Plausible Denial
Countries / Canada

Communications Security Establishment

CSE

Canada's national signals-intelligence and cyber-security agency, with origins in the wartime Examination Unit and a founding role in the Five Eyes signals partnership.

0:00 / 0:00

Audio readout of this profile.

Overview

The Communications Security Establishment is Canada's national signals-intelligence, cryptographic, and cyber-security agency. It is responsible for the collection of foreign signals intelligence in support of Government of Canada priorities; for the protection of Government of Canada electronic information and communications through cryptographic systems and accredited products; for cyber-security defence of Canadian government and critical-infrastructure networks through the Canadian Centre for Cyber Security; and, since 2019, for authorised offensive cyber operations against foreign cyber-threat actors.1

The agency operates under the authority of the Minister of National Defence, is headquartered in Ottawa, and is led by a Chief appointed by the Governor in Council. CSE is one of the founding signatories of the UKUSA / Five Eyes signals-intelligence arrangement and has historically been one of the closer working partners of the United States National Security Agency. Its budget and personnel — approximately C$1.04 billion and 3,500 employees (FY2024–25 Main Estimates) — are partially declassified through Treasury Board reporting.2

History & Origins

CSE traces its lineage to the wartime Examination Unit, established by the Canadian Government on 9 June 1941 as Canada's first dedicated cryptanalytic organisation, and to the wartime Joint Discrimination Unit (the military counterpart to the civilian Examination Unit), which conducted high-frequency direction-finding work against German and later Soviet communications. The Communications Branch of the National Research Council (CBNRC), established by a secret Order in Council of 13 April 1946 and operational from 1 September 1946, was the immediate institutional ancestor; it was renamed the Communications Security Establishment and transferred to the Department of National Defence by Order in Council on 1 April 1975.3

The agency operated for nearly fifty years without explicit statutory authority — its existence was not formally avowed by the Canadian Government until the 9 January 1974 CBC documentary "The Fifth Estate: The Espionage Establishment" (research by James Dubro), and was first officially confirmed in House of Commons questions only in subsequent years. The Office of the Communications Security Establishment Commissioner — an independent oversight office — was established by Order in Council of 19 June 1996 (P.C. 1996-899) under the Inquiries Act, and placed on a statutory footing by amendments to the National Defence Act in the Anti-Terrorism Act of 2001 (royal assent 18 December 2001). CSE was placed on a comprehensive statutory footing for the first time by the Communications Security Establishment Act, S.C. 2019, c. 13, s. 76, which entered into force in August 2019.4

The 2013 Snowden disclosures included documents detailing CSE operations and Five Eyes signals-intelligence sharing arrangements, including specific reporting on CSE collection at Brazilian and other foreign government targets. The 2019 establishment of the Canadian Centre for Cyber Security as a CSE-led national authority for cyber-security defence and the National Security Act, 2017 introduction of explicit offensive-cyber authorities together produced the most substantial reorganisation of CSE in its history.5

Mandate & Jurisdiction

The Establishment's authorities are specified in the Communications Security Establishment Act, Part 5 of the National Security Act, 2017 (Bill C-59). Its statutory functions are:

  • foreign intelligence — the acquisition of information from or through the global information infrastructure for the purpose of providing foreign intelligence;
  • cybersecurity and information assurance — the provision of advice, guidance, and services to help ensure the protection of electronic information and information infrastructures of federal institutions and of designated Canadian institutions;
  • defensive cyber operations — the conduct of activities on or through the global information infrastructure to help protect federal institutions and designated Canadian institutions from foreign cyber threats;
  • active cyber operations — the conduct of activities on or through the global information infrastructure to degrade, disrupt, influence, respond to, or interfere with the capabilities, intentions, or activities of foreign individuals, states, organisations, or terrorist groups;
  • technical and operational assistance to federal law-enforcement and security agencies, the Canadian Forces, and the Department of National Defence.6

The Establishment is statutorily prohibited from directing its activities at Canadians or any person in Canada and from infringing the Canadian Charter of Rights and Freedoms. Active and defensive cyber-operation authorisations require the Minister of National Defence's approval and, since the 2017 Act, the Intelligence Commissioner's approval for foreign-intelligence and cybersecurity authorisations.

Notable Operations

Confirmed UKUSA / Five Eyes signals partnership (1946–present). Canada is one of the founding members of the UKUSA Agreement signals partnership. The Agreement and successor agreements were declassified in 2010. CSE operates joint facilities with the United States NSA and contributes to the broader Five Eyes signals architecture. The geographic position of Canada has made specific facilities — including CFS Alert (Canadian Forces Station Alert, operational in its SIGINT role from 1 September 1958) in Nunavut, the world's northernmost permanently-inhabited installation — operationally significant.7

Confirmed Snowden-disclosed operations (2013). The 2013 disclosures included CSE documents — published by Globo / Fantástico, Globe and Mail, CBC, and later (in 2015) The Intercept — describing specific CSE operations including the targeted collection of Brazilian Ministry of Mines and Energy communications (Operation OLYMPIA). The Government of Canada has not commented on specific operations; the Brazilian Foreign Minister summoned Canada's ambassador in Brasília on 7 October 2013 to demand an explanation, characterising the operation as a "serious and unacceptable violation" of Brazilian sovereignty.8

Confirmed Cyber-attribution work (post-2014). CSE has been the principal Canadian agency for cyber-attribution, jointly with US, UK, and other Five Eyes counterparts. CSE has co-signed multiple joint advisories on Russian, Chinese, Iranian, and North Korean cyber operations, and has produced biennial National Cyber Threat Assessment reports through the Canadian Centre for Cyber Security since the first edition on 6 December 2018.9

Confirmed Cyber-defence of successive Canadian federal elections. CSE produced the 2017 Cyber Threats to Canada's Democratic Process report and has been a participant in the Critical Election Incident Public Protocol (CEIPP) process — established by Cabinet Directive in 2019 — for the 2019, 2021, and 2025 federal elections, providing cyber-security defence and threat-assessment work in collaboration with CSIS, the RCMP, and Global Affairs Canada through the Security and Intelligence Threats to Elections (SITE) Task Force. The annual NSICOP and NSIRA reviews provide partial public-record characterisation.10

Controversies & Abuses

Confirmed Pre-2019 statutory ambiguity. Until the 2019 Communications Security Establishment Act came into force, CSE operated for more than seven decades without comprehensive statutory authority — its functions were specified principally by Cabinet directive and by amendments to the National Defence Act. Successive academic and civil-liberties commentary characterised this as an unusual and constitutionally awkward arrangement among comparable Western signals-intelligence services.11

Confirmed Office of the Communications Security Establishment Commissioner findings. Successive annual reports of the OCSEC (now consolidated into NSIRA) identified specific compliance issues, most notably the 2014–2015 finding by Commissioner Jean-Pierre Plouffe (tabled January 2016) that CSE had failed to minimise Canadian-identifier metadata before sharing with Five Eyes partners, in violation of section 273.64(2)(b) and section 273.66 of the National Defence Act and section 8 of the Privacy Act. CSE acknowledged the issues and modified internal procedures in response.12

Confirmed Brazilian Ministry of Mines and Energy operation (Olympia). The October 2013 Globo and CBC reporting on the CSE operation against the Brazilian Ministry of Mines and Energy — a target unrelated to security or counter-terrorism work — produced a substantial Canada–Brazil diplomatic crisis and sustained Canadian press and academic attention to the question of CSE foreign-intelligence priorities. The CSE has not commented on the operation specifically.8

Alleged Bulk-collection arrangements with the NSA. Documents disclosed in the Snowden archive described arrangements between CSE and the NSA for the sharing of bulk-collection product. The Government of Canada has not addressed the specific arrangements; successive academic and civil-liberties commentary has characterised them as raising unresolved questions about the Canadian statutory regime.13

Notable Figures

  • Edward Drake — Director CBNRC, September 1946 – February 1971 (died in office). Defining figure of the post-war Canadian signals architecture.
  • N. Kevin O'Neill — Director CBNRC / Chief CSE, February 1971 – July 1980.
  • Peter Hunt — Chief CSE, July 1980 – June 1989.
  • Stewart Woolner — Chief, July 1989 – July 1999.
  • Ian Glen — Chief, July 1999 – August 2001.
  • Keith Coulter — Chief, August 2001 – June 2005. Period of post-9/11 expansion.
  • John Adams — Chief, July 2005 – January 2012.
  • John Forster — Chief, 30 January 2012 – 2 February 2015.
  • Greta Bossenmaier — Chief, 9 February 2015 – June 2018. First woman to head CSE.
  • Shelly Bruce — Chief, 27 June 2018 – August 2022.
  • Caroline Xavier — Chief, 31 August 2022 – present.

Oversight & Accountability

CSE is subject to oversight by the Minister of National Defence as the responsible minister; the Intelligence Commissioner — an independent statutory officer who must approve specific foreign-intelligence and cybersecurity authorisations under the 2019 Act; the National Security and Intelligence Review Agency (NSIRA), which absorbed the functions of the former OCSEC; the National Security and Intelligence Committee of Parliamentarians (NSICOP); and the Office of the Privacy Commissioner of Canada for personal-data matters.

The 2019 Act introduced a "double-lock" structure for foreign-intelligence and cybersecurity authorisations: ministerial approval and Intelligence Commissioner approval. Active and defensive cyber operations require ministerial approval and consultation with the Minister of Foreign Affairs.14

Sources & Further Reading

  1. Communications Security Establishment Act, S.C. 2019, c. 13; CSE, "About CSE," cse-cst.gc.ca.
  2. Treasury Board of Canada Secretariat, Departmental Plans for CSE, successive editions.
  3. Bill Robinson, "The Fall and Rise of Cryptanalysis in Canada," Cryptologia, vol. 16, no. 1 (January 1992), pp. 23–38; Wesley Wark, "Cryptographic Innocence: The Origins of Signals Intelligence in Canada in the Second World War," Journal of Contemporary History, vol. 22, no. 4 (October 1987), pp. 639–665.
  4. National Defence Act, R.S.C. 1985, c. N-5, sections 273.61–273.65 (now repealed); Communications Security Establishment Act, op. cit.
  5. Greg Weston, Glenn Greenwald and Ryan Gallagher, "CSEC used airport Wi-Fi to track Canadian travellers," CBC, 30 January 2014; National Security Act, 2017, S.C. 2019, c. 13.
  6. Communications Security Establishment Act, sections 15–22.
  7. National Archives of Australia, US National Archives, and UK National Archives, joint declassified release of UKUSA Agreement documents, 2010.
  8. "Documents indicate Canada spied on Brazil mining ministry," Globo / Fantástico, 6 October 2013, with CSE documents provided by Glenn Greenwald.
  9. Canadian Centre for Cyber Security, National Cyber Threat Assessment, biennial editions, 2018–present.
  10. Canadian Security Intelligence Service / CSE / RCMP / Global Affairs Canada, Security and Intelligence Threats to Elections (SITE) Task Force public statements; NSIRA Annual Reports.
  11. Craig Forcese, National Security Law: Canadian Practice in International Perspective (Irwin Law, 2008); Wesley Wark, "The Communications Security Establishment, Eavesdropping and the Politics of Concealment," in Daniel Livermore (ed.), Detained: Islamic Terrorism, the Canadian Approach (Penguin, 2017).
  12. Office of the Communications Security Establishment Commissioner, Annual Reports, 2007–2018.
  13. Bill Robinson, "Lux Ex Umbra: Watching Canada's spy agencies," ongoing blog series; Christopher Parsons et al., Citizen Lab successive reports on Canadian signals-intelligence policy.
  14. Communications Security Establishment Act, sections 27–35; Intelligence Commissioner Act, S.C. 2019, c. 13, s. 50.