The surveillance story may have started last week in the U.S. with the leak of several secret surveillance programs including massive surveillance of the metadata from all cellphone calls, but the Canadian questions continue to mount. The U.S. disclosures immediately raised questions about the possibility of Canadian involvement or the inclusion of Canadian data. Given the common communication infrastructure and the similarity between Canadian and U.S. laws, it seemed likely that Canada was engaged in much the same activities.

By Monday, the Globe was reporting that the CSEC has its own metadata surveillance program with approval granted through a ministerial directive from Defence Minister Peter MacKay in 2011. When questioned about the issue, MacKay sought to assure Canadians that the surveillance only involved foreign communications. Despite those assurances, the questions have continued to mount:

How much U.S. collected data is shared with Canadian agencies? Liberal MP Wayne Easter, who was a cabinet minister with responsibility for CSIS in 2002-03, told the Toronto Star that such sharing was common, providing a back-door way to access information. Was the metadata surveillance program halted for several years as the Globe reported or was it always operational? The Toronto Star reported that Wesley Wark believes the program was never stopped. The CSEC 2010-11 Annual Report suggests that some activities were halted. Who actually knows the specifics on the metadata program? The Globe reports today that Senator Hugh Segal, the chair of the parliamentary anti-terrorism committee, was unaware of the details of the program. What level of cooperation exists with Canadian telecom companies? They aren’t talking, prevented from doing so by gag orders that keep their participation largely secret. The CSEC 2006-07 annual report indicated that there was a review of CSEC use of metadata underway. What happened to that review? How extensive is the CSEC activities on metadata? The organization is currently recruiting data mining specialists and data mining is a key research focus for its Tutte Institute for Mathematics and Computing. In fact, Bill Robinson pointed out the CSEC’s emphasis on data mining as far back as 2007. Does the CSEC even believe that metadata surveillance constitutes an intercept? Robinson notes that in 2007, then CSE Chief John Adams seemed to argue that it would not. This is particularly relevant given that the law requires permission for surveillance of private communications. As Craig Forcese notes, if the scope of metadata is limited, no permission would be needed. Does the CSEC believe that there is a reasonable expectation of privacy for metadata? The government tried to downplay the privacy significance of IP addresses during the fight over lawful access (Bill C-30). Would it try to argue that the metadata does not enjoy privacy protections? Forcese raises the Charter of Rights issues that hang in the balance. What does Privacy Commissioner of Canada Jennifer Stoddart know? What is she prepared to do as part of a promised investigation? Will the office use its audit power to also focus on the major Canadian telecom companies? How have Canadian courts addressed these issues? Reported cases are heavily redacted.

So far, there are many questions but few answers.