Each year, TET submits a report on its activities to the Minister of Justice and the Minister of Defence. The annual reports, which are available to the public, provide general information about the nature of the oversight activities performed with regard to DSIS, DDIS, and the CFCS. In the reports, it is possible, among other things, to give an account of TET’s activities in general terms without violating the duty of confidentiality, including in the form of a general description of the matters having attracted the Oversight Board’s interest in the course of its oversight activities. Similarly, TET may include statistics on the number of instances where information has been found to be processed by DSIS and DDIS in violation of the legislation regarding DSIS and DDIS, including the number of situations where the Oversight Board has ordered DSIS and DDIS to delete information under the indirect subject access request system.
The reports concerning the CFCS must also contain statistics on its processing of personal data, including statistics on the number of complaints received by the CFCS as well as TET, the number of access requests and the decisions made in these cases as well as the number of security incidents dealt with by the CFCS. TET is also required to include statistics on the number of instances where information has been found to be processed by the CFCS in violation of the legislation regarding CFCS. The reports must also contain a fully depersonalised description of one or more specific cyber attacks as well as statistics on the number of instances where a CFCS analyst has analysed data obtained through interference with the privacy of communications. The statistics must also contain an overall categorisation of the severity of the incidents.