The Communications Security Establishment: An Unofficial Look Inside

by Bill Robinson

The Communications Security Establishment:

An Unofficial Look Inside Canada's Signals Intelligence Agency

Bill Robinson
Conrad Grebel College, Waterloo, Ontario,
Canada N2L 3G6
(519) 888-6541 x264
[email protected]

What is the Communications Security Establishment?

The Communications Security Establishment (CSE) is Canada's national Signals Intelligence (SIGINT) organization. SIGINT, as defined by the Canadian government, is ``all processes involved in, and information and technical material derived from, the interception and study of foreign communications and non- communications electromagnetic emissions.''[1] Subcategories include intelligence derived from communications, also known as Communications Intelligence (COMINT), intelligence derived from non-communications emissions such as radar, also known as Electronics Intelligence (ELINT), and intelligence derived from the telemetry transmissions of missiles or other equipment undergoing testing, also known as Telemetry Intelligence (TELINT). Note that SIGINT is restricted to foreign emissions under the Canadian government definition.

Strictly speaking, CSE is only part of Canada's SIGINT effort. A civilian agency of the Department of National Defence, CSE processes SIGINT, produces analyses, and disseminates reports to Canadian and allied consumer agencies. The actual collection of the SIGINT, however, is conducted by the Canadian Forces Supplementary Radio System (SRS), a component of the Canadian Armed Forces that operates under the direction of CSE.

CSE and the SRS in turn work in close co-operation with the giant American and British SIGINT agencies, the National Security Agency (NSA) and Government Communications Headquarters (GCHQ), Australia's Defence Signals Directorate (DSD), New Zealand's Government Communications Security Bureau (GCSB), and a number of other SIGINT agencies in a global intelligence alliance known informally as the UKUSA community. CSE maintains permanent liaison officers at NSA HQ at Fort Meade, Maryland (CANSLO/W) and GCHQ in Cheltenham, UK (CANSLO/L). There are also NSA and GCHQ liaison officers at CSE HQ (SUSLO/O and BRLO, respectively). For more information about NSA, see the official NSA homepage or the much more informative Federation of American Scientists NSA homepage. For more information about GCHQ, see the official GCHQ homepage or the IntelWeb GCHQ page. CSE and DSD also have official homepages.

Overview and Brief History

CSE began existence as the Communications Branch of the National Research Council (CBNRC). Authorized by Order-in- Council 54/3535, dated 13 April 1946, it was the direct descendent of Canada's wartime military and civilian SIGINT processing operations, which also had worked in close co-operation with their American and British counterparts.[2] Officially born on 1 September 1946, it began operations on 3 September 1946.

In 1947, CBNRC took on the additional responsibility of serving as the Canadian government's communications-electronic security (COMSEC) agency. Prior to 1947, the government's encryption systems and keys had been provided by the United Kingdom. ``This arrangement,'' the History of CBNRC noted dryly, ``did not guarantee the privacy of Canadian government classified communications.''[3] CSE continues to bear both SIGINT and COMSEC responsibilities today (the latter responsibility is now listed as the somewhat broader category Information Technology Security (INFOSEC)). For more about CSE's INFOSEC mandate and current INFOSEC activities, see the official CSE homepage.

On 1 April 1975, CBNRC was transferred from the National Research Council to the Department of National Defence and its name changed to the Communications Security Establishment. At the time of its transfer, CBNRC/CSE had about 590 personnel. A major buildup during the period 1981-1990 left CSE at its current strength of about 900.[4]

Additional information about CSE's staff is located on the employee strength and authorized establishment page.

The history of cryptanalysis (codebreaking) at CSE. More about CSE's history.

The current Chief of CSE is A. Stewart Woolner. Under the Chief are four Directorates (SIGINT Production; Technology; INFOSEC; and Corporate Services), each headed by a Director-General. Each Directorate, in turn, contains a number of Groups, each headed by a Director. An approximation of CSE's overall organization is depicted in this organization chart.

Budget

CSE's fiscal year 1997-98 budget is $115.7 million, down slightly from the $117.1 million spent in FY 96-97. (These figures do not include the budget of the Supplementary Radio System.)

CSE appears to have weathered the end of the Cold War remarkably well. In May 1995, CSE Chief Stewart Woolner testified that CSE's 95-96 budget (then estimated at $113 million) was about ten percent lower in real dollars than its 90-91 budget, implying that its 90-91 budget was about $116 million (i.e., about $125 million in 1995 dollars). If this statement can be taken at face value, it would appear that CSE's budget remains only about 10 percent below its Cold War peak level. CSIS's budget, by comparison, is close to 30 percent below its Cold War peak.

In fact, CSE's budget almost certainly weathered the end of the Cold War even better than these figures would indicate. Woolner neglected to mention in his testimony that 1990 was the peak year for CSE's spending on "Annie," the new wing of the Sir Leonard Tilley building that was completed in 1992. The extra funding added for this project may have boosted CSE's budget by as much as 15 percent over its normal level during that year. Excluding special projects such as this, CSE's budget probably remains at or very near its Cold War peak.

This somewhat surprising conclusion is supported by the minutes of the September 1994 meeting of the Cryptologic Resource Coordination Group, which "observed that, although DND's budget as a whole is decreasing, CSE's is holding its own." This meeting also reported that CSE's budget was projected "to grow by about 7% over the next five years" (essentially enough to continue covering inflation). This plan was noted to be subject to the government intelligence review then underway, as well as DND's own program review, but the 1997-98 budget suggests that this plan remains essentially intact.

The same conclusion can be drawn from an examination of Annex 4B of DND's Defence Planning Guidance 1997, which shows that DND expects the CSE-controlled budget to grow by about 9 per cent between FY 1997-98 and FY 2001-02. [Note, however, that the figures provided in Annex 4B do not include CSE's entire budget. Statutory personnel spending (benefits, etc) is not included. In addition, for reasons currently not obvious to me, some percentage of operations and capital spending is not included. Somebody, splain me this!]

It is undoubtedly true that CSE has faced real budgetary constraints since the end of the Cold War. But the claim that CSE has suffered significant reductions since the end of the Cold War appears to be a myth. Reallocations from capital and operations spending have enabled CSE to maintain a staff of 892 full-time equivalents (FTEs), virtually the same as the 896 it had in 1990-91 and 50 percent more than it had in 1980. Since progress in automation continues to reduce the number of staff in CSE's Communications Centre and other support roles, the number of analysts at CSE is actually likely to have increased since the end of the Cold War. And, if the 1995-96 record is any indication (actual spending of $123.9 million, compared to the $113 million originally estimated by Woolner), funding for special projects continues to be available when judged necessary.

Supplementary Radio System

Canada's SIGINT collection (as opposed to processing) has always been conducted predominantly by military personnel. Small-scale SIGINT collection for the British Royal Navy began in 1925, but collection for Canadian processing began with the Second World War. (The officially recognized birthday of Canada's SIGINT collection service is 8 May 1938, the day the Minister of National Defence approved the creation of a Canadian "Wireless Intelligence Service".) All three services operated SIGINT collection facilities during the war, and all three continued to collect SIGINT after the war.

A unified collection organization, the Supplementary Radio System (SRS), was created in 1966 as part of the unification of the Canadian Armed Forces. The mission of the SRS is:

"To operate and maintain Signals Intelligence (SIGINT) collection and geolocation resources in support of the Canadian cryptologic programme;

"To operate and maintain Canadian Forces radio frequency direction finding facilities in support of Ocean surveillance, Search and Rescue and other programmes; and

"To provide Signals Intelligence, geolocation and Electronic Warfare support to Military Operations, including tactical SIGINT and Electronic Warfare (EW) support to commanders in the field."

As of the beginning of 1997, the strength of the SRS was reported to be 1025: 112 civilians (mainly support staff at the SIGINT stations) and 913 military personnel.[5] Approximately 785 of the latter were members of the Communicator Research (291) trade, i.e., the actual intercept operators. These numbers are down significantly from the beginning of the 1990s, a result of the end of the Cold War, the closing of the SRS intercept station at Bermuda, and the conversion of three other intercept stations - Alert, Gander, and Masset - to remote operations. Communicator Research training takes place at CFB Kingston.

Policy, Operational and Administrative Control

Control over Canadian SIGINT activities is divided, with policy and operational control exercised by Cabinet and the Privy Council Office, and administrative control exercised by the Minister and Deputy Minister of National Defence: ``The Chief of CSE is accountable to the Deputy Minister of National Defence for financial and administrative matters, and to the Deputy Clerk (Security and Intelligence, and Counsel) in the PCO for policy and operational matters.''[6]

In practice, policy and operational control is exercised by the Deputy Clerk (Security and Intelligence, and Counsel) and the Intelligence Advisory Committee, both of the Privy Council Office, working under the direction of the Interdepartmental Committee on Security and Intelligence (ICSI) and, ultimately, the Cabinet. ``The ICSI maintains general policy control over all aspects of the collection, processing and dissemination of SIGINT and exercises this control through the Intelligence Advisory Committee (IAC) for national SIGINT, and the Canadian Forces for tactical COMINT and ELINT.''[7] The Chief of CSE is an associate member of the ICSI.[8]

Among its other duties, the IAC ``co-ordinates the Canadian SIGINT program with other national intelligence activities and formulates guidance, requirements and priorities for the provision of SIGINT product.''[9] (Some user requirements are also provided to CSE bilaterally by SIGINT customer departments.)

Administrative control is exercised by the Minister and Deputy Minister of the Department of National Defence. ``The Minister approves CSE's major capital expenditures, its annual Multi-Year Operation Plan, and (with CCSI [the then-existing Cabinet Committee on Security and Intelligence]) major CSE initiatives with significant policy or legal implications.''[10]

The Minister of National Defence is the member of Cabinet accountable to Parliament for CSE.[11] It is the responsibility of the Deputy Clerk (Security and Intelligence, and Counsel), ``in co- operation with the deputy minister of National Defence, to ensure the Minister of National Defence [is] knowledgeable about matters of CSE, and able to respond to any questions that would be put on that subject.''[12] In practice, however, it is likely that few ministers of National Defence ever obtain a detailed knowledge of the nature and activities of CSE. Former Minister of National Defence Jean- Jacques Blais has stated, for example, that ``my knowledge of the Communications Security Establishment was very superficial indeed when I was minister of defence.''[13]

Control over INFOSEC activities is organized similarly, except that it is exercised through the Security Advisory Committee of the PCO instead of the Intelligence Advisory Committee.

Mandate

The formal mandate of CSE is a classified document, presumably approved by the Cabinet; it has never been laid out in statute. As demonstrated above, however, the general nature of CSE's mandate is not secret. IAC SIGINT Memorandum No. 1 confirms that ``the Communications Security Establishment (CSE) of the Department of National Defence has been established as the Canadian National SIGINT Centre, and has been given the responsibility for providing SIGINT to meet the needs of the Federal Government.''[14] What remains secret is the extent to which the communications of Canadians are considered to fall within the SIGINT needs of the Canadian government.

The Canadian public has been told on a number of occasions that CSE's formal mandate restricts it to the collection of ``foreign intelligence''.[15] The government's definition of SIGINT, quoted at the beginning of this page, would appear to confirm this assurance.

It is almost certainly significant, however, that the government definition of ``foreign'' communications has never been made public; it was deleted in its entirety from the released version of IAC SIGINT Memorandum No. 1. Depending on the precise definition that the government uses, such communications might include:

any communication that originates and/or ends in a foreign country, regardless of the nationality of its participants; any communication that involves foreign embassies, foreign-owned businesses, or other foreign-related activities in Canada, regardless of the nationality of its participants; and/or any communication that involves at least one foreign participant.

There is reason to believe that the government's definition does include at least some of these meanings. For example, then- Solicitor General Robert Kaplan stated explicitly in his 1984 testimony that CSE could, under certain circumstances, ``intercept signals that begin and end in Canada, that begin in Canada and end abroad or the reverse.''[16]

It would appear, therefore, that CSE's ``foreign intelligence'' mandate does permit it to intercept many types of communications that do involve Canadian participants. In fact, the Department of National Defence has admitted that CSE occasionally intercepts communications that involve or contain information about Canadians: ``CSE targets only foreign communications, which, on rare occasions, contain personal information about Canadian citizens and landed immigrants.''[17] In addition, the government has confirmed that CSE maintains a data bank, DND/P-PU-040, ``Security and Intelligence Information Files,'' that contains ``information concerning [Canadians] identified as potential risks to national security.''[18] Nevertheless, the issue of how often and how systematically CSE can and does intercept the communications of Canadians remains unresolved. More on CSE and Canadian communications.

CSE/SRS Facilities

CSE Headquarters, Sir Leonard Tilley Building, Ottawa (CSE also has offices in the Insurance Building, three floors of the Billings Bridge Tower (formerly SBI Building), and the ``warehouse'' on Merivale Road) ``Kilderkin'' intercept site, Ottawa (monitors Russian embassy) CSE intercept sites at Canadian embassies and consulates (locations secret) SRS Headquarters, Tunney's Pasture, Ottawa CFS Alert, Ellesmere Island, NWT (operates SIGINT collection and Pusher high-frequency direction-finding (HF-DF) antennae; intercepts mainly ex-Soviet air force, air defence force, and other military communications) CFS Leitrim, Ontario (just south of Ottawa; operates SIGINT collection and Pusher HF-DF antennae; also four satellite monitoring dishes; intercepts diplomatic communications in/out of Ottawa and some satellite communications; also supports other SIGINT stations) CFS Masset, BC (operates SIGINT collection and AN/FRD-10 HF-DF antennae; intercepts mainly maritime military communications; part of the US Navy's worldwide BULLSEYE HF-DF net 770 Communications Research Squadron, CFB Gander, Newfoundland (operates SIGINT collection and AN/FRD-10 HF-DF antennae; intercepts mainly maritime military communications; part of the BULLSEYE net) 771 Communications Research Squadron, located at CSE HQ, Ottawa SRS Detachment, NSA headquarters, Fort Meade, Maryland, USA (formerly located at US Army Field Station Augsburg, Germany) SRS Detachment, Medina Regional SIGINT Operations Centre (RSOC), San Antonio, Texas, USA CFB Kingston, Ontario: E Squadron, CF School of Communications and Electronics (conducts SRS intercept operator training, including Russian and other language training) and 1 Canadian Signals Regiment SRS members also serve on exchange at various US Navy (Naval Security Group) BULLSEYE net sites in the United States; a comparable number of USN personnel serve at Canadian sites.

See also the complete list of postwar Canadian SIGINT sites.

New Targets?

The end of the Cold War and dissolution of the Soviet Union have made CSE's Soviet military targets less important than they once were. As a result, CSE has almost certainly been under pressure either to shrink or to find new targets. Some shrinkage has taken place, but CSE/SRS appears to have survived the end of the Cold War largely intact. This suggests that CSE has managed to convince the government that SIGINT production remains at least as important as it was during the Cold War. It is likely that Russia remains CSE's predominant target, but the agency's gradual move into embassy collection and the intercept of satellite communications indicates that new targets have also been added over the past decade, such as the often hyped, but in my opinion almost certainly overblown, "economic" targets.

For obvious reasons, the identity of these new targets has not been revealed. It is almost certain, however, that many of them are located among the growing volume of civilian (non-governmental) traffic. Traffic carried on the communications satellites that serve Latin America is more likely to be the target of this expansion than Canadian traffic is, but any step towards the more systematic monitoring of civilian communications should be of concern. Who will be targeted next?

Recent Steps Toward Oversight

Unlike CSIS, which has the SIRC, CSE has never had any form of independent oversight organization to ensure that its invasive powers are not abused. In recent years, the establishment of an independent oversight committee has been recommended both by the Special Committee on the Review of the Canadian Security Intelligence Service Act and the Security Offences Act and by the SIRC itself.[19] The response of the Mulroney government was that ``a broad accountability system for CSE is in place.''[20] This ``system,'' however, was no more than CSE's normal relationship with the officials at ICSI and DND who have responsibility for the SIGINT program. As the record of the RCMP Security Service, and later CSIS, demonstrated, intelligence agencies cannot be relied upon to police themselves.[21]

The Chretien government initially also maintained that CSE did not require independent oversight. To its credit, however, on 21 March 1995 it permitted the passage of a motion by MP Derek Lee calling on the government to "establish an independent external mechanism to review the operations of the Communications Security Establishment, CSE, similar to the role played by the Security Intelligence Review Committee for the Canadian Security Intelligence Service, and table a report annually in the House."[22] The following day, Defence Minister David Collenette announced that the government would indeed establish such a mechanism. He did not, however, provide any details of the government's plans, stating only that, "in principle, the government supports an oversight mechanism for the CSE."[23]

Fifteen months later, on 19 June 1996, Collenette announced in the House of Commons that the government "has appointed Mr. Claude Bisson, former chief justice of Quebec, under part II of the Inquiries Act, as the first commissioner for the Communications Security Establishment. He will have full access to all materials, records and documentation. He will make an annual report to me as minister which I in turn will make to Parliament."[24] See the government's news release for a few additional details.

The CSE Commissioner can be reached at:

Office of the Communications Security Establishment Commissioner
P.O. Box 1984, [that's right, 1984]
Station 'B',
Ottawa, Ontario, Canada
K1P 5R5

The Commissioner's first annual report was released in April 1997. In it, Mr. Bisson reported that "I am of the opinion that CSE has acted lawfully in the performance of its mandated activities during the period under review. I am also satisfied that CSE has not targeted Canadian citizens or permanent residents."[25]

This statement, unfortunately, almost duplicates the very carefully worded statements made by the government on numerous occasions - reinforcing concern that as much is being concealed by this response as is being revealed. (See, for example, the following statement by the Hon. Sheila Copps, made to the House of Commons on 20 October 1994: "the activities of the CSE are totally subject to Canadian laws, including the Criminal Code, the Canadian Human Rights Act, the Privacy Act and the Charter of Rights and Freedoms, and they obey the law.") The invariable emphasis placed on legality, in particular, seems to be disingenuous, since a look at the laws governing eavesdropping suggests that a wide range of activities that have the potential to constitute incredible invasions of Canadian privacy could in fact be conducted legally by the government, if it chose to do them. In this respect, it is disquieting that the Commissioner's mandate is limited explicitly to reviewing the activities of CSE "for the purpose of determining whether they are in compliance with the law." Is this a mandate to oversee or to overlook?

My view is that a truly effective oversight mechanism would require:

an independent, non-partisan, and adequately-funded staff (along the lines of the SIRC model);

statutory oversight powers affording full access to the personnel and files of CSE, SRS, related agencies, and their activities;

the power to examine all SIGINT acquired by the Canadian government, whether collected by CSE, SRS, other Canadian organizations, corporations, or individuals, or foreign governments, corporations, or individuals;

the power to examine, and make recommendations on the reform of, the legal and policy regime pertaining to SIGINT activities (i.e., not just to examine compliance with the existing legal regime) in order to provide the greatest protection possible for the privacy of Canadians while not unduly limiting Canada's ability to collect essential intelligence; and

the power to report to the Prime Minister and Cabinet whenever it deems necessary, and to make an annual public report.

A number of other reforms also would be useful, including:

the establishment of an explicit, statutory mandate for CSE (and for Canadian SIGINT activities in general), providing a legal definition of foreign intelligence and prohibiting the collection of non-foreign intelligence, except as mandated under the CSIS Act; clarification and reform of the laws pertaining to the interception of communications (including the establishment of a requirement for judicial warrants for the interception of any communication known to begin and/or end in Canada);

a legal prohibition on the receipt of any information that it would have been illegal for the Canadian government itself to collect; and

the implementation of security measures (such as the use of bulk encryption) to protect the communications of Canadians from interception by other Canadian or foreign agencies, corporations, or individuals.

Endnotes

[1] Kevin O'Neill, ed., History of CBNRC, 1987, Chapter 2, Annex G (IAC SIGINT Memorandum No. 1, CONTROL OF SIGNAL INTELLIGENCE (SIGINT) IN CANADA, 24 August 1977), released in severed form under the Access to Information Act.

[2] For more information on Canada's wartime SIGINT activities, see John Bryden, Best-Kept Secret: Canadian Secret Intelligence in the Second World War, Lester Publishing, 1993.

[3] History of CBNRC, Chapter 17, p. 2.

[4] Ward Elcock, testimony, Minutes of Proceedings and Evidence of the Sub-Committee on National Security, 15 June 1993, p. 11:9; Statement by Margaret Bloodworth, Deputy Clerk, Security and Intelligence, to Standing Committee on National Defence and Veterans Affairs, 2 May 1995.

[5] CANADIAN FORCES SUPPLEMENTARY RADIO SYSTEM, Department of National Defence, 21 January 1997.

[6] On Course: National Security for the 1990s, Solicitor General, 1991, p. 54.

[7] History of CBNRC, Chapter 2, Annex G.

[8] Ward Elcock, testimony, Minutes of Proceedings and Evidence of the Special Committee on the Review of the Canadian Security Intelligence Service Act and the Security Offences Act, 24 April 1990, p. 27:9.

[9] History of CBNRC, Chapter 2, Annex G.

[10] On Course, p. 54.

[11] On Course, p. 54.

[12] Blair Seaborn, testimony, Minutes of Proceedings and Evidence of the Special Committee on the Review of the Canadian Security Intelligence Service Act and the Security Offences Act, 20 February 1990, p. 16:9.

[13] Quoted in Peter Moon, ``Spy agency left minister in dark,'' Globe and Mail, 3 June 1991, p. A4. Elsewhere Blais has commented that ``While I had responsibility for the estimates presented to Parliament, that responsibility did not extend to the exercise of ministerial control over the CSE. In practice the control was bureaucratic, in my view short-circuiting the principle of political accountability on which our democracy is founded.'' (Jean Jacques Blais, ``Committee should be expanded to review other agencies,'' Ottawa Citizen, 2 July 1992, p. A11.)

[14] History of CBNRC, Chapter 2, Annex G

[15] See, e.g., Minister of State (External Relations) Jean-Luc Pepin, testimony, Proceedings of the Special Committee of the Senate on the Canadian Security Intelligence Service, 22 September 1983, p. 19.

[16] Robert Kaplan, testimony, Minutes of Proceedings and Evidence of the Standing Committee on Justice and Legal Affairs, 5 April 1984, p. 11:68.

[17] Letter from Commander F.B. Frewer, Director Public Affairs Operations, National Defence, to Peter Moon, 15 April 1991.

[18] Personal Information Index 1988, 1988, p. 47- 3.

[19] In Flux But Not in Crisis, report of the Special Committee on the Review of the Canadian Security Intelligence Service Act and the Security Offences Act, September 1990, pp. 152-3; Annual Report 1988-89, Security Intelligence Review Committee, 1989.

[20] On Course, p. 55.

[21] There is little reason to expect that CSE has been any more reliable in this respect. See, for example, the allegations in the book Spyworld (Mike Frost and Michel Gratton, Spyworld: Inside the Canadian and American Intelligence Establishments, Doubleday Canada, 1994) concerning the interception of Quebec government communications. In 1991, ``former CSE employees and other sources,'' told the Globe and Mail that ``in the past the agency routinely broke Canadian laws in the collection of intelligence involving Canadians.'' (Peter Moon, ``Secrecy shrouds spy agency,'' Globe and Mail, 27 May 1991, pp. A1, A4.) This allegation has not been proven, but a disquieting example of CSE failing to follow appropriate procedures and respect the rights of one of its own employees is on the public record in Muriel Korngold Wexler, Record of Decision (file 166-13-17850), Public Service Staff Relations Board, 12 March 1990. This document includes a detailed description of the mistreatment and eventual unjust firing of CSE cryptanalyst Edwina Slattery during the 1980s. It should be noted that Ms. Slattery considers the Record of Decision's description of the events surrounding her firing to be inaccurate in many respects, notwithstanding the fact that it supported her claim that she had been unjustly fired and recommended that she receive compensation equivalent to two years' pay. Ms. Slattery continues to pursue the case in the Federal Court of Canada.

[22] House of Commons Debates, 21 March 1995, pp. 10815- 10820.

[23] Tu Thanh Ha, ``Secretive agency to be more open, Collenette says,'' Globe and Mail, 23 March 1995, p. A5.

[24] House of Commons Debates, 19 June 1996.

[25] Annual Report of the Communications Establishment Commissioner 1996-1997, Office of the Communications Establishment Commissioner, 1997, p. 10.