Canadian Watchdog Highlights Legal Gaps in Online Intelligence Operations
A recent review by Canadaís intelligence watchdog, the National Security and Intelligence Review Agency (NSIRA), has identified significant gaps in how the Communications Security
Establishment (CSE) conducts its cyber operations. The report, released on April 30, 2024, scrutinizes the CSEís use of powers granted in 2019 for active and defensive cyber operations, aimed at protecting national security and managing foreign cyber threats.
The NSIRA report praises the CSE for establishing a robust framework for these operations but points out that critical gaps remain, particularly in how the operations align with Canadaís legal and foreign policy frameworks. One key concern is that the applications for ministerial authorization, necessary for conducting these operations, lack sufficient detail, potentially leading to activities that exceed or diverge from what was originally approved by the ministers of National Defence and Foreign Affairs. Moreover, the review underscores the importance of compliance with international law, noting that the current process lacks a comprehensive method for assessing whether cyber operations conform to Canadaís international obligations. This oversight, the report warns, could pose significant legal risks if operations are found to violate international law.NSIRA emphasizes that the evolving nature of international law in cyberspace requires careful attention and adaptation by Canadian intelligence entities to avoid legal pitfalls and ensure that operations do not inadvertently harm Canadaís standing on the global stage. The watchdog intends to continue monitoring CSEís activities to ensure adherence to these standards.