Wednesday, June 12, 2013

More on CSE and the monitoring (or not) of Canadians

More coverage of the questions surrounding CSE and the degree to which Canadians get pulled into its dragnet.

Tonda MacCharles gets a rather stunning admission out of Liberal MP Wayne Easter ("Tories deny Canadian spy agencies are targeting Canadians," Toronto Star, 10 June 2013):
Liberal MP Wayne Easter, who was minister responsible for the spy agency CSIS in 2002-03, told the Star that in the post-9/11 era a decade ago it was common for Canada’s allies to pass on information about Canadians that they were authorized to gather but Ottawa wasn’t.

The practice was, in effect, a back-door way for sensitive national security information to be shared, not with the government, but Communications Security Establishment Canada (CSEC) and, if necessary, the Canadian Security Intelligence Service (CSIS). ...

Easter said that Canada’s foreign allies and their security agencies would scan global intelligence signals and would be “looking for key words on Canadians as well . . . and they’d give it to the Canadian agencies, yeah,” said Easter.

“That’s exactly what happens.”

Easter said the international arrangements did not allow for a broad targeting of, for example, a media reporter speaking to a confidential source, but would focus on specific activity of global concern such as “terrorism, crime or sex offenders.”

He has no doubt “things have changed” in both the spy business and the more sophisticated terrorist networks in the decade since 9/11, but Easter now thinks that, given the magnitude of security issues, it is more critical than ever to have “some kind of political oversight, beyond just the ministers.” He thinks the idea of a parliamentary oversight committee should be revisited.
CSE has more or less admitted in the past that it would accept information about Canadians from the NSA or its other SIGINT allies, although it insists that it "does not pursue the receipt of such intelligence." CSE's oversight commissioner recently reported that "CSEC and its closest international partners... respect each other's laws by pledging not to target one another's citizens' communications. CSEC is prohibited from requesting an international partner to undertake activities that CSEC itself is legally prohibited from conducting." Later in the same report, however, the Commissioner noted that "Although these cooperative arrangements include a commitment by the partners to respect the privacy of each others' citizens, it is recognized each partner is an agency of a sovereign nation that may derogate from the agreements, if it is judged necessary for their respective national interests." If, for example, the U.S. were to decide that its national interests required it to check into the possibility that would-be terrorists are plotting against the U.S. from inside Canada, we might very well expect them to go ahead and do exactly that. (But of course what are the chances that they would decide that?)

With the PRISM revelations indicating that NSA now has at least potential access to virtually the whole range of Canadians' internet-related activities, including e-mail contents, web browsing activities, online purchases, internet-based telephone calls, and data stored in "the cloud", the question of how much information about Canadians is passed to the Canadian government through this relationship, on what topics, and under what controls is of vital importance.

(One might also ask, where is the Canadian government agency that is taking action to protect the privacy of Canadians against snooping by the U.S. and other foreign governments? Does no one in the government, other than the powerless Privacy Commissioner, care about protecting Canadians' privacy? Is it possible that the Canadian government secretly prefers to have Canadians spied upon?)

Meanwhile, on the metadata front (which, to remind readers, is not about the content but rather about the source, destination, duration, volume, etc. of messages), Minister of National Defence Peter MacKay is continuing his efforts to clarify/muddify the situation, and not just by his frequent references to it as "mega-data". In Question Period on June 11th the Minister stated that "we use metadata to identify and collect international, not domestic, communications." That seems clear enough, but we should probably assume that "international" communications include those with one end in Canada, as even the content of such communications can be collected by CSE as part of its foreign intelligence activities when authorized by the Minister (with various privacy rules in place). The question of whether certain domestic metadata is also processed in some way for some of our domestic security agencies -- which seemed to be left somewhat open by his responses on June 10th -- was not addressed at all.

Michelle Shephard has more on the metadata question here: "Canada has tracked phone and Internet data for years," Toronto Star, 11 June 2013. A good piece, but I don't know where she got the idea I live in Toronto. [Since corrected to "Canadian blogger" -- thanks!]

The possibility of greater parliamentary oversight of CSE has now been raised by the Opposition (Lee Berthiaume, "Opposition seeks parliamentary oversight of Canada’s spy agencies," Postmedia News, 11 June 2013):
NDP defence critic Jack Harris said parliamentary oversight is necessary to ensure a proper balance between privacy and national security, and he called for some type of mechanism by which members of all parties could be approved to review secret information.

Such an initiative has been proposed in the past, most recently by Liberal Sen. Romeo Dallaire after the federal auditor general’s report found $3.1 billion in anti-terrorism spending was unaccounted for.

“The fact of the matter is the whole purpose of parliamentary oversight is that citizens should not be expected to trust one person,” he said. “There has to be that kind of oversight.”

Harris said despite MacKay’s assertions that Canadians are not being targeted by this country’s spy agencies, there remain significant questions about what happens when it comes across such information while looking overseas — or is given such information by an ally.

He applauded federal Privacy Commissioner Jennifer Stoddart’s decision to dig into whether Canadians’ privacy may have been unduly affected by the Canadian and U.S. “metadata” surveillance programs.

But he said CSEC’s separation from the Department of National Defence last year to become a stand-alone entity also reduced the Commons’ defence committee’s ability to look into CSEC’s activities.
Some excellent points there. CSE also significantly reduced its public reporting after it became a stand-alone agency. (See also this post.)

Andrew Mitrovica does a good job of laying out the big picture here: "Big Brother really is watching — and listening," Toronto Star, 11 June 2013. See also Thomas Walkom's commentary: "You’re not paranoid, the government might be watching you: Walkom," Toronto Star, 12 June 2013.

And law profesor Craig Forcese does an excellent review of the institutional and legal questions here: "10 questions about Canada’s Internet spying," Globe and Mail, 11 June 2013.

Forcese's article ends with the following "take away lesson":
Watchdogs matter. The technology of intercept means that what is technologically possible now far exceeds what is legally permissible and socially desirable. It must be tempting to push the legal envelope to serve a higher purpose of protecting Canadian security interests. We are, therefore, immensely dependent on measured and prudent use of the technologies at the government’s disposal and very thorough and careful review and oversight by the bodies that examine government conduct. This is a system of “trust, but verify”. And therefore, those review bodies should never be an afterthought and should always be well-staffed and well-funded. On balance, the staffing and funding of these bodies has not kept pace with the growth of the intelligence agencies they review. Indeed, in the case of CSIS, one tier of review (the inspector general) was recently eliminated, possibly resulting in a net reduction in the degree of close scrutiny of CSIS.

Carefully enhancing review body capacity should be a priority.
Forcese's call echoes that in Ron Deibert's excellent commentary: "Spy agencies have turned our digital lives inside out. We need to watch them," Globe and Mail, 10 June 2013.


Post a Comment

<< Home