Letter to the Editor re: Globe and Mail article - July 31, 2014

The Globe and Mail's July 31 article mischaracterizes how our organisation protects Government of Canada systems and networks and ignores the measures that Communications Security Establishment (CSE) has in place to protect the privacy of Canadians - including that all of our activities are reviewed by the independent CSE Commissioner to make sure we act lawfully and protect Canadians’ privacy.

As the news this week of a recent cyber-intrusion on the networks of the National Research Council by a Chinese state-sponsored actor demonstrates, Canada is not immune from the activities of hackers, criminals, and state-sponsored threat actors. These malicious actors are constantly probing Government of Canada systems and networks for weaknesses so that they infiltrate them and steal valuable information. One of CSE's jobs is to monitor Canadian government networks for malicious activities. When we detect emails or other communications that contain malware or other threats, we block, collect and analyze them. And, we work with appropriate departments to take action to neutralise the threat.

In doing this work, we take strict measures to protect the privacy of Canadians. For starters, we only use, analyze and retain communications if they contain malware or other threats that could disrupt government networks or lead to the theft of valuable Canadian information. Additionally, personal information that is not relevant to protecting government networks is not retained. And again, all of CSE’s activities are independently reviewed by the independent CSE Commissioner, and we have never been found to act unlawfully.

John Forster, Chief CSE