A new era of research security
National security agencies are taking a renewed interest in universities and their research in the face of rising geopolitical concerns.
Canada is home to a great deal of world-class research, but the federal government and its security services are raising the alarm that the country’s combination of advanced technology, human talent and democratic society has made it an attractive target for foreign spies and their agents.
“Espionage and foreign interference activities pose threats to the integrity of Canada’s research enterprise, as well as our country’s national security,” a spokesperson for Innovation, Science and Economic Development Canada (ISED) said in a statement to University Affairs. New guidelines on how to protect research, and rules governing foreign collaborations, have proliferated over the past few years to deal with these threats. Many researchers, however, worry that the heightened focus on security and a lack of clarity around what is considered acceptable could have a chilling effect on international collaborations.
Security threats come from many different countries that could be considered enemies of, or at least strategic competitors with Canada, including Iran, Russia and North Korea. But Stephanie Carvin, who studies national security issues at Carleton University, says China has been the dominant focus for the security services over the past 15 years. That focus grew even sharper for the federal government by 2018, when Canada arrested Huawei executive Meng Wanzhou and China retaliated by detaining two Canadians, Michael Kovrig and Michael Spavor.
That’s when Canada’s security community began to assert its concerns more forcefully to government about the broader economic and national security threat posed by China, including in academic research, says Dr. Carvin. “Canada was generating a lot of valuable intellectual property that was going to China, and some of that was going to government or military-linked institutions where it might be put to uses that Canadian taxpayers would disagree with,” she says.
It was around that time that a joint working group involving the government and members of the university community was set up to develop new processes and guidelines for advancing open and collaborative research in a way that also safeguards research and researchers. “The notion that national security guidelines will need to be built into the research ecosystem really came to the fore in 2018,” says Chad Gaffield, chief executive officer of U15 Canada, which represents research-intensive universities, and co-chair of the working group.
“The global pandemic prompted new, aggressive targeting of research.”
Federal agencies and research funders had been touting the value of international research collaboration for years. When they started to publicly question the safety of such partnerships, the change in tone seemed abrupt, says Dr. Carvin. It’s left many researchers unsure of how to navigate this new reality. “For the past two or three decades, academics have been told to go out and get as much international funding and partnerships as we can, and now we’re suddenly told to hit the brakes,” she says. “There is a palpable sense of whiplash.”
That increased urgency is due in large part to the COVID-19 pandemic, according to ISED. “The global pandemic prompted new, aggressive targeting of research,” the ISED spokesperson said. In March 2020, the Canadian Centre for Cyber Security warned of “an elevated level of risk to the cybersecurity of Canadian health organizations involved in the national [pandemic] response,” and rang the alarm about phishing campaigns, specifically.
That May, the Canadian Security Intelligence Service (CSIS) and the Communications Security Establishment noted that the uncertainty caused by the pandemic was “ripe for exploitation by threat actors seeking to advance their own interests,” including the theft of intellectual property and data related to Canada’s COVID-19 response, and that there was an increased risk of foreign interference and espionage to Canadian businesses and research centres.
The alert was a reflection of the agency’s new centralized approach to outreach and engagement with the postsecondary sector that came out of the 2018 talks with U15 – previously, CSIS would’ve most likely contacted a researcher directly through one of its regional offices. The agency is now in regular contact with universities across the country.
One result of these ongoing conversations is the National Security Guidelines for Research Partnerships published by ISED in 2021 to help funders, universities and researchers evaluate potential risks to research security. These include a list of potentially sensitive research areas (biotechnology and quantum science, for example), and a risk-assessment form to help identify and mitigate potential threats. In February 2023, three government ministers released a joint statement that expanded on these guidelines, banning government funding for research in sensitive areas if “any of the researchers working on the project are affiliated with a university, research institute or laboratory connected to military, national defence or state security entities of foreign state actors that pose a risk to [Canada’s] national security.”
The first test of the guidelines came last year, when some applications to the Natural Sciences and Engineering Research Council’s collaborative Alliance Grants were subjected to a lengthy additional screening by national security agencies. While only about four per cent out of more than 1,000 applications were reviewed, most of those were rejected. And the rejected applicants said that the reasons given were vague and unhelpful.
Now the government plans to roll out the same rules to the rest of its research funding programs. Many in the research community say they still don’t have enough information to properly identify potential risks, or how to mitigate them. “Greater clarity about the threats would be helpful,” says Nigel Smith, executive director of the TRIUMF particle accelerator centre in Vancouver. “We get bulletins from CSIS, but they are quite generic.”
“We’re getting better at the services we provide, but things have changed so quickly there is a significant competency gap around safeguarding research that we need to address in our academic communities.”
The government says it’s in the process of developing a list of foreign state connected universities, research institutes and laboratories that are believed to pose a high risk of theft, unwanted knowledge transfers and interference in research, according to a news report published in the Toronto Star this past May. This list, as well as a clearer definition of sensitive research areas, is expected to be finished sometime this year.
Jason Acker, who serves as associate vice-president (research integrity support) in the office of the vice-president of research and innovation at the University of Alberta, says research support services at universities have experience dealing with sensitive topics, such as health data, research chemicals or dangerous pathogens, but it will take some time to get to grips with the new considerations and questions raised as we enhance our research security efforts. The broader geopolitical perspective required to deal with these issues is not something that university research administrators have typically had as much experience with. High-level administration roles with a specific focus on research security are still relatively new to academia – Dr. Acker’s own position was only created in August of last year. “We’re getting better at the services we provide, but things have changed so quickly there is a significant competency gap around safeguarding research that we need to address in our academic communities,” he says.
Martha Crago, vice-principal for research and innovation at McGill University, expects that federal departments will provide more detail over time as the guidelines evolve, but in the meantime, universities are offering feedback to the government while helping their researchers navigate this changing landscape. At McGill, staff in the office of innovation and partnerships help researchers vet their projects using public data and software to do background checks to assess whether a foreign researcher or institution would be a good partner. They are also paying close attention to technologies that have the potential for “dual use” – meaning they can be used for both civilian and military purposes – which the government has identified as particularly vulnerable to security threats. “I think we’ve been naive to the dual-use idea, but now researchers are becoming aware of it,” she says.
So far, additional scrutiny has been applied to narrow fields of research that ISED and its partners have deemed sensitive, including dual-use technologies, critical minerals, critical infrastructure, and human-subject data research. But as the rules expand to include areas beyond NSERC-funded research, universities will have to grapple with the “dual use” issue more meaningfully, says Ricardo Smalling, legal counsel for research data privacy and security at Queen’s University. Behavioural scientists, for example, may think their work is fairly straightforward, but their research could be exploited in unintended ways to control people’s actions. “There are new things to think about with national security,” he says. “You need to understand that a partner may have ulterior motives, and factor that in.”
The most important advice that Mr. Smalling offers to researchers is around data security. “Data is king,” he says, so he focuses on helping them develop secure storage and access controls, ensuring that people only have access to data related to the projects they are part of, and tracking access and downloads.
“Universities have always been based on open collaboration with our partners.”
That can get complicated, however, when students and research assistants move on to new positions. They may still need access to lab data to complete a project, or their new affiliation might be included on future publications that they contributed to. But if their new institution is one that the Canadian government considers problematic, that may give the appearance of an inappropriate collaboration where none exists. More details on how to deal with such cases, or other unanticipated situations, would be helpful, says Dr. Crago.
The mechanics of protecting sensitive research is just one aspect of researchers’ concerns over the increased focus on national security in the academy. Many academics also worry about how to maintain a balance between security and academic freedom. “Universities have always been based on open collaboration with our partners,” says Dr. Acker – in other words, you can’t do world-class research without the rest of the world.
The directives to tighten research security are also in tension with other government imperatives, says Victor V. Ramraj, director of the Centre for Asia-Pacific Initiatives at the University of Victoria. Canada’s Indo-Pacific Strategy, which Dr. Ramraj helped develop, emphasizes the importance of engaging with and enhancing our understanding of countries like China – something that he says is even more important when governments are at odds. During the Cold War, for example, academic links provided an important bridge between the West and the Soviet Union.
“With rising tensions, universities play an important diplomatic role in helping to understand different societies,” he says. “We need to send scholars to China or wherever to engage and bring an informed view back to Canada.”
Dr. Ramraj is concerned that even if more detailed rules do not directly prevent collaboration or exchange, it will happen in practice anyway. Research security policies that are too broad and unclear risk having a chilling effect on the kinds of links and partnerships that are vital not just for the advancement of science and technology, but for greater understanding between societies.
Researchers who wish to continue collaborations with partners from proscribed institutions will technically be able to do so, but only if the project does not receive any government funding. And in practice that may become difficult. The University of Waterloo, for example, recently announced that it was ending its research partnerships with the Chinese telecom company Huawei – including the Waterloo-Huawei Joint Innovation Lab funded by the company.
On a more human level, some in the university community worry that this renewed focus on national security risks repeating the mistakes of the past – like the so-called “Red Scare” of the 1950s, in which people suspected of being communists were targeted and forced out of their jobs in government or academia. The Canadian Association of University Teachers expressed this fear in an editorial published in May and advised members to reach out to the organization should they be contacted by CSIS.
The danger is that the chilling effect of the rules may extend from institutions and projects to people, with researchers of a particular nationality or ethnicity left out of projects due to a misguided sense that their inclusion might be a security risk or could hurt the prospects for funding. Some university administrators say they are already seeing researchers and students of Asian heritage being profiled out of jobs and other opportunities. And some are hearing from faculty members wondering if they should “risk” hiring staff and students of Asian descent.
For their part, national security agencies say they are aware of this concern and emphasize that their warnings about China are focused on the Chinese government. “To be clear, the threat does not come from the Chinese people, but rather the [Chinese Communist Party] that is pursuing a strategy for geopolitical advantage on all fronts – economic, technological, political, and military – and using all elements of state power to carry out activities that are a direct threat to our national security and sovereignty,” says a CSIS spokesperson.
To avoid targeting particular people or groups, Mr. Smalling says human rights and equity concerns must be built into procedures from the beginning. That means university security policies should be agnostic when it comes to researchers’ nationalities. “We don’t think about the nationalities involved, but the overall risk of a project,” he says. “If there is accountability for everybody, it’s easier to detect who is going rogue.”
As the rules and guidelines become clearer over the next few months and years, Dr. Gaffield at U15 says the goal will be to implement them and safeguard research without undermining the tenets of high-quality scholarship and the principles of equity, diversity and inclusion that academia is striving for.
“A major step forward in the 20th century was the notion that the research world could operate without too close a regard for jurisdictional differences,” he says. “Collaborations like the International Space Station show the possibility of international efforts that transcend geopolitical differences.”
Post a comment
University Affairs moderates all comments according to the following guidelines. If approved, comments generally appear within one business day. We may republish particularly insightful remarks in our print edition or elsewhere.