Thursday, May 01, 2014

CSEC roundup 1 May 2014

Recent news and commentary items related to CSEC:

- Jordan Press, "Retiring Sen. Hugh Segal takes last crack creating security oversight committee," Montreal Gazette, 1 May 2014

- Colin Freeze, "Former U.S. spymaster praises American intelligence oversight, but envies Canadian system’s ‘agility’," Globe and Mail, 1 May 2014

- Richard Chirgwin, "Canucks' ISPs routing data through snoop heaven USA," The Register, 1 May 2014

- Justin Ling, "The Canadian Government's 'Secure' Phones Come Straight from the NSA," Motherboard, 25 April 2014. The secure phones purchase is part of the omnibus Canadian Cryptographic Modernization Program, which was originally estimated at $840 million in total. Earlier report on the purchase: Elizabeth Thompson, "No bidding war for U.S. spy agency: Big buyers won't say what they're paying for," Montreal Gazette, 21 June 2006. My comments at that time.

- Michael Geist, "Canadian Telcos Asked to Disclose Subscriber Data Every 27 Seconds,", 30 April 2014. Here is the response provided to the Privacy Commissioner by the Canadian Wireless Telecommunications Association concerning telco provision of data to Canadian government agencies. All documents received by Geist through Access to Information request. Related coverage:
- Steve Rennie, "Telecoms refuse to release information on private data given to feds," Canadian Press, 29 April 2014.
- Alex Boutilier, "Government agencies seek telecom user data at ‘jaw-dropping’ rates," Toronto Star, 29 April 2014
- Paul McLeod, "Government makes over a million requests a year for data from telecoms," Chronicle Herald, 29 April 2014
- Colin Freeze, "Feds tap telecoms for customer data at ‘staggering’ rate," Globe and Mail, 30 April 2014
- Laura Payton, "Private data given to feds limited to 'basic' information, Bell says," CBC News, 30 April 2014
- Patrick McGuire, "Why Is the Canadian Government Issuing Over 1 Million Annual Requests to Telecom Companies for Our Data?" Vice, 30 April 2014
- Laura Payton, "Privacy concerns raised about new cyberbullying legislation," CBC News, 1 May 2014
- Christopher Parsons, "Responding to the Crisis in Canadian Telecommunications," Technology, Thoughts & Trinkets blog, 1 May 2014
- Editorial, "Change the law. Make it harder for government to snoop," Globe and Mail, 30 April 2014
- Jesse Kline, "Want to snoop? Get a warrant," National Post, 1 May 2014
- David Fraser, "We seriously need transparency about law enforcement demands," Canadian Privacy Law Blog, 1 May 2014
- Jesse Brown, "Where is Canada's rage over digital surveillance?" Toronto Star, 1 May 2014. See also the latest report by Canadian Journalists for Free Expression, Fifth Annual Review of Free Expression in Canada, 2013-14.

This little-noticed angle on the data issue is also worth paying attention to:
- Michael Geist, "Is a Canadian Telco Allowing the Government To Mirror Its Subscriber Communications?", 1 May 2014. Geist picks up on a comment in the telcos' response to the Privacy Commissioner's questions, in which an unnamed company states that "Interception of communications over data networks is accomplished by sending what is essentially a mirror image of the packet data as it transmits the network of data nodes. This packet data is then sent directly to the agency who has obtained lawful access to the information. Deep packet inspection is then performed by the law enforcement agency for their purposes." Does this mean that this unidentified agency is routinely being given access to all of the traffic on that company's networks and that the agency is then allowed to process all of that data in order to select what communications it will "intercept"? That could easily make the total of 1.2 million data requests per year discussed in the articles above look like small potatoes. Might this have something to do with the "Canadian Special Source" data (see p. 7) that CSEC accesses? If the agency in question is indeed a "law enforcement" agency, then it is not CSEC, which has no law enforcement powers. But if, as is presumably the case, the law enforcement agency is obtaining and using the data it receives lawfully, then it would be legal for CSEC to assist that agency in processing the data. Is this one of the ways CSEC gets access to domestic metadata?

Also of interest:
- Tom Leinster, "Maths spying: The quandary of working for the spooks," New Scientist, 23 April 2014. Mathematician Tom Leinster calls on his fellow mathematicians to consider the ethical dilemmas of working for intelligence agencies.


Post a Comment

<< Home