Research security involves identifying possible risks to scholarly research practices through unwanted access, interference or theft, and the measures that can be taken to minimize these risks and protect research inputs, processes and products.
To safeguard Canadian research, the Government of Canada has developed requirements and guidelines to address research security concerns. Some provinces, including Ontario, and international jurisdictions, are undertaking similar measures. As part of the Government’s approach, Canadian universities are playing an active role in ensuring the integrity of Canada’s world-class research environment.
The University of Toronto has a dedicated Research Security Team (RST) within the Division of the Vice-President, Research & Innovation, that provides support and information to the University’s research community regarding safeguarding research and developing research relationships and grant applications in alignment with best practices, guidelines, and requirements.
Federal Sensitive Technology Research and Affiliations of Concern (STRAC) Policy
On January 16, 2024, the Government of Canada announced the implementation of its policy on Sensitive Technology Research and Affiliations of Concern (STRAC), the aim of which is to help prevent Canadian research and development efforts from being misappropriated by foreign actors to the detriment of Canada’s national security.
The policy includes a published list of Sensitive Technology Research Area (STRA) deemed vulnerable or of potential dual-use application to hostile foreign actors, and a published list of Named Research Organizations (NRO) that Canada’s security and intelligence agencies have deemed connected to the military, national defence or state security entities of foreign state actors that pose a potential threat to Canada’s national security. These lists are evergreen in that they could be updated in the future. It is likely that the STRA will become more specific over time, while the NRO could eventually include other research organizations.
This new policy will come into force for funding opportunities that are available after May 1, 2024, at which point the Canadian Institutes of Health Research (CIHR), the Natural Sciences and Engineering Research Council of Canada (NSERC), the Social Sciences and Humanities Research Council of Canada (SSHRC) and the Canada Foundation for Innovation (CFI) will require the following for research grants that advance an STRA:
- All researchers listed on an application must provide an attestation that they do not have any affiliation with entities on the Named Research Organization list and they have “read, understood, agree with, and are compliant with this policy. They and their research team(s) will be required to comply with the policy for the duration of the federal grant.”
- If any of the researchers named on the application are receiving funding or in-kind support from an organization on the NRO list, the application would be ineligible.
Researchers are encouraged to consult the FAQs about the STRAC policy, provided by the Government of Canada, as they describe several scenarios regarding the applicability of the lists.
The University’s RST is available to help the research community understand the application of this new government requirement (and other existing government requirements), especially with respect to the following questions:
- Is my area of research covered under the STRA?
- Would I be considered to have an affiliation with an NRO?
- How do I provide an attestation?
- How do I prove that my previous affiliation has ended?
The University recognizes that research security is an evolving area, and it is committed to supporting our research community in this changing landscape to enable research activities that balance security awareness with open academic collaboration.
Should you have any questions about research security or the STRAC policy and/or its implementation at the University of Toronto, please visit the University’s Safeguarding Research webpage and/or contact either Edward Kim (he/him – firstname.lastname@example.org), Research Security Advisor, Division of the Vice-President, Research & Innovation, University of Toronto, or Shaun Young (he/him – email@example.com), Manager of Research Administration and Operations, Office of the Vice-Principal, Research (UTM).