Global News BC: Two high-level memos allege Beijing covertly funded Canadian election candidates https://globalnews.ca/news/9534893/high-level-memos-beijing-2019-election-candidates/ #globalnews #britishcolumbia #news #Chineseinterference #covertfunding #JustinTrudeau #11Candidates #2019election #Canada #NSICOP #CSIS

There is a lot of other valuable information about GAC's intelligence role in this report, but that about covers the CSE-related aspects.

I will make one final complaint about pointless redactions, however. On p 75-78 there is a case study of a kidnapping incident involving a Canadian from which almost all personal details have been redacted.

Maybe it's intended as a privacy thing, but it only takes about a minute on Google to fill in all those blanks.

#CSE #GAC #NSICOP

"Signals intelligence secure area" (SSA), by the way, is the Canadian SIGINT community's term for secure compartmented information facility (SCIF).

#CSE #GAC #NSICOP

"In 2017, GAC established a division within the Intelligence Bureau responsible for the management of highly classified communications at missions abroad. This Intelligence Access and Countermeasures section works closely with CSE to accredit and protect GAC's signals intelligence secure areas." (p 51-52)

The fact that "Intelligence Access" is included in the section's name may indicate that it also looks after the intercept sites at the missions.

#CSE #GAC #NSICOP

One of NSICOP's recommendations was probably aimed in part at this program (p 95):

"R3. The Minister of Foreign Affairs put in place comprehensive governance mechanisms for the Department's security and intelligence activities and for those that it supports or contributes to at partner organizations. Those mechanisms should better document processes and decision points to strengthen accountability and institutional memory."

#CSE #GAC #NSICOP

But NSICOP did manage to flag some concerns about GAC's role in the program in its notes about three of the redactions (p 45):

1. "The paragraph noted that the Department does not have any policies, procedures or documents to govern its involvement, and does not have any reporting requirements to the Minister"

2. "The paragraph noted challenges regarding the management of risk."

3. "The paragraph noted the Department's failure to inform the Minister of important issues."

#CSE #GAC #NSICOP

The next two pages of NSICOP's report (44-45) discuss a program that is ostensibly so secret that all information is redacted except for one sentence: "GAC states that it derives its authority for the program from the Crown prerogative." (p 44)

This is CSE's program of intercept facilities inside Canadian diplomatic missions, our equivalent of US Special Collection Service sites.

Apparently, we're going to pretend no one knows we do this sort of thing.

#CSE #GAC #NSICOP

Inside CSE, "the Cyber Operations Group and the Cyber Management Group oversee CSE's cyber operations. These are executive bodies, at the director- and director general-level respectively, that review and approve cyber operation plans and risk assessments. The Director of *** and the Deputy Chief of Signals Intelligence chair the respective committees, and membership depends on ***." (p 43)

#CSE #GAC #NSICOP

"In August 2019, the Minister of Foreign Affairs directed GAC officials to work with CSE to develop a formal governance mechanism to ensure CSE's cyber operations align with Canada's foreign policy and international legal obligations."

This led, in 2020, to the creation of "the CSE-GAC Active Cyber Operations/Defensive Cyber Operations Working Group and a comprehensive governance framework for consultation on cyber operations" (p 42)

#CSE #GAC #NSICOP

The election-related ACO was not conducted "because no specific state-led operations were detected", while the other two did not get done "due to operational restrictions arising from COVID". (p 41-42)

For more on the effect of the COVID-19 pandemic on the Canadian security and intelligence community, see https://luxexumbra.blogspot.com/2021/11/stress-tested.html

#CSE #GAC #NSICOP

CSE conducted one ACO to "disrupt the activities of terrorists and violent extremists."

The three ACOs not conducted sought: "to disrupt foreign cyber threats to the 2019 federal election"; "to counter the dissemination by specific terrorist groups of extremist material on-line"; and "to mitigate threats posed by foreign cybercriminal groups targeting Canadians" (p 41-42)

#CSE #GAC #NSICOP

"The Minister of National Defence issued CSE's first authorization for active cyber operations in 2019." (p 41)

Here the report is considerably more informative than previous statements by CSE or its watchdogs:

"Between 2019 and 2020, CSE planned four active cyber operations and carried out one." (p 41)

#CSE #GAC #NSICOP

The CSE Act also "allows CSE to conduct active cyber operations to degrade, disrupt, influence or interfere with the capabilities or intentions of foreign entities."

"In recognition of the foreign policy implications of these activities, the Act stipulates that the Minister of National Defence may issue this authorization only if the Minister of Foreign Affairs has requested or consented to its issue." (p 41)

This differs from DCOs, which require only consultation with GAC.

#CSE #GAC #NSICOP

All information about the committee, including its name, is redacted from the NSICOP report.

By contrast, a 2015 report by OCSEC (CSE's first watchdog agency) described the committee structure in detail, and this information was later released mostly unredacted to reporter Colin Freeze via Access to Information request A-2015-00082.

Some of the details may have changed since then, but if the information was releasable at that time, why not now?

#CSE #GAC #NSICOP

"In 2008, officials from participating organizations introduced a formalized governance model [for the s.16 program], which included a requirement to assess potential subjects against criteria linked to Canada's intelligence priorities and a permanent oversight committee structure (the *** Committee) with the responsibility to evaluate and endorse section 16 rationales before they are submitted for approval to the relevant ministers." (p 38)

#CSE #GAC #NSICOP

Under s.16 of the CSIS Act, CSIS can collect foreign intelligence "within Canada" on request of either the defence minister or the foreign affairs minister. This might entail monitoring the communications of an embassy in Ottawa, for example.

CSE often helps with technology, processing, and reporting of the resulting intelligence, and GAC plays a role as a requestor, assessor of foreign policy risk, and intelligence client.

#CSE #GAC #NSICOP

"Between *** and *** , CSE planned but did not conduct any defensive cyber operations, because separate defensive cyber measures taken by CSE obviated the need for the planned cyber operations." (p 26)

Although the dates were redacted, according to NSICOP's February 2022 report (p 96), no DCOs were conducted during the first two authorization periods (Sep 2019 - Aug 2021).

It would be interesting to know if any DCOs have yet been conducted.

#CSE #GAC #NSICOP

"At the operational level, GAC provides foreign policy risk assessments for all of CSE's planned defensive cyber operations. As part of its assessment of the proposed operation, GAC considers potential implications for Canadian interests, the operation's compliance with international law and cyber norms, alignment with broader foreign policy interests, the nature of the target (***) and whether the operations ***." (p 26)

#CSE #GAC #NSICOP

"The Minister of National Defence issued the first authorization for defensive cyber operations in *** 2019. CSE officials developed this authorization in consultation with GAC." (p 26)

Although redacted here, the date of the authorization was 5 September 2019, as reported by NSICOP in its February 2022 cybersecurity report (p 77): https://www.nsicop-cpsnr.ca/reports/rp-2022-02-14/intro-en.html

#CSE #GAC #NSICOP

The CSE Act also requires the Minister of National Defence to consult the Minister of Foreign Affairs prior to issuing an authorization for defensive cyber operations (DCO).

(DCOs are cyber operations designed to protect Canadian government networks or systems designated as being of importance to the government.)

#CSE #GAC #NSICOP