The federal government has pledged to reform Canada’s spy agency and halt the sharing of data with foreign allies in the wake of multiple privacy and security breaches.

"We have undertaken a complete review of the security-intelligence framework," said Public Safety Minister Ralph Goodale said in Ottawa on Thursday.

His announcement followed an annual review of the Canadian Security Intelligence Service (CSIS) that found shortcomings in the agency’s operations. Those included the absence of guidelines for cracking down on agents who break the rules and a rejection of several recommendations that it should fix its mistakes.

In its annual report, tabled on Thursday in Parliament, the Security Intelligence Review Committee (SIRC) - the federal watchdog organization that monitors CSIS - highlighted one investigation where a senior executive committee had recommended several disciplinary measures against an unspecified individual or individuals and a follow-up investigation. CSIS failed to accept these recommendations and SIRC could not find any evidence to explain why.

The report said CSIS also dismissed the watchdog's recommendation that it should re-open the investigation, stating that there were no ongoing security concerns. Under existing legislation, SIRC doesn't have the power to force CSIS to implement recommendations.

"The Service did not agree to re-examine a particular investigation as the director is satisfied with its outcome and assessed that there were no lingering concerns of an internal security nature," said the SIRC report.

CSIS also rejected a recommendation suggesting that it should allow an independent expert from the outside to review final investigation reports, stating that this would jeopardize the confidentiality and sensitivity of certain investigations, undermine the CSIS director's authority, and threaten the objectivity of such investigations, said the committee's report.

SIRC also found multiple cases of CSIS obtaining taxpayer information from the Canada Revenue Agency (CRA) without a court warrant.

The watchdog said in its report that CSIS later provided incorrect information to the minister of public safety and to the federal court stating that it had deleted all information obtained without warrants, when in fact most of that information remained on the agency's database.

Goodale said that independent and substantive reviews of national security activities were helping shine a spotlight on what works and errors that need to be corrected.

"We believe more can be done to strengthen scrutiny, and the government is currently developing legislation that will strengthen our system of accountability for national security," said Goodale.

In addition, Canada’s electronic spy agency – the Communications Security Establishment (CSE) – was found to be in breach of privacy laws by its commissioner Jean-Pierre Plouffe after it shared information about Canadians with its sister agencies in Britain, America, New Zealand, and Australia. The information shared included telephone numbers and email addresses, known as ‘metadata’, but no message contents.

Defence minister Harjit Sajjan also said he would direct the CSE to communicate with the public more openly about their activities, while still protecting sensitive information as needed.

“The government will introduce legislation to create a statutory committee of parliamentarians with special access to classified information to review departments and agencies with national security responsibilities. We are committed to ensuring the safety of Canadians while protecting our collective rights and freedoms,” said Sajjan.

But Sajjan also credited the CSE for “proactively bringing deficiencies,” to Plouffe's attention.

Sajjan added that the metadata shared with foreign intelligence agencies did not contain any names or other information that could identify individual Canadians.

“Taken together with the CSE’s suite of privacy protection measures, the privacy impact was low. I am reassured that the commissioner’s findings confirm the metadata errors that CSE identified were unintentional, and I am satisfied with CSE’s proactive measures, including suspending the sharing of this information with its partners and informing the Minister of Defence,” said Sajjan.

The NDP’s public safety critic Randall Garrison was skeptical, saying that both the CSIS and CSE breaches were a result of C-51, an anti-terror law adopted last year by former Conservative prime minister Stephen Harper's government.

“Today shines light on why Bill C-51 is an overreach and potentially subjects Canadians to unwarranted snooping," Garrison said. "Canadians voted for change and yet after three months of the new government, Stephen Harper’s Bill C-51 is still in place."

Speaking at an anti-C-51 rally last year, lawyer and constitutional expert Rocco Galati said that the anti-terror law would make it easier for federal agencies to share information both with each other and foreign governments. The law also gave police greater powers to preventatively arrest terrorist suspects or restrict their activities. It also allowed the public safety minister to add people to Canada’s no-fly list, ban "promotion" of terrorism, and let the Canadian Security Intelligence Service (CSIS) "disrupt" potential security threats.

“New Democrats have been clear: Canadians don’t have to choose between their security and their rights. We need concrete measures that keep Canadians safe without eroding away our freedoms and civil liberties. This is why the NDP has continued to call for the repeal of Bill C-51,” said Garrison.

With files from the Canadian Press.

Keep reading