Review of the Canada Border Services Agency’s Confidential Human Source Program

Date of Publishing:

Executive Summary

This review examined the legal and policy frameworks that govern CBSA’s human source handling activities. It has three areas of focus: the management and assessment of risk; CBSA’s discharge of its duty of care to its sources; and the sufficiency of ministerial direction and accountability in relation to the program. Together, these areas support CBSA’s ability to conduct its source handling activities lawfully, ethically and with appropriate accountability.

The Canada Border Services Agency Act (CBSA Act) outlines CBSA’s mandate to provide integrated border services that support national security and public safety priorities, facilitate the free flow of persons and goods, and administer and enforce its program legislation. CBSA has the authority under the CBSA Act to investigate threats in support of its role in the administration and enforcement the Customs Act and the Immigration and Refugee Protection Act (IRPA) that govern the admissibility of people and goods into and out of Canada.

As an investigative tool used in support of its mandate, CBSA’s Confidential Human Source (CHS) Program rests on an adequate legal framework. Based on a detailed review of a subset of the files, which consistently demonstrated a nexus to CBSA’s mandate, CBSA is operating its CHS Program pursuant to its legal authorities.

The mandate of CBSA to use CHSs was reinforced in the 2022 Ministerial Direction on Surveillance and Confideritial Human Sources (MD). To reflect the content of the MD, among other things, CBSA updated its CHS policy and standard operating procedures (SOP) in 2023. Where it is found that the new policy suite has addressed concerns raised in this report, these changes were noted and recommendations adjusted accordingly. Otherwise, NSIRA’s evaluations were formed against the policy and SOP in force during the activities under review.

NSIRA found that CBSA’s CHS previous policy permitted a component of its CHS Program activities to operate without adequate documentation, including a documented approval or a documented risk assessment. Despite the lack of documentation, it is assessed that this may constitute a substantial number of instances of information being collected under a promise of confidentiality, which may have been used to support an enforcement action, but before CBSA formally assessed the risks of doing so. As a result, for this portion of CBSA’s CHS activities, risks to individuals providing information to CBSA, including the risk of retribution, may go unidentified, and thus unmitigated by CBSA. CBSA’s new policy suite has not addressed this gap in its risk management practices.

CBSA owes a duty of care to its CHSs, such that it has a legal obligation to take reasonable care in the treatment of these individuals. While CBSA is attentive to the protection of source identities, NSIRA found that CBSA’s policies and practice around obtaining informed consent are insufficient to ensure that informed consent is obtained systematically, and before risks are incurred. NSIRA also found that, in the sample reviewed, measures to mitigate risks to CHSs are often not present or implemented.

In the course of its review, NSIRA was presented a case involving two informants who were promised confidentiality by Inland Enforcement Officers who did not have current training to support an adequate understanding of the consequences of extending confidentiality. NSIRA found that CBSA may have breached informer privilege and, as a result, the safety of the two informants may have been put in jeopardy. In this and another instance, NSIRA found that CBSA failed to inform the Minister of a CHS activity that may have impacted the safety of an individual, as required by the MD. This constitutes non-compliance with subsection 12(2) of the CBSA Act.

Finally, CBSA’s new policy and SOP reflect elements of the direction of the Minister in respect of risk management; notably by mirroring the three risk pillars included in the MD and by incorporating the principle that “the greater the risk associated with the activity, the higher the authority required for approval”. However, the review raises fundamental issues related to how CBSA has in the past, and continues to manage risk such that the principles of risk management that are included in the MD will have no application to a substantial number of CHS activities. This calls into question CBSA’s ability to comply with the principles outlined in the Ministerial Direction. As a result, NSIRA found that CBSA’s approach to risk management in their new policy suite does not folly align with principles of the MD.

In light of such findings, NSIRA recommends that:

• CBSA amend its policy to require a documented approval and a documented assessment of the risks of using a CHS in the preregistration period;
• CBSA require that the interview checklist be administered no later than when the promise of confidentiality is extended;
• CBSA provide guidance as to how obtaining informed consent should be tailored to the individual circumstances of the CHS;
• CBSA put in place specific guidance on how to mitigate the full range of risks to CHSs and ensure that those mitigation measures are implemented;
• CBSA expand its definition of active Confidential Human Sources so that reporting to the Minister covers the breadth of the CHS program; and
• CBSA immediately notify the Minister of the two cases identified in this review where the safety of an individual is at issue.

List of Acronyms

Introduction

Authority

This review was conducted under the authority of paragraphs 8(1)(b) and 8(2.1)(c) of the National Security and Intelligence Review Agency Act (NSIRA Act).

Scope of the Review

NSIRA has reviewed elements of the activities of three departments’ human source handling programs: the Department of National Defence/Canadian Armed Forces (DND/CAF); the Canada Border Services Agency (CBSA); and, the Royal Canadian Mounted Police (RCMP). Human source programs must be adapted to the circumstances and mandate of each organization, while respecting their legal obligations. Each review identified matters of significance to each organization within three common themes, the management and assessment of risk; the organization’s discharge of its duty of care with respect to human sources, and the role of ministerial direction in the program. Together, these areas support the organizations’ ability to conduct their source handling activities lawfully, ethically, and with appropriate accountability.

The objectives of the review of CBSA’s CHS program were to assess the lawfulness of the program and its activities, as well as the sufficiency of the governance framework within which the program operates. By reviewing aspects of the 2022Ministerial Direction on Surveillance and Confidential Human Sources (MD), there view also fulfills NSIRA’s obligations pursuant to paragraph 8(2.1)(c) of the NSIRA Act that requires a review of the implementation of “significant aspects” of new or modified ministerial direction relating to national security or intelligence.

Methodology

NSIRA reviewed aspects of CBSA’s CHS handling activities that occurred between January 1, 2018 and March 31, 2021. The information reviewed included: policies, procedures and guidance documents relevant to the program; as well as the applicable MD. NSIRA was provided the total number of registered CHSs operating during the review period and, from that, CBSA provided a sample of 35 files. The key documents in a CHS file provided to NSIRA include: registration form, briefing notes, initial interview checklists, annual reviews, Source Debrief Reports (SDR), email exchanges and event logs in the administrative file. Additionally, CBSA provided handler notebooks in select cases upon request. NSIRA conducted a series of focus group discussions with several regions. These included handlers, as well as Designated Regional Coordinators (DRC), the purpose of which was to orient NSIRA to the particulars of the CBSA operating environment. NSIRA also had the benefit of multiple exchanges with the CHS Program at NHQ.

There are three main documents that govern CBSA’s CHS program:

• Ministerial Direction to the CBSA on Surveillance and Confidential HumanSources’,
• Confidential Human Source Policy (CHS Policy); and,
• Standard Operating Procedures in Support of the Confidential Human Source Policy (SOP).

Review Statements

NSIRA found that CBSA partially met its expectations for responsiveness during this review. While CBSA provided NSIRA with adequate access to information and people, there were some significant delays in providing some of the requested information.

NSIRA found that CBSA met its expectations for verification of the requested information for this review.

Background

CBSA defines a CHS to be an Individual who volunteers information of potential intelligence or enforcement value to the CBSA, and who requests and receives an assurance of confidentiality from a certified handler. In accordance with CBSA’s process, if it is determined that the relationship with the CHS will be of ongoing benefit to CBSA, the CHS undergoes an assessment in order to be registered as a CHS Program participant (CHSPP). CBSA policy stipulates that certain individuals will be prohibited from use as a CHS, including minors and persons who have outstanding warrants for indictable offences as examples. CBSA policy also includes categories of individuals who require special approval for use as a CHS, including individuals without status in Canada. The CBSA CHS Program operates only in Canada and does not include agents or individuals who would be directed by CBSA to undertake certain actions.

NSIRA did not examine either the costs of the CHS Program, or the benefit in terms of CBSA’s mandate, but acknowledges that CBSA tracks the “enforcement action value* of its CHS Program. CBSA characterizes the value as significant.

The Canada Border Services Agency Act (CBSA Act) outlines CBSA’s mandate to provide integrated border services that support national security and public safety priorities, facilitate the free flow of persons and goods, and administer and enforce its program legislation. CBSA has the authority under the CBSA Act to investigate threats in support of its role in the administration and enforcement the Customs Act and the Immigration and Refugee Protection Act (IRPA) that govern the admissibility of people and goods into and out of Canada.

As an investigative tool used in support of its mandate, CBSA’s CHS Program rests on an adequate legal framework. Based on a detailed review of a subset of the files, which consistently demonstrated a nexus to CBSA’s mandate, CBSA is operating its CHS Program pursuant to its legal authorities. The mandate of CBSA to use CHSs was reinforced in the 2022 Ministerial Direction on Surveillance and Confidential Human Sources.

The CHS Program is responsible for the management, coordination, supervision and operations pertaining to CHSs. The CHS Program Coordination Unit at NHQ is responsible, among other things, for implementing and ensuring compliance with the CHS policy, and ensuring that CBSA senior management is kept apprised of any operational issues that could affect the integrity of the CHS Program. The CHS Program has a regional coordinator, who provides operational guidance and administers the CHS program in a select region.

Although CBSA’s use of CHSs dates to at least 1984, prior to 2014, there were no formal policies specific to the recruitment, development and management of CHSs, and no standard operating procedures (SOP) in place. In 2014, CBSA put in place a policy and SOP to standardize the management, coordination and operational use of CHSs. The CHS policy and SOP define who may engage in activities within the CHS Program and how such activities will be conducted.

CBSA updated its policy and SOP in 2023 to, among other things, reflect the content of the 2022 MD. Where it is found that the new policy suite has addressed concerns raised in this report, these changes are noted. However, given that the CHS files examined were active during the 2014 policy and 2015 SOP, these were used to form the evaluations.

Findings, Analysis, and Recommendations

Risk Management

Human sources can play a critical role in collecting information, often related to criminal activity that would otherwise be difficult to obtain. It is an activity that carries inherent risk both for the individuals providing information, and for the investigative body. For individuals providing the information, they face the risk of retribution. For the investigative body, collecting information under a promise of confidentiality triggers its duty of care obligations, including the obligation to take all steps necessary to protect the identity of the human source and, if necessary, to protect their personal safety. A properly managed human source program therefore requires a strong system to identify and mitigate risks, both to the individual providing information, as well as to the organization itself.

Finding 1: NSIRA found that CBSA policy does not require any documented approval or a documented assessment of the risks of using a CHS outside of the registration process.

Finding 2: NSIRA found that there was Incomplete documentation in the preregistration period such that the CHS. Program is impeded from monitoring the full spectrum of CHS Program activities.

The CBSA recruitment process

NSIRA reviewed CBSA’s policies, SOP, and practices related to the management of risk during the recruitment of CHSs and identified deficiencies in the timing of the formal approval for the use of CHSs, as well as the documented risk assessment process, which occurs after the engagement of risk. There were also gaps in how CBSA documented interactions with CHSs in the preregistration period.

A CHS, by CBSA’s definition, is a member of the public who volunteers information of potential intelligence or enforcement value to the CBSA, and who requests and receives assurances of confidentiality from a certified handler. CBSA policy distinguishes between CHSs where there is no expectation of an ongoing relationship; these would be considered ‘‘one-offs”. By contrast, if it is assessed that the relationship would be of ongoing benefit to CBSA, the CHS may be officially “registered’ in the CHS Program and thereafter be referred to as a “CHS program participant” or CHSPP. During the assessment for suitability as a CHSPP, policy directs handlers to identify the risks and benefits of handling the prospective CHSPP, as well as measures to mitigate identified risks. These are to be documented in the request to register a CHS. According to the SOP, a prospective CHSPP should be registered “as soon as possible’ and must be registered within 180 days.

Registration is the official, documented decision-gate in the recruitment process andit is only at registration that a formal, documented risk assessment is required by policy. The approval authority for registration is either a Director General or, in the case of Special Approvals, the President. By contrast, policy is silent on the requirement for a documented approval for the use of unregistered sources. These are CHSs providing information on a one-off basis or those being considered for registration while providing information under a promise of confidentiality. For unregistered CHSs, SOP suggests only that the DRC be ’advised’ by the handler and no decision is documented. Policy does not require a documented risk assessment prior to registration.

Gaps related to the use of unregistered CHSs

There are effectively no restrictions on activities prior to registration, with the sole exception that monetary awards cannot be issued to unregistered CHSs. CBSA policy permits information from an unregistered CHS to be collected under a promise of confidentiality and committed to a Source Debrief Report (SDR). This information can be shared with external partners and can be used to conduct enforcement actions. NSIRA’s review of the 35 files revealed that, in 16 cases, on at least one occasion each, information was used to support a specific action, such as an enforcement action e.g., seizure, arrest, charges, and removals. Of these, nine CHSs provided information that was used prior to registration, including a cocaine seizure at the border and an arrest. This means that, in the majority of cases when CBSA acted on information provided by a CHS, it was prior to.registration.

There is no clear guidance on the documentation required prior to registration, which is a minimum requirement of proper monitoring of CHS activity. Some sections in policy suggest that interactions with CHSs prior to registration must be documented and other sections suggest they do not Because of the incomplete data related to unregistered CHSs, CBSA was unable to provide NSIRA with the number of unregistered CHSs; neither did they provide an approximation of that number. The information available in CBSA’s intelligence database (IMS) allowed NSIRA to produce [**redacted**] CHSs files, representing a list of all CHSs files that were created over a period of three years, registered and unregistered. A randomly selected subset of files were reviewed in detail; of these, 57% were confirmed to be unregistered CHSs. This is a significant percentage that suggests the presence of a large number of unregistered CHSs. Moreover, the majority of the unregistered CHSs in the sample generated at least one SDR. In respect of whether the promise of confidentiality was extended in these cases, it is inferred that when information is provided that results in even one SDR, confidentiality was promised. This high proportion means that the CHS Program is not exercising adequate monitoring and reporting on a significant number of CHS activities. This is inconsistent with CHS policy, which stipulates that the CHS Program at NHQ is responsible for monitoring and ensuring compliance of CHS activities on a regular basis and ensuring that the CHS Program Is delivered in a consistent manner, across all regions.

The trigger and timing of registration

A CHS must be registered “as soon as possible’ once it is determined that an ongoing relationship will be maintained and in no cases should registration take place later than 180 days from first contact. The rationale for 180 days is not clear to NSIRA and was, in any case, not respected in 11 of the 26 cases examined by NSIRA. In seven cases, it took dose to, or over a year for the CHS to be registered.

The timing of the registration process, which includes the formal risk assessment, is disconnected from the actual engagement of risk. Yet, as CBSA acknowledges, the risk exposure of both CBSA and the CHS increases along with the number of interactions between CBSA and the CHS. Each time information is shared or used for enforcement purposes, there is a risk of attribution to the CHS. For CBSA, collecting information under the promise of confidentiality triggers its duty of care obligations. The potential for disconnect between the formal assessment of risk and the engagement of risk is well illustrated by example. In one case, the handler had at least [**redacted**] interactions with a CHS, who produced [**redacted**] SDRs before being registered. The information was used to [**redacted**] which led to the seizure of multiple [**redacted**]. The approval to register the individual took place initially approximately 150 days after the first SDR was produced. Ultimately, however, [**redacted**]. It is unacceptable to conduct an assessment of risk, which is meant to support a decision, after the engagement of risk has taken place.

In effect, there is no practical difference in the use of CHSs in the pre- and post- registration period. Policy makes explicit that DRCs, front line managers and handlers are expected to manage risk on an ongoing basis, including in the period prior to registration. Informal and undocumented risk assessments, while necessary and appropriate, do not stand in for the formal risk assessment process and decision-making that, in CBSA’s CHS Program, occur only at the point of registration. CBSA’s reasoning behind the formal risk assessment- that “the use of a CHS can be a particularly intrusive and high-risk covert technique, requiring consistent oversight and risk management”- applies to all the activities of CHSs, registered and unregistered, even if there is no expectation of an ongoing relationship.

New Policy/SOP

CBSA’s new policy includes three categories of CHSs that reflect its previous graduated approach to managing risk. The first Is a Confidential Contact (CHSCC), an individual who volunteers information under a promise of confidentiality, but with whom no ongoing relationship is expected. Otherwise, there are Prospective Confidential Human Sources (CHS- P); these are individuals who volunteer information, also under a promise of confidentiality, and who are actively being assessed by CBSA for suitability to become a Registered Confidential Human Source (CHS- R). These do not depart fundamentally from the previous categories of registered and unregistered CHSs in terms of how risks are managed. CHS- R remains the only category subject to a formal risk assessment, with no such requirement for individuals categorized as either a CHP- CC or CHS-P, although information may be collected and actioned in both cases. The trigger for registration remains vaguely defined as “when a person is willing, under the condition of confidentiality, to give the CBSA information of sufficient value, related to the CBSA mandate, that outweighs the potential risks, and engage in an ongoing relationship, the CBSA shall register a person as a CHS- R.”

CBSA’s new policy continues to emphasize instead the importance of ongoing, although undocumented, attention to risk. The new policy stipulates that “although a formal risk assessment is not required for a CHS- P, certified officers will continue to evaluate risk and report to the DRC and the CHSC [CHS Program coordinator] if there is any legal and/or reputational jeopardy to the CBSA*. It is noteworthy that there is no trigger for reporting up on operational risk, or the possibility of risk to the CHS- P. As a result, there is a continuing possibility that risks to the individual providing information to CBSA may be unidentified, and thus unmitigated, outside the registration process.

The new policy suite has added to the management of risk in respect of the Special Approval categories. The new SOP specifies that “if at any point there is sufficient information to determine that the person would be part of one or more of the special approval categories, the DRC must be informed as additional approvals will be required to continue the relationship as either a CHS-P or CHS-R”. This new decision-gate increases oversight of sensitive or potentially higher risk CHSs by ensuring that the relationship is approved prior to registration. In principle, this should prevent the use of a Special Approval CHS in the preregistration period in the absence of a specific approval. Outside the Special Approval categories, the new SOP requires that higher risk CHSs be approved at a higher level. These approvals are obtained only at registration, however, which continues to leave open the possibility that information from a high risk source will be collected and used prior to registration.

The new policy suite also clarifies that interactions with unregistered CHSs must be documented and introduces a clear requirement to document the promise of confidentiality in a form that must be submitted to the CHS Program at NHQ once completed. This will add to the capacity of the CHS Program to track and thus to provide oversight of the full spectrum of CHS activities.

However, several of the deficiencies enumerated above have not been addressed by CBSA in its new policy suite; notably there continues to be no documented risk assessment of any form before registration. The trigger for the formal, documented risk assessment continues to be the expectation of an ongoing relationship, and not the actual engagement of risk. Although the timeframe for registration of a CHS – P has been shortened to 90 days instead of the previous 180 days, there continues to be no limitations on the collection and use of information during the preregistration period i.e., before an assessment of risk is formalized and approved. The category of CHS- CC is given little attention in the policy suite and is excluded from consideration as an “active CHS”.

There may be exigent circumstances, when CBSA must act quickly to uphold its mandate, and thus when a documented risk assessment may not be operationally feasible. CBSA should consider developing procedures specifically to account for this possibility.

Recommendation 1: NSIRA recommends that CBSA amends its policy to require a documented risk assessment and formal approval for using a CHS In the preregistration period.

Recommendation 1: NSIRA recommends that CBSA amends its policy to require a documented risk assessment and formal approval for using a CHS In the preregistration period.

Duty of Care

Ethical and moral principles must inform the use and treatment of CHSs. Correspondingly, CBSA owes a duty of care to its CHSs, such that it has a legal obligation to take reasonable care in its treatment of these individuals. A duty of care is owed when CBSA actions create reasonably foreseeable risks for individuals with whom there is a “close and direct” relationship. Adequately discharging a duty of care encompasses a range of actions and includes such things as ensuring that handlers are sufficiently trained and operational security is maintained, to strictly limiting access to the identities of the informants. There are gaps in how CBSA discharges its duty of care. These gaps include: obtaining informed consent in a timely manner and mitigating risks to CHSs.

Finding 3: NSIRA found that CBSA’s policies and practice around obtaining Informed consent are insufficient to ensure that It Is obtained systematically, and before individuals incur the risks of providing information in confidence to CBSA.

Informed Consent

Individuals participating as CHSs must understand the nature of their relationship with CBSA, as well as the limits and risks stemming from it. For consent to be meaningful, information pertaining to those limits and risks must be provided in an accessible manner such that individuals have the capacity to understand. Consent must also be obtained in a timely manner, meaning prior to being exposed to risks linked to their role as a CHS, and it must be verified throughout the term of the handler-CHS relationship.

NSIRA examined the policies, procedures and training material with respect to obtaining informed consent. While the term informed consent is not expressly used by CBSA, its policy contains a number of constraints which attempt to establish the boundaries of the CBSA-CHS relationship. For example, policy directs handlers to:

• […] ensure that CHS program participants understand that they are not employees of the CBSA and are advised that CHS program participant cooperation will not have a bearing on current or future immigration proceedings or any other CBSA investigation, nor will it mitigate or provide immunity from investigation or administrative or criminal charges.

However, there is little guidance on when informed consent must be obtained. NSIRA was told that handlers are expected to discuss the voluntary nature of the relationship, its limitations, and risks early in the relationship. While documentation in some files supports that this does occur, there is no specific requirement to formally document when informed consent is obtained through these early discussions and assessed on an ongoing basis.

CBSA uses an interview checklist (the “checklist”) as a more structured means of obtaining informed consent. The checklist consists of 12 questions, all starting with “do you understand that” and finishing with one additional statement, i.e., “you are voluntarily providing information to CBSA, and your service can be terminated with or without cause at the discretion of CBSA”. The checklist is meant to provide the CHS with a clear understanding of their role, function and responsibilities. Because the CHS must initial the checklist, it also serves to some degree as a record of acknowledgement. The checklist must also be reviewed by the handlers with the CHS every twelve months. Although SOP states that the checklist must be completed and submitted to the CHS Program after approval for registration is obtained, CBSA clarified that the checklist is often completed before registration. As explained in the risk management section, unregistered CHSs are frequently exposed to the same risks as registered CHS, which means the timing of the checklist should not be tied to registration. In practice, of the 35 CHS cases in the sample, the checklist was only completed in 26 instances. This means that in 26% of cases, the most structured means by which CBSA obtains, and documents informed consent was not implemented. Of the 26 checklists that were completed, six were completed after registration, from a few weeks to several months after registration. In several instances, information obtained from the CHS was used or shared externally prior to the completion of the checklist

The checklist represents a good practice; in its current form, however, it may be insufficient to obtain informed consent in certain scenarios. Of note, none of the 12 questions refers to the CHS Program policy of not intervening in immigration matters. Although handlers are required to advise CHSs of this policy, given the purpose of the checklist and the fact that CBSA handles CHSs who are subject to immigration proceedings, this represents an omission that should be rectified. Moreover, the checklist is not always written in plain language; for example, it includes the admonition that “you are not privileged to break any laws*. By its nature, the checklist must be written such that its meaning is clear and accessible; yet the foregoing statement is neither clear nor accessible.

The process of obtaining informed consent is complex and there is no specific guidance on how to adapt these discussions to the circumstances. Communication and language issues, cultural sensitivity, age, varying levels of literacy are all factors that may affect one’s ability to provide informed consent. There are also sensitivities around engaging with individuals without status in Canada, individuals who may not know or understand their rights under Canadian law and whose past encounters with government officials In their country of origin may inform how they engage with government officials in Canada, including CBSA.

The documentation in one case suggests that a CHS without status in Canada was operating under a misapprehension that CBSA would intervene in immigration matters, or even that CBSA had intervened to have them released from detention. To their credit, the documentation indicates that the handlers were transparent on several occasions that CBSA would not intervene to assist the CHS. Even with that, the CHS seemed not to comprehend this, or not fully. This raises the risk that, in this case, the cooperation of the CHS may have been motivated, at least in part, by their understanding that CBSA would assist them in remaining in Canada. More generally, this example underscores the challenge of obtaining informed consent in certain circumstances, as well as the importance of dear and ongoing communication, including having CBSA handlers with language proficiency and cultural awareness of the CHS. Without suggesting that handlers are not, in practice, attentive to these challenges, NSIRA saw no guidance on obtaining informed consent, its importance to the discharge of CBSA’s duty of care obligations, or on the need for specific accommodations in light of varying circumstances.

The new policy includes the stipulation that handlers inquire as to the immigration status of an individual prior to extending confidentiality. In cases where the individual is without status, the handler is to advise the individual that cooperation with CBSA “will have no bearing on current or future immigration proceedings or any other CBSA investigation, nor will it mitigate or provide immunity from investigation or administrative or criminal charges.’ This is a clear requirement that individuals be informed at least on this point before providing information to CBSA, something that was lacking in the previous policy. With the implementation of the new SOP, CBSA has also modified its checklist to clarify ambiguities and make it more concise. However, no guidance on obtaining informed consent has been developed and the timing of the checklist remains tied to the registration process, leaving open the possibility that informed consent will not be obtained in a timely manner.

Recommendation 2: NSIRA recommends that CBSA require that the Interview checklist be administered no later than when the promise of confidentiality is extended.

Recommendation 3: NSIRA recommends that CBSA provide guidance as to how obtaining Informed consent should be tailored to the individual circumstances of the CHS.

Recommendation 2: NSIRA recommends that CBSA require that the Interview checklist be administered no later than when the promise of confidentiality is extended.

Recommendation 3: NSIRA recommends that CBSA provide guidance as to how obtaining Informed consent should be tailored to the individual circumstances of the CHS.

Management of risk to CHS at registration

Finding 4: NSIRA found that measures to mitigate risks to CHSs are often not present or Implemented.

The duty of care owed to CHSs includes identifying and mitigating reasonably foreseeable risks to the CHS that stem from their relationship with CBSA. Though there is a need to assess risk on an ongoing basis, there must be a formal process when risks should be comprehensively identified and documented, and mitigation strategies proposed.

As described in the risk management section, risks that are associated with a CHS relationship must be documented in the registration form. To complete the risk assessment section of the form, handlers must follow the risk assessment framework included in the SOP that lists nine risk categories: motive, financial, health and safety, legal, reputation, compliance, de-confliction, operational, and threat-related. Each risk category includes a list of factors, some of which are related to the safety and wellbeing of individual CHSs. For example, under health and safety, the risk framework includes “risk to the CHS as a result of information being provided to the CBSA” and “risk that the organization the CHS is involved with has a history of violence and is assessed to have the means to carry out violence”.

Source vulnerabilities

Although the list of factors included in the risk assessment framework is extensive, some risks that may contribute to source vulnerability are not captured in this formal process. These are factors that may place the source at a higher risk of harm, both physical and psychological, and may also diminish their ability to provide informed consent. Though CBSA prohibits the use of minors as CHSs, consideration of other possible vulnerabilities in CBSA’s risk assessment framework is under-inclusive. For example, substance abuse and addictions which are widely recognized as increasing one’s vulnerability, are not included in the risk assessment framework. To take another example, CBSA includes attention to “mental state” but only as a risk that “would affect their ability to comply with rules” and not as a contributor to possible vulnerability or on an individual’s ability to provide informed consent.

Mitigating source vulnerabilities

Insufficient attention to vulnerabilities means, among other things, that the appropriate mitigation measures are not always identified. Potentially vulnerable CHSs may not be considered as such by CBSA and, as a result, the risk that they would suffer harm may not be sufficiently mitigated. In one instance, CBSA [**redacted**] recruited [**redacted**] to provide information on [**redacted**] Although the [**redacted**] risk was categorized as “high’’ by the handlers, the mitigation measures identified Include standard handling practices, [**redacted**] The risk assessment also asks for confirmation that the CHS has a safety plan in place if in immediate danger, but no safety plan was put in place. [**redacted**] in this case as a mitigation strategy is insufficient given the identified risk [**redacted**] In a case where the risk is assessed as high and cannot be sufficiently mitigated, the risk assessment framework stipulates that the relationship should be terminated or not pursued.

People without Status in Canada: The case of [**redacted**]

Risk mitigation is understandably complex. For CBSA, in the context of using individuals without status in Canada as CHS, this presents an increased challenge. These are individuals who may face removal from Canada and whose removal may complicate the discharge by CBSA of its obligations under its duty of care to its sources. This risk materialized in one case involving a CHS, [**redacted**] The risk assessment noted that [**redacted**] Despite that, [**redacted**] CBSA considered the risk sufficiently mitigated by [**redacted**] Nor was it considered whether risks [**redacted**] could be mitigated in the event that [**redacted**] even though this risk is provided for in the risk framework, which includes attention to [**redacted**]

After [**redacted**] providing information to CBSA, [**redacted**] The handlers assessed the risk [**redacted**] credible, describing the danger as “significant” [**redacted**] The handlers proposed several options to mitigate the risk [**redacted**] including notifying the Minister or, at a minimum, [**redacted**] Neither option was agreed to by the CHS Program. [**redacted**] Given [**redacted**] this [**redacted**] in NSIRA’s view, was a material fact that ought to have been put before those responsible for assessing the [**redacted**] risk [**redacted**]

CBSA justified its inaction in this case on the grounds that informer privilege [**redacted**] Although informer privilege can be waived if both the Government of Canada and the source consent, CBSA maintained waiving privilege would be tantamount to [**redacted**] which is prohibited by their policy. Following discussion between NSIRA and CBSA on the case, CBS [**redacted**]

Of the 35 CHSs reviewed by NSIRA, [**redacted**] were without resident status or had a pending application for status, thus raising the possibility that this situation could reoccur or has happened previously outside of our sample. An individual, [**redacted**] was and remains under the new policy a Special Approval category requiring a specific set of approvals. This is appropriate in light of the risks associated with engaging with individuals in this circumstance. As a mitigation measure, however, [**redacted**] is not sufficient. Moreover, in situations that warrant more careful consideration, CBSA should contemplate a framework to outline the circumstances under which departure from [**redacted**] policy would be permissible. The rationale behind CBSA’s failure to notify the Minister is unclear. In NSIRA’s view, this remains a viable option in cases [**redacted**]

The Lack of implementation of Identified Mitigation Measures

The review of the 35 CHS cases in the sample revealed that when risks to a CHS are identified, mitigation measures are not always implemented. In total, NSIRA identified eight instances when measures to mitigate risk to the safety of a CHS were included in the approved risk assessment but were not implemented. In one case, the risk assessment stipulated that no lump sum payment should be made to the CHS to mitigate the risk that a payment above their employment abilities would attract attention. This CHS was [**redacted**] Yet, CBSA awarded them [**redacted**] in a single payment. In another case, the risk assessment noted that the CHS [**redacted**] The risk assessment stated that [**redacted**] However, the file clearly indicated that [**redacted**] In a similar case, the risk assessment stipulated that [**redacted**] due to the risk [**redacted**] The only [**redacted**] documented [**redacted**] These examples illustrate that, even when risks to the CHS are identified by CBSA, the mitigation measures identified are not reliably implemented.

Recommendation 4: NSIRA recommends that CBSA put in place specific guidance on how to mitigate the full range of risks to CHSs and ensure that those mitigation measures are Implemented.

Recommendation 4: NSIRA recommends that CBSA put in place specific guidance on how to mitigate the full range of risks to CHSs and ensure that those mitigation measures are Implemented.

Maintaining confidentiality while using Information

Finding 5: NSIRA found that CBSA may have breached the law of informer privilege in two instances.

Finding 6: NSIRA found that inland Enforcement Officers collected information and promised confidentiality, but did so without training under the applicable policy to support a proper understanding of the consequences of extending confidentiality.

The risk of retribution to a source is substantially mitigated through the actions taken to protect the source’s identity. The common law rule of informer privilege prohibits the disclosure of information which might tend to identify an informant except where innocence is at stake. Generally, CBSA institutionalizes its obligation to protect the identities of its sources in several ways including, but not limited to [**redacted**] strictly limiting access to CHS identifying information [**redacted**] as well as
[**redacted**] This is reinforced in CBSA training, which includes that CBSA will protect the identity of the CHSPP by all means necessary, up to and including [**redacted**]

Despite recognition of the importance of protecting the source’s identity, in the course of this review, NSIRA learned of one case where CBSA put at risk [**redacted**] informants by improperly disclosing documents which may have revealed their identities. [**redacted**]

CBSA subsequently determined that the disclosed information attributed to the informants was of the type likely to be known only by someone with knowledge of [**redacted**] and that this assessment should have been made prior to the information being included in the [**redacted**] and certainly prior to it being disclosed to [**redacted**] It was further assessed that the information was detailed enough to narrow the pool of potential Informants to [**redacted**] of approximately [**redacted**] Given this narrow pool, which could identify the informers, informer privilege may have been breached.

[**redacted**] One informant was informed in [**redacted**] whereas the other, who had been [**redacted**] before they could be warned. No effort has been made to locate the [**redacted**] informant based on CBSA’s assessment of risk, which was determined to be low. CBSA also considered locating the informant in [**redacted**] impediment. The facts of this case further underscore the complications of using individuals without status in Canada as informants and the need for a specific framework for managing these situations.

The promise of confidentiality in this case was extended by two Inland Enforcement Officers (lEOs), both peace officers. The lEOs also prepared the [**redacted**] that included the information disclosed to [**redacted**] Although the lEOs had received training in CHS handling, in both cases this training took place prior to the development of policy in 2014; specifically, in [**redacted**] and [**redacted**] As a result, neither IEO had recent training, nor was either trained under the policy applicable at the time the promise of confidentiality was extended. The final report on the incident that was provided to the President concluded that this incident illustrated ‘an already suspected gap* in awareness of managing the rule of informer privilege within some areas of CBSA, including lEOs. In the case at hand, the handlers incorrectly treated the informants as tipsters’ under the assumption that the CHS policy did not allow the inclusion of foreign nationals in the program.

Delving into the adequacy of training in this instance is beyond the scope of NSIRA’s review. Nevertheless, it is worth stating that maintaining strict controls over those collecting and using information from informants is essential to managing risks to individuals who provide information in confidence to CBSA. It is also essential that those handling and acting on CHS information have a firm understanding of how to protect information that may tend to reveal the identity of an informant. To that end, the report to the President outlines a number of actions taken or proposed to be taken by CBSA to remedy the gap in awareness, including redrafting the policy and SOP to outline clearly the responsibilities that incur from an extension of confidentiality. The report also references providing information to those operating outside the CHS Program [**redacted**] to ensure that those who are in a position to handle CHS information are aware of the requirement to protect the identity of a CHS.

Ministerial Direction and Accountability

Finding 7: NSIRA found that CBSA’s approach to risk management in their new policy suite does not fully align with principles of the MD.

Ministerial accountability means that ministers are individually and collectively answerable to Parliament and Canadians for the performance and conduct of the executive branch. Though a central tenet of a parliamentary system of government, Ministers cannot provide direct oversight of all activities conducted by the departments and agencies under their remit Ministerial direction is used as a vehicle for clarifying authorities and providing policy direction, often for high risk or highly sensitive activities.

Until 2022, CBSA operated with two ministerial directions for its national security and intelligence activities: these are the Ministerial Direction on Avoiding Complicity in Mistreatment by Foreign Entities and the Ministerial Direction on Intelligence Priorities. Although both have application to CHS Program activities, neither address directly the program’s specific risks and sensitivities. A 2018 internal review of CBSA’s CHS Program suggested that the absence of direction from the Minister on the use by CBSA of CHSs had reinforced existing uncertainty within CBSA around its mandate and legal authority to conduct human source activities. NSICOP echoed this in its review of CBSA in 2019, and called this a gap in ministerial accountability that was inconsistent with other organizations in the security and intelligence community, notably Canadian Security and Intelligence Service (CSIS).

The Ministerial Direction on Surveillance and Confidential Human Sources (MD) was issued on February 16, 2022. It affirms the expectation that CBSA perform its mandate in accordance with the rule of law and articulates a number of high level principles in respect of CHSs. Though much of what is contained in the MD reflects, to one degree or another, what was already in place in CBSA policy and SOP, the MD underscores the importance of certain key principles, including the management of risk.

NSIRA evaluated the new policy suite for alignment with the new MD and will consider here whether aspects of CBSA’s new policy suite reflect the high-level principles of the MD. The focus of this discussion will be the management of risk, which is a central component of the MD, just as it was a key area of concern for NSIRA.

Ministerial Direction on the Management of Risk

The MD directs CBSA to operationalize the principle that “the greater the risk associated with the activity, the higher the authority required for approval”. Annex C of the MD includes a Risk Management Framework setting out three risk pillars that CBSA must incorporate in its policy and procedures. These are: operational security, reputational risk and legal risk. CBSA has revised its policy suite to reflect the three pillars and mirrors the definitions for each risk found in the MD. CBSA has developed a conceptual framework around these pillars to guide the CHS risk assessment process for certified handlers. The new policy suite also provides for a Risk Assessment Officer (RAO) who will be responsible for generating a risk level for each of the three risk pillars outlined in the MD to further support compliance with the MD.

The MD further directs CBSA to submit certain categories of prospective CHSs to an enhanced risk assessment, individuals who are prohibited unless approved at a senior level, which, in certain cases, includes escalation to the President of CBSA, or delegate. These are the Special Approval categories, which were, in effect, already in place in CBSA policy. In its new policy, CBSA has added to the decision-making and management of risk in respect of the Special Approval categories.

As drawn out in the earlier discussion on risk management, there are fundamental issues related to how CBSA has in the past, and continues to manage risk such that the principles of risk management articulated above will not apply to all CHS activities. This calls into question CBSA’s ability to comply with the principle outlined in the MD; notably that “consideration of a person as a CHS shall be grounded in a risk assessment which balances the benefits of the information the person can provide against the risks posed by allowing a person to become a CHS*. Moreover, the concerns raised here also call into question how CBSA identifies and mitigates risks to its CHSs.

Ministerial Accountability

Finding 8: NSIRA found that the information CBSA will provide to the Minister as required by Ministerial Direction is not sufficient to convey the size and scope of the Confidential Human Source Program.

The President of CBSA is now required to present an annual report to the Minister of Public Safety. Annual reporting of this nature, if done appropriately and candidly, and with sufficient detail, is a critical support to ministerial accountability and is in line with others in the security and intelligence community. Because the annual report was not completed at the time of writing, it was impossible for NSIRA to evaluate the substance of the report, generally, or whether it reflects, in a candid manner, NSIRA’s observations of the CHS Program. One point is worth raising here as it goes to the completeness of the information that will be presented to the Minister. The MD stipulates that the report shall include several specific pieces of information, among them the number of “active CHSs’. This information should allow the Minister to understand the size and scope of the CHS Program. Policy excludes from its definition of “active CHSs” Confidential Contacts (CHS-CC); these are individuals who provide information with the promise of confidentiality, but with no expectation of an ongoing relationship with CBSA. NSIRA sees no reason to exclude information on this category of CHS from reporting to the Minister as its absence would render the information provided to the Minister incomplete.

Recommendation 5: NSIRA recommends CBSA expand its definition of active Confidential Human Sources so that reporting to the Minister covers the breadth of the CHS program.

Recommendation 5: NSIRA recommends CBSA expand its definition of active Confidential Human Sources so that reporting to the Minister covers the breadth of the CHS program.

Finding 9: NSIRA found that in two cases the CBSA did not comply with subsection 12(2)) of the CBSA Act In that It failed to follow the MD’s requirement to Inform the Minister when there was a Confidential Human Source activity that “may have a significant adverse impact such as Impacting the safety of an individual”.

The MD stipulates that the President of the CBSA must inform the Minister “as soon as they become aware that a CBSA surveillance or CHS activity, or an action of a CHS may have a significant adverse impact, such as impacting the safety of an individual’. In the course of the review, NSIRA identified two cases that meet the requirement.

In the first case, the CHS [**redacted**] Based on that, this represents a “CHS activity that may have a significant adverse impact such as impacting the safety of an individual.” [**redacted**] The second case involves the [**redacted**] informants where NSIRA found that there may have been a breach of informer privilege. These informants provided information related to the [**redacted**] of an individual who was eventually [**redacted**] This individual was a [**redacted**] who, over [**redacted**] Correspondingly, CBSA’s activities in this case constitute a “CHS activity, or an action of a CHS may have a significant adverse impact, such as impacting the safety of an individual”.

The second case involves the [**redacted**] informants where NSIRA found that there may have been a breach of informer privilege. These informants provided information related to the [**redacted**] of an individual who was eventually [**redacted**] This individual was a [**redacted**] who, over [**redacted**]. Correspondingly, CBSA’s activities in this case constitute a “CHS activity, or an action of a CHS may have a significant adverse impact, such as impacting the safety of an individual”. [**redacted**]

The CBSA Act requires that officers or employees of the CBSA comply with the “general or specific instructions of the Minister” (subsection 12(2)). In these cases, therefore, the finding that CBSA officers or employees did not comply with Ministerial Direction, specifically to notify the Minister, constitutes non-compliance with the CBSA Act.

Recommendation 6: NSIRA recommends that CBSA immediately notify the Minister of the two cases Identified In this review where the safety of an individual Is at Issue.

Recommendation 6: NSIRA recommends that CBSA immediately notify the Minister of the two cases Identified In this review where the safety of an individual is at issue.

Conclusion

CBSA has been operating its human source program since 1984, but policy and SOP specific to the CHS Program were not developed until 2014. According to the first internal review of CBSA’s use of CHSs in 2014, the policy was meant, among other things, to support the evolution of CBSA’s intelligence functions. It was also meant to strengthen oversight and to reduce program risk while improving accountability.

Considering CBSA has been officially using human sources for approaching 40years, the introduction of a policy suite is a relatively recent innovation. Against that backdrop, it is perhaps not surprising that gaps remain in the governance of CBSA’s CHS activities. The new policy suite goes some distance toward closing the gaps identified here; notably, by adding the clear requirement to document the promise of confidentiality, and by linking it to the need to notify a CHS of CBSA’s policy [**redacted**] by clearly requiring CBSA to document interactions with all CHSs, including in the preregistration period, as well as by adding a layer of oversight early on to the Special Approval process.

CBSA has also made steps to align its policy suite to the MD, but in not insisting on its full application to all CHS activities, CBSA has limited the effect of those changes. Though it Is clear in policy and SOP that attention to risk is an expectation from the outset, the absence of any formalized or documented accounting of those risks at pivotal junctures beyond registration introduces a level of discretion in the process that is not justifiable in view of the risks.

Annex A: Findings and Recommendations

Findings

Risk Management

Finding 1: NSIRA found that CBSA policy does not require any documented approval or a documented assessment of the risks of using a CHS outside of the registration process.

Finding 2: NSIRA found that there was incomplete documentation in the preregistration period such that the CHS Program is impeded from monitoring the full spectrum of CHS Program activities.

Duty of Care

Finding 3: NSIRA found that CBSA’s policies and practice around obtaining informed consent are insufficient to ensure that it is obtained systematically, and before individuals incur the risks of providing information in confidence to CBSA.

Finding 4: NSIRA found that measures to mitigate risks to CHSs are often not present or implemented.

Finding 5: NSIRA found that CBSA may have breached the law of informer privilege in two instances.

Finding 6: NSIRA found that Inland Enforcement Officers collected information and promised confidentiality, but did so without training under the applicable policy to support a proper understanding of the consequences of extending confidentiality.

Ministerial Direction and Accountability

Finding 7: NSIRA found that CBSA’s approach to risk management in their new policy suite does not fully align with principles of the MD.

Finding 8: NSIRA found that the information CBSA will provide to the Minister as required by Ministerial Direction is not sufficient to convey the size and scope of the Confidential Human Source Program.

Finding 9: NSIRA found that in two cases the CBSA did not comply with subsection 12(2)) of the CBSA Act in that it failed to follow the MD’s requirement to inform the Minister when there was a Confidential Human Source activity that “may have a significant adverse impact such as impacting the safety of an individual*.

Recommendations

Recommendation 1: NSIRA recommends that CBSA amends its policy to require a documented risk assessment and formal approval for using a CHS in the preregistration period.

Recommendation 2: NSIRA recommends that CBSA require that the interview checklist be administered no later than when the promise of confidentiality is extended.

Recommendation 3: NSIRA recommends that CBSA provide guidance as to how obtaining informed consent should be tailored to the individual circumstances of the CHS.

Recommendation 4: NSIRA recommends that CBSA put in place specific guidance on how to mitigate the full range of risks to CHSs and ensure that those mitigation measures are implemented.

Recommendation 5: NSIRA recommends CBSA expand its definition of active Confidential Human Sources so that reporting to the Minister covers the breadth of the CHS program.

Recommendation 6: NSIRA recommends that CBSA immediately notify the Minister of the two cases identified in this review where the safety of an individual is at issue.