On July 19, 2023 the National Security and Intelligence Committee of Parliamentarians (NSICOP) released its annual report. The report continues the committee’s work of providing transparency around a number of the national security activities which are undertaken by the Government of Canada. This report assumes heightened importance because NSICOP’s authorizing legislation is now expected to undergo a 5-year review; this report is helpful in understanding what kinds of legislative reforms the Committee, itself, believes are important so as to maintain or enhance Canadian residents’ trust in the country’s national security agencies.
In this post I summarize the challenges that NSICOP believes face it, its proposed legislative reforms, and then briefly itemize notable aspects of reviews that are either underway or which have been concluded. Ultimately I believe that we can firmly state that NSICOP’s work has revealed important aspects of the Canadian national security community’s operations that were hitherto secret and, as such, the Committee’s members and staff are to be congratulated on their efforts over the past five years.
Challenges Facing NSICOP
NSICOP is reporting two key challenges.
First the government is not legislatively required to reply to the recommendations that are included in NSICOP’s reports. These recommendations are issued with the intent of “strengthening the policies, operations and accountability of the security and intelligence community.” While they may sometimes require the federal government to undertake additional activities NSICOP is hardly a ‘gotcha’ review body.
To its credit the government has begun to respond to some recommendations but the majority of those made by NSICOP have yet to be publicly taken up. Beyond indicating the effectiveness of NSICOP’s work—and thus ensuring that the public knows that NSICOP isn’t a paper tiger—responses from the government are important for unmasking some of the secrecy surrounding national security activities. Residents of Canada largely lack insight into the government’s national security policies. NSICOP’s recommendations, and how the government responds to them, provide some degree of light into an otherwise very dark and shadowy world.
Second the Committee is warning (again) that there is a serious issue around obtaining information to which the Committee is lawfully entitled. There are three stated situations where information is not being disclosed to NSICOP:
- Some departments have cited reasons outside the statutory exceptions found in the National Security and Intelligence Committee of Parliamentarians Act for not providing information that the Committee requested in past reviews
- Some departments selectively refused to provide relevant information, such as a departmental study, despite the Committee’s right of access under its enabling legislation
- The Committee is concerned that an overbroad legal definition of what constitutes a Cabinet confidence has had an impact on the Committee’s reviews
For any review agency to function it requires access to information that it is lawfully entitled to obtain, so as to assess agencies’ activities and provide meaningful recommendations or take other actions under its mandate. It is concerning that, in at least some cases, NSICOP reports that information it sought directly from organizations was only discovered through different sources, be they indirectly from third-party organizations or even from records released publicly under the federal Access to Information and Privacy regime.
Readers would be advised to consider the implications of the challenges facing NSICOP, and then place them alongside recent efforts by the National Security Intelligence Review Agency (NSIRA) to include a confidence statement with its recent reports due to NSIRA’s own challenges in sometimes obtaining the information it required to undertake its legislatively-mandated review functions. That both agencies have reported challenges in accessing documents raises questions about the review maturity of organizations which are now subject to national security review.
Proposed Legislative Reform
From a legislative reform standpoint, NSICOP is indicating that it will make two central submissions when called to discuss reforms to the NSICOP Act.
First, it will ask that the NSICOP Act be reformed to confirm that the Committee and its members can get improved access to information and, also, be able to better exchange information with other review bodies. This latter call—improved exchange of information—is notable and worth considering: where regulated agencies can coordinate amongst themselves it is imperative that their review agencies can, similarly, coordinate and exchange information. Such exchanges between review agencies serve multiple purposes, including:
- sharing information relevant to a review
- enabling better deconfliction processes
- letting review agencies better coordinate when they are simultaneously examining the same subject from the slightly different perspectives associated with their respective mandates.
Second, NSICOP is stating that it will request legislative changes to better align its composition with the United Kingdom’s Intelligence and Security Committee (ISC). Specifically, NSICOP believes that becoming a body of Parliament (and not of the executive branch) would “enhance the independence and efficiency of the Committee.”
For clarity, the UK’s ISC is a committee of Parliament with a statutory responsibility for the oversight of the UK intelligence community. In shifting to this model NSICOP would no longer operate within the executive branch—and, thus, perceived as being subject to executive capture—and enable members of the public as well as parliamentarians to recognize that the Committee’s members were not being gagged or otherwise manipulated by merit of NSICOP being housed within the executive branch.
The decision to create NSICOP as an executive branch body was seen at the time as a way to slowly develop trust and capacity between parliamentarians and reviewed intelligence agencies, as well as guaranteeing that parliamentarians did not inappropriately handle information. Some who once called for NSICOP to be within the executive have, since, shifted perspectives and believe it should be turned into a parliamentary body. It remains unclear, however, whether the federal government similarly believes this would be an appropriate modification to NSICOP.
Both of these reforms would constitute significant shifts in the ability of the Committee to undertake its activities and will deserve careful and close thought, and assessments of the extents to which these reforms would genuinely enhance NSICOP’s capacity to fulfill its mandate.
Recent and Underway Reviews
2022 saw NSICOP complete or initiate a number of notable reviews. These include:
- A Special Report on the Government of Canada’s Framework to and Activities to Defend its Systems and Networks from Cyber Attack (Completed)1
- A Special Report on the National Security and Intelligence Activities of Global Affairs Canada (Completed)
- A review of the lawful interception of communications of security and intelligence organizations and the “going dark” challenge (Ongoing)
- A review of the RCMP’s Federal Policing mandate (Ongoing)
None of NSICOP’s proposed reviews in 2022 were deemed injurious to national security, nor was information denied to the Committee based on these grounds. Twelve agencies were required to provide a copy of their annual reports as required under the Avoiding Complicity in Mistreatment by Foreign Entities Act. Twelve provided them to NSICOP, though they are not reviewed or assessed in the annual report.
NSICOP did not receive any referrals by minister of the Crown to undertake a review of a national security or intelligence matter.
A Special Report on the National Security and Intelligence Activities of Global Affairs Canada
This special report was tabled in November 2022. The annual report notes that “significant weaknesses” were found around Global Affairs Canada’s (GAC) internal governance of its foreign policy coherence role. Namely, this included a lack of “policies and few oversight committees” which NSICOP worried “may introduce weaknesses into the government’s assessment of foreign policy risk.” There were, also, concerns around the lack of Ministerial direction about how GAC collected intelligence around the world. There was also no formal process by which GAC informed its Minister of how it plays a role in relation to CSIS’ collection of intelligence. Relatedly, NSICOP was concerned by “the near total absence of governance and formalized reporting to the minister regarding GAC’s facilitator role.”
One of GAC’s key roles is to coordinate the government’s response to terrorist hostage taking. However, NSICOP found that:
GAC has a three-person team that supports an interdepartmental task force, but in twenty years the Department has done little to prepare for these incidents: there is no policy framework, no training, and no routine tabletop simulation exercises for the task force.
…
At best, GAC convenes implicated departments with much greater operational roles and specific accountabilities, and works to build a coherent approach without authority to direct a whole-of-government response. Part of the challenge is one of the Department’s own making: over the past 10 years, it has not developed the necessary policy, operational and training mechanisms for implicated government organizations to respond to such events coherently. Notwithstanding these gaps, the most significant problem is political: successive governments have failed to provide direction for a framework to address such critical incidents or provide specific direction on individual cases. Together, these challenges undermine the ability of the Department and its security and intelligence partners to respond effectively to hostage-takings.
Upon receiving the review GAC committed to reforms to respond to the issues identified by NSICOP.
Summaries and Recommendations of Prior Reviews
NSICOP’s annual report helpfully provides a listing of past reports that it has undertaken and allocates a page to each review. These summarize the issues taken up in a given report, identify the associated recommendations, and clarify the extent to which the government has (or has not) responded to each of them. The summaries, also, go so far as to indicate when legislation overtook particular recommendations, such as NSICOP’s proposal that the National Security and Intelligence Review Agency (NSIRA) be mandated to issue an annual report pertaining to the Department of National Defence/Canadian Armed Forces activities related to national security or intelligence.
Many of these reviews have drawn significant attention since they were released, such as NSICOP’s report on foreign interference (and which included the recommendation that combatting foreign interference include establishing “regular mechanisms to work with sub-national levels of government and law enforcement organizations, including to provide necessary security clearances”), but the summarization of these reviews is helpful for simply remembering all of the work that the Committee and its members have undertaken since its inception. It would be helpful for all review agencies to develop public timelines to include in their annual reports and on their websites; such timelines could just denote and link to all of the reports the review agency has completed (or begun) so that readers could better appreciate (and remember) their past and ongoing work.
I think that it’s important to highlight that, just one decade ago, these summaries alone would have been considered an amazing amount of detail that pulled the veil back on Canada’s national security activities. That we can read the summaries, as well as the redacted reports that are posted on the Committee’s website, is astounding when considering where Canada was in terms of national security transparency and accountability ten years ago. When combined with other reporting from NSIRA and the Intelligence Commissioner it is apparent that the public and parliamentarians alike are in a remarkably better situation to understand, assess, interrogate, and approve of (or call for the cessation of) the actions carried out by Canada’s national security agencies.
Conclusion
NSICOP has sometimes been on the receiving end of critiques or complaints, some of which have arguably been deserved and others less so. It is a body that has been severely tested by some public and political pressures. And it has been challenged in fulfilling elements of its mandate for reasons described in its 2022 annual report.
Nevertheless, the Committee and its members are to be congratulated for their efforts. They have worked to release information that hitherto has been kept secret from the public and parliamentarians. There remain challenges to overcome and more must be done to further enhance the public’s and parliamentarians’ understanding of national security agencies, challenges and threats facing Canadians institutions and organizations, and responses that the government has undertaken in response. Still, NSICOP has done much to educate the public since its inception and, if its legislation is reformed per its requests, I suspect the Committee could be even better situated to undertaking reviews while further raising the levels of awareness of national security issues.
- For my previous analysis of this report, see: “Unpacking NSICOP’s Special Report on the Government of Canada’s Framework and Activities to Defend its Systems and Networks from Cyber Attack” ↩︎
I co-authored a comment to the editors of the Globe and Mail, “
In our report, “
Red en Defensa de los Derechos Digitales (R3D) has released a 
Technology, Thoughts & Trinkets 