Saturday, June 27, 2015

Map fail



Now, I know this map from the recruiting video on CSE's website was probably slapped together by some PR firm, and of course it was never intended to be an authoritative depiction of Canada's borders.

But still.

You're a Canadian government agency. An intelligence agency. A foreign intelligence agency.

You're supposed to know where Canada ends and the rest of the world begins.

This map is a travesty.

A huge chunk of Alaska, including the entire Alaskan panhandle, has been absorbed by Canada. (1903 is avenged!) Even Joint Base Elmendorf-Richardson appears to be in Canadian territory, which might come as a bit of a shock to the Canadian Forces personnel working on exchange with the U.S. forces there.

Most of Maine has been annexed. (Another boundary dispute revisited.)

And the 49th parallel is...

Well, it's not parallel, which is sort of the fundamental characteristic of a line of latitude.

Yes, I know, it's just a throwaway graphic that appears briefly in a recruiting video. So big deal.

But it's sloppy.

Nobody expects intelligence agencies to get everything right. But we can and should expect them to try.

Friday, June 26, 2015

The corporatisation of Pine Gap


Last month the Nautilus Institute published a report that some colleagues and I put together on the expansion of satellite monitoring capabilities at various Five Eyes monitoring sites around the world.

Nautilus has now published another SIGINT-related report, this one based on research that several of us compiled on Pine Gap, one of the three key Mission Ground Stations for U.S. high-altitude SIGINT satellites (and also one of the sites discussed in the earlier report).

The new report describes the growing reliance on contractors in the operations at Pine Gap (Desmond Ball, Bill Robinson, Richard Tanter, and Philip Dorling, "The corporatisation of Pine Gap", NAPSNet Special Reports, 24 June 2015.)

A summary of the report can be read here.

See also this news article: Philip Dorling, "Only one in 10 Pine Gap spies is employed by Australian government," Sydney Morning Herald, 24 June 2015.

There's more stuff in the pipeline on Pine Gap, but I also intend to get back to regular posting on more directly Canadian-related matters.

Thursday, June 18, 2015

New HQ named Edward Drake Building

CSE's new headquarters complex finally has a real name: the Edward Drake Building.

Edward Drake was CSE's first boss, serving as Director from the agency's inception in 1946 (when it was known as the Communications Branch of the National Research Council) until his death in 1971.

According to this notice on the CSE website, which seems to have quietly appeared in May, the official naming took place on February 26th.

Some of you out there may recall that CSE already had a building called the Edward Drake Building, the former CBC headquarters at 1500 Bronson Avenue, which CSE bought in 1997 and occupied in 2000. (For further information, see the Edward Drake section of this post.) Evidently the Building Formerly Known as Ed no longer has a name.

CSE is moving out of (or has already left) all of its buildings in Confederation Heights, including the Sir Leonard Tilley Building, the first headquarters building built specifically for the agency.

Ed Drake's mother's name was Tilly Katchoryk. I like to think that's why it was Leonard Tilley, rather than one of the 35 or so other Fathers of Confederation, who ended up with his name on that particular building.

Now (for the second time) Ed Drake has his own name on the headquarters building.


Hat tip to Ron Deibert for pointing out the name of the new headquarters building. I'm going to have to start paying more attention to the CSE website if they're going to be putting something newsworthy on it every couple of years.

Friday, June 12, 2015

May 2015 CSE staff size

2160: slight upswing.

(If you click through on the link and get a different figure, it's probably because the Canada Public Service Agency has updated its website; they update the numbers once a month.)

Monday, June 01, 2015

Recent items of interest

Recent news and commentary related to CSE or signals intelligence in general:

- Justin Ling & Ben Makuch, "New Documents Show Canada Fired Back Diplomatically at China Over Hacking," VICE News, 29 May 2015.

- Michael Geist (ed.), Law, Privacy and Surveillance in Canada in the Post-Snowden Era, University of Ottawa Press, 28 May 2015. Abstract. Full text (298-page PDF) of the book.

- Michael Geist, "You’re on Your Own: How the Government Wants Canadians To Sacrifice Their Personal Security," michaelgeist.ca, 28 May 2015.

- Craig Forcese, "The Ugly Canadian? International Law and Canada’s New Covert National Security Vision," National Security Law blog, 28 May 2015.

- Dan Froomkin, "U.N. Report Asserts Encryption as a Human Right in the Digital Age," The Intercept, 28 May 2015.

- Christopher Parsons, The Governance of Telecommunications Surveillance: How Opaque and Unaccountable Practices and Policies Threaten Canadians, Telecommunications Transparency Project, 26 May 2015. News release. Full text (106-page PDF) of report. News coverage: Emily Chung, "Rampant telecom surveillance conducted with little transparency, oversight," CBC News, 26 May 2015.

- John Allemang, "Welcome to CFS Alert," Globe and Mail, 21 May 2015.

- "More money from Stephen Harper for RCMP and border services to fight terrorism," Canadian Press, 21 May 2015.

- Eric Jardine, "Why Edward Snowden may be the last whistleblower," Globe and Mail, 21 May 2015.

- Canada's Privacy Plan: A Crowdsourced Agenda for Tackling Canada's Privacy Deficit, OpenMedia, 20 May 2015. Overview. Full text (96-page PDF) of report.

- Craig Forcese, "Camden versus Turing: The Future of Legal Privacy," National Security Law blog, 20 May 2015.

- Adam Molnar, "Expanding Powers of ‘Lawful Disruption’ into Cyberspace," Mackenzie Institute, 20 May 2015.

- Elizabeth Renzetti, "Why are we trading liberty for security?" Globe and Mail, 18 May 2015.

- Grant Mitchell, Roméo Dallaire & Hugh Segal, "Canada’s national security agencies need parliamentary oversight," Toronto Star, 17 May 2015.

- Editorial, "The twilight of ‘bulk surveillance’," Globe and Mail, 17 May 2015.

- Alex Boutilier, "CSIS can’t keep up with ‘daily’ state-sponsored cyber attacks," Toronto Star, 14 May 2015.

- Alex Boutilier, "CSIS warns of ‘extremist’ opposition to oil and gas sector," Toronto Star, 14 May 2015.

- Chris Parsons, "Canadian Signals Intelligence Requires Parliamentary Review," Mackenzie Institute, 13 May 2015.

- "Rathgeber wants oversight for spy agency," CBC News, 13 May 2015.

- Justin Ling, "New Mass Surveillance Laws Come to Canada, France, and the United Kingdom, as the NSA May Have Its Wings Clipped," VICE News, 12 May 2015.

- Mike Blanchfield, "Canada hosted Five Eyes meeting to target global cyberbullies: MacKay," Canadian Press, 11 May 2015.

- James Bamford, "Frozen Assets: The newest front in global espionage is one of the least habitable locales on Earth—the Arctic," Foreign Policy, 11 May 2015.

- Justin Ling, "Canada's National Security Advisor Still Suspects Canadian Politicians Are Under Foreign Influence," VICE News, 29 April 2015.

- Colin Freeze, "Canadian spy watchdogs tell Parliament they need to talk with each other," Globe and Mail, 23 April 2015. See also Ian MacLeod, "Security-bill snooping goes too far, federal watchdogs warn," Ottawa Citizen, 23 April 2015. Transcript of the testimony here.

- Amber Hildebrandt, "CSE worried about how its use of Canadian metadata might be viewed," CBC News, 21 April 2015. Original documents here.

- Ian MacLeod, "Federal budget: More than $400 million to be spent on national security," Ottawa Citizen, 21 April 2015.

- Ian MacLeod, "Spy watchdog may become super-sized: experts," Ottawa Citizen, 21 April 2015.

- Alex Boutilier, "2015 budget outlines ‘cyber security’ legislation," Toronto Star, 21 April 2015.

- Justin Ling, "Harper's New Budget Is Making it Rain on Canada’s Military and Spies," VICE, 21 April 2015.

- Testimony of CSE Chief Greta Bossenmaier to Standing Senate Committee on National Security and Defence re Bill C-51, 20 April 2015.

- David Pugliese, "HMCS Athabaskan to take part in Op Caribbe," Ottawa Citizen, 16 April 2015. Cryptologic Direct Support Element on board?

- Justin Ling, "We Spoke to Canada’s Foreign Affairs Minister in Germany, Where No One Taps Phones," VICE, 15 April 2015.

- Jim Bronskill, "Cyberattacks on federal research agency tried to beat the clock," Canadian Press, 15 April 2015.

- Sean Silcoff, "Elite global group fights digital spying, cybertheft," Globe and Mail, 15 April 2015. The group's report: "Toward a Social Compact for Digital Privacy and Security," Global Commission on Internet Governance, 15 April 2015.

- Justin Ling & Ben Makuch, "How Canada is Helping Nab Thousands of Kilos of Blow in the Caribbean," VICE, 14 April 2015. For another way Canada helps out, check out the SANDKEY program: David Pugliese, "Canadian Spies Join US Drug War," Ottawa Citizen, 17 May 2001. More here.

- Amber Hildebrandt, "Kim Dotcom Megaupload case falters over sharing Canadian data," CBC News, 13 April 2015.

- Letter from CSE Commissioner Jean-Pierre Plouffe to Daryl Kramp, Chair, Standing Committee on Public Safety and National Security, 6 March 2015:
I am writing with respect to Bill C-51, Part 1, Security of Canada Information Sharing Act, which allows the sharing of information among Government of Canada institutions for national security purposes. Following my reading of the Bill, I question why the existing security and intelligence review bodies are not included in this proposed legislation.

...

As I stated in my public annual report, tabled in Parliament last August, and as my predecessor also stated, there is a limited amount of co-operation that can occur among the review bodies within existing legislative mandates. However, an explicit authority to co-operate and share information would strengthen review capacity and effectiveness. This authority becomes that much more important in the evolving context of ever greater co-operation between the intelligence and security agencies.

Sharing of information among the existing review bodies would allow one to alert another as to what information was being shared, to follow the trail of that information and to ensure that the sharing of information complied with the law and that the privacy of Canadians was protected.

On a separate but nonetheless related issue, permit me to make an additional point.

I regret that an opportunity has not been seized to introduce amendments to the National Defence Act to eliminate ambiguities that were long ago identified by my predecessors. Eliminating these ambiguities seeks to clarify key terms in CSE’s legislated authority and resolve legal interpretation issues.
That would be the amendments that the government promised were a legislative priority EIGHT years ago.


SIGINT history

And for those interested in SIGINT history:

- Evan Radford, "Secrecy, humility and duty in a time of war," Calgary Herald, 25 May 2015:
From 1944 until 1946, [Marion] Booth worked with the Women’s Royal Canadian Naval Service — also known as the Wrens — in Victoria, British Columbia. Practicing wireless telegraphy, she used short wave radio, typing and morse code to intercept Japanese communications.

“I think the messages intercepted were between (Japanese) battle ships,” she said.

“I had a Japanese typewriter, and I typed out what I heard (in morse code). I couldn’t read it, but I passed it along to be read and decoded,” she said.

After the war ended, she returned to Ottawa, her hometown, and was faced with a choice: attend university or continue spying for the Canadian government. The Communications Branch of the National Research Council had been recruiting her.

“The $20 or $25 (per month) they offered looked pretty good. That’s why (close friend) Sally Coates and I decided we’d stay on with CB and go to university later,” she said.

Booth trained in the Russian division, while Coates was sent to the Chinese division.

As the Cold War deepened, Booth learned, intercepted and translated Russian. While at the National Research Council, she collaborated with fellow spies at Britain’s Government Communications Headquarters at Bletchley Park and the National Security Administration [sic], the latter of which took her to Washington DC for a year.

...

Sitting in her bright, corner suite apartment in west-central Calgary, Booth seems uninterested in the Russian messages she intercepted.

“I didn’t see anything that was world shattering. Most of the things I saw were pretty plebeian. They were just a lot of five-year quotas (of grain) in Russia,” she said.


Friday, May 29, 2015

CSE-CSIS memorandums of understanding

Justin Ling wrote an interesting article last week about some documents he obtained through the Access to Information Act concerning several memorandums of understanding (MOUs) between CSE and CSIS (Justin Ling, "Secret Documents Reveal Canada's Spy Agencies Got Extremely Cozy With Each Other," Vice, 20 May 2015).

He also posted the documents online.

It had long been known that CSE and CSIS had at least two MOUs on co-operation, both signed on 1 November 1990, one on CSIS Act s.12 activities and the other on s.16 activities. These documents lay out, at least in part, the parameters of the support that CSE can provide to CSIS under its Mandate C, the only part of the CSE mandate that permits the deliberate targeting of Canadians.

Which makes them potentially of great interest.

The documents Ling obtained included most of the text of the s.12 MOU. Key details were withheld, but there is still some intriguing material there, including a proviso that
All [criminal intelligence] information which may be used in the investigation or prosecution of an alleged contravention of any law of Canada or a province shall be reported to the Service [i.e., CSIS]. (See PDF page 16.)
Note the "shall" in that statement. The next paragraph seems to suggest that CSE's provision of such information to CSIS may be subject to various conditions or limitations, but we can't know whether or to what degree that may be true because all the subsequent details are redacted.

It seems reasonable to expect that the MOUs CSE has with the RCMP outline similar requirements for the provision of "criminal intelligence" to that agency as well.

How often such information is collected—deliberately or incidentally—and provided to federal "law enforcement and security agencies" remains an open question. Statistics on requests for CSE "Support to Lawful Access" seem to show relatively small annual numbers, only around 70-80 requests per year, but how sweeping those requests may be is not known, and whether they cover all aspects of Mandate C support is also unknown, so it's not possible to draw firm conclusions.

The even more sensitive CSIS Act s.16 MOU, which deals with the collection of foreign intelligence within Canada (think spying on foreign embassies and on foreign delegations attending events like the G8/G20 summit), was apparently withheld in its entirety, as there is no sign of it at all in the documents released to Ling.

The documents do reveal, however, that as of 2010 CSIS had "three specific Memoranda of Understanding with CSE which address ongoing cooperation in the performance of our duties and functions under sections 12, [redacted], 16 of the CSIS Act." (See page 71.)

To my knowledge, this third MOU has not been heard of before, and no information was released about its subject or contents.

The statement above strongly suggests, however, that the MOU relates to a separate section of the CSIS Act somewhere between sections 12 and 16, which would almost certainly be section 15. It is probably no coincidence that the preamble of a later, overarching "framework" MOU signed by the two agencies (also released to Ling) cites CSIS information collection/investigative activities under three separate, specific sections of the CSIS Act: 12, 15, and 16. (See page 21.)

Section 15 empowers CSIS to conduct investigations to provide personnel "security assessments" to federal, provincial, and foreign institutions, both for security clearance purposes and (federally) for immigration/refugee purposes. If this is indeed the explanation, it would seem that the idea that CSE SIGINT might contribute to such assessments is a deep, dark secret.

That said, the Ling documents also point to the existence of one or two other MOUs, one concerning "DIFTS" (30-08 activities) that was still under negotiation in 2010 (see page 72) and one signed in January 2007 (see pages 76-78).

If the latter was still in place in 2010, then it must be the one that I think relates to s.15.

The 2007 MOU seems to relate to a program involving the receipt by CSE of information from CSIS that is then used to guide CSE foreign intelligence collection, the results of which are subsequently provided to CSIS. (See, in particular, page 77.)

Which sounds a lot like the 2008 dispute between CSE and the CSE Commissioner over the agency's treatment of certain metadata, in which the Commissioner argued that CSE should re-examine and re-assess the legislative authority used to conduct its activities in relation to certain targets or topics, "particularly those supplied by federal law enforcement and security agencies engaged in ongoing criminal and national security investigations." [emphasis added] In the Commissioner's view, such activities should properly have been considered support to those agencies, i.e., Mandate C, not foreign intelligence (Mandate A) activities.

Maybe the dispute related to the collection/analysis of "foreign intelligence" metadata related to persons undergoing security assessments.

Thursday, May 28, 2015

Torus antennas increase collection of satellite communications



It doesn't have much direct connection to CSE, but some research I've been involved with on the Five Eyes agencies' growing ability to monitor satellite communications has just been published by the Nautilus Institute:

Desmond Ball, Duncan Campbell, Bill Robinson and Richard Tanter, "Expanded Communications Satellite Surveillance and Intelligence Activities Utilising Multi-beam Antenna Systems", NAPSNet Special Reports, Nautilus Institute, 28 May 2015.
The recent expansion of FORNSAT/COMSAT (foreign satellite/communications satellite) interception by the UKUSA or Five Eyes (FVEY) partners has involved the installation over the past eight years of multiple advanced quasi-parabolic multi-beam antennas, known as Torus, each of which can intercept up to 35 satellite communications beams. Material released by Edward Snowden identifies a ‘New Collection Posture’, known as ‘Collect-it-all’, an increasingly comprehensive approach to SIGINT collection from communications satellites by the NSA and its partners. There are about 232 antennas available at identified current Five Eyes FORNSAT/COMSAT sites, about 100 more antennas than in 2000. We conclude that development work at the observed Five Eyes FORNSAT/ COMSAT sites since 2000 has more than doubled coverage, and that adding Torus has more than trebled potential coverage of global commercial satellites. The report also discusses Torus antennas operating in Russia and Ukraine, and other U.S. Torus antennas.
The full report is available here.

One of my co-authors, Duncan Campbell, also has a companion piece in the online version of WIRED UK: ""Torus": has one word in a Snowden leak revealed a huge expansion in surveillance?" WIRED UK, 28 May 2015.

This article just published by The Intercept (Peter Maass, "Inside NSA, Officials Privately Criticize “Collect It All” Surveillance," The Intercept, 28 May 2015) on the perils of collecting too much data makes timely related reading.

Also on that wider topic, I would highly recommend Taylor Owen's recent article in Foreign Affairs ("The Violence of Algorithms:
Why Big Data Is Only as Smart as Those Who Generate It
," Foreign Affairs, 25 May 2015).


Update 4 June 2014:

News coverage in Oz:

- Philip Dorling, "Pine Gap’s new spy role revealed," The Age, 31 May 2015.
- Michael Gorey, "Secret life of Pine Gap gets airing," Herald Sun, 1 June 2015.
- Erwin Chlanda, "Pine Gap shines in global snooping: report," Alice Springs News Online, 2 June 2015.