Canadian cyberspy agency CSEC fretted about staff after Snowden leaks

Canada's secret eavesdropping agency feared for the personal safety of staff following the leak of sensitive intelligence by a former U.S. spy contractor, newly declassified memos show.

The Ottawa-based Communications Security Establishment Canada combed through personnel files to assess risks to employees whose name, agency affiliation or specific duties may have been disclosed by Edward Snowden, says an internal note from the head of the spy service.

• What do we know about Canada's cyberspy agency

In the September 2013 memo, CSEC chief John Forster urged staff with concerns to speak with a manager or personnel security officials.

"There should not be any conversation that is too difficult to have, or any question that is too difficult to ask," says the memo, originally classified top secret for Canadian eyes only.

It is among several Forster messages, obtained by The Canadian Press under the Access to Information Act, about the high-profile Snowden leaks.

CSEC monitors foreign computer, satellite, radio and telephone traffic for information of intelligence interest to the federal government. Its codebreakers, linguists and computer specialists make the agency a key player in the so-called Five Eyes community comprising Canada, the United States, Britain, Australia and New Zealand.

Snowden disclosed a trove of material that showed the U.S. National Security Agency, CSEC's American counterpart, had quietly gained access to a wide array of emails, chat logs and other information from major Internet companies, as well as data about a huge volume of telephone calls. The cache of documents which Snowden continues to leak piecemeal to the media contains several references to the Canadian agency's classified operations.

'Be mindful ... in casual chats'

In a June message, shortly after the leaks began grabbing headlines, Forster sent a message to CSEC's more than 2,000 employees to say that if friends and family know where they work, it's likely they will be asked over the summer about recent news stories.

"Please be mindful of a few things as you're engaged in casual chats around a BBQ or pool, softball field or soccer pitch," Forster wrote.

"While you may be asked about particular statements, stories or programs mentioned in the media, remember the media coverage has not been entirely accurate. It would be almost impossible to correct every mistake, and I certainly don't want you to try. Please refrain from speculating about what has been reported."

It emerged in January that the Snowden leaks prompted CSEC to review its policies on sharing information with key partners and its practices for protecting the privacy of Canadians.

The latest memos show CSEC's efforts to determine what Snowden had seen and taken with him continued well into the fall.

"As we learn more about what information is or could be out there, our departmental response is covering several fronts. First and foremost are the safety, security and well-being of our people," Forster said in the September memo.

"Personnel Security has been very involved in the forensic investigation, and they continue to assess the risks to personnel stemming from information that may have been leaked."

As a result of the Snowden disclosures, CSEC's chief information officer began a review aimed at protecting the spy agency's advanced information technology systems, the September memo says. In addition, officials in CSEC's corporate services branch began "a similar review of our security practices," Forster added.

Asked to elaborate on the concern, CSEC spokesman Ryan Foreman said that as a foreign intelligence agency, CSEC counters terrorism, espionage, cyberattacks, kidnappings of Canadians abroad, assaults on embassies and other serious threats.

Protecting identities

"The safety and security of CSEC personnel is vital to ensure that they are able to carry out these tasks that protect Canadians. This includes, where appropriate, protecting the identities of employees and their affiliation with CSEC."

An October memo from Forster about a leaked CSEC slide presentation which suggested the agency had spied on Brazil said it was important to note "the author's name was not revealed in the media coverage."

CBC News has reported extensively on the Snowden leaks and documents involving CSEC. During that reporting, the CBC has chosen to redact some information to protect the identities and safety and security of diplomatic personnel.

Most news organizations privy to the Snowden material are conscious of potential threats to personnel security and have acted accordingly, said Wesley Wark, who teaches at the University of Ottawa's graduate school of public and international affairs.

"But the fear is that the Snowden material in unredacted form may be in the hands of others, including other state intelligence services, whether wittingly through the actions of Snowden himself, or unwittingly," he said.

Wark added there is real danger to CSEC employees if the leaked documents reveal information about the agency's operational posts abroad or names of CSEC personnel involved in overseas military actions.

In addition, he said, should the contact information or identities of staff engaged in "sensitive intelligence collection issues" be revealed, they could become the target of an intelligence-gathering operation, especially one that might use cyber-espionage tools to hack into communications and database networks.