Canadian Security Intelligence Service - Gouvernement of Canada
Skip all menus * * * * *
* Fran├žais * Contact Us * Help * Search * Canada Site
* About CSIS * Priorities * Publications * Newsroom * Public Safety
* Home * FAQ * A-Z Index * Site Map * Careers
* A world of challenge.


Print ViewPrint View

* *

Backgrounder No. 12

Security of Information Act

April 2004


This Backgrounder will attempt to explain changes - including a change of name - to the Official Secrets Act so that people who could be subject to the Act, particularly due to their current or former employment, are informed about the new provisions of the legislation. The McDonald Commission in 1981 commented that one of the most important pieces of legislation relating to the work of a security service is the Official Secrets Act (OSA). The Law Reform Commission noted that the OSA creates crimes that are among the most serious criminal offences since they 'jeopardize the security and well-being of the whole nation and its inhabitants'.

The Government's Anti-terrorism Act, Bill C-36, now C-41 of the Statutes of Canada 2001, received royal assent on De-cember 18, 2001 and came into effect on December 24, 2001.

Bill C-36 is divided into seven parts, as follows:

Part 1:    amendments to the Criminal Code (56 pages)

Part 2:   amendments to the Official Secrets Act (20 pages)

Part 3:   amendments to the Canada Evidence Act (20 pages)

Part 4:   Proceeds of Crime (Money Laundering) and Terrorist Financing Act (22 pages)

Part 5:   amendments to other Acts (including Access to Information and Privacy Acts, the Canadian Security Intelligence Service Act, the National Defence Act) (18 pages)

Part 6:   Charities Registration (Security Information) Act (9 pages)

Part 7:   Coordinating, Review and Commencement Provisions (37 pages)

Back to top Back to top


The Official Secrets Act has over the past 30 years been the subject of consistent criticism and calls for reform.

The first Official Secrets Act was passed in Britain in 1889 and enacted almost verbatim in Canada in 1890. The Canadian Act was transferred to the first Criminal Code in 1892 where it remained until 1939 when the current Official Secrets Act was rapidly passed on the eve of World War II. Since 1939, and until Bill C-36 was recently passed, there have been no major changes to the legislation.

The 1939 Official Secrets Act had two main provisions: (i) Section 3, the offence of espionage ('spying') and (ii) Section 4 which prohibited the 'wrongful communication of information' (often referred to as 'leakage'). Since 1939, there have been about two dozen prosecutions, almost all under the espionage section - and only six in the last 40 years. Some of the more celebrated cases, including those which were not prosecuted, were Peter Treu (1978), the Toronto Sun (1979), Hugh Hambleton (1982), James Morrison (1986), Stephen Ratkai (1989), Brian McInnis (1994-95).

Over the past 30 years, interest in improving or replacing the Act has varied depending on events surrounding leakage and espionage incidents, prosecutions under the Act, recommendations of federal commissions and other related national or international developments.

In 1969, the Royal Commission on Security (the 'Mackenzie Commission') described the Official Secrets Act as "an unwieldy statute, couched in very broad and ambiguous language"; the Commission concluded that "consideration should be given to a complete revision of the Canadian Official Secrets Act" (OSA).

The early 1970s saw many democratic countries grapple with the issue of improved public access to government information. In 1976, the House of Commons referred to a joint standing committee the issues of freedom of information, protection of privacy and the OSA. Consideration of the first two subjects would result in legislation (passed in 1983 as the Access to Information and Privacy Acts) but the third did not receive the same attention.

In 1979, the Commission of Inquiry concerning Certain Activities of the Royal Canadian Mounted Police (the 'McDonald Commission') spent over half of its first report, entitled 'Security and Information' examining and recommending changes to the Official Secrets Act. These recommendations were reiterated in the second report of the McDonald Commission published in August 1981, the report which led to the Government's decision to create CSIS. However, amendment of the Official Secrets Act was not pursued - despite a general and often-stated recognition of the need for reform.

Finally, in 1986, perhaps the most scathing criticism of the Official Secrets Act appeared - in the form of the Law Reform Commission Working Paper 49. The Commission concluded:

"Not only are the existing offences against the State out of date, complex, repetitive, vague, inconsistent, lacking in principle and overinclusive, but there is reason to suspect that some of the sections offend the provisions of the Canadian Charter of Rights and Freedoms as well."

Back to top Back to top


Even with all of the criticisms of the Act, reform of the Official Secrets Act has been recognized as and has proven to be a difficult undertaking.

The espionage provisions are perhaps easier to address since they deal with the issue of when a citizen should be held criminally liable for the disclosure of information to a foreign entity, when that disclosure somehow puts Canada at risk or creates an advantage for that foreign entity. Related issues include: what kind of information should be covered? who are the 'foreign entities'? what does it mean and how does one prove in a criminal context that the disclosure is 'prejudicial to the safety or interests of the State' (to use the words from former Section 3 of the OSA)?

The leakage provisions are more problematic since they deal with the disclosure of information not to foreign entities but to anyone (e.g. journalists, MPs, interest groups, etc.). The unauthorized release of government information can do the same damage to a nation's sovereignty and the safety of its citizens as can espionage; however, unlike espionage, these issues are not always apparent, and sometimes not even present. Leakage is more likely to be associated with issues such as freedom of speech, keeping government accountable, informing the public of important public policy issues and whistleblowing.

More recently, although again before the events of September 11, 2001, and Bill C-36, there has been a renewed recognition within the Government of the need to examine the Official Secrets Act. In his 1998 Statement on National Security to the House of Commons, the then Solicitor General Andy Scott stated:

"As part of our response to foreign-directed and other threats, the government is also reviewing the Official Secrets Act. It has been criticized as lacking precision, being overbroad and for failing to meet the national security issues of today. The Official Secrets Act is rooted in an outdated concept of national defence and security, primarily associated with physical security and protecting the country against military threats. In today's information age where crime, terrorism and espionage transcend national boundaries, new threats can put Canadian sovereignty at risk. To address the threats that Canada faces today, we need to look to modern legislation that is focussed, clear and which reflects the values of contemporary society."

Back to top Back to top

The new Security of Information Act


The Government of Canada press release/backgrounder issued on December 18, 2001, the day Bill C-36 received royal assent, contained the following brief description of the amendments to the OSA:

"The Official Secrets Act (was) amended to address national security concerns, including threats of espionage by foreign powers and terrorist groups, and the intimidation or coercion of ethnocultural communities in Canada. The Act will also have a new title: the Security of Information Act.

New offences (were) created to improve and modernize the "spying" provisions of the Act, taking into account new realities, including new players and new threats. These offences will focus upon those situations in which it is appropriate for Canada to protect its institutions and citizenry from information-related conduct that is harmful or likely to be harmful to Canada.

New players (other than the governments of traditional states) include governments-in-waiting, governments in exile and other foreign powers, as well as terrorist groups.

New threats that are being recognized include threats against ethnocultural communities in Canada, threats to trade secrets and threats to essential infrastructures, both public and private.

The Act also includes specific new offences dealing with unauthorized communication, or purported communication, of special operational information (for example, the identity of confidential targets, covert agents or targets of CSIS) by persons permanently bound to secrecy."

Back to top Back to top

New definitions and concepts

New players

As noted in the press release/backgrounder, the newly-named Security of Information Act includes 'new players'. The old OSA created espionage offences that involved disclosure to a 'foreign power' (undefined); the new Act contains more precise definitions of 'foreign state', 'foreign power' (broadly defined to include governments of a foreign state, quasi-governments and those who seek to become governments) and 'foreign entity' (defined to include foreign powers, groups of foreign powers or persons acting on their behalf or in association with them). The new Act also includes 'terrorist groups', incorporating the definition of that phrase from the recent amendments to the Criminal Code contained in Bill C-36.

Harm to Canadian interests

The old OSA created espionage offences where the Crown could prove that disclosure was for 'a purpose prejudicial to the safety or interests of the state' (undefined); the new Security of Information Act, in subsections 3(1)(a) to (n), defines that phrase in detail - the 13 paragraphs include such matters as:

  • committing an offence punishable by two years or more to advance a political, religious or ideological purpose or to benefit a foreign entity or terrorist group
  • committing inside or outside of Canada a terrorist activity (importing that definition also from the Criminal Code)
  • interfering with a service or system, public or private, that has significant adverse impact on the health, safety, security or economic or financial well-being of the people of Canada or the functioning of any government in Canada (i.e. harming Canada's critical infrastructure)
  • impairing the military capability of the Canadian Forces
  • impairing or threatening the capabilities of the Government of Canada in relation to security and intelligence
  • impairing or threatening the capability to conduct diplomatic relations or international negotiations.

For the purposes of the Security of Information Act, harm is caused to Canadian interests if a foreign entity or terrorist group engages in any of these activities.

Back to top Back to top

Safeguarded information

The new Act does not refer to 'classified information'; instead it uses the phrase 'information that the Government of Canada or of a province is taking measures to safeguard'. The concept here is that in any prosecution, the Crown will have to show that the Government has taken some measures to protect the information. Security classification would presumably be one but not the only way of showing this. For example, if the Director of CSIS tells an employee not to disclose the foreign location of a meeting with a human source, that could (subject to proof in court) be information the Government has 'taken measures to safeguard'. This information would fall within the provisions of the Security of Information Act even though it was not contained in a classified document.

Special operational information

This is a new concept which attempts to define the most operationally sensitive kind of Government information; 'special operational information' is defined as information the Government of Canada is 'taking measures to safeguard' that reveals or from which it can be inferred specified sensitive information, including:

  • past and current confidential sources of information, intelligence or assistance to the Government of Canada
  • places, persons, groups or entities that were, are or are intended to be, targets of covert collection efforts by the Government
  • the identity of any person engaged in such covert collection activities
  • plans for certain military operations
  • the means the Government uses to protect information, including encryption and any vulnerabilities
  • similar information to the above that relates to or is received from foreign entities or terrorist groups.

Back to top Back to top

Persons permanently bound to secrecy

Another new concept introduced in the Act is the description of individuals who should be held to a higher level of accountability for unauthorized disclosures. Persons can become part of this 'special regime' in two ways: (a) by being current or former employees of particular departments or agencies set out in a schedule to the Act or (b) by being personally identified through a notice system set out in the Act (and regulations). The former includes:

  • current or former employees of CSIS
  • current or former employees of the Communications Security Establishment
  • former members of employees of the RCMP Security Service and the Communications Branch of the National Research Council
  • current or former employees of the Security Intelligence Review Committee and the office of the Inspector General of CSIS
  • current or former employees or members of certain groups within the RCMP (e.g. Criminal Intelligence Program, Protective Operations Program).

Back to top Back to top


Using the above definitions and concepts, the Security of Information Act creates a number of offences both with respect to espionage and to leakage. For all of these offences, no prosecutions can be commenced without the consent of the federal Attorney General. A brief description follows, recognizing that these are complicated offences and what follows is only a brief summary. Please refer to the Act itself which is available on the Department of Justice Canada Web site.

Espionage-related activities

When a person, knowing or being reckless as to whether it is safeguarded information, communicates such information to a foreign entity or terrorist group - and they intend to or are reckless as to whether such disclosure will increase that foreign group's capacity to harm Canadian interests or if actual harm results - that person will be liable to prosecution and imprisonment for life (Section 16). In addition, there is a specific offence, Section 17, dealing with the communication of 'special operational information'. For that offence, no intent to harm is required; simply believing or being reckless as to whether the information disclosed is indeed special operational information is sufficient. Again the penalty could be imprisonment for life.

Another new offence, Section 20, relates to persons who at the direction of a foreign entity or terrorist group induce or attempt to induce any person to do anything that is likely to harm Canadian interests or which is done for the purpose of increasing the capacity of foreigners to harm our interests. Again, the maximum penalty is imprisonment for life.

Another new feature is that 'economic espionage' is included as a crime - fraudulent communication or communication 'without colour of right' of a 'trade secret' (defined) to a 'foreign economic entity' (defined as a foreign state or an 'entity that is controlled in law or fact, or is substantially owned' by a foreign state). Persons convicted are liable to imprisonment for up to 10 years.

Finally, the Act sets out a number of 'preparatory acts' for which the penalty is up to two years' imprisonment. These can include: (a) entering Canada at the direction of a foreign entity or terrorist group (b) obtaining access to any information (c) knowingly communicating to these foreign groups a willingness to commit the offence (d) possessing any device or software useful for concealing the content of information or for covert communications.

Back to top Back to top


The new Security of Information Act retains the old offence of unauthorized disclosure (Section 4) from the OSA. Most of the new offences relate to 'persons permanently bound to secrecy' - those 'insiders' who are included either because of where they work (e.g. former and current employees of CSIS and CSE) or because they have been personally notified by their Deputy Minister.

For example, Section 13 creates an offence - for which the maximum penalty is 5 years - for those insiders who 'intentionally and without authority, communicate or confirm information that, if it were true, would be special operational information'. This offence of purported communication recognizes both that (a) insiders are under a special duty with respect to the most sensitive information they had or have access to and (b) that the Crown does not need to prove the truth of the information (since experience has shown that to do so can simply increase the harm already done). Therefore, former or current employees who publicly reveal the identity of targets or sources of the Service can be prosecuted whether or not the information is true and without the Crown having to address this issue at all.

In Section 14, unauthorized communication of special operational information itself is punishable by up to 14 years' imprisonment.

For both of these offences, there is a 'public interest' defence - if an accused can show that information has been disclosed 'for the purpose of disclosing an offence under an Act of Parliament'. The Act sets out guidelines that a judge must consider when making his or her judgment; they include: the seriousness of the offences, the extent of the disclosure, the harm caused by the disclosure and whether the accused resorted to 'other reasonably accessible alternatives' before disclosing the information. In addition, this public interest defence can only be relied on if the accused has first (a) advised his or her Deputy Minister (or the Attorney General of Canada) and (b) if this fails, brought his or her concerns to the attention of either the Security Intelligence Review Committee or the Communications Security Establishment Commissioner.

Back to top Back to top


A combination of legislation, government policy and administrative procedures is aimed at preventing and responding to the unauthorized disclosure of government information, for example, the government Security Policy, oath of office, breach of trust by public officer under the Criminal Code. Prosecution under the Official Secrets Act has been, and is, only one response, sometimes referred to as a last resort.

For the first time in more than 60 years, the Government has brought in substantive amendments to the Official Secrets Act. While part of the Government's anti-terrorism legislation - and therefore seen as part of the Government's response to the events of September 11, 2001 - these amendments, and the issues surrounding them, have a longer history in Canada.

The amendments respond to long-standing criticisms of the Official Secrets Act and have been drafted, as all legislation now is, in light of the Charter of Rights and Freedoms. The new Security of Information Act recognizes the reality of 'new players and new threats'.

For current and former employees in the security and intelligence community, there is now a much clearer statement of their responsibilities to safeguard sensitive information - and a much clearer statement of their potential criminal liability should such sensitive information be disclosed without authorization.


For comments/enquiries, please contact the Canadian Security Intelligence Service (CSIS) c/o P.O. Box 9732, Postal Station T, Ottawa, Ontario, K1G 4G4. Telephone (613) 231-0100 or Fax (613) 231-0612.


Date modified: 2007-03-16


Important Notices