Cyberspy agency breached law by directing actions at Canadian: watchdog report

By Canadian Press on January 21, 2026.

OTTAWA — The national intelligence watchdog says Canada’s cyberspy agency violated a law that forbids it from focusing on Canadians when it analyzed information from an electronic device.

The National Security and Intelligence Review Agency details the lapse in a newly released report that looked at how the Communications Security Establishment and the Canadian Security Intelligence Service work together.

The CSE uses cutting-edge technology to gather foreign intelligence in the online world and protect Canada from cyberthreats.

CSIS, meanwhile, investigates threats to Canada such as espionage, terrorism and foreign interference.

The spy watchdog report notes the tension between CSIS’s mandate — which authorizes the collection and sharing of information about Canadians — and CSE’s core prohibition against directing its activities at Canadians.

A summary of the review of CSE-CSIS collaboration was made public in the spy watchdog’s annual report issued in November 2024.

The watchdog’s full review — with several redactions — was released to The Canadian Press on Tuesday in response to an Access to Information request.

The report says CSIS uses what are known as lead information messages to share details the CSE may find relevant for its own foreign intelligence purposes.

In one such case, CSIS sent the CSE information concerning the contents of a Canadian’s device. The Canadian was the subject of a CSIS warrant but the watchdog report reveals no additional details.

The CSE analyzed the information with the intent to obtain foreign intelligence information from it.

“As this device belonged to a Canadian, CSE’s actions were directed at a Canadian,” the report says. “It is irrelevant that the actions were intended to produce information of foreign intelligence interest, or that the information was initially legally obtained by CSIS.”

The CSE can acquire and use Canadian information under its foreign intelligence mandate if the information is collected incidentally — meaning the information was not deliberately sought and its collection was not directed at a Canadian or a person in Canada.

The spy watchdog concluded that exception did not apply in this case.

“The compliance issue in this case was that CSE itself conducted the analysis on Canadian information (i.e. directing its activities at a Canadian) in order to identify information of foreign intelligence value and attempted to then justify this action as incidental collection,” the report says.

The review agency recommended the CSE update its policies to prohibit the analysis of information relating to a Canadian or person in Canada for the purposes of identifying foreign intelligence.

In a federal response to the review, the cyberspy agency agreed with the recommendation.

“CSE understands the importance of upholding this critical aspect of its enabling legislation and considers lawfulness to be a core corporate value,” the agency said.

The CSE said it would also adjust policy training material for operational analysts, if necessary, to address any ambiguity about which actions are permitted.

The spy watchdog made several other recommendations, including that CSIS stop making requests to the CSE for action or further information in relation to Canadians or people in Canada through CSIS lead information messages.

In the federal response, CSIS disagreed with the recommendation.

“A complete cessation of such requests would have a negative impact on CSIS’s ability to investigate threats to Canada’s national security,” the response said. “To advance its operations, CSIS needs to leverage CSE’s expertise on an ongoing basis.”

The spy watchdog said that because CSIS and the CSE are core pillars of the security and intelligence community, their effective collaboration is critical to protecting national security and advancing Canada’s interests.

“In light of their differing mandates and legal frameworks, it is incumbent on CSE and CSIS to carefully plan their collaboration and establish guardrails,” the report said.

The watchdog added that structures for governance, clear demarcation of roles and responsibilities and information-sharing must be paramount in each effort involving the two spy agencies.

This report by The Canadian Press was first published Jan. 21, 2026.

Jim Bronskill, The Canadian Press