Sunday, March 11, 2018

INMARSAT monitored at Gander

This map, taken from an NSA document recently published by The Intercept, shows the footprints of the fourth generation INMARSAT satellites, which provide telephone and data services primarily to mobile users (ships, aircraft, and handheld satellite phone users). The map also shows 28 ground locations, evidently depicting the sites where the Five Eyes partners monitor the key spot beams serving regions of interest to those agencies. One of those locations corresponds to CFB Gander, the home of CFS Leitrim Detachment Gander, a Canadian SIGINT site known primarily for its huge FRD-10 antenna array. The Gander detachment is remotely operated from Leitrim, which presumably processes the INMARSAT traffic collected at Gander.

The document is undated, but it was probably produced around 2011 ± 2 years, i.e., after the launch of the three satellites whose footprints are shown on the map but before the next generation of satellites began to join them in orbit.

The 28 ground sites are unlabeled, but it is clear that they are not intended to represent INMARSAT users, who are predominately to be found in ocean areas (at sea or in the air) and in remote, poorly serviced land areas. Instead, they correspond to known Five Eyes SIGINT collection sites, either long-standing intercept stations or known locations of monitoring facilities hidden in embassies.

The intercept stations are Bude, U.K.; Cyprus; Hawaii; Misawa, Japan; Shoal Bay, Australia; Sugar Grove, West Virginia; Waihopai, New Zealand; Yakima, Washington; and Gander. (Sugar Grove and Yakima have since closed, but they were active at the time this map seems to have been produced.)

The remaining 19 locations are all in non-Five Eyes capital cities that are known to host or to have hosted intercept facilities: Algiers, Algeria; Baghdad, Iraq; Bangkok, Thailand; Beijing, China; Bogota, Colombia; Brasilia, Brazil; Caracas, Venezuela; Islamabad, Pakistan; Kinshasa, D.R. Congo; Lusaka, Zambia; Madrid, Spain; Managua, Nicaragua; Manila, Philippines; Mexico City, Mexico; Monrovia, Liberia; Moscow, Russia; Nairobi, Kenya; New Delhi, India; and Port Moresby, Papua New Guinea.

This map of monitoring facilities operated by the Special Collection Service in U.S. diplomatic sites shows that in 2010 the U.S. was present in all but one of these locations, Port Moresby. (One other site, Monrovia, was listed as dormant at that time.) Port Moresby is reported to host an ASD listening post in the Australian High Commission, so in that case the INMARSAT monitoring is probably conducted from that location. Some of the other capital cities shown on the map also host non-U.S. sites in addition to SCS sites, so it is possible that INMARSAT monitoring is conducted by other Five Eyes parties in some of those locations as well.

It is, I think, entirely unsurprising to find evidence that Canada is involved in INMARSAT monitoring. I suspect we've been at it since the 1990s, or even the 1980s, probably using antennas at Leitrim and possibly other locations as well as Gander. INMARSAT communications monitored from Gander probably pertain mainly to the region off Canada's East Coast, and to the Western North Atlantic more generally, where activities such as human and narcotics smuggling and illegal fishing would be considered important targets for intelligence collection.

Wednesday, March 07, 2018

Privacy Commissioner also calls for changes to Bill C-59

Privacy Commissioner Daniel Therrien has also called for changes to Bill C-59.

In a letter dated 5 March 2018, Therrien recommended 11 amendments to the bill, including two pertaining specifically to the CSE Act's provisions on the acquisition and use of "publicly available information":

"RECOMMENDATION 10: That section 24 [of the CSE Act] be amended to add a limit to the activities listed in 24(1) namely: the measures shall be reasonable and proportional in the circumstances, having regard to the reasonable foreseeable effects on Canadians and people in Canada including on their right to privacy"; and

"RECOMMENDATION 11: That the definition of “publicly available information” in section 2 of Part 3 be amended to specify that information is published or broadcast lawfully, and that information obtained through purchase or subscription was legally obtained or created by the vendor."

Explanations for these recommendations can be found in the Commissioner's letter.

The Commissioner Therrien also expressed his support for one of the recommendations made by the CSE Commissioner in January:

"We note that, in his brief provided to the Committee on December 6, 2017, the Commissioner for CSE recommended that the Intelligence Commissioner 'should approve the active cyber operations in addition to the defensive cyber operations that are authorized by the Minister pursuant to subsections 30(1) and 31(1) of the proposed Communications Security Establishment Act.' We agree with this recommendation, as it addresses a gap in the Intelligence Commissioner's authority to approve activities under all CSE mandates."

News coverage:

Alex Boutilier, "Ottawa’s privacy watchdog wants limits on spies’ information collecting powers," Toronto Star, 8 March 2018.