[...]
Marginal note:Short title
1 This Act may be cited as the Communications Security Establishment Act.
[...]
Marginal note:Definitions
2 The following definitions apply in this Act.
- Canadian
-
Canadian means a Canadian citizen, a permanent resident as defined in subsection 2(1) of the Immigration and Refugee Protection Act or a corporation incorporated or continued under the laws of Canada or a province. (Canadien)
- Commissioner
-
Commissioner means the Intelligence Commissioner appointed under subsection 4(1) of the Intelligence Commissioner Act. (commissaire)
- federal institution
-
federal institution includes any of the following institutions of Parliament or the Government of Canada:
-
[...]
-
(f) any board, commission, council, other body or other office established to perform a governmental function by or under an Act of Parliament, or by or under the authority of the Governor in Council;
-
(g) a department as defined in section 2 of the Financial Administration Act;
-
(h) a Crown corporation established by or under an Act of Parliament; and
-
(i) any other body that is specified by an Act of Parliament to be an agent of Her Majesty in right of Canada or to be subject to the direction of the Governor in Council or a federal minister. (institutions fédérales)
- publicly available information
-
publicly available information means information that has been published or broadcast for public consumption, is accessible to the public on the global information infrastructure or otherwise or is available to the public on request, by subscription or by purchase. It does not include information in respect of which a Canadian or a person in Canada has a reasonable expectation of privacy. (information accessible au public)
- Review Agency
-
Review Agency means the National Security and Intelligence Review Agency established under section 3 of the National Security and Intelligence Review Agency Act. (Office de surveillance)
[...]
Marginal note:Principle
3 It is in the public interest to ensure that the Establishment may effectively carry out its mandate in accordance with the rule of law and, to that end, to expressly recognize in law a justification for persons who are authorized to carry out activities under this Act to, in the course of carrying out those activities, commit acts or omissions that would otherwise constitute offences.
[...]
Marginal note:Minister
4 The Governor in Council may, by order, designate any federal minister to be the Minister referred to in this Act.
[...]
Marginal note:Head office
[...]
Marginal note:Appointment
-
[...]
-
Marginal note:Compensation
(4) The Chief is deemed to be an employee for the purposes of the Government Employees Compensation Act and to be employed in the federal public administration for the purposes of any regulations made under section 9 of the Aeronautics Act.
-
Marginal note:Absence, incapacity or vacancy
(5) If the Chief is absent or incapacitated or the office of Chief is vacant, the Minister may appoint another person to act as Chief, but must not appoint a person for a term of more than 90 days without the approval of the Governor in Council.
Marginal note:Chief’s powers, duties and functions
[...]
Marginal note:Directions by Minister
[...]
Marginal note:Personnel
[...]
Marginal note:Designation
[...]
Marginal note:No activities — Canadians and persons in Canada
-
[...]
-
Marginal note:Contravention of other Acts — foreign intelligence
(3) Activities carried out by the Establishment in furtherance of the foreign intelligence aspect of its mandate must not contravene any other Act of Parliament — or involve the acquisition by the Establishment of information from or through the global information infrastructure that interferes with the reasonable expectation of privacy of a Canadian or a person in Canada — unless they are carried out under an authorization issued under subsection 26(1) or 40(1).
-
Marginal note:Contravention of other Acts — cybersecurity and information assurance
(4) Activities carried out by the Establishment in furtherance of the cybersecurity and information assurance aspect of its mandate must not contravene any other Act of Parliament — or involve the acquisition by the Establishment of information from the global information infrastructure that interferes with the reasonable expectation of privacy of a Canadian or a person in Canada — unless they are carried out under an authorization issued under subsection 27(1) or (2) or 40(1).
Marginal note:Establishment’s activities
-
[...]
-
(2) Despite subsection 22(1), in furtherance of its mandate the Establishment may analyse information for the purpose of providing advice to the Minister of Public Safety and Emergency Preparedness and to the Minister responsible for the administration of the Investment Canada Act with regard to that latter Minister’s powers and duties under Part IV.1 of that Act.
Marginal note:Measures to protect privacy
24 The Establishment must ensure that measures are in place to protect the privacy of Canadians and of persons in Canada in the use, analysis, retention and disclosure of
[...]
Marginal note:Technical and operational assistance activities
-
[...]
-
Marginal note:Exemptions, protections and immunities
(2) If the Establishment provides assistance in furtherance of the technical and operational assistance aspect of its mandate, then persons authorized to act on the Establishment’s behalf benefit from the same exemptions, protections and immunities as would persons authorized to act on behalf of the federal law enforcement or security agency, the Canadian Forces or the Department of National Defence, as the case may be, if those persons were carrying out the activity.
[...]
Marginal note:Foreign Intelligence Authorizations
-
26 (1) The Minister may issue a Foreign Intelligence Authorization to the Establishment that authorizes it, despite any other Act of Parliament or of any foreign state, to carry out, on or through the global information infrastructure, any activity specified in the authorization in the furtherance of the foreign intelligence aspect of its mandate.
Marginal note:Cybersecurity Authorizations — federal infrastructures
-
27 (1) The Minister may issue a Cybersecurity Authorization to the Establishment that authorizes it, despite any other Act of Parliament, to, in the furtherance of the cybersecurity and information assurance aspect of its mandate, access a federal institution’s information infrastructure and acquire any information originating from, directed to, stored on or being transmitted on or through that infrastructure for the purpose of helping to protect it, in the circumstances described in paragraph 184(2)(e) of the Criminal Code, from mischief, unauthorized use or disruption.
-
Marginal note:Cybersecurity Authorizations — non-federal infrastructures
(2) The Minister may issue a Cybersecurity Authorization to the Establishment that authorizes it, despite any other Act of Parliament, to, in the furtherance of the cybersecurity and information assurance aspect of its mandate, access an information infrastructure designated under subsection 21(1) as an information infrastructure of importance to the Government of Canada and acquire any information originating from, directed to, stored on or being transmitted on or through that infrastructure for the purpose of helping to protect it, in the circumstances described in paragraph 184(2)(e) of the Criminal Code, from mischief, unauthorized use or disruption.
Marginal note:Approval of Commissioner
[...]
Marginal note:Defensive Cyber Operations Authorizations
-
29 (1) The Minister may issue a Defensive Cyber Operations Authorization to the Establishment that authorizes it, despite any other Act of Parliament or of any foreign state, to carry out, on or through the global information infrastructure, any activity specified in the authorization in the furtherance of the defensive cyber operations aspect of its mandate.
Marginal note:Active Cyber Operations Authorizations
-
30 (1) The Minister may issue an Active Cyber Operations Authorization to the Establishment that authorizes it, despite any other Act of Parliament or of any foreign state, to carry out, on or through the global information infrastructure, any activity specified in the authorization in the furtherance of the active cyber operations aspect of its mandate.
[...]
35 An authorization issued under subsection 26(1), 27(1) or (2), 29(1) or 30(1) must specify
-
[...]
-
(b) the activities or classes of activities referred to in paragraph (a) that would otherwise be contrary to any other Act of Parliament;
-
[...]
-
(e) in the case of an authorization issued under subsection 26(1) or 27(1) or (2), any other terms, conditions or restrictions that the Minister considers advisable to protect the privacy of Canadians and of persons in Canada, including conditions to limit the use, analysis and retention of, access to, and the form and manner of disclosure of, information related to them;
Marginal note:Period of validity of authorizations
[...]
Marginal note:Amendment
[...]
Marginal note:Emergency Authorizations
[...]
Marginal note:Authorizations provided to Commissioner
-
48 (1) The Minister must provide a copy of each authorization issued under subsection 26(1) or 27(1) or (2), or amended under subsection 39(1), to the Commissioner after issuing it or amending it, as the case may be, for the purposes of the Commissioner’s review and approval under the Intelligence Commissioner Act.
-
Marginal note:Notice of authorization or amendment
(2) The copy of the authorization constitutes notice of the authorization or amendment for the purposes of the calculation of the time limit referred to in paragraph 20(3)(b) of that Act.
Marginal note:No civil or criminal liability
49 No person who acts in accordance with an authorization issued under subsection 26(1), 27(1) or (2), 29(1), 30(1) or 40(1) or who aids, in good faith, a person who they believe on reasonable grounds is acting in accordance with such an authorization incurs any criminal or civil liability for anything reasonably done further to the authorization.
[...]
51 No action lies under section 18 of the Crown Liability and Proceedings Act in respect of
-
(a) the use or disclosure under this Act of any communication intercepted under the authority of an authorization issued under subsection 26(1), 27(1) or (2), 29(1), 30(1) or 40(1); or
-
(b) the disclosure under this Act of the existence of such a communication.
[...]
53 Authorizations issued under subsection 26(1), 27(1) or (2), 29(1), 30(1) or 40(1) and orders made under section 45 are not statutory instruments within the meaning of the Statutory Instruments Act.
[...]
Marginal note:Prohibition on disclosure
-
[...]
-
Marginal note:Application of other Acts
(4) Sections 38 to 38.16 of the Canada Evidence Act, or sections 83 and 87 of the Immigration and Refugee Protection Act, as the case may be, apply to a proceeding referred to in subsection (1), with any necessary modifications.
-
[...]
-
Marginal note:Definition of judge
(11) In this section, judge means the Chief Justice of the Federal Court or a judge of that Court designated by the Chief Justice to conduct hearings under any Act of Parliament for the protection of information.
Marginal note:Assistance or disclosure of information — no presumptions
56 The provision of assistance or the disclosure of information by the Establishment under this Act does not create a presumption
[...]
57 For the purposes of the Access to Information Act, if any record, as defined in section 3 of that Act, of any other government institution, as defined in that section, or of any other organization is contained in or carried on the Establishment’s information infrastructure on behalf of that institution or organization, the record is not under the Establishment’s control.
58 For the purposes of the Privacy Act, if any personal information, as defined in section 3 of that Act, of any other government institution, as defined in that section, or of any other organization is contained in or carried on the Establishment’s information infrastructure on behalf of that institution or organization, the personal information is not held by the Establishment and is not under the Establishment’s control.
[...]
Marginal note:Regulations
60 The Governor in Council may, on the recommendation of the Minister, make regulations for carrying out the purposes and provisions of this Act, including regulations