American intelligence agencies struggled with “inconsistencies” in their analysis and “a lack of consensus” on the nature of the threat in the weeks prior to the Jan. 6, 2021 riot on Capitol Hill, says an internal Canadian Security Intelligence Service (CSIS) report.
That July 2021 briefing note — obtained by CBC News through an access to information request — also says that as CSIS pursues the threat of ideologically motivated violent extremism (IMVE) in Canada, it’s dealing with many of the same challenges its U.S. counterparts faced prior to the riot.
The July 2021 briefing note includes summaries drafted by CSIS officials of the U.S. Senate’s report on the attack on Capitol Hill on Jan. 6, 2021 and the U.S. national strategy for countering domestic terrorism.
The report also includes CSIS’s observations on the event, which were meant to be shared with senior officials in the public safety, defence, immigration and justice departments.
Reacting to reports from the FBI and the U.S. Department of Homeland Security (DHS) to American lawmakers, CSIS said there were “inconsistencies between and within intelligence products that led to a lack of consensus about the gravity of the threat posed on January 6.”
The CSIS summaries flagged problems the FBI and the DHS experienced in trying to prepare for what became an assault on the Capitol by a mob of outgoing president Donald Trump’s supporters.
CSIS said those problems included discerning the intent of potential threat actors, distinguishing protected free speech from credible threats of violence, obtaining lawful access to private or closed social media platforms and gaining access to encrypted channels used by IMVE individuals threatening violence.
“CSIS faces many of the same investigative challenges as its American counterparts in this space,” says the document.
“These considerations reinforce the importance of CSIS’s efforts to modernize and maximize its authorities, as part of Canadian and allied efforts to counter violent extremism.”
CSIS defines IMVE as extremism motivated by “a range of grievances and ideas from across the traditional ideological spectrum.”
“The resulting worldview consists of a personalized narrative which centres on an extremist’s willingness to incite, enable and/or mobilize to violence,” says the CSIS website.
The challenges raised in the briefing note have one national security expert questioning how seriously the intelligence community and law enforcement took the Freedom Convoy event before protesters opposed to vaccine mandates occupied downtown Ottawa for weeks in February.
“Where they seem to have fallen down in the U.S. seems to be the contradictory and inconsistent advice,” said Stephanie Carvin, a former federal government national security analyst who now teaches at Carleton University.
“I don’t know about CSIS but was that a community problem we had here in Canada that some agencies recognized and some didn’t, and was [the Ottawa Police Service] getting consistent advice? That would be something I’d be interested in knowing.”
Gaps in intelligence-sharing
What the spy agency saw and passed on to police, and how police responded to that information, are likely to come in for close scrutiny through the recently announced public inquiry and special joint committee looking into the federal government’s decision to invoke the Emergencies Act to clear the convoy occupation.
The 2021 briefing note flags one angle the inquiry and the committee might want to examine: ongoing gaps in intelligence-sharing between CSIS and the police.
“CSIS continues to wrestle with the challenges of sharing classified intelligence to inform law enforcement action, while protecting against injurious disclosure,” says the briefing note.
Carvin said the real question might be whether authorities failed to turn CSIS’s warnings and advice into action.
“It seems fairly clear that our intelligence services did seem to understand what was coming. That’s the major difference I think between [the] convoy and January 6,” she said.
“It seems that the service was briefing downtown before this happened, so why did that intelligence not turn into better preparation and advice?”
A spokesperson for CSIS said they cannot confirm or deny the specifics of its investigations, operational interests, methodologies or activities.
“With that said, I would like to emphasize is that the definition of threats, as outlined in the CSIS Act, specifically excludes lawful protest and dissent,” said Brandon Champagne.
“CSIS works closely with its security and intelligence partners, including by sharing the necessary information with law enforcement to ensure public safety.”
In the briefing note, CSIS says that, in order to better monitor IMVE, it’s seeking an update to the Canadian Security Intelligence Service Act.
“To fulfil our mandate of investigating IMVE, advising government and taking measures to reduce the threat, CSIS must have the tools to identify and disrupt threat actors within this data-rich and fast-paced threat environment, while meeting Canadians’ expectations of privacy,” says the document.
Chris Parsons, senior research associate at the University of Toronto’s Citizen Lab, said it’s almost impossible to determine whether CSIS has adequate powers now, or how it’s deploying them.
“I don’t think that CSIS is sufficiently transparent for us to know the answer to that,” he said.
“But I think that there should be a culture of when we provide these powers to national security, and law enforcement agents as well, they should be required to provide some kind of an annual report as to how they’re using them and the efficacy of their use.”
He also said he wonders why CSIS didn’t raise concerns about investigate ideologically motivated violent extremism when the government passed updated national security legislation in 2019.
“That’s a little shocking, given that it suggests that CSIS didn’t understand what it wanted, or ultimately it decided it wanted to take the first bite at the apple and then take another bite,” he said.
Earlier this week, CSIS director David Vigneault told a committee of MPs and senators his resources are increasingly going to investigate IMVE.
“We are constantly looking at the movement of ideologically motivated violent extremists so we have a fairly good understanding of the dynamics at play,” he said.
Sharing information with banks
The CSIS officials who wrote the briefing note also said the section of the Canadian Security Intelligence Service Act that prevents it from sharing classified threat information with non-government partners is undermining its work.
“… Section 19 of the CSIS Act prevents CSIS from sharing classified threat information with non-government partners, including financial institutions, which poses challenges in how the Service can support efforts to curb terrorist financing,” says the briefing note.
Parsons said there’s a risk of CSIS inappropriately classifying people as terrorists, or claiming they engage in activities counter to Canadian interests, and then passing that information on to banks and other institutions.
“This might be one thing if you’re going to be hunting down people who are going to drive to the prime minister’s home and try and shoot him. But there’s a whole lot of other groups that have been on the receiving end of CSIS’s attention that probably don’t deserve it, or certainly don’t believe they do,” he said.
Outside of cracking open its legislation, there are a number of policy changes that could change how CSIS responds to IMVE.
In the briefing note, CSIS says it’s also watching the ongoing CLOUD Act negotiations between Ottawa and the United States. The U.S. legislation allows law enforcement to compel U.S.-based technology companies (through a warrant or subpoena) to produce requested data stored on their servers regardless of whether the data are stored in the U.S. or on foreign soil.
If Canada signed on, CSIS could in theory get faster access to data held by Google, Apple, Facebook and other major online players.
WATCH: How the convoy protest paralyzed Ottawa
The agency also said that it’s closely following the government’s efforts to pass online harm legislation that could require regulated online entities like Facebook, Instagram, Twitter and TikTok to flag content posing national security concerns to CSIS.
“CSIS will continue working with Government of Canada partners on government policy initiatives and seize every opportunity to bolster the toolkit to respond to this dynamic threat,” says the briefing note.
Carvin said Canada, like some of its allies, should be regularly updating the powers and authority given to security agencies like CSIS to keep them in line with both emerging technologies and privacy concerns.
“How do we want our security services engaging online? Because I think if you ask most Canadians, ‘Do you just want CSIS randomly surfing the internet looking for bad things,’ the answer is no and I think that’s probably the right answer,” she said.
“But Parliament has to act.”