifer Stoddart.

Of note, the NCECC materials argue that police needed a legislated administrative model to obtain basic subscriber-identifying information—such as customer name and address linked to a phone number or IP address—without first obtaining a warrant or court order. The submission frames the issue largely through child sexual exploitation investigations, emphasizing delays, inconsistent ISP cooperation, refusal rates, retention problems, and the difficulty of identifying victims or suspects when only IP addresses or online identifiers are available. The Justice materials situate these arguments within the broader lawful access agenda, including Bills C-46 and C-47, proposed preservation and production powers, tracking and transmission-data warrants, interception-capability requirements, and proposed access to subscriber information. The file is useful for understanding the pre-Spencer policy and policing rationale for warrantless subscriber-information access, the privacy objections raised by Canadian privacy commissioners, and the federal government’s effort to frame lawful access as a balance between investigative needs, public safety, child protection, and privacy safeguards.
2009 – Justice Canada Briefing Notes on Organized Crime, Lawful Access, Privacy Act Reform, and the Privacy Commissioner. This release contains two Department of Justice briefing-note packages from 2009. The first concerns correspondence from British Columbia ministers to the federal Ministers of Justice and Public Safety about organized crime and criminal justice priorities in British Columbia. The second concerns a September 30, 2009 meeting with Privacy Commissioner Jennifer Stoddart, including background and talking points on Privacy Act reform, video surveillance, and federal lawful access legislation.

Of note, the British Columbia briefing frames organized crime as linked to gang violence and identifies several areas for federal-provincial action, including lawful access, disclosure reform, firearms, intimidation of justice officials, remand credit, illicit drug production, and fingerprinting. The lawful access discussion states that federal work was focused on modernizing criminal law for new technologies, including Internet communications, while preserving Criminal Code responsibility within Justice and assigning technical/interception-capability issues to Industry Canada and Public Safety. The Privacy Commissioner briefing addresses Bills C-46 and C-47, explaining government talking points that preservation demands, tracking warrants, and access to subscriber information were being framed as privacy-protective or administratively safeguarded measures, despite criticism from privacy commissioners and media. The release is useful for understanding Justice Canada’s 2009 positioning on organized crime, lawful access, investigative modernization, Privacy Act reform, surveillance oversight, and the federal response to privacy commissioners’ concerns about expanded investigative powers.
A-2007-00169: Memos, decks and briefing notes since January 1, 2006, whose main topic is the issue of “Lawful Access” by Canadian police and security agencies to customer data held by Canadian telecommunication companies held by the Strategic Policy Sector.

Department of National Defence

A-2022-00081: MND Cyber Playbook–A DND/CAF Perspective. This ATIP (French and English) provides a high-level overview of how DND/CAF looks at cyber, with attention to deterrence, collaboration, coordination across government, and workforce development as essential to advancing DND/Canadian interests.
A-2012-00161 – Briefing Notes on CSEC Issues, Globe and Mail Reporting, and the Long-Term Accommodation Project. This release contains briefing and media-response materials concerning Communications Security Establishment Canada issues in 2011–2012, including advice for the Minister, background notes, and media lines prepared in response to expected Globe and Mail reporting on the CSE Commissioner’s 2010–2011 Annual Report. The records address CSEC’s use of “information about Canadians” in support of foreign intelligence, the temporary suspension and later resumption of certain activities following internal and Department of Justice review, and messaging that the reviewed activities were found to be authorized and compliant with law, ministerial requirements, and CSEC policies and procedures. Of note, the briefing materials also include prepared responses concerning the Long-Term Accommodation project for CSEC’s new facility, including the use of contractors, security screening, the Plenary Group / PCL public-private partnership, and assurances that national security and employee job security would not be put at risk by the project. The records further discuss CSEC’s cyber-security role following reported 2011 cyber compromises affecting federal departments, CSEC’s place within government, and its administrative realignment as a stand-alone agency reporting directly to the Minister of National Defence. The release is useful for understanding how CSEC and the government framed privacy, oversight, cyber defence, contractor access, and institutional accountability issues before the Snowden-era public debate.
A-2017-00062. This ATIP pertains to IMSI Catchers detected by CBC-Radio Canada. Of note, on page 13 DND notes that IMSI Catchers were detected by CBC, and also raises the existence of Ability Inc, an Israeli firm that sells access to exploit the SS7 network. Companies providing services similar to Ability included Circles Bulgaria, Rayzone, and CleverSig.
A-2013-00910: Event Approval for NATO Cyber Defence Capability Team (CD CaT). This document requests permission to send one individual to represent Canadian interests at the NATO Cyber Task Force from June 30-July 5, 2013. Not participating was seen as damaging given Canada’s past contributions and Canada operating as the lead nation in another NATO Cyber Defence Initiative (the Multi National Cyber Defence Capability Project). Dated May 13, 2013.
A-2013-00390: Briefing note to the DG Cyber: “Innovation transfer and evaluation agreement” dated Feb. 22, 2013. This pertained to a short-range bio-detector device or system.
A-2013-00389: Briefing note to the DG Cyber: “Cyber ops working group visit to UK” dated Feb. 24, 2013.
A-2013-00005: Six most recent domestic intelligence reports created by the Canadian Forces National Counter Intelligence Unit.
A-2012-01220: Final draft of Defence S&T’s state of the art report on the science of cyber security as listed in National Defence’s 2011-2012 departmental performance report. Dated October 2012.
A-2008-01302: DND Cyber Organisational Charts. This ATIP includes the organisation charts for CSE, the IM Group, and the Canadian Forces Information Operational Group. Dated October 27, 2008 to November 23, 2008.

A-2019-03327: Possibility of Using Machine Learning and Artificial Intelligence to Identify an Individual in an Anonymized Dataset. This memo, in response to a MIT study of de-identification, provide advice to the Deputy Minister on re-identification of individuals in a dataset.

Global Affairs Canada

A-2021-00531: Canada’s International Cybersecurity Strategy and Cyber Diplomacy Initiative. I discuss the contents of this release, at length, in a post entitled “Findings and Absences in Canada’s (Draft) International Cybersecurity Strategy“. Dated January 1, 2021 – July 13, 2021.
A-2020-00492: All documents and information disclosed in the following prior requests: A-2019-01988, A-2018-02176, and A-2019-00879.
A-2019-01988: Meeting Talking Points for Deputy Minister of Foreign Affairs and NSIRA.
A-2019-00879: Memo on Canada’s International Approach to Cyber Security.
A-2018-02176: List of Reports Produced by IOL in 2018.
A-2018-01966: This 546 page ATIP includes discussions of foreign direct investment opportunities in Canada by Chinese companies, including Huawei. Pages 481-493 include a GAC powerpoint presentation entitled, “China Opportunities and Due Diligence.” The included emails showcase the routine efforts by the Canadian government to facilitate foreign direct investment, as well as some internal messaging following American trade barriers which were established. Documents cover the period of 2016-2018. The final two pages of the ATIP indicate the quick-effects of the arrest of Huawei’s CFO insofar as a conference about Weibo saw organisers tone down the positive messaging about Canada.

Immigration, Refugees and Citizen Canada

A-2016-11288RP. ATIP focuses, principally, on the denial of visas to Huawei employees, with the South China Morning Post (SCMP) assering that it was due to espionage concerns. Documents indicate that a discussion took place within government, and entailed development of lines to respond to press. Of note, on page 396 a Risk Assessment Officer with IRCC stated that “…I would recommend not reading the report. It is easier to talk about these files if we are just speculating and don’t know the details.” Stated in response to a chain where another person suggested that there would be value in reading a previously-issued report, presumably pertaining to immigration and security. On pages 432-496 we see records showing that one of the two Huawei cases was identified, and that had been flagged during assessment, with dialoguing within IRCC to communicate what was flagged.
A-2016-06768. This ATIP focuses on Huawei employees, and (I believe) the refusal to grant visas to some employees. The documents presented revolve around a South China Morning Post (SCMP) article that suggested Huawei employees were denied visas on the basis of espionage; emails show that the Department was scrambling to determine why these persons were, in fact, denied as well as speaking with an analyst to determine how national security decisions are actually made and adjudicated. The ATIP does not reveal how analysts engage in such activities, nor the specific reasons for which the Huawei employees were denied visas.

Innovation, Science and Economic Development Canada (Industry Canada)

A-2021-00174 (OCR): Records concerning the Government of Canada’s Online Harms Consultation. This lengthy 1000+ page ATIP provides copies of the submissions to the Government of Canada’s online harms consultation, which took place from late summer-early fall 2021.
A-2020-01469: This is an ATIP for all departmental information between 1 September 2020 and 26 March 2021 concerning Huawei and national security. Also part of this is a note that CSIS was working with universities to help them about foreign interference and potential threats that the students from abroad may feel from different countries (100). There is also a back and forth in the ATIP with Cssr. Lucki concerning ‘tips’ that are provided to the RCMP. Cssr. Lucki noted that, “As the volume oft h e tips increase, the threat percentage significantly declines. fI they are applicable to another agency, we will pass that on. Some might feel threatened, but fi it doesn’t meet the threshold then we don’t deal with it. Unfortunately, I don’t have the statistics of where the threats are generated from, just the number of tips. If we did have that information Icouldn’t share it. We might pass it on to the local police of jurisdiction” (102).
A-2019-00451: Records regarding Canada Infrastructure Bank exploring creating a public utility, investing in 5G in urban areas, public Wi-Fi and Next-Generation 9-1-1 services. This short ATIP just includes parts of an email chain that followed from the Logic posting an article about how the Canadian Infrastructure Bank had proposed developing a competing 5G network as a public utility to better serve rural customers. The chain indicates that, by the time that either the news outlet published the article or the participants in the chain had started discussing the issue, the government was believed to have moved past the proposal after setting it aside. Dated 2019.
A-2019-00332: ISED Decision on Releasing Millimetre Wave Spectrum to Support 5G. This release contains Innovation, Science and Economic Development Canada records concerning the June 2019 decision to release millimetre wave spectrum to support 5G deployment in Canada. The package includes an advice note to the Minister and the published decision document, Decision on Releasing Millimetre Wave Spectrum to Support 5G, which addresses spectrum use in the 26 GHz, 28 GHz, 38 GHz, and 64–71 GHz bands. Of note, the decision sets out ISED’s approach to making significant high-frequency spectrum available for 5G and related services, including flexible-use licensing for mobile and fixed services, licence-exempt use in the 64–71 GHz band, and future auction planning for portions of the 26/28 GHz range. The records also address coexistence between terrestrial 5G services and satellite systems, treatment of existing fixed service and earth-station licences, moratoria on new terrestrial licences in certain bands, and comments received from telecommunications carriers, satellite providers, equipment vendors, industry associations, municipalities, and individuals. The release is useful for understanding how ISED framed mmWave spectrum as part of Canada’s 5G strategy, including the balancing of mobile broadband deployment, rural and remote connectivity, satellite services, innovation, and spectrum-management constraints.
A-2018-00985: ISED Records on Bell 5G Trials, Wireless-to-the-Premises, and 5G Deployment Issues. This release contains Innovation, Science and Economic Development Canada records concerning Bell’s 5G trial plans and related departmental engagement on 5G deployment, including a confidential Bell presentation, ISED meeting records, internal emails, 5G Canada Council materials, and briefing notes concerning wireless-to-the-premises and rural connectivity challenges. The records include Bell’s 2018 5G trial planning materials, which describe phased trial work involving urban, suburban, and rural environments, vendor and technology comparisons, mobility and high-speed performance testing, and anticipated requests for additional licences. Of note, the package shows ISED examining several technical and policy issues associated with early 5G deployment, including massive MIMO, Safety Code 6 compliance, small cell deployment, access to infrastructure, spectrum policy, and the use of Bell’s wireless-to-the-premises system for rural broadband. Meeting notes and follow-up materials discuss potential collaboration between Bell and ISED on RF propagation modelling, household geolocation, terrain and line-of-sight analysis, and testing in rural or remote environments. The release also includes 5G Canada Council summaries addressing global 5G deployment, Canadian carrier plans, spectrum needs, small cells, security, and privacy, as well as later records touching on Huawei-related security concerns. The file is heavily redacted but is useful for understanding how ISED and major carriers were discussing 5G trials, rural broadband deployment, infrastructure constraints, and technical compliance issues during the early Canadian 5G rollout period.
A-2018-00983: ISED Records on Rogers, 5G Deployment, Spectrum Policy, and Wireless Infrastructure. This release contains Innovation, Science and Economic Development Canada records concerning Rogers and broader 5G deployment issues, including internal emails, briefing material, meeting notes, market intelligence, technical reference materials, and records connected to meetings with Rogers and industry representatives. The package includes a September 2018 briefing note for a meeting with Rogers President and CEO Joe Natale, focused on the 3500 MHz spectrum consultation, the CRTC inquiry into high-pressure sales practices, and telecommunications providers’ access to utility poles and other support structures. Of note, the records show ISED tracking a range of policy and technical issues associated with 5G deployment, including repurposing the 3500 MHz band, rural and remote wireless coverage, millimetre-wave and massive MIMO testing, small cell deployment, access to municipal and utility infrastructure, and cybersecurity/privacy issues associated with 5G and connected devices. The release also includes technical materials from Keysight and IEEE-related sources on over-the-air testing for millimetre-wave 5G NR devices and MIMO base-station measurement challenges, as well as summaries from the January 2019 5G Canada Council touching on spectrum, network densification, small cells, security, and privacy. The package is heavily redacted, but is useful for understanding how ISED was engaging with carriers and technical stakeholders during the early Canadian 5G policy and deployment period.
A-2018-00168: This ATIP provides information concerning the 2015-2016 Lawful Access Initiative (LAI) Performance Management Report (PMR) 2015-2016. This ATIP includes points of clarification that ISED posed for Public Safety, with the most interesting elements of the documents coming from the partial disclosure of the LAI PMR. Page 5 refers to Green Report and seems to strike off encryption and data retention, while not striking basic subscriber information (BSI) and intercept-ready networks. Page 12 refers to challenges to obtaining BSI; access laws are listed as those linked with reasonable expectations of privacy, costs to industry, potential secondary uses by industry (unclear what this means), and transparency reporting requirements. Finally, page 16 makes reference to the challenges to obtaining intercept-ready networks, and includes public optics, initial infrastructure costs, ongoing maintenance costs, regulatory inflexibility, potential impacts on small providers, transparency reporting by industry and government, and bundling with other initiatives. It also refers to “Plan B” without greater explanation.
A-2018-00073: Examination of IMSI catcher and mobile device identifier devices (January 1, 2012 to April 24, 2018). The ATIP begins with an extensive report from Communications Research Centre Canada, titled “Technical Study on Privacy in Wireless Networks”. This 2014 study does a good job summarizing high level how wireless networks operate and associated privacy concerns. Items of note include that, on page 4, there isn’t a single thing to resolve privacy issues and, instead, a range of things must be done including work with providers, establish privacy metrics with industry players, work to steer international standards, and make sure CRC is available for relevant consultations. Of note, at the time of writing CRC was of the opinion that “… Canada’s wireless privacy is comparable with the US and behind Western Europe” (30). Page 31 moves to discuss the risks of IMSI Catchers and ease at which mobile communications can be intercepted using “recipes” from the public Internet with pages 38-39 continuing by noting that even on LTE you can obtain the IMSI, and that encryption isn’t a guaranteed to be implemented and thus must be tested to confirm transmission security. Page 40 discusses the possible ability to evade detection of using an IMSI catcher by actively compelling devices to attach to fake base station, which is using international (i.e. not licensed) spectrum. Pages 58-61 include a sample Harris Corp confidentiality contract. Page 90 notes that a company in the UK, Smith Myers Communication, sells an IMSI catcher that is referred to “the Artemis System”, and how it doesn’t interfere with emergency calls of non-targets, and can target mobile and non-mobile communications. It is an aerial system with a range of up to 25km and does not interfere with cellular networks. These were intended for Search and Rescue operations. Later in the ATIP, on pages 160-164, we see the RCMP’s draft 2016 policy for IMSI catchers/MDI devices and page 166 notes that the RCMP, at the time, had different policies for what warrants it used to obtain authorizations; sometimes they used a transmission data recorder order, in others a general warrant. Dated 2014-2017.
A-2017-01408: This ATIP includes information from ISED to the RCMP (and other agencies) concerning authorizations to the RCMP technical branch for the use of IMSI Catchers. Of note, this ATIP makes clear that the RCMP, OPP, Calgary Police, Winnipeg Police, all receive authorizations. Dated 2017.
A-2017-01164: Documents written by Huawei Canada that reference the 3.5 GHz spectrum, between May 1, 2017 and November 1, 2017. This set of documents is merely a briefing deck from Huawei about the uses of, and benefits of, 5G for everything from smart cities, to remote surgery and factory automation, to driving, as well as some of the standards work at 3GPP that are ongoing. Dated 2016.
A-2017-00632: 2014-2015 Lawful Access Initiative Report. One page 5 it discuses that the partners in the lawful access initiative include: CSIS, CSE, DoJ, ISED, Public Prosecution Service of Canada, PSC, and RCMP, and page 6 asserts that the limited funds through LAI are insufficient to address operational requirements. Moving forward to page 46, the ATIP documents note that the CSE is responsible for actual cryptographic techniques and decryption efforts pertaining to communications, though a number of earlier categories indicate tracking of how often materials are inaccessible to CSIS/LEAs. Dated 2016.
A-2017-00043: CBC or Radio-Canada story on MDI devices AKA IMSI catchers near Parliament Hill, March 27 – April 6, 2017. Page 1 discusses false positive, and potential to get the Certification and Engineering Bureau in ISED to evaluate IMSI Catcher detectors, “…even if only to debunk false positives reported in the media.” Dated 2017.
A-2013-00030-0001: First and final drafts of departmental responses to and emails regarding the Cyber Security Strategy Action Plan. timeline for request is Feb. 21 to March 15, 2013. Please exclude cabinet confidences and records originating from other departments.
A-2012-00734: Please provide all reports, including emails, reports, handwritten notes, memos, directives, briefing materials and letter sent and received about occurrences of computer hacking and other breaches of cyber security. The period sought is January 1, 2012 to March 11, 2013.
A-2012-00732: All briefing notes, memoranda, question period notes and reports to the minister between Sept. 1, 2012 and Feb. 28, 2013 regarding any of the following: cyber-security, IT security, IM security.
A-2012-00602: Any documents, including briefing notes, memos and reports, pertaining to the new policies on foreign takeovers released Dec. 7, 2012.
A-2012-00578: All records regarding ICANN’s list of proposed gTLDs created since June 1, 2012.
A-2012-00385: All talking points, briefing notes and correspondence related to CBC news report (by Greg Weston) on Huawei on May 15, 2012. There are no real documents of note in this ATIP; a former military person who held Secret clearance was upset Greg had a secret document and waved it around on CBC broadcast.
A-2012-00161: Records from May 23, 2012 to the present (June 7, 2012) concerning Research in Motion (RIM), including but not limited to correspondence, emails, reports, records, memoranda and final copies of briefing notes.
A-2012-00049-0001: Records from December 1, 2011 to the present concerning a possible foreign takeover of Research in Motion (RIM), and its impact on Canada, including, but not limited to correspondence, emails, reports, records, memoranda and final copies of briefing notes.
A-2011-00452: All records at Industry Canada about Bill C-30 from February 14, 2012, to February 29, 2012.
A-2011-00340: Any documents, including briefing notes, decks, backgrounders and reports, prepared since Jan. 1, 2011 pertaining to the foreign takeover of companies in Canada’s wireless sector, including companies that produce mobile devices and/or involved with wireless communications infrastructure. Please exclude any Investment Canada documents regarding specific takeovers being reviewed under ICA. Please exclude emails and provide documents in digital format (PDF on CD ideally) if possible. Please consider providing partial initial release of documents that don’t require consultations with PCO, other departments and/or third parties.
A-2009-00288: Industry Canada / Public Safety Materials on Lawful Access, RIM/BlackBerry Interception Issues, CALEA Compliance Tools, International Intercept Laws, and Bill C-47 Concerns (The timeframe for this request is from April 2006 to October 16, 2009). This release contains materials from roughly 2007–2009 concerning lawful access, telecommunications interception capability, and comparative international approaches to intercept legislation. The records include slides on the “RIM Dilemma” involving BlackBerry PIN-to-PIN encrypted messages, notes on alternative investigative techniques, comparative tariff-rate analysis for interception hook-up costs in the U.S., U.K., Australia, and New Zealand, a Procera Networks paper on CALEA compliance and PacketLogic interception architecture, an SS8 “Ready Guide to Intercept Legislation” comparing intercept regimes across multiple countries, an ADM-level lawful-access contact list, and draft correspondence responding to concerns about Bill C-47, the *Technical Assistance for Law Enforcement in the 21st Century Act*.

Of note, the release shows the lawful-access file operating at the intersection of technical capability, carrier cost recovery, encryption, vendor solutions, and international benchmarking. The RIM materials point to concern about communications not transiting ordinary RIM servers in Waterloo, while the Procera and SS8 materials show vendors positioning deep-packet-inspection and lawful-intercept platforms as practical compliance solutions for service providers facing CALEA-style obligations. The tariff analysis is significant because it compares foreign cost models: U.S. CALEA implementation with FBI-funded pre-CALEA upgrades, U.K. RIPA “fair contribution” payments, Australian carrier-borne capability obligations with paid hook-up costs, and New Zealand’s mixed public/private cost approach. The Bill C-47 response lines emphasize that judicial oversight for intercept warrants would not be lowered, that consultation with industry and privacy stakeholders would continue, and that any exemptions or safety-valve mechanisms would be handled through Governor-in-Council regulations.

The release is useful for understanding how Canadian officials assessed lawful-access modernization through practical questions of encrypted devices, standards, compensation, vendor architecture, international comparators, and political messaging.
A-2007-00169: Industry Canada Materials on Lawful Access, MITA / Bill C-74, Customer Name and Address Information, ISP Obligations, and Stakeholder Consultations. This release contains Industry Canada and related consultation materials from roughly 2005–2007 concerning Canada’s lawful access proposals, especially the proposed *Modernization of Investigative Techniques Act* / Bill C-74, later Bill C-416, and customer name and address information. The records include the ATIP release letter and requester report, a Canadian Association of Internet Providers presentation on small ISP impacts, correspondence with the Canadian Bar Association, proposed stakeholder lists for technical briefings, comparative notes on privacy protections and hook-up tariffs in other countries, lawful-access privacy consultation materials, draft media lines, internal notes on Bill C-416, and submissions from industry, civil society, privacy, victims’ rights, and legal organizations. Many government advice and Cabinet-related materials are withheld under sections 21 and 69, but the disclosed records provide a detailed view of the stakeholder landscape around lawful access before the Bill C-30 period.

Of note, the release shows sustained industry resistance to lawful-access obligations that would impose unfunded technical, operational, or retrofit costs on telecommunications service providers. ITAC, CWTA, the Canadian Chamber, CAIP, and others generally accepted the objective of preserving lawful interception capability, but argued that requirements had to be standards-based, phased in, technologically neutral, compensated, and limited to information already collected for business purposes. Civil society and legal stakeholders—including CIPPIC and the CBA—focused on the privacy and Charter implications of warrantless access to subscriber information, arguing that customer name/address data could reveal sensitive biographical information when linked to IP addresses, email addresses, device identifiers, or online activity. By contrast, the Canadian Resource Centre for Victims of Crime strongly supported warrantless CNA access in child exploitation and national-security contexts, arguing that PIPEDA uncertainty and ISP discretion created harmful investigative delays.

The release is useful for understanding the core fault lines in early lawful-access policy: law-enforcement speed and consistency, private-sector cost and implementation burden, civil-liberties concerns about warrantless identification, and the unresolved question of whether subscriber information was “basic” tombstone data or a gateway to deeper digital surveillance.
Canadian Telecom Market and Drivers: Caught in the Web–Ottawa’s Implementation of Cyber-crime Treaty Requires Online Surveillance by xSPs. This brief prepared by IDC offers a background and overview of lawful interception/access requirements in Europe and the United States to set policy expectations for implementing the Cybercrime Convention. Dated August 2002.

NSERC

A-2019-00033: This 655 page ATIP includes the successful NSERC applications where Canadian universities partnered with Huawei. The ATIP is notable for identifying the faculty and universities which obtained the funding, as well as the names of the different projects which were funded. Also included are the “NSERC Strategic Network Agreement” on pages 119-158, which includes information such as the terms of controlling or managing intellectual property as well as export control information. Many projects are notable, such as studying for hardware vulnerabilities in continuous variable quantum communications. Pages 379-382, and 390, include listings of Huawei-supported research and the applicant name, though columns indicating whether and intellectual property agreement is on file, and intellectual property checklist is on file, or communications regarding intellectual property is on file are all redacted. Pages 543-560 include screenshots of an internal NSERC that identifies the kinds of questions that Huawei input as part of partnering with universities, though the values or responses to these questions have all been redacted. Some projects discussed in the ATIP were to be completed by 2022.

Office of the Communications Security Establishment Commissioner

2017 – CSE Commissioner Letter on Oversight of Intelligence Sharing with Foreign Governments. This release contains a November 7, 2017 letter from the Communications Security Establishment Commissioner, Jean-Pierre Plouffe, responding to questions from Privacy International, the BC Civil Liberties Association, CIPPIC, and Citizen Lab regarding oversight of intelligence sharing between Canada and foreign governments. The letter explains the Commissioner’s mandate to conduct independent external review of CSE activities for compliance with Canadian law, including the National Defence Act, the Charter, and the Privacy Act, while situating that mandate within Canada’s then-evolving national security review framework. Of note, the Commissioner states that CSE was not required to proactively inform his office of contemplated or planned intelligence-sharing arrangements, because his review function was primarily retrospective, but that his office took a proactive and risk-based approach to reviewing CSE policies, procedures, practices, and activities. The letter also states that the Commissioner had full access to relevant CSE facilities, documents, and personnel; had sufficient resources to review CSE intelligence-sharing decisions and arrangements; and had conducted reviews specifically focused on CSE information sharing with foreign entities. The letter is useful for understanding pre-Bill C-59 oversight limits and reforms, including the absence of explicit authority to cooperate with other review bodies, the anticipated creation of NSICOP and NSIRA, and the Commissioner’s view that a single review agency for national security activities across government could strengthen review of intelligence sharing.
A-2013-00084: A Review of CSEC Information Sharing with the Second Parties, CSE Commissioner report to MND, 17 July 2013.
A-2011-00970: CSE Commissioner Review of CSEC Technology Acquisition and Privacy Protection. This release contains a June 11, 2008 report to the CSE Commissioner reviewing CSEC’s acquisition and implementation of technology under subsection 273.64(2) of the National Defence Act. The review examined whether CSEC’s planning, assessment, acquisition, and use of certain technologies complied with its lawful authorities and whether appropriate measures were in place to protect the privacy of Canadians. Of note, the report focuses on technologies used to support both CSEC’s foreign intelligence and IT security mandates, including how CSEC identified operational needs, assessed privacy risks, determined targeting requirements, and managed information about Canadians that might be acquired, used, retained, or shared. The Commissioner’s office found that CSEC complied with the law in the areas examined and that some technologies helped protect the privacy of Canadians. However, the review also found governance weaknesses, including that certain standard operating procedures and policy/process documents had not received corporate approval during the review period. The release is heavily redacted, but is useful for understanding early oversight of CSEC technology acquisition, privacy-risk assessment, SIGINT/IT-security tooling, and the internal approval processes associated with operational technology use.
A-2011-00968: CSE Commissioner Review of CSEC SIGINT Targeting Activities. This release contains a March 15, 2011 Office of the Communications Security Establishment Commissioner review of CSEC SIGINT targeting activities under CSEC’s foreign intelligence mandate. The review examined CSEC targeting processes and practices, including relevant legislative and policy frameworks, ministerial authorization requirements, targeting tools, request volumes, analyst roles, documentation practices, management controls, and measures intended to protect the privacy of Canadians. Of note, the review assessed whether CSEC’s targeting activities complied with law, ministerial requirements, and internal policies and procedures, including requirements that activities not be directed at Canadians or persons in Canada. The Commissioner’s office found that CSEC conducted the reviewed SIGINT targeting activities in accordance with the law, had sufficient policies and processes to meet the legal requirement not to direct activities at Canadians or persons in Canada, and had management controls intended to monitor compliance with governing authorities. The review also followed up on earlier Commissioner reviews and CSEC audit work, including prior recommendations concerning legal compliance, targeting requests, and policy guidance. The release is heavily redacted, but it is useful for understanding CSEC’s pre-Snowden targeting governance, internal control environment, compliance documentation, and oversight of foreign intelligence collection activities.
A-2011-00967: Report to the CSE Commissioner on CSE Support to CSIS — Phase I: CSE Mandate (a). This release contains a January 16, 2008 report prepared for the CSE Commissioner examining CSE’s support to CSIS under CSE’s foreign intelligence mandate, specifically paragraph 273.64(1)(a) of the National Defence Act. The review assessed the lawfulness of CSE activities in support of CSIS, including the CSE–CSIS relationship, applicable authorities, ministerial directives, memoranda of understanding, legal advice, policies and procedures, and the treatment of CSIS Requests for Information. Of note, the report concluded that CSE’s support to CSIS under mandate (a), during the review period, was lawful as interpreted by Department of Justice advice and consistent with CSE policies then in place. However, the review also identified issues requiring attention, including outdated ministerial directives, whether some CSIS-related activities were more appropriately conducted under mandate (a) or mandate (c), inconsistencies in RFI documentation, unclear terminology, and the need for case-by-case assessment of requests. The report also notes delays in the review caused in part by CSE not providing requested documentation in a timely manner. The release is heavily redacted, but is useful for understanding early oversight of CSE support to CSIS, the handling of foreign intelligence requests, privacy safeguards, and mandate-boundary issues before later national security accountability reforms.

Office of the Privacy Commissioner of Canada

A-2017-00026: Please provide the following briefing notes for the Commissioner Daniel Therrien in Nov. 2016: “7777-6-171215, Note – FTC Ashley Madison, ” “7777-6-171092, Briefing Note – Approach to lawful access by technology companies,” “7777-6-171347, Note to Cr – Facebook strategy,” “7777-6-171918, BN – Meeting with Canada Revenue Agency,” “7777-6-176219, Note to commissioner – letter of advice to PCO – Electoral Reform Strategy.” Pages 16-17 of the document involve the OPC declining to press an investigation into a company, who’s name is not revealed. The OPC asserts that they believe the company in question could, and should, develop and issue transparency reports despite the companies’ assertion that such reports would be expensive to develop. The discussions of lawful access in this report amount to internal advice concerning how companies respond to lawful requests for information, and being uncertain whether making local requests or utilizing MLAT are better approaches. Dated 2016.
A-2016-00261: Please provide the following briefing notes prepared for the Privacy Commissioner (CTS#,Title): “CTS-091893 – Facebook Strategy, CTS-092891 – Meeting with Canada Revenue Agency, CTS-092040 – Online Reputation – Summary of Submissions, CTS-092709 – Media analysis, CTS-092810 – Gone Opaque? An analysis of hyporthetic (sic) IMSI Catcher Overuse in Canada, CTS-092816 – Outline for Security and Intelligence Consultations”. The document outlines, in depth, the planned meeting with the CRA. This is particularly pertinent given the concerns in Canada about how effective the Agency’s data security and collection processes are. This briefing note is incredibly extensive, and provides insight into the difficulties faced, and challenges overcome, by the CRA. Of note, the summary provided of “Gone Opaque” report probably does a better job that the one its authors in summarizing the text. Other documents aren’t particularly interesting. Dated 2016.
2015 Materials concerning a Lawful Access Meeting with the Canadian Wireless Telecommunications Association (CWTA). This release contains Office of the Privacy Commissioner of Canada records concerning a December 10, 2014 meeting with the Canadian Wireless Telecommunications Association and representatives from major telecommunications providers. The records include internal emails, briefing notes for the Commissioner, handwritten meeting notes, background materials, media coverage, Rogers and TELUS transparency reports, and OPC materials on lawful access, warrantless disclosures, and Bill C-13. Of note, the records show the OPC preparing for industry discussions about the aftermath of R. v. Spencer, telecommunications companies’ handling of law enforcement and national security requests, and whether greater clarity or guidance was needed around lawful access and transparency reporting. The briefing materials also discuss PIPEDA’s “lawful authority” provisions, the volume and opacity of government requests for subscriber information, the role of public transparency reports, and the OPC’s concern that Bill C-13 and related lawful access powers could expand warrantless or low-threshold access to personal information. The release is useful for understanding the OPC’s post-Spencer engagement with the telecommunications sector and the policy context around transparency reporting, metadata, subscriber information, and government access to telecommunications data.
A-2013-00261: OPC Records on Telecommunications Providers, Lawful Access Requests, and Transparency Reporting. This release contains Office of the Privacy Commissioner of Canada records concerning government access to telecommunications subscriber and customer information, including correspondence with Canadian telecommunications service providers, internal OPC emails, and materials related to transparency reporting. The records include the OPC’s 2011 letters to major telecommunications and online service providers asking about the volume and types of government data requests they received, whether they published aggregate figures, what kinds of data were disclosed, whether customers were notified, whether companies sought reimbursement, and whether fee schedules were publicly available. Of note, the release includes a December 2011 aggregated response prepared through counsel for the Canadian Wireless Telecommunications Association, reporting very large annual volumes of lawful access-related requests across participating providers, while also noting methodological limits and avoiding provider-specific attribution. The package also includes later correspondence from January 2014 concerning civil society and academic letters to Canadian telecommunications providers seeking greater transparency about government access to customer data. The records are useful for understanding the OPC’s early efforts to map Canadian telecommunications lawful access practices, the difficulty of obtaining comparable provider-level statistics, and the policy context that preceded later debates around transparency reports, subscriber information, lawful authority, and post-Spencer reforms. The latter portion of the release is largely marked as duplicate pages.
Memorandum: Review of the Royal Canadian Mounted Police — Problems with statistics and identifying warrantless access files. This short memo outlines that warrantless access to subscriber data statistics which were released in a 2010 ATIP request were “inaccurate, incomplete, not current and they were not useful in identifying PROS files for review” (1). Statistics were inaccurate “because of lack of reporting, multiple reporting or overlapping reporting” (2). The result was that the OPC was unable to rely on, or use, the statistics generated by the RCMP. Dated October 2014.
A-2011-00220: All records from March 1 to November 4, 2011 about Canada’s privacy commissioners’ positions on the proposed lawful access bills.

Privy Counsel Office

A-2021-00388: Correspondence between the Privy Council Office and Global Affairs Canada on the topic of 5G, Huawei and Chinese suppliers for the period of June 1 to December 20, 2021.
A-2021-00387: Correspondence between Privy Council Office and Public Safety on 5G, called also “next generation wireless/telecommunications”, Huawei, Chinese suppliers, trusted suppliers, trusted vendors, non-trusted partners or the Prague Proposals.
A-2021-00386: Correspondence from the Clerk, the National Security Advisor, the Foreign and Defence Policy Advisor or Deputy Secretary to the Cabinet, Operations on the topics of 5G networks and Huawei. Timeframe: June 1, 2021, to December 20, 2021.
2019 – PCO Records on Citizen Lab’s Pegasus Spyware Report and Election Security. This release contains Privy Council Office records concerning Citizen Lab’s 2018 report on Pegasus spyware and the targeting of Omar Abdulaziz, a Saudi national with permanent resident status in Canada. The records summarize media coverage of the Citizen Lab report, the report’s finding that Abdulaziz’s iPhone had been infected with Pegasus spyware, and broader concerns that NSO Group’s Pegasus tool had been used by governments to target journalists, human rights defenders, and civil society actors. Of note, the materials frame the alleged Pegasus infection as a potential criminal and foreign-interference issue, noting that unauthorized use of a computer system and mischief to data are prohibited under the Criminal Code, while also recognizing limits on Canadian law enforcement action where foreign actors operate outside Canada. The records state that the RCMP was examining the Citizen Lab report and establishing a foreign interference team to disrupt and investigate threats to democratic and electoral processes ahead of the 2019 federal election. The release also includes a heavily redacted Integrated Terrorism Assessment Centre special event threat assessment for the 43rd Canadian General Federal Election. The package is useful for understanding how federal officials connected spyware reporting, transnational digital repression, foreign interference, and election-security concerns in the lead-up to the 2019 election.
A-2018-00418: This ATIP entirely concerns Huawei and the Meng detention, along with briefing material to inform relevant officials about the public commentary and positioning of former security officials and the management of Canada’s ambassador to China, John MaCallum. Page 1-2: recites Canada’s opposition to China sentencing Canadian to death and recognition that the bilateral relationship matters to Canada. Page 10-11: summary of the initial state of play concerning the detention of Huawei’s CFO, Meng Wanzhou. Page 30: mention that the CSE’s review program has been in operation since 2013, and exclusively mentioned Huawei as a party that has been subjected to it (though doesn’t explicitly say that the company is alone in the assessments). Page 36-37: summarizes recent commentary by Canadian security officials (i.e., Ward Elcock, John Adams, and Richard Fadden) warning the Canadian government to abandon using Huawei equipment.
A-2018-00295: This ATIP pertains to the federal government’s use of IMSI catchers, as well as the use of those devices by federal agencies such as the RCMP. Page 11: a reporter asked a question to PCO about how parliamentary staffers should mitigate risks associated with IMSI catchers. Page 16: summarizes the old RCMP call about IMSI Catchers, when the service admitted to using them. Includes a note that the RCMP was getting jammer exemptions for some time, until they ‘realized’ that the devices were in fact not jammers and thus it was the improper mode of exemption/request. Page 87-88: responses to reporter asking whether ISED had approved the use of IMSI catchers, by way of issuing appropriate licenses. PSC maintains that authorizations from ISED had been obtained, and that any surveillance was conducted per the law (note: this ignores that the RCMP conducted numerous IMSI catcher operations w/o first obtaining warrant, as disclosed in the Adam press conference with G&M and TorStar).
A-2017-00362: This ATIP concerns a Bell data breach which occurred in 2017. There is nothing of note in this ATIP; this is just a sitrep (with redactions) about the fact that Bell had a significant breach. It was sent to Michael Wernick from David Vigneault via Daniel Jean.
A-2017-00311: This ATIP pertains to the FVEY 2017 Ministerial Joint Communique. Of note, on page 1 it notes that there “was significant back and forth on the encryption issue” but that PS thinks that there may be agreement in the FVEY ministerial language, though authors are unclear of Min. Goodale has provided final agreement. Page 8 contains internal recognition that Australia is driving the discussion to be had on encryption, and how it may enable undesirable activities (e.g., “access to target/terrorist data held by industry/social media providers”).
P.C. 3486: 1951 Order Concerning Communications Interception and Secrecy. This historical release contains Privy Council Order P.C. 3486, approved July 4, 1951, under the Emergency Powers Act. The order authorizes the Minister of Justice, where satisfied that doing so is necessary in the interests of public safety, public order, or the security or defence of Canada, to require a “communications agency” to produce copies of communications sent or received by means such as cable, telegraph, telephone, radiotelegraph, or radiotelephone. Of note, the order allows the Minister to require a communications agency to copy communications of a specified class, and to authorize assistance from persons needed to access or deal with communications where the agency itself cannot do so. It also creates strict secrecy obligations: communications agencies and others are prohibited from disclosing the existence, contents, or implementation of such orders except as legally authorized. The order includes offence provisions for both unauthorized disclosure and refusal or failure to comply. The document is useful as an early Cold War-era example of Canadian executive authority over communications surveillance, secrecy, and compelled assistance, predating later statutory frameworks for lawful interception and national security review.

Public Safety Canada

A-2022-00434: This is a summary of PS-038158: Memorandum to the Minister – Privacy and National Security Concerns with TikTok, December 15, 2022, and includes a fact sheet on TikTok produced by the Intelligence Assessment Secretariat. Notably, the memorandum states that “[a]s of 2022, there are over 8 million Canadian TikTok users, ranging from 55% of teenagers to members of Parliament. It harvests their data, offering false public and governmental reassurances about data sovereignty and security.” Further, it notes that TikTok established a presence in Toronto after purchasing a Canadian company. The fact sheet asserts that, “[a]n Australian cybersecurity firm has concluded that most of TikTok’s access and data collection is not required for the app to function, and only serves as a “data harvesting” tool” and that “[s]eparate technical analysis highlights that TikTok conceals its data collection, including where that user data actually goes.” The fact sheet suggests that all TikTok data is available in China, and thus to the government, as well as the final statement that “TikTok–and its Chinese owner ByteDance–command the modern information environment, [REDACTED].”
A-2021-00008: Concerning Government of Canada Cyber Security and Repatriation of Syrian Fighters. This document includes media lines responding to a reporter in northern Iraq who is asking the federal government questions on its policies to repatriate Canadian foreign fighters. Dated October-December 2020.
A-2020-00246: Recent version of the Solicitor General’s Enforcement Standards. Dated January 1, 2020 – November 3, 2020.
A-2019-00202: Correspondence Between the Privacy Commissioner and Ministers on U.S. Border Privacy, Judicial Redress Act Coverage, and CLOUD Act Information Sharing. This short release contains correspondence from January–July 2019 between Privacy Commissioner Daniel Therrien and Ministers David Lametti, Ralph Goodale, and Chrystia Freeland concerning Canadians’ personal information in the United States. The Commissioner’s January 23, 2019 letter follows earlier exchanges about U.S. Executive Order 13,768, border screening, and whether Canadians’ information was being handled differently after the order. He acknowledges officials’ confirmation that the order had not, as a practical matter, changed how information shared by Canada was handled, used, or protected. However, he raises a continuing legal concern: Canada had not been designated as a “covered country” under the U.S. Judicial Redress Act, unlike several European countries, leaving a gap in statutory protections for Canadians’ personal information in the United States.

Of note, the Commissioner also expresses interest in engaging on the privacy implications of information-sharing arrangements under the U.S. CLOUD Act. Much of the substantive discussion is redacted under international affairs/advice-related exemptions, but the government’s July 12, 2019 response acknowledges the Commissioner’s advisory role, indicates that privacy and data-protection issues relevant to his expertise would need to be considered, and commits officials to continue working with his office on measures to protect Canadians’ personal information in the United States.

The release is useful as a narrow but important marker of OPC concern about cross-border privacy protections after EO 13,768, the absence of Canadian coverage under the Judicial Redress Act, and early federal engagement on CLOUD Act-related information-sharing implications.
A-2019-00200: Public Safety / CSIS Materials on Canadian Dataset Classes Under the CSIS Act. This release contains Public Safety Canada and CSIS materials from July 2019 concerning ministerial approval of classes of Canadian datasets under the amended CSIS Act. The records include a memorandum to the Minister of Public Safety and Emergency Preparedness, a CSIS memorandum from Director David Vigneault, a visual diagram explaining the interaction between dataset “classes” and the statutory relevance test, an overview of proposed dataset classes, a heavily redacted record of decision, and a letter from Minister Ralph Goodale notifying Intelligence Commissioner Jean-Pierre Plouffe of the classes determined for collection. The materials explain that the 2019 dataset regime allowed CSIS to collect, retain, and analyze non-threat-related datasets for data analytics purposes, but only within a statutory framework involving ministerial class approval, Intelligence Commissioner review, evaluation-period restrictions, and Federal Court authorization for retention of Canadian datasets.

Of note, the actual proposed classes and much of the operational rationale are withheld, but the legal architecture is clear. The Minister’s role was to determine classes of Canadian datasets that CSIS could collect, authorize designated employees to seek Federal Court retention authorization, and approve such applications. The materials emphasize that class approval was only the first safeguard: CSIS still had to assess whether a dataset was relevant to its duties under sections 12 to 16 of the CSIS Act, confirm that it fell within an approved class, restrict operational use during the evaluation period, delete information not relevant to CSIS’s mandate, and apply to Federal Court within 90 days to retain Canadian datasets.

The release is useful for understanding how Canada’s post-2019 intelligence dataset regime was operationalized at the outset: it shows the interaction between ministerial control, Intelligence Commissioner reasonableness review, Federal Court retention authorization, statutory relevance limits, and internal CSIS safeguards for bulk or structured data analytics.
A-2019-00197: Public Safety Materials on Critical Minerals, Canada–U.S. Supply-Chain Security, and North American Value Chains. This release contains Public Safety Canada and interdepartmental materials from 2019 concerning critical minerals and Canada–U.S. cooperation on secure mineral supply chains. The records include a routing slip, a memorandum on an August 7, 2019 Deputy Minister’s roundtable on critical minerals and a Canada–U.S. joint action plan, a U.S. federal strategy on secure and reliable supplies of critical minerals, a roundtable agenda, a Canadian slide deck on Canada’s role in securing the North American value chain, and a U.S. Geological Survey technical document explaining the methodology behind the U.S. critical minerals list. The package frames critical minerals as a national-security, economic-security, defence-industrial-base, clean-technology, and supply-chain resilience issue.

Of note, the materials show Canada positioning itself as a key partner for U.S. supply-chain diversification, especially after the June 20, 2019 Trudeau–Trump commitment to develop a joint action plan on critical minerals collaboration. The Canadian deck emphasizes that mineral inputs underpin defence and security technologies, consumer electronics, electric-vehicle batteries, renewable energy, storage, and critical infrastructure; it also identifies China’s dominance in several mineral supply chains and Canada’s potential to increase and diversify production. The U.S. strategy is significant because it sets out six calls to action: advancing R&D, strengthening domestic supply chains and the defence industrial base, expanding international trade and cooperation, improving domestic resource mapping and data, improving access to resources on federal lands and reducing permitting timelines, and growing the critical-minerals workforce.

The release is useful for understanding how critical minerals became embedded in Canada–U.S. strategic planning as a response to concentrated global supply, Chinese market dominance, defence-sector vulnerabilities, and opportunities to build Canadian value chains in batteries, clean technology, advanced manufacturing, and resource development.
A-2019-00182: Public Safety Canada Records on the 2019 Five Country Ministerial Meeting. This release contains Public Safety Canada briefing and logistical materials for the July 2019 Five Country Ministerial meeting in London, United Kingdom. The records include overview notes, agendas, itineraries, delegation contact information, ministerial statements, draft communiqués, bilateral meeting materials, and briefing notes prepared for sessions on cyber threats and 5G, emerging technologies, borders and immigration, online harms, encryption, foreign interference, foreign terrorist fighters, and social integration. Of note, the package shows the breadth of issues Canada expected to address with Five Eyes partners at the 2019 ministerial, including online child sexual exploitation and abuse, violent extremist and terrorist use of the internet, platform accountability, encryption, Internet of Things security, drones and counter-drone measures, border data sharing, asylum system abuse and fraud, foreign interference in elections, right-wing extremism, and battlefield evidence. Several materials focus on engagement with digital industry, including an industry roundtable involving major platforms such as Facebook, Google, Microsoft, Snap, Twitter, and Roblox. The records are heavily redacted and many pages are withheld in full, but they are useful for understanding how Public Safety Canada framed Five Eyes cooperation on encryption, online harms, counter-terrorism, election security, 5G/cybersecurity, and emerging technology governance in 2019.
A-2019-00178: Public Safety Canada Records on Five Eyes Ministerial Encryption Discussions. This release contains Public Safety Canada records related to encryption, online safety, and the 2019 Five Country Ministerial meetings in London. The records include a briefing note for the Minister on encryption, draft Five Country Ministerial communiqués, bilateral meeting notes, and related materials concerning online child sexual exploitation and abuse, violent extremism and terrorist use of the internet, hostile state activity, foreign terrorist fighters, and cooperation with technology companies. Of note, the encryption briefing materials emphasize Canada’s support for strong, widely used encryption while also identifying law enforcement and public safety concerns where encryption limits access to communications content. The records reflect an effort to frame Canada’s position carefully: supporting deeper collaboration with Five Eyes partners, investigators, and service providers, while stating that Canada does not seek to undermine communications security or restrict the spread of in-demand encryption technologies. The package also discusses Facebook’s proposed “privacy first” platform shift, the public and civil society sensitivity around mandated access to encrypted data, and the need to consider Canada’s broader privacy agenda, including the Digital Charter and PIPEDA modernization. The release is heavily redacted in places, but is useful for understanding how Public Safety Canada was positioning encryption, lawful access, platform responsibility, and Five Eyes cooperation in the post-2018 “access to evidence and encryption” debate.
A-2019-00131: Public Safety Memorandum on Five Country Ministerial Executive Steering Group Meeting Budget and Logistics. This short release contains a Public Safety Canada memorandum from April 24, 2019 seeking approval for the maximum budget for a face-to-face meeting of the Five Country Ministerial Executive Steering Group in Ottawa on May 21–22, 2019. The ESG meeting was described as a preparatory event for the annual Five Country Ministerial, intended to finalize the agenda, topics, and ministerial deliverables. All Five Eyes partners had confirmed attendance, with up to four delegates per country and a maximum of 20 participants, followed by a Sherpa-level meeting to consolidate action items.

Of note, the document is primarily administrative but still useful for understanding the logistics behind Five Eyes ministerial coordination. Public Safety selected the Canadian Museum of History as the preferred venue over the Westin Ottawa, based on security, logistics, catering, and cost considerations. The requested maximum budget was $10,000, with Canada hosting at the request of the UK and Public Safety expecting the UK Home Office to cover up to $10,000 CAD through a bilateral cost-recovery arrangement. The attached budget comparison includes venue, food and beverage, security contractor, transportation, and other costs, with estimated totals below the approved ceiling.
A-2019-00086: Public Safety / CSIS Materials on China-Related Research Security, Huawei/5G, Cybersecurity Funding, and Project Sidewinder. This release contains Public Safety Canada and CSIS-related materials from 2018–2019 concerning Chinese state-linked security issues, research-security risks, Huawei and 5G telecommunications security, cyber-security programming, and questions about the historical Project Sidewinder report. The records include Question Period notes, bilingual media lines, backgrounders, Main Estimates material on cyber security, a Deputy Ministers’ Committee on National Security retreat record, a ministerial memorandum on Project Sidewinder, media clippings, an online copy of the Sidewinder report, SIRC annual-report excerpts reviewing CSIS’s handling of Sidewinder, and a CSIS response to questions about the alleged online availability of the report. Significant portions are withheld or marked not relevant, and pages 156–331 are withheld in full.

Of note, the release shows Public Safety using consistent public lines across several China-related files: Canada’s research and technological capabilities make it an attractive target for foreign intelligence services; CSIS has a mandate to investigate threats to Canadian security, including espionage; and the government does not comment on specific operational activity. The Huawei/5G material reiterates that CSE’s Security Review Program had, since 2013, tested and evaluated designated equipment and services for Canadian 3G and 4G/LTE networks, including Huawei, and that the government was reviewing its approach to emerging 5G technology. The university-engagement notes are also significant because they acknowledge CSIS outreach to Canadian universities about research partnerships with Huawei and broader risks to leading-edge research. The Project Sidewinder materials are useful because they connect contemporary China-security concerns to older controversies about alleged Chinese intelligence, triad, business, political-influence, and technology-acquisition activities in Canada, while also including SIRC’s conclusion that it found no evidence of political interference in Sidewinder and no evidence the government ignored a substantive threat.
2019 – Minister Blair Briefing Binder: Public Safety Canada Ministerial Transition Materials. This release contains Public Safety Canada briefing materials prepared for the incoming Minister of Public Safety and Emergency Preparedness, including a portfolio “pocket book,” media lines, key contacts, organizational charts, senior official biographies, financial overview materials, and a broader 2019 transition book. The records provide an overview of the Public Safety portfolio, including Public Safety Canada, the RCMP, CBSA, CSIS, Correctional Service Canada, the Parole Board of Canada, and portfolio review bodies. Of note, the binder identifies major public safety and national security files facing the Minister at the time, including firearms and guns and gangs, border integrity and irregular migration, returning foreign fighters, 5G telecommunications, encryption, CSIS accountability and legislative reform, the CLOUD Act, critical cyber systems, intelligence and evidence, foreign interference, economic-based threats to national security, corrections reform, criminal records, cannabis and opioids enforcement, emergency management, disaster mitigation, and Canada–U.S. security cooperation. The release is useful for understanding how Public Safety Canada framed the Minister’s early priorities, statutory authorities, portfolio relationships, and cross-government policy pressures in 2019. The file is heavily redacted in places and includes some withheld pages, but it provides a broad snapshot of the Public Safety portfolio’s operational, legislative, cybersecurity, intelligence, policing, corrections, border, and emergency-management agenda.
2019 – PSC Briefing on Encryption: Lawful Access, National Security, Public Trust, and Five Eyes Coordination. This short Public Safety Canada briefing note from the 2019 transition period addresses encryption as both a cybersecurity safeguard and a growing challenge for law enforcement and national security investigations. It explains that encryption protects individuals, businesses, critical infrastructure, and government systems from malicious intrusion, while also impeding police and security agencies even where they have judicial authorization to intercept communications. The note focuses particularly on user-controlled end-to-end encryption and full-disk device encryption, and situates the issue in the context of Apple’s default device encryption, Facebook’s 2019 “privacy-focused” plan to integrate Messenger, WhatsApp, and Instagram into an encrypted communications platform, and CSIS/RCMP concerns about access to digital evidence.

Of note, the briefing frames public trust and transparency as central to any future lawful-access or encryption policy. It says public uncertainty about government authorities and capabilities has contributed to opposition to proposed lawful-access measures, and argues that progress would require stronger public outreach, improved communications, and engagement with industry, academia, and other prominent stakeholders. The Five Eyes section is also significant: it describes encryption as an issue raised at Cabinet level and among Five Eyes ministers, while presenting Canada’s position as supporting strong encryption and cooperation with industry to mitigate investigative challenges.

The release is useful as a compact snapshot of Canada’s 2019 encryption posture: preserve encryption’s cybersecurity benefits, acknowledge serious investigative barriers, avoid undermining public trust, and work with partners and industry rather than framing encryption itself as the problem.
A-2018-00446: Public Safety Email Chain on U.S. Warning About Huawei Systems and Intelligence-Sharing Risks. This short release contains a February 2019 Public Safety Canada email chain forwarding a Reuters article about U.S. Secretary of State Mike Pompeo’s warning that the United States would not be able to partner with, or share information with, countries that adopted Huawei Technologies systems in critical information infrastructure. The document consists mainly of internal forwarding among Public Safety officials and ministerial/parliamentary contacts, with one portion redacted under section 19(1). The attached media report frames Huawei adoption as a security-risk issue for U.S. allies and partners, especially in Europe and elsewhere.

Of note, Pompeo’s quoted position is direct: if a country placed Huawei systems in critical information systems, the U.S. would not be able to share information with that country or work alongside it. The article also records the U.S. view that allies needed to understand the risk of putting Huawei technology into IT systems, while noting European resistance to U.S. pressure for a ban. The release is useful as a narrow marker of the diplomatic and intelligence-sharing pressure Canada was tracking in early 2019: Huawei was not only being treated as a telecom supply-chain issue, but as a potential condition affecting alliance cooperation and access to U.S. information.
A-2018-00310: Public Safety Materials on Huawei, 5G Security, HCSEC Reporting, Telecommunications Supply-Chain Risk, and Allied 5G Decisions. This release contains Public Safety Canada, CSE/CST-linked, PCO, GAC, DND, and allied-partner materials from 2013 and 2018 concerning Huawei, 5G, telecommunications supply-chain security, and the management of critical infrastructure risk. The records include internal email chains, a 2018 Huawei Cyber Security Evaluation Centre Oversight Board annual report from the UK, a July 2018 secret 5G overview deck, Canadian Question Period / media lines on Huawei and ZTE, backgrounders on Canada’s telecommunications security review program, older 2013 briefing scripts for telecommunications supply-chain security discussions, and heavily redacted Canadian-eyes-only / Five Eyes / top secret material. The package shows Canadian officials monitoring allied decisions, especially the UK HCSEC model and New Zealand’s GCSB assessment concerning Spark’s proposed Huawei 5G deployment, while preparing domestic advice and communications lines around Canada’s own 5G security posture.

Of note, the HCSEC annual report is the most substantive disclosed document. It concludes that HCSEC continued to provide unique technical assurance, but that shortcomings in Huawei’s engineering processes exposed new risks in UK telecommunications networks and created long-term mitigation and management challenges. The 5G overview deck frames 5G as a whole-economy infrastructure layer, supporting connected transport, utilities, finance, health care, IoT, sensors, and AI-enabled orchestration, while noting the need to refine Canada’s 5G security roadmap and begin planning for 6G. The Canadian communications material repeatedly states that CSE’s Security Review Program had been in place since 2013 to test and evaluate designated equipment and services for Canadian 3G and 4G/LTE networks, including Huawei, and that CSE would continue advising on emerging technologies.

The release is useful for understanding how Canada’s Huawei/5G file evolved from technical vendor review into a broader intelligence-alliance, critical-infrastructure, supply-chain, industrial-policy, and diplomatic issue, with officials closely tracking UK, U.S., Australian, and New Zealand positions while preserving Canadian decision-making flexibility.
A-2018-00279: Public Safety Materials on Huawei, 5G Security, Telecommunications Supply-Chain Risk, and International Partner Concerns. This release contains Public Safety Canada, CSE-linked, PCO, GAC, DND, and partner correspondence from 2018 concerning Huawei, ZTE, 5G security, telecommunications critical infrastructure, and international pressure around Chinese technology vendors. The records include email chains, media-response lines, Question Period notes, Five Country Ministerial materials, a 5G overview deck, references to Australia’s Huawei ban, UK Huawei Cyber Security Evaluation Centre reporting, U.S. legislative and congressional concerns, media articles, and heavily redacted secret / Canadian-eyes-only materials. The package shows Canadian officials tracking rapidly escalating international scrutiny of Huawei while preparing communications lines that emphasized Canada’s existing CSE Security Review Program for designated 3G and 4G/LTE equipment and the government’s ongoing work to assess emerging technologies and systems important to Canada.

Of note, the release is significant because it captures the 2018 transition from Huawei as a telecommunications vendor-management issue to Huawei/5G as a broader national-security, cyber, supply-chain, intelligence-alliance, and economic-security file. The 5G materials frame the technology as transformative for the whole economy, enabling faster speeds, massive connectivity, low-latency reliable communications, IoT, sensors, and AI-enabled orchestration, while also expanding dependence on critical telecommunications infrastructure. The UK HCSEC annual report material is particularly important: it notes that the UK model provided useful assurance but also identified technical and engineering-management shortcomings in Huawei processes that created long-term mitigation challenges. The communications lines and QP material repeatedly state that Canada takes critical-infrastructure security seriously, that CSE works with telecommunications providers representing over 99% of Canadian subscribers, and that Canada would continue to assess emerging technologies, including Huawei.

The release is useful for understanding how Canadian officials positioned themselves between allied warnings, domestic telecom/security review processes, Huawei’s commercial presence, 5G economic opportunities, and the need to preserve policy flexibility before final decisions on 5G supplier restrictions.
A-2018-00278: Public Safety / RCMP Materials on RCMP Post-Employment Conflict Policy, 5G Telecommunications Critical Infrastructure, and Withheld National Security Briefing Material. This release contains Public Safety Canada and RCMP materials from 2018, much of which is withheld in full. The disclosed records include RCMP Question Period notes and policy material concerning post-employment obligations for former RCMP members; Five Country Ministerial 2018 scenario-note material on telecommunications critical infrastructure and 5G; a heavily redacted memorandum responding to a ministerial question; routing and approval sheets; and numerous pages withheld under national security, international affairs, law-enforcement, and advice-related exemptions. The package appears to bring together discrete national-security and policing-policy records rather than one continuous operational file.

Of note, the RCMP post-employment material explains that former members remain subject to conflict-of-interest expectations, secrecy obligations, and restrictions where later employment could create actual, apparent, or potential conflicts with recent RCMP responsibilities. The 5G materials are more strategically significant: they frame 5G as economically important but also as increasing dependence on interconnected networks, systems, and information flows. The disclosed Five Country Ministerial notes identify risks associated with foreign equipment in Canadian telecommunications infrastructure, including hardware/software backdoors, supply-chain compromise, and threats to critical infrastructure. They also describe the Communications Security Establishment’s collaboration with telecommunications providers and Public Safety’s Critical Infrastructure Directorate as part of Canada’s risk-management posture.

The release is useful for understanding how, by 2018, Public Safety was treating 5G and telecommunications infrastructure as a combined cyber, supply-chain, economic-security, and national-security issue, while also maintaining more routine RCMP integrity controls around post-employment conduct.
A-2018-00268: PS-023437 – Encryption. This document was created in the lead up/release of the Australian government’s document in 2018 on cryptography and the threat that it poses. Page 6 showcases how general warrants might be used to compel companies to assist with decryption and page 8 notes how wireline intercept have been developed on a voluntary basis with willing carriers, with the government largely responsible for funding. The same page notes that under the SGES there are decryption requirements, and under s. 487.01 of the Criminal Code (General warrant) the government could compel a company or provider to assist with decryption, though this hasn’t been tested in court.
A-2018-00219: Public Safety Privacy Impact Assessments for the Passenger Protect Program, Governor in Council Appointments, and the Government Operations Centre. This release contains Public Safety Canada privacy-impact-assessment materials and supporting records, principally concerning the Passenger Protect Program, Governor in Council appointments, and the Government Operations Centre. The package includes a February 2018 PIA for the Passenger Protect Program under the Secure Air Travel Act, templates for a new Passenger Protect Program personal information bank and class of records, a core PIA for Governor in Council appointments, a 2015 Government Operations Centre PIA, an earlier 2013 version of the GOC PIA, and the GOC Privacy Protocol on use of personal information. The records are focused less on operational intelligence and more on how Public Safety documents collection authority, information flows, privacy-risk levels, retention, disclosure controls, personal information banks, and mitigation measures across sensitive national-security, emergency-management, and appointments-related programs.

Of note, the Passenger Protect Program PIA is the most significant component. It explains that Public Safety establishes and maintains the SATA list, receives listing recommendations from the Passenger Protect Advisory Group, shares the list with Transport Canada and air carriers for screening, and reviews listed persons every 90 days to determine whether the statutory threshold continues to be met. It identifies sensitive personal information involved in listing and direction-making, including identity details, aliases, travel information, criminal history, threat-related information, and other data used to assess whether someone may threaten transportation security or travel by air to commit terrorism offences. The GOC materials are also useful because they acknowledge that the GOC does not ordinarily collect personal information directly, but may receive and transmit personal information during emergency-management events; mitigation measures include dissemination levels, personal-information caveats, need-to-know controls, logging, destruction practices, and limits on retention after incident closure.

The release is useful for understanding Public Safety’s privacy governance infrastructure around aviation security, senior appointments, and emergency operations: it shows how high-risk information practices were translated into PIAs, PIB/class-of-records updates, access controls, disclosure rules, retention logic, and privacy protocol language.
A-2018-00078: All records pertaining to lawful access legislation and current status; timeframe January 1, 2016 to January 1, 2018. This is a lengthy, 676 page, ATIP that includes many items of note. Per page 7, some ISPs may only retain BSI-related information (e.g. IP information, I suspect…) for only 7 days. On page 27, in reference to Blackberry being able to decrypt BBM messages, Minister is advised to say, “While it would be inappropriate for me to comment about a company’s direct interaction with foreign law enforcement agencies, I can say that we expect Canadian companies to adhere to the laws of those countries.” Page 59 includes a series of news articles linked to CIPPIC/CitLab analysis on subscriber data from 2016. Pages 123-138 include a draft of the document circulated ahead of the 2016 meeting on access to subscriber information. It includes ‘questions’ like should an IP address be associated with BSI or function as a separate kind of data-type. Page 151 outlines comments drafted by CBSA in response to questions about how it deals with encrypted devices at the border (circa 2017). Page 153 includes a long list of responses to the CBC concerning encryption at the border, with CBSA asserting: It has not undertaken a PIA at the time, and relies on an Operational Bulletin; Per s. 99 of the Customs Act, CBSA officers can inspect electronic devices; CBSA does not retain stats on the regularity at which it conducts such inspections (p. 154); and Under s. 13 of the customs act, persons can be compelled to open any goods, and since a password is required to open a device then it can be compelled; failure can result in detainment and/or seizure of the device. Page 179 reveals that CBSA will not arrest persons for failing to open their electronic device, though the device may be seized; the decision to not arrest is a demonstration of restraint, as CBSA believes it has the right to arrest an unwilling person. Page 277 has a RCMP media line, where they decline to acknowledge or refute that they use IMSI Catchers on aircraft. On page 299 we find there was a FCM Paper on Encryption produced by Canada for the Australia event and, on 310, that Canada has penned a “Lessons Learned on Operation Syrian Refugees” in the context of refugees and migration. On page 330, Canada’s key message, when dialoguing with the Australian Attorney General on encryption, was: “In Canada’s view, while encryption poses challenges for Canadian law enforcement investigators, it also safeguards our cybersecurity and our fundamental rights and freedoms. Canada has no intention of undermining the security of the internet by impeding the use of encryption.” Page 345 references the Ottawa 5 in Australia meeting priorities (took place in June 2017), and which included “…improving and collective understanding of cyber aspects of export control issues.” A quote on 450 reveals that, “[i]f security and intelligence institutions do not provide citizens with adequate information, their understanding of security and intelligence activities will be formed through ‘leaks’, as seen with the Snowden documents, or through the media, as often seen with technological issues, such as mobile device identifier technology (IMSI Catchers). This puts security and intelligence institutions in the position of playing catch up, and damages the credibility of institutions.” Pages 477-480 contain a Ministerial Five Countries (MFC) briefer on encryption, ahead of the Australia meeting on encryption. Per page 478-479, while, on the one hand, the countries recognize the value of encryption for facilitating economic activities as well as those associated with the exercise of rights, they conclude that LESAs cannot always obtain access to data that is encrypted. As such, encryption poses a threat to public safety when only the recipient of the communication can control decryption; “Governments should be able to obtain decrypted evidence when it has lawful authority to do so in order to be responsible for protecting public safety and seeking justice.” Page 519 has a listing of the different Five Eyes forums, as well as their associated mandates. Forums include: Five Country Ministerial, Quintet of Attorneys General, Migration 5, Five Country Citizenship Conference (FCCC), Border 5 (B5), Five Nations (F5), Ottawa 5 (O5), Usual 5 (U5), Critical 5 (C5), Five Eyes Law Enforcement Group (FELEG). Finally, on page 583 we learn that Public Safety Canada has not addressed the recommendation from SECU/ETHI to make no changes to the lawful access regime with regards to Basic Subscriber Information (BSI) and encryption post-Spencer, and that the House Committee on Public Safety and National Security continue to study the area of cybersecurity.
A-2018-00021: Briefing note: PS-020796 – Request for Designation to Apply for Authorizations to Intercept Communications. This document indicates that the BC Combined Special Enforcement Unit is seeking to designate a redacted party to conduct electronic surveillance, and prepare and submit warrants to conduct associated surveillance activities. The request was granted, and the person requested to notify PSC whenever designated persons no longer require this certification so they can have their designation formally rescinded.
A-2017-00403: Briefing note: PS-019674 – Request for Designations to Apply for Authorizations to Intercept Private Communications. This ATIP captures Victoria Police, and Vancouver Police, seeking to provide designated authority to obtain authority to intercept communications per judicial warrants, all as remove persons who are no longer employed by the forces/to be designated as permitted to intercept communications.
A-2017-00260: Public Safety Materials on TUSCAN, SATA/No-Fly List Information Sharing, Entry/Exit, Preclearance, and Canada–U.S. Border Cooperation. This release contains Public Safety Canada materials from 2016–2017 concerning Canada–U.S. border and national-security information sharing, especially the modernization and implementation of the Tipoff U.S./Canada arrangement, known as TUSCAN. The records include memoranda to the Minister, briefing notes for meetings with U.S. officials, implementation updates, draft CBSA standard operating procedures, one-page summaries, key messages, back-pocket briefing materials, and meeting materials for U.S. Ambassador Bruce Heyman, Ambassador David MacNaughton, DHS Deputy Secretary Alejandro Mayorkas, DHS Secretary Jeh Johnson, and DHS Secretary John Kelly. The package situates TUSCAN alongside related border files: Secure Air Travel Act / No-Fly list sharing, Entry/Exit information sharing, preclearance, cargo preclearance, Syrian refugee screening, transshipped counterfeit goods, national-security consultations, counter-radicalization, cybersecurity, and post-Beyond the Border cooperation.

Of note, the release is useful because it shows Public Safety and CBSA working to operationalize a renewed TUSCAN arrangement after years of efforts to modernize the 1997 aide-mémoire. The disclosed material describes TUSCAN as a U.S.-provided national-security database containing unclassified identifying information about known or suspected terrorists, used by Canadian border and immigration officers to compare incoming persons against the list and confirm potential matches with U.S. counterparts before decisions are made. The draft SOPs are particularly significant because they identify the CBSA workflows for contacting the U.S. Terrorist Screening Center, handling positive matches, receiving derogatory indicators, sharing encounter information, managing delisting requests, and distinguishing what the TUSCAN SOPs do and do not cover. The broader briefing materials show TUSCAN as part of a wider 2016–2017 Canada–U.S. agenda focused on aviation-security list sharing, passenger redress, biometric Entry/Exit, expanded preclearance, cargo pre-inspection, and continued border-security cooperation during the transition from the Obama to Trump administrations.

The release is useful for understanding the operational and diplomatic architecture behind Canada–U.S. watchlist and border-information sharing, including how terrorism screening, immigration admissibility, privacy/legal authorities, and cross-border political commitments were managed together.
A-2017-00207: All documents created by members of the Forbearance Working Group, SGES working group, and forbearance program. Page 1 indicates a delay in making a forbearance decisions, with a company having been “waiting for an answer from us for some time now.” Looking at the email thread, the request was made in November 2016, and a decision not yet reached in September 2017! Page 33 indicates that a TSP obtained a 24 month forbearance extension, coming into force somewhere around 2017. Page 36 indicates that a TSP obtained a 24 month forebearance extension, coming into force somewhere around 2017. Page 38 suggests there were two (2) forbearance letters drafted in 2016. Page 39 indicates that a TSP requested an additional forbearance request; presumably this is the same one noted on page 33. Page 41 indicates that a TSP obtained a 12 month forbearance; this may be the same one that obtained an extension on page 36. Pages 79-84 seems like 3 separate TSPs obtained forbearance from condition 6 a) in their COL, all dated in late September 2015. Pages 86-89 show that two separate TSPs obtained forbearance from condition 6 a) in their COL, dated mid-September 2016. Pages 99-100indicates that there is a CSIS or RCMP matrix which identifies the TSPs which have been granted SGES forbearance and, as such, do not have full intercept capability on some elements of their wireless networks.
A-2017-00170: All emails pertaining to the enclusion of a section regarding ‘encryption’ in the Five Eyes ministerial communiqué, released June 28 2017. Page 79 indicates that GoC received draft papers ahead of the Australia meeting pertaining to Intelligence and evidence, as well as encryption, and a draft of another document as well that was redacted. Page 88 includes a list of bullet points that highlight the government of Canada’s approach to encryption. This includes not proposing changes to lawful access as pertain to encryption, Canada remaining committed to ensuring the robust and wide use of encryption, the government not considering the adoption of backdoors, and continuing to evaluate options to ensure that Canadian LESAs have the resources and tools to deal with encryption.
A-2017-00038: Request Summary: Any applications under s. 191 of the Criminal Code to purchase, lease, or rent a Mobile Device Identifier, IMSI Catcher, or Stingray. Jan 1, 2017 – present. Page 1-5 includes a license allowing a vendor to sell IMSI Catcher to OPP. Pages 5-10 include a license allowing a vendor to sell IMSI Catcher to RCMP. Page 11-23 includes a license allowing a vendor to sell IMSI Catcher to RCMP, Durham police, and Winnipeg police, plus be licensed to demonstrate the product. Pages 24-26 include a license allowing a vendor to possess and sell IMSI catchers, with CSIS as the sponsor and 27-28 include a license allowing CSIS 2 licenses for IMSI Catchers. Pages 29-32 has a license allowing a party to possess IMSI catcher for demonstration purpose, sponsored by RCMP. Finally, pages 38-52 lists all the agencies which obtained licenses for operating IMSI catchers; includes: CSIS, RCMP, TPS, DND, Corrections Canada. Of note, some of the sensitivity of some of these correspondences/issuance of license are Protected, Protected A, some Secret, and one Confidential.
A-2017-00034: Request Summary: All documents pertaining to the CBC/Radio-Canada story on MDI devices (IMSI catchers) near Parliament Hill. Of note, on page 8 the RCMP refuses to confirm/deny that it uses IMSI Catchers on aircraft and on page 156, there is an indication that head of CSE (Greta) was in contact with the national security advisor (NSA) about what can be done to stop foreign providers from exploiting communications with IMSI Catchers.
A-2017-00033: All documents pertaining to the use of MDI devices (IMSI catchers) by Canadian security agencies. Page 55-57 of this ATIP include a briefing note to the Minister on IMSI Catchers. On page 55, we see that obtaining judicial authorization in 2017 was based on reasonable grounds to suspect that a crime has been, or will be, committed (i.e. transmission recorder standards). On page 55-56, “The RCMP does not use any ancillary collected data from non-targets (third parties) and immediately destroys this information following court proceedings, including appeal periods, and any specific orders from a judge.” Page 56 has a discussion of the decision to go public with IMSI Catcher related information; that decision was linked to public interest, effort to ‘correct’ misperceptions in public about abilities of devices, and (key!) “[t]his public shift is consistent with the approach taken by the United States Department of Justice and the Department of Homeland Security, which publicly announced and published information in the fall 2015 on the use of CSS technology by U.S. component agencies, including the Federal Bureau of Investigation.” Per page 95, “… MDIs used by the RCMP do not have the capability to monitor large groups of people, record calls, intercept the content of voice calls or text messages, or extract encryption keys used to conceal private communications.” Per page 96, “In situations where exigent circumstances exist, such as in the case of a kidnapping, imminent murder or terrorist activities, an MDI may be used without prior judicial authorization. In these situations, however, judicial authorization would be sought shortly after the deployment of the MDI … In 2015, the RCMP used an MDI in connection with 24 operational files, and only for priority criminal investigations including those linked to national security, serious and organized crime, and financial crime.” Finally, per page 97, when writing about Project Clemenza (Quebec case), “Notably, the redacted Factum, as it stands, reveals RCMP use of sensitive techniques, such as the RCMP’s use of the MDI as an investigative tool, or possession of an encryption key for a well-known cellular manufacturer.”
A-2017-00031: Request Summary: All documents pertaining to foreign entities using MDI devices (IMSI catchers) in Ottawa. This ATIP just has bullet points for speaking about MDIs in the aftermath of the CBC/Radio-Canada story concerning the detection of IMSI Catchers around downtown Ottawa.
Public Safety Report of Summary of Notable Submissions on Lawful Access (Green Paper). Dated around 2017.
A-2016-00342: All reviews focused on lawful interception and conditions and license. This ATIP entirely deals with transparency reporting by Canadian TSPs/ISPs, and is the result of research and work by the Citizen Lab. Per page 2, the Investigative Technologies and Telecommunications Policy (ITTP) division did work to ensure the maximization of lawful interception capabilities under the existing regulatory framework. Page three includes a quotation that, “Over the past several years, IC officials have had difficulties in monitoring TSPs’ compliance with the lawful interception condition of license…PS direct engagement with license holders to assess their compliance level will reduce the burden on IC and provide the Portfolio with valuable information on the interception capacity currently available.” Page 23 indicates that PSC would undertake an effort to “educate” the public on the merits of lawful access/interception; the goal would be, specifically, to “explore the merits of citizen engagement as a way to seek views on the appropriate balance between security and privacy, as well as to address misinformation regarding lawful access in the public environment.” Page 24 includes an informational memo that is seeking authorization to conduct closed meetings concerning TSP transparency efforts, with regards to lawful access and basic subscriber information (BSI) requests from government agencies. Page 28 has a follow up memo to that on page 24; it showcases that Citizen Lab is significantly responsible for transparency reporting by TSPs following its efforts. These efforts, plus the OPC calling for mandatory reporting in 2014, plus order paper questions (Borg), along with American releasing reports that have led to the pressures on Canadian industry. Page 29 continues to note how the influence of the US companies is a significant driver of transparency efforts, and has arisen due to a perceived imbalance between privacy and security. Page 56 has a memo regarding a meeting with TELUS about transparency reporting.
A-2016-00334: All documents pertaining to leaks of American National Security Agency documents by Edward Snowden (Part 1 | Part 2 | Part 3 | Part 4). Note that this is a *very* large ATIP that comes in at 14,810 pages. Part 1 (4000 pages): pages 44-942 are almost entirely composed of the media clippings collected by PSC and published internal on a daily basis. The remaining pages are almost exclusively either PSC news clippings or the news clippings for the CSIS Executive News Summary. Part 2/4 (4000 pages) comprises the PSC and CSIS Executive News Summary media clippings. Part 3/4 (4000 pages) comprise the PSC and CSIS Executive News Summary and RCMP summary media clippings. Part 4/4 (4000 pages) comprise the PSC and CSIS Executive News Summary media clippings.
A-2016-00340: All documents regarding telecommunications companies compliance with Solicitor General’s Enforcement Standards. Page 22 indicates that a TSP requested a SGES forbearance extension; TSP is not identified. Page 24 indicates that a TSP requested a SGES forbearance extension; TSP is not identified.
A-2016-00185: Public Safety Materials on Criminal Code Section 191 Licences for Interception-Related Devices. This ATIP release contains Public Safety Canada and RCMP/CSIS materials from 2016 concerning licence applications under section 191 of the Criminal Code. The records include memoranda to the Senior Assistant Deputy Minister, RCMP and CSIS request letters, signed licences and special licences, terms and conditions, a delegation instrument authorizing senior officials to issue licences, internal procedural emails, and a historical correspondence tracker of section 191 licence applications from 2008–2013. The core administrative function is the approval of licences permitting named companies or entities—usually under the sponsorship of police or intelligence agencies—to possess, sell, or use “enabling devices” primarily associated with the interception of communications.

Of note, the release shows the recurring mechanics of the section 191 regime: subsection 191(2)(d) allows companies to possess devices primarily used for interception where the Minister, or delegated official, issues a licence. The 2016 applications involve sponsorship by the RCMP, OPP, Winnipeg Police Service, Durham Regional Police, and CSIS, with some licences tied to demonstration purposes and others to possession or sale of enabling devices for operational or support relationships. The terms and conditions impose limits on manufacturing, sale, possession, reporting, access security, renewal, revocation, and changes to licence information. The procedural emails are also useful: officials discussed whether issue dates should be stamped on licences where the date might appear retroactive. The historical tracker at the end of the package is significant because it shows that section 191 licensing was a recurring administrative process across multiple years, involving protected, secret, and confidential files.

The release is useful for understanding the practical licensing infrastructure that sits behind lawful interception capabilities, separate from broader lawful-access debates.
2015 – Lawful Access One: Public Safety Canada Records on Telecommunications Transparency Reporting. This release contains Public Safety Canada materials concerning guidance for telecommunications service providers publishing transparency reports about lawful access requests. The records include a memorandum to the Minister, Rogers’ 2013 transparency report, responses from TekSavvy and TELUS, and U.S. Department of Justice guidance on how providers could report national security and law enforcement demands in aggregate form. Of note, the briefing materials state that Public Safety and its partners had reviewed the issue and determined there were “essentially no legal prohibitions” on telecommunications service providers publishing aggregate transparency reports. The package also documents the early Canadian debate following Edward Snowden’s disclosures, public pressure for greater transparency, and the release of transparency reports by Rogers and TekSavvy in 2014. TekSavvy’s detailed response is particularly useful because it describes how a smaller Canadian ISP categorized government requests, handled subscriber information, interpreted lawful authority, limited voluntary disclosure practices after R. v. Spencer, and approached retention, notification, reimbursement, and customer access questions. The release is useful for understanding the shift toward telecommunications transparency reporting in Canada and the policy/legal context around subscriber information, lawful access, metadata, and aggregate disclosure of government requests.
A-2015-00140: Public Safety Materials on Lawful Interception Conditions of Licence, SGES Compliance, Spectrum Licensing, and Forbearance Management. This release contains Public Safety Canada materials from roughly 2011–2013 concerning the lawful interception condition of licence applied through spectrum licensing, the Solicitor General’s Enforcement Standards for Lawful Interception of Telecommunications, and the management of the related forbearance program. The records include briefing notes, draft correspondence with Industry Canada, legal-service material, memoranda on the 700 MHz and 2500 MHz spectrum auctions, proposed licence-condition language, a primer on the SGES, tables comparing existing and ideal lawful-interception capabilities, and a slide deck titled Strategy for Enhancing the Lawful Interception Condition Forbearance Program: SGES Compliance. The package shows Public Safety relying on spectrum licence conditions as a key interim mechanism to preserve lawful-interception capability while broader lawful access legislation remained unresolved.

Of note, the materials show officials trying to modernize outdated interception requirements, especially language tied to “circuit-switched voice telephony,” so that lawful-interception obligations could better apply to contemporary wireless voice and data services. The SGES material is significant because it breaks lawful-interception capability into operational and engineering requirements, including access to telecommunications, call-associated data, service data, location data, handover interfaces, encryption, security, identifiers, quality of service, response time, and scope-of-warrant controls. The forbearance materials show Public Safety seeking stronger management tools: formal updates from licence holders, quarterly reporting, tracking reports, risk assessment, proactive engagement with telecommunications service providers, and closer coordination with Industry Canada. The release is useful for understanding how Canadian officials attempted to maintain lawful-intercept capability through radiocommunication licensing, spectrum-auction conditions, compliance monitoring, and SGES interpretation while facing technological change, regulatory gaps, and uncertainty around lawful access legislation.
A-2014-00108: Public Safety Materials on Application Service Providers, Encryption, Lawful Access, Bill C-30, and Post-Snowden Communications Security (Reports from January 31, 2012 to July 18, 2014). This release contains Public Safety Canada materials from roughly 2012–2014 concerning application service providers, encrypted communications, lawful access, and the implications of changing Internet-based communications services for law enforcement and national security. The records include a briefing note on application service providers such as VoIP and webmail services, background Q&As on Bill C-30 / the Protecting Children from Internet Predators Act, an international travel report on law-enforcement priorities discussed at the 2013 ISS World conference, a Public Safety primer on encryption, and internal circulation of materials concerning Snapchat, Wickr, Lavabit, Silent Circle, NSA cryptographic capabilities, SSL/TLS, random-number generators, Twitter’s adoption of stronger encryption, and the public/private surveillance relationship after the Snowden disclosures.

Of note, the release shows Public Safety framing application service providers and encryption as growing operational challenges because communications services were increasingly delivered by web-based or foreign providers, often outside traditional telecommunications interception frameworks. The Bill C-30 materials repeat the government’s earlier lawful-access rationale: intercept-capability obligations, basic subscriber information, transmission data, preservation demands/orders, judicial authorization for private communications, and safeguards against abuse.

The encryption primer is especially useful because it distinguishes user-controlled encryption from service-provider-enabled encryption, explains public/private key concepts, and identifies privacy concerns, cloud computing, computing power, and greater adoption of encrypted services as drivers of increased encryption use. The later materials show officials tracking the post-Snowden environment, including stronger provider encryption, Lavabit/Silent Circle’s refusal or inability to comply with U.S. secret orders, NSA efforts against SSL and cryptographic standards, and concerns that commercial platforms’ privacy/security claims remained constrained by lawful access and surveillance obligations. The release is useful for understanding how Public Safety viewed the collision between lawful interception, encryption-by-default, foreign-based application providers, metadata/data-location issues, and shifting public expectations about communications security.
A-2013-00262: Documents pertaining to the Industry Canada 700MHz auction, as linked with lawful access legislation and requirements. (Part 1 | Part 2). In the Part 2 pdf, page 8 includes the following quotation: “According to the federal annual reports on the use of electronic surveillance, on average, 131 authorizations were granted each year from 2000 to 2011. For the same period, only 4 applications or renewals were refused, and 14 authorizations were granted for interceptions under exceptional circumstances (s.188 of the Criminal Code). Of the 131 authorizations granted per year, an average of 110 (84%) were granted under audio surveillance (s.185) and nearly all the remaining authorizations were granted for video surveillance (s.487). // For the 131 authorizations granted per year, an average of 945 interceptions (79% of the total) were conducted by means of telecommunications, with the remaining 255 interceptions conducted by microphone, video and other means. This gives a grand total of 1,200 interceptions per year, and an average of 9 interceptions per authorization.” Page 82 notes that Bill C-30 would have applied to Canadian application service providers (ASPs) and “thus would have compelled those companies to assist agencies in obtaining intercepted communications or other electronic data.”
A-2013-00261: Documents pertaining to Lawful Access Legislation, Bill C-30. (Part 1 | Part 2)
A-2013-00122: Public Safety Materials on Ministerial Directions for Information Sharing with Foreign Entities, Mistreatment Risk, CSIS/CBSA/RCMP Implementation, and Historical RCMP Directives. (Part 1 | Part 2) This split release package contains Public Safety Canada, CSIS, CBSA, RCMP, and related materials concerning the 2011 ministerial directions on “Information Sharing with Foreign Entities.” The records include signed or draft ministerial directions for CSIS, CBSA, and the RCMP; the broader framework for addressing risks of mistreatment in foreign information sharing; CBSA and RCMP implementation policies; evaluation-process diagrams for receiving, sending, or soliciting information from foreign entities; briefing and Q&A materials; responses to parliamentary inquiries; correspondence responding to OSCE concerns; and older Solicitor General / ministerial directives governing RCMP national-security responsibilities, foreign police assistance, agreements, sensitive-sector investigations, criminal-record information, and legislative-precinct privileges. The package shows the government attempting to formalize a common policy architecture after the Arar/O’Connor and Iacobucci inquiries, while preserving operational flexibility for national security, border, policing, and intelligence cooperation.

Of note, the records define “mistreatment” as torture or other cruel, inhuman, or degrading treatment or punishment, and define “substantial risk” as a personal, present, and foreseeable risk based on more than theory or speculation. The directions require agencies to assess accuracy, reliability, caveats, assurances, foreign human-rights records, operational necessity, and mitigation measures before sharing, requesting, or relying on foreign-origin information. They also state that agencies should not knowingly rely on information derived from mistreatment, while allowing exceptional use or disclosure where serious threats to life, injury, or destruction of property may be involved, subject to escalation and mitigation. The RCMP and CBSA implementation materials are particularly useful because they translate the high-level ministerial directions into operational workflows, approval thresholds, documentation expectations, and caveat language.

The release is useful for understanding how Canada sought to reconcile intelligence and law-enforcement cooperation with anti-torture obligations, human-rights due diligence, ministerial accountability, foreign liaison management, and post-Arar risk controls.
A-2013-00070: Hacker group Anonymous – especially on ‘#OPPartyCrasher’, from January 2012 to May 9, 2013.
A-2013-00065: Public Safety Materials on Federal–Provincial–Territorial Cybersecurity Coordination, CCIRC Mandate, Information Sharing, and Public Awareness. This release contains Public Safety Canada records from 2011–2012 concerning federal, provincial, and territorial coordination on cybersecurity. The materials include agendas, briefing notes, meeting summaries, and follow-up records for FPT teleconferences on cyber security; records concerning the January 2012 FPT Clerks discussion; proposed next steps for intergovernmental engagement; materials on CCIRC’s refocused mandate; draft information-sharing arrangements; public-awareness campaign reporting for GetCyberSafe; summaries of the London Conference on Cyberspace; and materials on SCADA / industrial-control-system security workshops. The package shows Public Safety attempting to build a more structured FPT cyber governance layer after the launch of Canada’s Cyber Security Strategy, with emphasis on shared situational awareness, incident response, emergency management links, public communications, and relationships with critical infrastructure sectors.

Of note, the records show officials trying to move cyber coordination beyond ad hoc briefings toward a more durable framework: identifying provincial and territorial cyber contacts, sponsoring security clearances for key interlocutors, developing a national cyber incident-management framework, consulting on CCIRC products and services, and proposing memoranda of understanding for information sharing. The CCIRC materials are significant because they describe a refocused national CERT role after responsibility for federal-system incidents shifted to CSEC, leaving CCIRC to concentrate on provinces, territories, municipalities, critical infrastructure owners/operators, and external partners. The GetCyberSafe materials provide useful communications metrics and show early efforts to build public awareness through federal, provincial, private-sector, and media channels.

The release is useful for understanding the early architecture of Canadian intergovernmental cyber coordination: trust-building, information exchange, emergency-management integration, public communications, and the still-developing relationship between national-security, critical-infrastructure, and provincial/territorial operational responsibilities.
A-2013-00020: Public Safety / CCIRC Materials on Election Cybersecurity, Internet Voting, DDoS Activity, Malware, and Voter-Information Exposure (Between January 1, 2011 to April 10, 2013). This release contains Public Safety Canada and Canadian Cyber Incident Response Centre materials from 2011–2013 concerning election-related cyber risks, Internet voting, voter-information security, malware, and politically timed denial-of-service activity. The records include media and research articles circulated internally on a reported cyberattack against Florida’s absentee-ballot system, Estonia’s post-2007 cyber-security posture, malware affecting Venezuelan voters, accidental disclosure of New Brunswick voter information, and arguments against Internet voting. The package also includes CCIRC correspondence and incident-handling material relating to the Halifax Regional Municipality Internet voting campaign, election-system security concerns, traffic monitoring, a suspected DDoS or network attack against an election-related target, a DDoS incident affecting the NDP leadership convention, and Shadowserver botnet notifications involving Elections Canada infrastructure.

Of note, the release is useful because it shows CCIRC treating elections as part of the cyber incident-response landscape rather than merely as an administrative or democratic-process issue. The Halifax materials show CCIRC raising security concerns with the election authority/vendor, including use of third-party domains and secure voting-site redirection, while much of the technical exchange is withheld under security and third-party/confidentiality exemptions. The news clippings and internal correspondence highlight recurring risk themes: absentee ballot request manipulation, online voter registration vulnerabilities, malware targeting voters, accidental voter-list disclosure, DDoS against political organizations, botnet activity, and the broader reliability/usability/security concerns associated with Internet voting.

The release is useful for understanding how Canadian officials were beginning to monitor and coordinate around election cyber incidents before “election security” became a more formalized policy domain, including the overlap between cyber hygiene, vendor assurance, incident response, public trust, and democratic infrastructure protection.
2013 – CCIRC 2012 Cyber Operational Report and Early 2013 Operational Summary. This release contains Public Safety Canada / Canadian Cyber Incident Response Centre operational reporting on cyber incidents, threat trends, mitigation advice, and partner services in 2012 and early 2013. The records include CCIRC’s 2012 Cyber Operational Report, a January–March 2013 quarterly operational summary, annexes on recommended mitigation actions, vulnerability mitigation, malware definitions, and ministerial transmittal letters distributing the reports to federal ministers.

Of note, CCIRC reported 924 incidents in 2012, with finance, information and communications technology, energy and utilities, and government sectors among the most affected. The report highlights malware and exploit kits, phishing and targeted emails, advanced persistent threats, hacktivism, industrial control system risks, and incidents involving malware families such as Zeus, Conficker, Flashback, Sality, ZeroAccess, and DNSChanger. It also discusses the SHINE Project’s identification of Internet-accessible industrial control systems, compromise risks to Canadian ICS operators, and the importance of basic mitigation measures such as application whitelisting, timely patching, minimizing administrative privileges, segregating sensitive ICS data, and requiring multi-factor authentication for remote access. The release is useful for understanding how Canada’s federal cyber incident-response function framed operational cyber risks in 2012–2013, including its role in alerts, advisories, victim notifications, code-removal requests, partner coordination, and critical-infrastructure cyber resilience.
A-2012-00715-0001: Industry Canada / Public Safety Materials on Lawful Access, Spectrum Auctions, Lawful Intercept Conditions of Licence, and Industry Concerns. This release contains Industry Canada, Public Safety Canada, Justice Canada, and telecommunications-sector materials from 2011–2013 concerning lawful access, the 700 MHz and 2500 MHz spectrum auctions, and the lawful interception condition of licence applied to spectrum licences. The records include internal emails, legal advice exchanges, briefing decks, issue papers, consultation materials, and industry-facing presentations. Much of the package focuses on how to modernize the lawful interception condition of licence by removing outdated references to “circuit-switched voice” while preserving the requirement that wireless providers maintain lawful intercept capabilities consistent with the Solicitor General’s Enforcement Standards for Lawful Interception of Telecommunications.

Of note, the release is useful because it captures both government and industry perspectives on lawful access during the Bill C-30 period. Industry stakeholders—including CWTA, ITAC/ACTI, Bell, TELUS, Rogers, Microsoft, RIM, and others—raised concerns about technological change, regulatory uncertainty, standards, capacity requirements, compensation, subscriber-information systems, and multiple security-clearance processes. The industry deck argues that communications had shifted from traditional wireline/voice networks to cloud services, social media, LTE, VoIP, IPv6, and complex multi-service environments, making older lawful-access models difficult and costly to implement. The government materials show officials trying to balance spectrum-policy objectives—competition, rural deployment, auction design, opening bid prices, roaming/tower sharing, and public safety/D-block issues—with national-security and law-enforcement interests in maintaining intercept capability.

Specific page references that are worth focusing on include: page 3 notes that government wants to extend intercept to include VoLTE, for voice only, to maintain intercept capability. Page 9 notes that while there might be additional software costs in intercepting data over 700Mhz as opposed to just voice, it is possible to intercept the data. Page 18 recognizes that Canada is a small market and thus cannot expect “tailor-made equipment standards from international equipment manufacturers… LEAs cannot cherry pick from a variety of different standards.” Page 18 also includes the following quotation: “At a minimum, allow Regulations to recognize role of commercially available industry standards to meet LA obligations (ideally = Meeting a standard should = safe harbour for compliance).” Per page 19: “The 1 in 5,000 subscribers capability requirement is significantly higher than other jurisdictions.” Page 27 indicated the federal government is involved in approx 18K/year wiretaps/intercepts, and warrants/court orders. Breakdown is approx. 6K communications intercepts/wiretaps across all platforms (e.g. wireline, wireless, internet) and 12K for CDRs. Page 27, also, indicates approximate 1.13 million/year subscriber information requests.

The release is useful for understanding how lawful access became embedded in spectrum licensing and auction design, and how officials sought to preserve investigative capabilities while managing industry resistance, technological complexity, and the broader politics of Bill C-30.
A-2012-00471: Briefing material to DM re: IT security, IM security and cyber security from Jan. 2012. (Part 1 | Part 2)
A-2012-00470: Public Safety Materials on Cyber Security Strategy, CCIRC Operational Reporting, International Cyber Engagement, and Cyber-Security Capacity Building (Materials from Sept 1, 2012 and Feb 28, 2013) (Part 1 | Part 2) This split release package contains Public Safety Canada materials from 2012–2013 concerning Canada’s cyber-security strategy, CCIRC operational reporting, international cyber diplomacy, cyber capacity building, and related administrative approvals. The records include 2013–14 Main Estimates material, speaking notes for the Halifax Security Forum on cyber, drones, and modern warfare, CCIRC quarterly operational summaries for April–June and July–September 2012, international travel authorities for cyber meetings in South America, the RSA Conference, and the International Watch and Warning Network / National Cyber Security Centrum conference, hospitality approvals for senior cyber-security dialogues, and materials for an industrial control systems security workshop in Vancouver. The package also includes briefing notes and slide decks on protecting sensitive information and critical systems, supply-chain security, public-private information sharing, Internet governance, the Budapest Convention, and bilateral cyber discussions with the United Kingdom, Saudi Arabia, the United Arab Emirates, and other partners.

Of note, the CCIRC quarterly summaries are especially useful because they show the maturation of CCIRC’s operational products and services: incident handling, victim notifications, code-removal requests, cyber flashes, alerts, artifact-analysis reports, technical reports, trend analysis, and recommended mitigation actions. The reports identify malware, phishing, malicious code, improper configuration, industrial control systems, targeted spear-phishing, Oracle Java vulnerabilities, Flame/SkyWiper, Zeus, Gauss, Shamoon/DistTrack, Internet Explorer zero-days, and ZeroAccess as significant issues during the period. The broader package frames cyber security as a shared national-security and economic-security problem involving government systems, private-sector critical infrastructure, trusted vendors, procurement, supply-chain integrity, data sovereignty, public awareness, and international cooperation.

It is useful for understanding how Public Safety linked Canada’s Cyber Security Strategy to CCIRC’s operational growth, international cyber-norms work, Budapest Convention ratification, private-sector information sharing, industrial-control-system resilience, and the practical administration of cyber-security diplomacy and capacity-building activities.
A-2012-00462: Documents pertaining to lawful access legislative reforms.
A-2012-00459: Public Safety Materials on Shiprider, Integrated Cross-Border Law Enforcement, Next Generation Operations, and Beyond the Border Implementation (From January 1, 2012 to February 22, 2013). This release contains Public Safety Canada materials from 2012 concerning integrated Canada–U.S. cross-border law enforcement operations. The records include repeated ministerial correspondence responding to concerns about cross-border policing, briefing slides for the Canada–U.S. Cross-Border Crime Forum, materials on “Next Generation” pilot projects, Budget Implementation Act briefing materials, Q&As, clause-by-clause notes, historic timelines, bill text, transition briefing materials, and background analysis on the Integrated Cross-Border Law Enforcement Operations Act. The package situates Shiprider and Next Generation operations within the Beyond the Border Action Plan, emphasizing transnational organized crime, contraband, firearms, drugs, human smuggling, and jurisdictional gaps along the Canada–U.S. border.

Of note, the release shows officials repeatedly stressing that integrated cross-border operations would not undermine Canadian sovereignty because U.S. officers operating in Canada would be trained in Canadian law, operate under Canadian direction and control, and be subject to Canadian law and privacy protections. The legislative materials describe Shiprider as a maritime model for jointly crewed vessels, while Next Generation was framed as a land-based evolution involving three operational elements: uniformed presence, joint investigations, and intelligence/information sharing.

The records also show key implementation issues: pilot projects in the BC/Washington and Windsor/Detroit regions, governance structures, officer designation, public complaints and RCMP oversight, CBSA’s limited direct role in Shiprider, stakeholder concerns from municipalities and Indigenous communities, and the need for outreach to address sovereignty, privacy, Charter, and accountability concerns. The release is useful for understanding how Canada operationalized *Beyond the Border* policing commitments while managing legal authority, public legitimacy, cross-designation, information sharing, and domestic accountability risks.
A-2012-00457: SGES/Lawful Interception of Telecommunications as pertain to the 700MHz consultation and debates of extending LI to the new spectrum. This release contains Public Safety Canada, RCMP, CSIS, Industry Canada, and related materials from 2011–2012 concerning lawful interception requirements in telecommunications licensing. The records include a compliance table for the Solicitor General’s Enforcement Standards for Lawful Interception of Telecommunications, correspondence on updating those standards, internal briefing material on lawful access operational issues, draft and final Public Safety comments to Industry Canada’s 700 MHz and 2500 MHz spectrum consultations, excerpts from the Radiocommunication Act, proposed changes to lawful-intercept licence conditions, and Question Period / briefing materials linking telecommunications foreign-investment reform to national-security safeguards. Much of the substantive legal and operational analysis is redacted, but the disclosed material shows officials working to modernize lawful-interception obligations while Bill C-30 / lawful access legislation remained uncertain.

Of note, the records show Public Safety treating spectrum licensing as an interim or parallel mechanism for preserving lawful-intercept capability pending broader legislation. The disclosed materials repeatedly identify a need to remove outdated references to “circuit-switched voice telephony” and replace them with technologically neutral language that could apply across evolving telecommunications services. Industry stakeholders—including Bell Mobility, CWTA, Eastlink, Public Mobile, Shaw, and TELUS—raised concerns that new licence conditions could impose substantial obligations before Parliament had enacted broader lawful access reforms, and some argued that any changes should await legislation or revision of the Solicitor General standards. Public Safety’s position was that lawful interception was
A-2012-00456: All documents and records from September 1, 2011 to June 1, 2012 prepared by Public Safety Canada related to the Hacker Group Anonymous and records from the Canadian Cyber Incidence response centre during this period. (Part 1 | Part 2). This split release package contains Public Safety Canada and Canadian Cyber Incident Response Centre materials from early 2012 concerning Anonymous and related hacktivist activity, distributed-denial-of-service attacks, cyber incident reporting, media monitoring, and operational coordination with Canadian and international partners. The records include cyber-security media summaries, CCIRC “Cyber Security Summary for CIOs” products, Cyber Flash and technical-report materials on DDoS mitigation, internal emails about Anonymous operations, briefings on attacks against U.S. government and private-sector websites, materials on threatened attacks against DNS root servers, and records connected to parliamentary attention to online threats against Public Safety Minister Vic Toews.

Of note, the release shows CCIRC moving from general situational awareness toward more structured operational products for government and critical-infrastructure audiences. The DDoS mitigation guide sets out a practical lifecycle—preparation, identification, containment, recovery, and lessons learned—and provides checklists for working with ISPs, documenting topology, filtering traffic, reviewing logs, and preserving evidence. The Anonymous materials are significant because they document how officials assessed hacktivist targeting, tactics, and campaigns, including LOIC/HOIC-style DDoS, Pastebin disclosures, SQL injection tools, “doxing,” and campaigns linked to ACTA, SOPA/PIPA, Bill C-11, Bill C-30, Stratfor, and “Operation Quebec.”

The package also shows CCIRC coordinating with CERTs and affected organizations, monitoring open-source claims, assessing whether incidents were active or merely publicity, and providing technical indicators and mitigation advice. The release is useful for understanding Canada’s early-2012 cyber incident posture: CCIRC treated hacktivism as both a technical availability threat and a politically motivated public-order/national-security issue, while still emphasizing defensive mitigation, critical-infrastructure resilience, partner notification, and evidence preservation.
A-2012-00336: Public Safety Materials on Bill C-30, Lawful Access Enforcement, CACP Support Materials, and International Cyber Issues (From Sept 2012 to Dec 4, 2012) This release contains Public Safety Canada and Justice-linked materials from 2012 concerning Bill C-30, the Protecting Children from Internet Predators Act, lawful access, telecommunications-service-provider obligations, enforcement mechanisms, petition responses, Question Period notes, and international cyber policy. The records include internal correspondence, notes on Bill C-30’s proposed enforcement regime, ministerial petition responses, a Question Period note explaining the bill’s interception-capability and basic-subscriber-information provisions, a Public Safety overview of Bill C-30, Canadian Association of Chiefs of Police materials supporting lawful access, and a short briefing on cyber issues, cyber norms, and Canada’s support for the Council of Europe Convention on Cybercrime.

Of note, the materials show officials emphasizing that Bill C-30 would not authorize access to email or phone-call content beyond existing Canadian law, while defending new obligations for telecommunications providers to maintain intercept capability and provide basic subscriber information to designated authorities. The enforcement-regime note describes administrative monetary penalties for contraventions, offence provisions, corporate liability, and possible court injunctions where a service provider does not satisfy requirements.

The CACP materials again provide the law-enforcement case for lawful access, including FAQs and case studies arguing that delayed or inconsistent access to basic subscriber information affected child exploitation, fraud, homicide, threats, and international investigations. The international cyber briefing is useful because it situates Bill C-30 within broader cybercrime and cyber-norms debates, including Canada’s support for the Budapest Convention, concerns about alternative state-led cyber-control proposals, and messaging that Canada favoured an open, safe, accessible Internet supported by lawful cooperation and judicial/accountability safeguards.
A-2012-00333: CSIS October 2016 Briefing Binder: SECU Appearance on the National Security Framework, Bill C-51, Threat Reduction, SCISA, “Going Dark,” Cyber Security, and Accountability (Records from Oct 1 to Dec 3, 2012). This release contains Public Safety Canada records from 2012 concerning lawful access, Bill C-30 / the Protecting Children from Internet Predators Act, related public correspondence and petitions, privacy criticism, law-enforcement messaging, and telecommunications intercept-capability policy. The materials include draft ministerial correspondence, excerpts from the Privacy Commissioner’s 2011–2012 annual report, internal emails coordinating petition responses and standard lines, a Public Safety one-page overview of Bill C-30, proposed communications lines on preservation demands and orders, Canadian Association of Chiefs of Police media materials supporting lawful access, public/media monitoring summaries, and notes on Industry Canada consultations concerning lawful-intercept conditions of licence for mobile broadband spectrum.

Of note, the package captures the government’s post-backlash effort to recalibrate Bill C-30 messaging: officials repeatedly stress that the bill would not authorize access to email content, web-browsing histories, or private communications without existing lawful authority, while still defending new tools for basic subscriber information, preservation demands/orders, streamlined production and transmission-data orders, intercept-capability obligations, and implementation of the Cybercrime Convention. The Privacy Commissioner excerpt frames the bill as raising serious concerns about warrantless access, broad availability of powers to police and security bodies, weak justification, and lack of dedicated oversight. The CACP materials provide the countervailing law-enforcement case, including “top five fears” messaging, FAQs, and case studies arguing that inconsistent or delayed access to basic subscriber information impeded child exploitation, threats, homicide, fraud, and other investigations. The release is useful for understanding the political, privacy, and communications dynamics around Bill C-30: how Public Safety, police stakeholders, privacy critics, parliamentarians, and telecom-policy officials were contesting subscriber identification, preservation, interception capability, oversight, and the boundary between investigative modernization and warrantless surveillance.
A-2012-00331: Public Safety Materials on National Security Review, SIRC, RCMP Complaints Reform, Air India Inquiry Commitments, and Bill C-42 (Records from Aug 1 to Dec 3, 2012) This release contains Public Safety Canada materials from 2011–2012 concerning review and accountability for national security activities. The records include summaries of the Air India Inquiry Action Plan, background on the O’Connor Commission recommendations, descriptions of the Security Intelligence Review Committee’s mandate and funding context, material comparing SIRC with the Auditor General and Parliamentary Budget Officer, Departmental Performance Report drafting materials, Question Period notes on national security review, briefing material on Bill C-42 and the proposed Civilian Review and Complaints Commission for the RCMP, and legal/policy notes on SIRC jurisdiction and Charter issues.

Of note, the package shows Public Safety working through the unresolved question of how to provide “effective and robust review and accountability” for national security activities involving multiple departments and agencies. The materials repeatedly return to O’Connor and Air India recommendations for inter-agency review, complaint intake, statutory gateways between review bodies, information-sharing between review entities, and coordinated review of national security activities beyond a single agency. The SIRC materials are significant because they explain SIRC’s review and complaints functions, its access to CSIS information, the transfer of functions after elimination of the CSIS Inspector General, and the policy question of whether SIRC should be “retooled” to review broader national security activities. The Bill C-42 materials are also useful for understanding the parallel reform of RCMP complaints oversight, including proposed CRCC powers, concerns about access to privileged information, independence, self-initiated reviews, service standards, and whether new review structures would satisfy earlier inquiry recommendations.
A-2012-00328: Public Safety Materials on CCIRC, ICS-CERT Cooperation, Industrial Control Systems Security, and the Cyber Security Partnership Program. This release contains Public Safety Canada materials from November 2012 concerning the Canadian Cyber Incident Response Centre, industrial control systems security, SCADA capacity-building, and cooperation with the U.S. Industrial Control Systems Cyber Emergency Response Team. The records include CCIRC overview slides, ICS-CERT comparison materials, slides on CCIRC–ICS-CERT cooperation, workshop agendas for a 2012 Control Systems Security Workshop in Toronto, a Cyber Security Partnership Program briefing, and public-facing information sheets on the National Cyber Security Directorate and CCIRC. The package presents CCIRC as Canada’s national coordination centre for cyber-event preparedness, mitigation, response, recovery, incident handling, operational analysis, technical support, and information sharing with federal, provincial, territorial, critical-infrastructure, and international partners.

Of note, the records show Public Safety emphasizing operational cooperation with ICS-CERT through dedicated information exchange, points of contact, cross-border incident handling, and sharing of indicators of compromise. The materials identify industrial control systems and SCADA security as a growing priority, including oil and gas and power-generation test beds, red-team/blue-team exercises, best-practice guidance, training workshops, vulnerability and malware analysis, and development of an ICS/SCADA lab. The Cyber Security Partnership Program material is also significant: it frames a planned 2013 grants-and-contributions program to improve government collaboration with owners and operators of vital systems, support cyber-security assessments, develop sector-specific practices and guidelines, promote research and innovation, and explore alternative measures to safeguard vital electronic systems. The release is useful for understanding CCIRC’s maturation in 2012, especially its move toward structured products and services, partner portals, industrial-control-system expertise, cross-border operational cooperation, and practical engagement with critical-infrastructure operators.
A-2012-00324: Public Safety and Industry Canada Materials on Investment Canada Act Notifications, Applications, and National-Security Review Coordination (Records from Jan 1 to Nov 21, 2012.) This release contains Public Safety Canada and Industry Canada correspondence from January to July 2012 concerning Investment Canada Act files, notifications, applications, certification information, and related coordination between Public Safety’s National Security Operations Directorate and Industry Canada’s Investment Review Division. The records are overwhelmingly redacted, principally under section 24(1), with some pages withheld under Cabinet-confidence-related provisions. Most disclosed pages consist of short email exchanges between Public Safety and Industry Canada officials forwarding, confirming, tracking, or seeking information about ICA-related files.

Of note, the visible portions show Public Safety regularly receiving and tracking ICA-related information from Industry Canada, including file certifications, file-number changes, additional information requests, and status questions about whether particular applications had been withdrawn or remained active. One disclosed exchange refers to a Privy Council Office request for a breakdown of ICA notifications/applications sent to Public Safety, including by sector and in a format similar to material prepared for a China summit. Another visible exchange discusses whether a withdrawn application should be treated as equivalent to the investor cancelling its application and therefore no longer seeking to complete the investment. Although the substantive investment files are almost entirely withheld, the release is useful for documenting the operational mechanics of ICA national-security screening: interdepartmental tracking, sectoral reporting, file certification, applicant-status questions, and routine Public Safety–Industry Canada coordination around foreign investment review files.
A-2012-00266: Public Safety Materials on Private-Sector Cyber Intrusions, Critical Energy Infrastructure, Cyber-Security Skills, and Government Cyber Roles (From January 1 2009 to October 22, 2012.) (Part 1 | Part 2) This split release package contains Public Safety Canada, Industry Canada, Defence R&D Canada, ICTC, and related materials from roughly 2010–2012 concerning cyber-security strategy, private-sector cyber intrusions, critical energy infrastructure protection, cyber-security labour-market capacity, and federal roles in protecting Canadian networks. The records include a draft discussion paper on defending the Canadian private sector from sophisticated cyber intrusions, media and internal correspondence about Canada’s cyber-security strategy, a substantial Defence R&D Canada report titled *Critical Energy Infrastructure Protection in Canada*, materials on the Canadian Security Telecommunications Advisory Committee, and an ICTC preliminary scan on cyber-security human resources in the digital economy.

Of note, the release links several strands of Canada’s early cyber-security agenda: improving private-sector resilience against advanced persistent threats, treating energy infrastructure as a national critical-infrastructure and continental-security issue, and identifying shortages in cyber-security professionals as a strategic constraint. The DRDC report is especially significant because it critiques the absence of a fully approved national critical-infrastructure strategy, fragmented governance, limited regulatory consistency, and reliance on voluntary public-private collaboration for energy-sector protection.

The ICTC materials add a labour-force dimension, arguing that cyber-security demand is growing across government, finance, communications, and critical infrastructure, and that Canada needs better skills mapping, training, recruitment, and industry-academic coordination. The release is useful for understanding how Public Safety and partner organizations were framing cyber security not only as an incident-response or government-network problem, but as a broader national resilience issue involving private-sector incentives, critical infrastructure governance, workforce development, telecommunications trust, and cross-sector collaboration.
A-2012-00265: Public Safety Materials on Early Development of Canada’s National Cyber Security Strategy, U.S. Cyber Policy, and Federal IT Security. This release contains Public Safety Canada and interdepartmental materials from 2009 concerning the development of Canada’s National Cyber Security Strategy before the public 2010 strategy was finalized. The records include draft strategy decks, briefing notes for senior officials and ministers, speaking notes for Bob Gordon, updates on U.S. cyber-security initiatives under the Obama administration, comparisons with U.K., Australian, and New Zealand approaches, Deputy Ministers Committee minutes, and Treasury Board materials on federal IT security. The package frames cyber security as a whole-of-government national security, economic security, critical infrastructure, and citizen-safety issue, rather than a purely technical IT matter.

Of note, the materials show the emerging three-part architecture that later shaped Canada’s strategy: achieving cyber integrity of government, protecting the economy and critical infrastructure, and combating cyber-facilitated crime while protecting citizens online. They also identify proposed elements including clearer federal cyber roles, stronger Government of Canada information systems, incident-response roles, security procurement, private-sector and critical infrastructure engagement, international collaboration, cybercrime/lawful access capacity, public awareness, and possible data breach reporting.

The Treasury Board materials are especially useful for understanding parallel work on IT incident management, proactive defence, consolidation of Internet access points, government security policy renewal, identity management, screening standards, and security governance. The release is useful for tracing the formative policy architecture behind Canada’s 2010 Cyber Security Strategy, including how officials drew on allied models, U.S. policy reviews, federal governance gaps, critical infrastructure interdependencies, and concerns about cybercrime, espionage, botnets, supply-chain trust, and public confidence in digital systems.
A-2012-00264: Public Safety Materials on Canada’s Cyber Security Strategy, DM Cyber Governance, Network Hygiene, CCIRC, and CSEC Roles (from January 1 2010 to October 22 2012.) (Part 1 | Part 2) This split release package contains Public Safety Canada, CSEC, Treasury Board Secretariat, and interdepartmental materials from 2010–2012 concerning implementation of *Canada’s Cyber Security Strategy* and federal cyber-security governance. The records include Question Period notes, ministerial statements and speeches, briefing material for international meetings, CCIRC notices to critical infrastructure partners, materials on cyber security in the Americas and Canada–U.S. cooperation, and a substantial January 2012 “DM Cyber” meeting package. The package shows Public Safety positioning cyber security as both a national security and economic security issue, organized around the Strategy’s three pillars: securing federal systems, partnering to secure systems outside the federal government, and helping Canadians be secure online.

Of note, the records document the creation and proposed mandate of a Deputy Ministers Committee on Cyber Security, including terms of reference, membership, quarterly meetings, and a role in setting priorities, monitoring implementation, and addressing emerging issues. The January 2012 DM Cyber materials focus on network hygiene, consolidation of Internet access points, Shared Services Canada, Treasury Board compliance mechanisms, CSEC technical guidance, and a roles-and-responsibilities dashboard for cyber-security activity across departments.

The CSEC briefing materials frame cyber threats as involving state espionage, organized crime, terrorist networks, low-level actors, malware, phishing, botnets, and advanced persistent threats, while emphasizing that there is “no silver bullet” and that persistent monitoring, shared responsibility, and cross-government collaboration are required. The release is useful for understanding how Canada was operationalizing its 2010 Cyber Security Strategy, clarifying federal cyber roles, aligning CCIRC and CSEC functions, and building senior-level governance for cyber incident response, network hygiene, critical infrastructure protection, public awareness, and international engagement.
A-2012-00249: Public Safety Materials on Foreign Acquisitions, Huawei/ZTE Telecommunications Security, CNOOC–Nexen, and Cybersecurity Communications (Records are between Jan. 1 to Oct. 15, 2012, related to company Huawei and espionage.) (Part 1 | Part 2) This split release package contains Public Safety Canada records from 2012 concerning national-security scrutiny of foreign investment, telecommunications infrastructure security, Chinese state-linked firms, and public communications around cyber and telecom risk. The records include media scans, internal emails, media lines, Question Period notes, CBC 60 Minutes transcript material, materials on the U.S. House Intelligence Committee report concerning Huawei and ZTE, records related to CNOOC’s proposed acquisition of Nexen, references to Australia’s handling of Huawei and proposed network-security reforms, and materials connected to Canada–U.S. cybersecurity cooperation. The package is primarily a communications and situational-awareness file, showing how Public Safety monitored and coordinated responses to press, parliamentary, and public scrutiny of Chinese investment and telecommunications-security issues.

Of note, the release shows officials treating Huawei/ZTE and CNOOC–Nexen as linked but distinct files: one focused on telecommunications supply-chain and cyber-security risk, and the other on foreign investment, state-owned enterprises, strategic resources, and the Investment Canada Act “net benefit” / national-security review context. Public Safety’s media lines repeatedly emphasize that Canada supports a competitive telecommunications sector, that all carriers are subject to Canadian law, that the government works with carriers to assess and mitigate risks to strategic telecommunications infrastructure, and that officials would not comment on specific security incidents or particular suppliers.

The records also show close coordination across Public Safety, Shared Services Canada, Industry Canada, CSE, CSIS, DFAIT, and media-relations teams, especially after U.S. reporting and the 60 Minutes segment on Huawei. The release is useful for understanding Canada’s early-2010s framing of telecom supply-chain risk, the politics of Chinese foreign investment, and the government’s effort to balance open markets, competition, national-security review, cyber resilience, and public messaging.
A-2012-00242: Public Safety Materials on Cybercrime, Canada–U.S. Information Sharing, Foreign Intelligence Sharing, Counter-Terrorism, and Afghan Detainees. This release contains Public Safety Canada, CSIS, RCMP, CBSA, and related records from 2011–2012 concerning several national security and cyber-security files. The records include a memorandum on Canadian impacts of an FBI-led cybercrime takedown involving malware-compromised systems, materials on Canada–U.S. information sharing under the Beyond the Border Action Plan, ministerial direction on CSIS information sharing with foreign entities, responses to House of Commons written questions on foreign information sharing, counter-terrorism strategy, Afghan detainees, and intelligence-gathering practices, as well as briefing material for a meeting with France’s national intelligence coordinator.

Of note, the cybercrime memorandum describes an FBI operation against a global network that had compromised 4.2 million systems, including approximately 100,000 in Canada, and records CCIRC’s role in notifying affected Canadian organizations and ISPs. The information-sharing materials are particularly significant: they document the 2011 Ministerial Direction to CSIS on “Information Sharing with Foreign Entities,” including decision-making where sharing could create a substantial risk of mistreatment, use of caveats or assurances, senior-level approvals, and limits on relying on information likely derived from mistreatment. The written-question responses show how Public Safety framed this policy as a government-wide response informed by the Arar/O’Connor and Iacobucci inquiries, human rights reporting, and obligations under Canadian and international law. The release is useful for understanding the post-Arar architecture of national security information sharing, the relationship between cybercrime response and critical infrastructure protection, and the federal government’s public positioning on counter-terrorism, environmental extremism, Afghan detainee-related intelligence, and Canada–U.S./Canada–France security cooperation.
A-2012-00164: Public Safety / CCIRC Materials on PHP cURL SSL Verification Vulnerability, Vulnerability Disclosure, and Media Response. This release contains Public Safety Canada and Canadian Cyber Incident Response Centre records from 2011 concerning a vulnerability advisory about insecure implementations of the PHP cURL CURLOPT_SSL_VERIFYPEER option in applications requiring SSL certificate verification. The records include CCIRC information-note drafts, internal email chains, vulnerability-disclosure coordination, correspondence with external researchers and affected organizations, PGP/encrypted communications, media-response planning, and follow-up questions from a freelance journalist.

Much of the operational, vendor, researcher, and affected-organization detail is redacted under security, personal information, and third-party/confidentiality exemptions. Of note, the technical issue was that some PHP applications or APIs used to establish TLS/SSL connections—particularly in e-commerce or payment-processing contexts—could disable or improperly implement certificate validation, leaving communications vulnerable to man-in-the-middle attacks and possible interception or modification of sensitive data.

CCIRC’s proposed advisory recommended that operators ensure CURLOPT_SSL_VERIFYPEER was set to true, verify certificate chains using appropriate CA information, review transaction-processing APIs, and ensure affiliated merchants or partners were implementing certificate verification properly. The records are also useful for understanding CCIRC’s vulnerability-disclosure posture: officials debated how to validate affected products, notify vendors or affected organizations, coordinate with researchers, use encrypted channels, and avoid publicly disclosing lists of notified companies. The media-response material emphasizes that CCIRC’s posting was framed as a routine stakeholder notification rather than a press release, that CCIRC did not provide operational spokespeople for routine notifications, and that private companies were ultimately responsible for awareness of cyber threats and the integrity of their systems.
A-2012-00146-2: All final briefing notes/memos delivered to the Minister from April 1 to July 30, 2012 (exclude cabinet confidence). Note that this only includes part 2 of the release; I lack access to part 1.
A-2012-00115: Public Safety Materials on Bill C-30 Media Response, Lawful Access Messaging, Parliamentary Strategy, and Proposed Amendments (Period: February 1, 2012 to March 1, 2012.) (Part 1 | Part 2) This split release package contains Public Safety Canada records from February 2012 concerning Bill C-30, the Protecting Children from Internet Predators Act, and the government’s response to intense public, media, civil society, and parliamentary criticism of lawful access. The records include internal emails, media monitoring summaries, press articles, stakeholder commentary, CACP materials explaining lawful access “through the lens of law enforcement,” draft House of Commons speeches, procedural advice on sending the bill directly to committee before second reading, and amendment-preparation templates. The package captures Public Safety’s effort to defend Bill C-30 as a modernization measure for interception capability, basic subscriber information, transmission data, preservation demands/orders, and cybercrime treaty implementation, while managing controversy over warrantless access, ISP obligations, costs, oversight, and Minister Toews’ public comments.

Of note, the records show officials closely tracking criticism from Michael Geist, privacy commissioners, opposition MPs, media commentators, and the public, while preparing lines that Bill C-30 would not authorize access to communications content, web-browsing history, or “monitoring” without judicial authorization. The CACP package argues that lawful access would give police needed tools while adding new audit, reporting, and access controls for basic subscriber information; it also includes case studies on child exploitation, fraud, abduction, threats, and interception-capability gaps. T

he parliamentary-strategy materials are also significant: officials expected Bill C-30 to be referred to committee before second reading, which would widen the scope of possible amendments, require rapid preparation of government and opposition amendment analyses, and allow the government to signal openness to changes after the bill’s damaging rollout. The release is useful for understanding both the substantive law-enforcement case for Bill C-30 and the communications/parliamentary damage-control effort that followed the bill’s public backlash.
A-2012-00113: Public Safety, RCMP, CSIS, and Partner Materials on Bill C-30, Basic Subscriber Information, Lawful Access, and Interception Capability. This release contains Public Safety Canada, RCMP, CSIS, Competition Bureau, and related interdepartmental materials from 2010–2012 concerning lawful access, Bill C-30, basic subscriber information / customer name and address information, interception capability, encryption, and media-response planning. The records include email chains, briefing notes, responsive issue notes, RCMP presentation materials, conference summaries, internal Q&As, examples prepared for ministers and media lines, and bilingual documents titled *Utility of Basic Subscriber Information*. The package largely supports the federal government’s case for lawful access legislation by assembling operational examples, statistical references, and policy arguments about inconsistent voluntary disclosure by telecommunications service providers.

Of note, the materials repeatedly frame basic subscriber information as important at the earliest stages of investigations, for general policing duties, child exploitation cases, emergency situations, suicide threats, abduction cases, fraud investigations, and CSIS threat-related inquiries. The RCMP presentation argues that lawful access consisted of two main components: telecommunications interception infrastructure obligations and access to customer name and address information, while asserting that such measures would respect the Charter. The Utility of Basic Subscriber Information document reports that, in a 2010 National Child Exploitation Coordination Centre sample of 1,244 requests, telecommunications providers supplied the requested information in 902 cases, refused without a court order in 53 cases, lacked the information in 227 cases, and did not respond in 53 cases, with an average response time of 13 days.

The records also show officials preparing responses to Michael Geist’s criticisms, media questions about PIPEDA and ISP requests, and questions about whether Bill C-30 would create warrantless access inconsistent with privacy expectations. The release is useful for understanding how Public Safety and policing/security partners built the evidentiary and communications case for Bill C-30 by emphasizing delay, inconsistency, regional variation, child-protection examples, and the operational limits of relying on voluntary cooperation from service providers.
A-2012-00076: Public Safety Materials on DRAP, Budget Implementation Act Amendments, CSIS Inspector General, SIRC, and Security Intelligence Review (Materials rom March 1, 2012 to June 21, 2012) produced by Public Safety concerning the Security Intelligence Review Committee’s assumption of duties that have previously been performed by the Inspector General of the Canadian Security Intelligence Service.(Part 1 | Part 2). This split release package contains Public Safety Canada materials from 2012 concerning the Deficit Reduction Action Plan, Budget Implementation Act amendments to the *CSIS Act*, and public/media lines on national security oversight. The records include Question Period notes, Q&As, media lines, “hot issue” notes, CSIS facts and figures, clause-by-clause explanations, and bilingual backgrounders on Canada’s security intelligence oversight bodies.

Of note, the central national-security issue is the elimination of the Office of the Inspector General of CSIS and the transfer of its core review/certification functions to the Security Intelligence Review Committee. The materials explain that the Budget Implementation Act would remove the Inspector General, transfer responsibility for producing the classified certificate on the CSIS Director’s annual report to SIRC, require SIRC to provide the Minister with reports of CSIS activities reviewed under sections 38 and 40 of the *CSIS Act*, and require SIRC to brief the Minister at least annually. Public Safety’s proposed line was that the change would consolidate review into a single organization, eliminate duplication, save approximately $785,000 per year, and preserve robust review because SIRC is arm’s length from government and has a broader mandate than the Inspector General.

The package also includes broader DRAP communications material for Public Safety Canada. These records state that departmental savings would be achieved through streamlining, consolidation, modernization, reduced contribution-program spending, closure of the Canadian Emergency Management College, changes to emergency-management programming, and internal-service efficiencies. The lines emphasize that Public Safety would remain focused on core safety and security priorities, that emergency management would remain a federal responsibility shared with other levels of government, and that frontline policing and core First Nations Policing Program functions would not be affected. The release is useful for understanding how Public Safety framed the 2012 consolidation of CSIS review, the fiscal rationale for eliminating the Inspector General, and the communications strategy used to defend DRAP reductions while maintaining that national security accountability and public safety functions would remain intact.
A-2012-00038: British Columbia Briefing Note on Lawful Access, Criminal Code Modernization, and Bills C-46/C-47. This release contains a four-page British Columbia Ministry of Public Safety and Solicitor General briefing note prepared for Solicitor General Kash Heed’s February 25, 2010 meeting with federal Public Safety Minister Vic Toews. The note addresses lawful access, organized crime’s use of new technologies, and proposed federal amendments to the Criminal Code and telecommunications obligations. It frames lawful access as involving both lawful interception of communications and search/seizure of information, supporting policing and intelligence activities at federal, provincial, municipal, and CSIS levels.

Of note, the briefing argues that existing Criminal Code wiretap provisions were drafted for voice communications and created ambiguity around whether electronic text communications—email, chat, SMS, PIN messages—fell within “private communication.” It recommends clarifying the definition so text-based communications could be obtained through warrants or general warrants rather than Part VI interception procedures. The note also stresses that some wireless providers were not retaining text-message data, which impeded investigations. Its summary of Bills C-46 and C-47 highlights preservation demands/orders, production orders for transmission data, tracking production orders and warrants, customer name and address / IP address identifiers, intercept-capability obligations for telecom providers, and new or amended offences involving online hate propaganda, harassment, unauthorized computer use, and arranging child sexual offences by telecommunications.

The release is useful for understanding British Columbia’s early-2010 position on lawful access: supportive of Criminal Code modernization, focused on investigative impediments created by new communications technologies, and attentive to the federal challenge of balancing investigative powers with privacy, human rights, and civil liberties.
A-2012-00024: Public Safety Materials on Telecommunications Supply Chain Risk, Foreign Investment Liberalization, and Lawful Interception. This release contains Public Safety Canada briefing materials from 2011–2012 concerning national security issues associated with the telecommunications sector. The records include a secret memorandum for the Senior Assistant Deputy Minister, draft slides on “security dimensions,” supply-chain consideration notes, and briefing material prepared for a senior Public Safety visit to the Netherlands, the European Union, NATO, and France.

Of note, the disclosed material shows Public Safety preparing for a May 2012 Privy Council Office meeting involving DFAIT, Industry Canada, Natural Resources Canada, Finance Canada, and Public Safety. The central issue appears to be how national security considerations should be reflected in a broader interdepartmental deck on telecommunications-sector policy, with Public Safety recommending that DFAIT include dedicated slides addressing national security issues in a more comprehensive format. Much of the substantive material is withheld under Cabinet confidence, international affairs, law-enforcement/security, advice, and third-party/confidentiality exemptions, but the released headings and fragments point to supply-chain risk, telecommunications-sector security, and the relationship between market liberalization and national security safeguards.

The later briefing template is more revealing. It identifies two issues for international engagement: the Dutch experience with lawful interception of Internet services, and increased foreign participation in the telecommunications sector. The Netherlands is described as having a robust lawful interception regime under which telecommunications providers may only offer commercial services if their associated networks have lawful interception capability. The EU is described as supporting open and competitive telecommunications markets, while Canada is described as considering options to liberalize foreign ownership restrictions in the telecommunications sector.

The proposed Public Safety line was not opposition to liberalization itself, but a desire to ensure that any opening of the sector was accompanied by appropriate security mitigation strategies and a properly regulated communications infrastructure. The release is useful for understanding how Public Safety linked lawful access, intercept capability, telecom foreign investment, supply-chain security, and national-security review in the period surrounding Canada’s lawful access and telecom liberalization debates.
A-2012-00016: Public Safety Materials on Cyber Security Strategy, Control Systems Security, CCIRC, Critical Infrastructure, and Cyber Governance. (Part I | Part 2) This split release package contains Public Safety Canada records from 2011–2012 concerning the implementation of Canada’s Cyber Security Strategy, control systems / SCADA security, critical infrastructure protection, cyber incident coordination, interdepartmental governance, and international cyber policy. The materials include control systems security workshop agendas and invitation packages, Public Safety cyber-security slide decks, Canadian Cyber Incident Response Centre materials, briefing notes for ADM and DM cyber committees, records on the transition of CCIRC into the National Cyber Security Directorate, Canadian Electricity Association engagement materials, an information-sharing MOU, OAG audit correspondence, and international briefing notes on cyber norms, cybercrime, and Canada’s cyber-security posture.

Of note, the release shows Public Safety positioning cyber security around three pillars: securing Government of Canada systems, partnering to secure systems outside the federal government, and helping Canadians be secure online. It documents regional SCADA and industrial control systems workshops held or planned in St. John’s, Montréal, Calgary, and other locations, with participation from Public Safety, RCMP, CCIRC, DHS, CSIS, Defence Research and Development Canada, private-sector experts, and critical infrastructure operators. The records also show CCIRC being integrated into the National Cyber Security Directorate, with emphasis on incident coordination, information sharing, malicious site takedown, malware analysis, compromised-system notification, vulnerability disclosure coordination, and development of a cyber community portal. Later portions of the package focus on senior governance: ADM and DM Cyber committees, network hygiene, departmental roles and responsibilities, Shared Services Canada, Treasury Board security policy, and efforts to clarify who leads during cyber incidents affecting federal systems, provinces, territories, critical infrastructure, or private-sector entities.

The release is useful for understanding Canada’s early post-2010 cyber-security implementation architecture: how Public Safety sought to operationalize the Cyber Security Strategy, build trusted relationships with critical infrastructure sectors, formalize information-sharing arrangements with the electricity sector, respond to OAG scrutiny of critical infrastructure protection, and participate in emerging international cyber-norms discussions following the London Conference on Cyberspace. It also captures the transitional nature of the period: roles between Public Safety, CSEC, TBS, SSC, RCMP, CSIS, DND, DFAIT, Industry Canada, and other actors were still being clarified, while officials were simultaneously developing governance committees, incident-response playbooks, public-awareness campaigns, sectoral partnerships, and international positions on cybercrime, cyber security, and cyber norms..
A-2012-00010: This document was filed to obtain information about the government of Canada’s lawful access and customer name and address policies, circa 2007-2011.
2012–Lawful Access Regulations Documents: This ATIP includes the regulations that were being proposed to apply to TSPs, should a lawful access bill including interception obligations pass the House: these are proposed regulations, as opposed to legislative language.
A-2011-00322: Public Safety Briefing for Ministerial Meeting with Vancouver Police Chief Jim Chu on Bill C-30 and Lawful Access. This release contains a February 2012 Public Safety briefing package for the Minister’s meeting with Vancouver Police Department Chief Constable Jim Chu. The materials include a secret memorandum, background on Bill C-10 and Bill C-30, a biography of Chief Chu, and suggested talking points concerning the Vancouver Police Department’s role in the lawful access initiative.

Of note, the briefing frames Bill C-30, the Protecting Children from Internet Predators Act, as legislation intended to update investigative and intelligence-gathering powers for modern communications. It notes that the Vancouver Police Department had been a strong supporter of lawful access for many years and played a lead role in lawful access research and communications. The memorandum argues that public and parliamentary criticism had misconstrued Bill C-30 as providing unlimited warrantless access to communications content, while Public Safety’s position was that the bill concerned technical capability to intercept communications and did not alter the Criminal Code authority required to do so. The package also addresses controversy over warrantless access to basic subscriber information, stating that critics confused identifying information—such as an email address—with access to the content of communications. The talking points thank Chief Chu for VPD’s continuing role, acknowledge criticism of Bill C-30, and include responsive lines on telecommunications service provider compensation and the development of a fee schedule with the RCMP, CSIS, and other agencies. The release is useful for understanding federal messaging to police stakeholders during the Bill C-30 controversy, especially the effort to defend lawful access as technical modernization rather than new warrantless interception power.
A-2011-00255: Public Safety Materials on 2007 Consultations for Customer Name and Address / Basic Subscriber Information Access: This release contains Public Safety Canada records from 2007 concerning proposed consultations on access to customer name and address information, often framed in the records as CNA or basic subscriber information. The materials include secret memoranda for the Minister and senior officials, international-comparison notes, lists of past and proposed consultation stakeholders, invitation letters, English and French consultation documents, briefing slides, and copies of privacy commissioner correspondence critiquing earlier lawful access proposals.

Of note, the records show officials developing a targeted consultation strategy after earlier lawful access consultations in 2002, 2005, and 2006–2007. The core policy issue was whether law enforcement and CSIS should have a clearer administrative route to obtain basic identifying information from telecommunications service providers, including name, address, telephone number, email address, IP address, local service provider identifier, and related device or subscriber identifiers. Officials framed the problem as inconsistent voluntary disclosure by providers, refusals or delays in some cases, and operational difficulty identifying suspects or victims at early investigative stages.

The package also shows awareness of privacy and civil-liberties objections, including concerns about warrantless access, subscriber databases, compelled service-provider assistance, cost burdens, auditability, and the risk that “basic” information could become sensitive when linked to online activity. Proposed safeguards included limiting the categories of information obtainable, restricting the number of officials with access, requiring written requests and documented purposes, internal protocols, audits, ministerial reporting, and potential review by privacy commissioners or SIRC. The release is useful for understanding the pre-Spencer design of Canada’s basic subscriber information proposals, including the government’s consultation planning, stakeholder-management strategy, international benchmarking, and effort to position CNA access as administratively bounded rather than content interception.
A-2011-00220: Public Safety Materials on Lawful Access, Privacy Commissioners’ Objections, and Communications Strategy. This release contains Public Safety Canada records from 2011 concerning lawful access legislation, privacy commissioners’ objections to former Bill C-52, and related communications planning. The materials include notes from the 12th Annual Privacy and Security Conference, correspondence from Canada’s federal, provincial, and territorial privacy commissioners and ombudsmen, Public Safety briefing notes and proposed responses, stakeholder-engagement notes, media lines, op-ed drafts, and press monitoring related to lawful access and Internet surveillance powers.

Of note, the records show privacy commissioners arguing that the lawful access package would expand state surveillance capacity, permit access to subscriber information without prior judicial authorization, create risks of fishing expeditions, and fail to provide adequate oversight—particularly where provincial or municipal police services could use powers not subject to review by the federal Privacy Commissioner. Public Safety’s internal materials respond by framing the legislation as a modernization initiative intended to let law enforcement and CSIS keep pace with changing communications technologies, while emphasizing that interception of private communications would still require judicial authorization and that subscriber-information access would be subject to administrative safeguards. The records also show officials preparing media lines and public responses to criticism from privacy commissioners, academics, civil-society groups, OpenMedia, and press coverage that characterized the proposals as “web surveillance” or “lawful access” overreach. The release is useful for understanding the 2011 federal lawful access debate, including the government’s privacy-protective messaging, the commissioners’ oversight and proportionality objections, and the communications effort to defend subscriber-information access and interception-capability obligations.
A-2011-00143: Public Safety and DND Materials on Modern Warspace, Cyber Operations, and Cyber Incident Coordination. This release contains Public Safety Canada and Department of National Defence materials from 2010–2011 concerning cyber policy, “modern warspace,” and federal cyber incident coordination. The records include Policy Connection briefing notes, a DND / Canadian Forces Cyber Task Force presentation titled Modern Warspace, and email correspondence involving the Canadian Cyber Incident Response Centre concerning a cyber incident or event that is largely withheld.

Of note, the DND presentation frames the cyber environment as an interdependent network of information technology structures, telecommunications networks, computer systems, embedded processors, software, and resident information. It emphasizes that “cyber” is not merely a tool but an operating environment layered across geography, physical networks, logical networks, cyber personas, and human personas. The materials identify adversaries as increasingly capable, willing, and sophisticated, including hacktivist, criminal, and state-sponsored actors. They also situate Canadian cyber planning alongside the Government of Canada Cyber Security Strategy, CSEC, CSIS, RCMP, DFAIT, U.S. Cyber Command, AUS/UK partners, NATO, and broader public-private and academic relationships. The release is useful for understanding how Public Safety and DND were conceptualizing cyber operations, cyber doctrine, whole-of-government coordination, attribution problems, resilience, international norms, interagency roles, and military cyber capability development in the early 2010s.
A-2010-00209: Public Safety and Interdepartmental Records on the Canada–U.S. Perimeter Security Vision. This release contains Public Safety Canada and interdepartmental records from 2010 concerning the development of a Canada–U.S. perimeter security vision that later became associated with the Beyond the Border agenda. The materials include email chains, draft declarations, comments from federal departments and agencies, proposed action-plan materials, meeting records, and a Secret memorandum for a Deputy Minister–Clerk meeting on the Canada–U.S. Border Vision and Perimeter Security Initiative. Of note, the records show Canadian officials coordinating draft language and proposed initiatives across Public Safety, CBSA, RCMP, CSIS, Transport Canada, DFAIT, Passport Canada/CIC, PHAC, Justice, and other federal partners.

The draft vision links security, mobility, economic competitiveness, border management, and resilience, while emphasizing respect for each country’s constitutional and legal frameworks, privacy, civil liberties, and human rights. Proposed areas of cooperation include joint threat and risk assessments, early threat identification, health-security cooperation, integrated entry-exit systems, cargo security, trusted traveller and trader programs, border infrastructure, document integrity and biometrics, countering violent extremism, cyber security, critical infrastructure protection, and next-generation integrated cross-border law enforcement. The release is heavily redacted, but is useful for understanding how the Canada–U.S. perimeter security agenda was being shaped before public announcement, including how departments framed sovereignty, privacy, information sharing, action-plan implementation, and the operational costs and benefits of deeper cross-border security cooperation.
Solicitor General’s Enforcement Standards (Non-Annotated and Non-Redacted) (Annotated) (Redacted). Current as of November 17, 2008.
Solicitor General’s Enforcement Standards for Lawful Interception of Telecommunications – Compliance Table (2007)
Any and all ministerial directions issued to the RCMP by the Solicitor General or the Minister of Public Safety and Emergency Preparedness concerning the conduct of national security related investigations. This set of documents includes three Ministerial Directions that are minimally (if at all) redacted. Specifically, they pertain to national security responsibility and accountability, to national security related arrangements and cooperations (largely discussing foreign arrangements), and to national security investigations in sensitive sectors (e.g., academia, politics, religion, the media, and trade unions with specific guidance regarding universities and post-secondary campuses). Dated October 31, 2003.
Solicitor General’s Enforcement Standards for Lawful Interception of Telecommunications – Compliance Table (Rev. 4/25/2001)
National Law Enforcement Standards (Rev. Feb 11, 1998)
Solicitor General’s Enforcement Standards for Lawful Interception of Telecommunications – Compliance Table (Rev. Oct 28, 1997)
Solicitor General’s Enforcement Standards for Law ful Interception of Telecommunications (Rev.Nov.95)

Royal Canadian Mounted Police

A-2021-03051: This includes some emails (uninteresting) about Huawei, copies of the 2020 Cyber Threat Assessment, and planning information associated with the public safety portfolio following the Biden Administration; this latter item, on pages 87-89, may provide some insights into the government’s thinking prior to Biden’s administration coming to power.
A-2018-RCMP-Technology: This ATIP broadly addresses issues of policing capabilities, new technologies, OSINT, as well as misclassification of criminal reports and border crossing information. Of note, on page 11 we find that “[p]olice powers in relation to other strategic priorities such as combatting organized crime, reducing youth involvement in crime, and economic integrity also continue to evolve. Police authority to use investigative techniques, such as access to social media accounts and phone records, while respecting privacy rights is still to be clarified. Technological advances present both opportunities and challenges to police. For example, police attempt to keep pace with technology available to cloak organizations and identifies both for their own use and to investigate crime and criminal organizations who make use of these technologies. These same technological advances also pose HR challenges for the organizations, as the RCMP must ensure that personnel have the skills sets necessary to adapt to working with rapidly changing technology.” Per page 11: “The RCMP is also being influenced by the Government’s focus on delivering results for Canadians, using evidence-based decision-making, and fostering accountability … This Policy requires departments to establish Departmental Results Frameworks (DRF), Program Inventories and Performance Information Profiles to foster resources expended in the process. These requirements are posing a particular challenge for the RCMP given the diversity of the organization’s programs and services, and the difficulty of developing meaningful performance indicators.” On page 19, we find that both reviews forthcoming for how the RCMP collects and handles open source intelligence (OSINT) as well as the Counter Technical Intrusion (CTI) Program. This latter program entails providing “technical security assistance to all federal departments, crown corporations and agencies.” Page 27 notes there will be a future audit of the RCMP’s use of unmanned aerial vehicles (UAVs) as well as an assessment intended to determine “whether the RCMP’s monitoring of closed national security investigations assesses as low-to-no risk is consistent with policy and process requirements.” Pages 77-78 report how severe the ‘misclassification’ of sexual assault reports are within the RCMP. “A total of 2,225 unfounded [sexual assault] files were reviewed and, as a result, it was concluded that 1,260 unfounded cases were misclassified and 284 files were identified for further investigation.” Per page 80, “[p]rior to 2017, RCMP information related to interceptions [capture of people irregularly crossing the border] was captured annually, and did no differentiate between interceptions related to asylum seekers and other forms of interceptions (e.g., human smuggling).” Pages 83-84 provide a set of tables which identify the precise numbers of irregular migrations that were intercepted by the RCMP at the border. Showcases that Quebec has a massive number of persons migrating irregularly (approx 18K in 2017, on similar track for 2018), followed by Manitoba (1K in 2017) and BC (700 in 2017).
A-2016-00215: This ATIP concerns the use of encryption as it pertains to law enforcement in Canada. This document summarizes to the Minister the difficulties that the RCMP has identified regarding its ability to capture information of suspected criminals. It is written with the intent of contrasting Canada with close allies, including the United States, UK, Australia, and New Zealand. The RCMP propose shifting the lawful access debate to one of ‘going dark’, with a focus on: interception capabilities, use of encryption by criminals, lack of ‘adequate’ data retention; and challenges of MLAT operating successfully. The RCMP make particular note of the encryption-related ‘going dark’ challenges; this stands in contrast to lobbying efforts it took in November 2016, where the head of the RCMP asserted that the agency was not seeking mandatory decryption capabilities, but that basic subscriber identification was a more prominent concern. Significantly, the RCMP notes that it and other agencies in Canada and abroad should speak with a common voice to develop ‘clout’ when facing off against technologists, academics, and civil society advocates. Such clout is needed to advance challenging legislation or regulatory solutions. Left unstated, such solutions might not require the government to first pass authorizing legislation, as was prior attempts to extend the SGES absent the Parliament first passing lawful access legislation. Dated February 2016.
2014 – RCMP-Lawful-Interception-Bills: Telecommunications Invoices for RCMP Lawful Interception and Subscriber/Network Requests. This release consists almost entirely of telecommunications invoices and account summaries from 2010–2012 connected to RCMP lawful-interception and investigative-support activities, primarily for the RCMP Special I Section / RCMP Halifax. The records include invoices from TELUS, Bell, Rogers, and Bell Aliant, with handwritten payment notes, received stamps, file-copy markings, and payment calculations. Rather than policy analysis or legal briefing material, the package is administrative and financial: it documents recurring vendor charges associated with interception support, phone searches, subscriber checks, account lookups, and related telecommunications assistance.

Of note, the TELUS invoices are the most operationally descriptive, with line items such as “phone search,” “intercept – wireless DNR,” “intercept – wireline DNR,” “intercept – PCS/Mike Part VI – East,” and occasional overtime or network-related charges. Rogers invoices show request-based billing categories such as address lookup, email, IMEI search, IP search, verbal requests, and non-chargeable variants, while other Rogers invoices appear to bill flat amounts tied to specific request references. Bell and Bell Aliant records are mostly account summaries and payment stubs, often annotated with amounts paid and references to monthly or prior balances.

The release is useful for documenting the administrative cost infrastructure behind lawful interception and telecommunications investigative support: it shows that RCMP units were routinely billed by carriers for subscriber, lookup, and interception-related services, with costs tracked through monthly invoices rather than only through high-level lawful-access policy debates.
A-2014-02766: Requests for Subscriber Information/TSP Production Order Costs (Annotated).
A-2012-01201: CPIC Reference Manual: Governance, Access Controls, Data Banks, Dissemination Rules, Security Requirements, and Criminal Record Query Procedures. This release contains the 2009 Canadian Police Information Centre Reference Manual, Revision 42-01. The manual explains CPIC’s structure, governance, data banks, agency-access categories, user transactions, confidentiality obligations, dissemination rules, system-security requirements, audit procedures, screening uses, service-level arrangements, and technical system architecture. It describes CPIC as a national police information system supporting operational information across four broad data-bank groupings: Investigative, Identification, Intelligence, and Ancillary data banks. The disclosed portions also include governance materials for the CPIC Advisory Committee and Information Technology Sub-Committee, lists of Category II and III agencies, the CPIC Code of Ethics, screening forms and procedures, service-level expectations, and detailed criminal-record and criminal-name-index query guidance.

Of note, the manual is especially useful for understanding CPIC as a controlled national law-enforcement information infrastructure rather than simply a database. It repeatedly stresses that CPIC information is confidential, supplied for law-enforcement or authorized purposes, and not a substitute for police judgment; a “hit” or query result must be confirmed before operational action is taken. The manual sets out layered access rules for police agencies, limited-law-enforcement agencies, and agencies assisting law enforcement, along with special restrictions on intelligence data, criminal record information, licensing/screening, vulnerable-sector checks, young persons, and hard-copy printouts. It also contains detailed safeguards: user identification, personnel screening, hard-disk and hard-copy handling, mobile terminal controls, virus protection, audit cycles, breach investigations, and record-validation responsibilities. The criminal-record sections are significant because they explain file statuses, retention/destruction rules, CRII/CRS/CNI query formats, response levels, cautionary warnings, and flagged pardoned sex-offender procedures.

Overall, the release is a valuable operational-policy snapshot of how CPIC governed access, accuracy, accountability, dissemination, and security for sensitive police information in the late 2000s.
A-2011-06549: Public Safety / RCMP Materials on Lawful Access Bills C-50, C-51, C-52, Bill C-47, Intercept Capability, Subscriber Information, and Cybercrime Convention Implementation. This release contains Public Safety Canada, Justice, RCMP, ODPP, DFAIT, and related materials from roughly 2009–2011 concerning the federal lawful access legislative package. The records include costing tables, bill summaries, Treasury Board-style funding materials, departmental annexes, RCMP briefing notes, Commissioner briefing material, CACP conference notes, speaking notes for Minister Peter Van Loan on Bill C-47, email chains coordinating lawful-access messaging and operational examples, draft media lines, a message-event proposal, backgrounders on “customer name and address” / basic subscriber information, and copies or summaries of Bills C-50, C-51, C-52, and C-47. The package frames lawful access as a response to technological change, cybercrime, child exploitation, organized crime, terrorism, and the need to ratify the Council of Europe Convention on Cybercrime and its Additional Protocol.

Of note, the materials show how the legislative package was divided into related but distinct components: Bill C-50 for streamlining warrants and public reporting on exceptional interceptions; Bill C-51 for transmission data, preservation demands/orders, production orders, tracking, number recorders, mutual legal assistance, and cybercrime treaty implementation; and Bill C-52 / earlier Bill C-47 for telecommunications intercept-capability obligations and basic subscriber information disclosure to designated police, CSIS, and Competition Bureau officials. The RCMP materials are especially useful because they identify operational pressures on the Technological Crime Program and Special “I” units, including digital evidence processing, forensic analysis, online covert research, interception support, preservation/production order assistance, malware/new-technology analysis, and international requests. The communications material is also significant: officials expected warrantless subscriber-information access to be controversial and developed lines emphasizing that the bills did not create new interception powers, preserved judicial authorization for content interception, imposed safeguards such as designated officials, records, audits, and reporting, and responded to ISP inconsistency in providing customer name/address information.

The release is useful for understanding the policy, operational, fiscal, and communications architecture behind Canada’s pre–Bill C-30 lawful-access agenda.
NCECC / RCMP Report 2007: Customer Name and Address Information Consultation. This October 2007 RCMP submission to Public Safety Canada, prepared by the National Child Exploitation Coordination Centre, addresses police access to customer name and address information from telecommunications and Internet service providers. The report argues that subscriber-identifying information linked to phone numbers, email addresses, and IP addresses was often needed at early investigative stages, especially in Internet-facilitated child sexual exploitation cases, but that police access depended on inconsistent voluntary cooperation from service providers. Of note, the report sets out a policing case for a legislated “administrative model” that would permit designated police officials to request basic customer identification information without obtaining a warrant, while imposing written-request requirements, limits on who could make requests, provider record-keeping, and possible audit or review mechanisms. The RCMP/NCECC position was that customer name and address information should not be treated as highly confidential or sensitive in the same way as communications content, and that delays or refusals from ISPs could impede urgent child exploitation investigations. The document is useful for understanding pre-Spencer law enforcement arguments for lawful access reform, especially the claimed operational problems around IP address attribution, voluntary disclosure, ISP retention practices, and the proposed separation between subscriber identification requests and judicially authorized access to more intrusive data. The release includes redactions and appears to append supporting comments and examples concerning child exploitation investigations.

Security Intelligence Review Committee (SIRC)

2017 – SIRC Letter on Oversight of CSIS Intelligence Sharing with Foreign Governments. This release contains a 2017 letter from Pierre Blais, then Chair of the Security Intelligence Review Committee, responding to questions from Privacy International, the BC Civil Liberties Association, CIPPIC, and Citizen Lab about oversight of intelligence sharing between Canada and foreign governments. The letter explains SIRC’s role as an independent external review body reporting to Parliament on CSIS activities, including whether CSIS uses its powers legally and appropriately. Of note, SIRC states that under section 17 of the CSIS Act, it must be provided with copies of written arrangements that CSIS enters into with foreign states, foreign institutions, or international organizations. The letter also states that SIRC had full access to information under CSIS control, except Cabinet confidences, and had adequate resources to review CSIS intelligence-sharing practices on an ongoing basis. It identifies SIRC reviews touching on information sharing, including review of CSIS’s relationship with a foreign partner and CSIS’s role in interviewing Afghan detainees. The letter is useful for understanding pre-Bill C-59 review arrangements for CSIS foreign intelligence sharing, including SIRC’s access powers, limits on sharing information with other review bodies, and the anticipated role of NSIRA in addressing gaps in cross-agency national security review.
2016-A-0000107_3: CSIS’s Use of Disruption to Counter National Security Threats. This June 2, 2010 Security Intelligence Review Committee study examines CSIS’s use of “disruption” activities in the course of national security investigations, covering the period from January 1, 2006 to December 31, 2008. SIRC recognized that disruption may occur as part of CSIS’s investigative activities and may sometimes be necessary to protect Canadians, but raised concerns that such activities can overlap with law enforcement functions, blur the line between intelligence collection and threat mitigation, and create risks of “mandate creep.” Of note, SIRC found that the Minister of Public Safety was not aware of CSIS’s efforts to engage in disruption in the reviewed matter, and that CSIS’s use of disruption had occurred without appropriate guidance. The study recommended that CSIS seek ministerial guidance and direction on the use of disruption and develop formal guidelines addressing issues such as acceptable proactive activities, the goals of disruption, approval levels, training, coordination with the RCMP, and lessons learned from previous disruption activities. The release is heavily redacted in places but is useful for understanding pre-Bill C-51 concerns about CSIS threat disruption powers, ministerial accountability, and the boundary between intelligence and law enforcement.

Shared Services Canada

A-2013-00020: Any and all reference to cyberhacker group Anonymous in reports and emails to and from CSEC dating from August 2011 to present (June 20, 2013). Page 202-203 reveals that the duty analyst doesn’t have PKI set up, and so SSC/CSE is asked to send relevant files to other person who will subsequently provide to the analyst. This showcases challenges in setting up encryption/PKI as a security measure. On page 220-223, SSC recommends to PSC that anonpast.me be taken down due to its being used to coordinate DDoS against GOC. PSC doesn’t immediately consent due to the high profile nature of the site; a call is to be set up to discuss equities.
A-2012-00049: Investment Canada Act and Foreign Takeover of Blackberry. This ATIP pertains to the Government of Canada’s Investment Canada Act, and the conditions under which Canada might reject a foreign takeover of RIM/Blackberry. Page 4 notes that ICA review takes place when a non-Canadian wishes to acquire control of an asset valued at $330 million (CAD) or more and page 34 includes the Minister’s briefing notes for discussion with new RIM CEO. These notes include a discussion concerning export controls/cryptography, though it’s not clear what, specifically, they spoke about beyond “administrative changes” by DFAIT. Dated December 2011 – March 2012.

Transport Canada

A-2012-00008: Issuance of UAV Licenses and Draft UAV Issue Paper. This ATIP contains answers to a reporter’s questions concerning the number of SFOCs that were issued (293 applicants and for approximately 1, 000 UAVs), media lines explaining relevant laws governing UAVs in Canadian airspace, training requirements, and recognition that LEAs can use drones “provided they comply with Transport Canada regulations and obtain the required SFOC” (13). Page 16 also details the number of SFOC applications that were rejected by region. The Issue Paper (pages 22-26) outline considerations for establishing restricted airspace for UAVs, as well as recommendations; many of these recommendations include ‘TBD’, which is indicative of the early stage of the government’s regulation of UAVs. Dated 2011-2012.

Treasury Board of Canada

Cabinet Committee on Priorities and Planning, June 8, 2010. This document outlines the business need and rationale for Treasure Board to approve funding enterprise communications and infrastructure upgrades for CSIS’ foreign stations communications. It is suggested that the Minister approves the dispensation of funds. Dated June 8, 2010.

Technology, Thoughts & Trinkets

Touring the Digital Though Type

ATIPs

Agriculture and Agri Food Canada

Canadian Armed Forces

Canadian Security Intelligence Service

Communications Security Establishment (CSE)

Department of Justice

Department of National Defence

Global Affairs Canada

Immigration, Refugees and Citizen Canada

Innovation, Science and Economic Development Canada (Industry Canada)

NSERC

Office of the Communications Security Establishment Commissioner

Office of the Privacy Commissioner of Canada

Privy Counsel Office

Public Safety Canada

Royal Canadian Mounted Police

Security Intelligence Review Committee (SIRC)

Shared Services Canada

Transport Canada

Treasury Board of Canada

Agriculture and Agri Food Canada

Canadian Armed Forces

Canadian Security Intelligence Service

Communications Security Establishment (CSE)

Department of Justice

Department of National Defence

Employment and Social Development Canada

Global Affairs Canada

Immigration, Refugees and Citizen Canada

Innovation, Science and Economic Development Canada (Industry Canada)

NSERC

Office of the Communications Security Establishment Commissioner

Office of the Privacy Commissioner of Canada

Privy Counsel Office

Public Safety Canada

Royal Canadian Mounted Police

Security Intelligence Review Committee (SIRC)

Shared Services Canada

Transport Canada

Treasury Board of Canada