Author: Christopher Parsons

Policy wonk. Torontonian. Photographer. Not necessarily in that order.

Categories
Links

Secret Documents Reveal Canada’s Spy Agencies Got Extremely Cozy With Each Other | VICE News

Secret Documents Reveal Canada’s Spy Agencies Got Extremely Cozy With Each Other:

Highly classified documents obtained by VICE News offer new insights into how Canada’s two-headed spy apparatus works to blend its intelligence, skirt court oversight of its spying powers, and intercept communications inside the country’s borders.

Christopher Parsons, postdoctoral fellow at the Munk School, says there is long-standing ambiguity over when CSE can and cannot spy on its own citizens. And it’s worrying.

“Generally, we have questions about how meaningful, or not meaningful, Mandate C actually is,” he told VICE News.

Craig Forcese, law professor at the University of Ottawa and one of Canada’s foremost experts on security policy, says Mandate C is a tunnel through the barrier stopping CSE’s from snooping on Canadians.

“If CSE is providing assistance to CSIS under Mandate C, then CSE is clothed with the same legal authority CSIS has,” Forcese says. “So it can act as CSIS’s technological appendix, including in conducting domestic surveillance.”

University of Ottawa Professor Wesley Wark, a specialist in intelligence and national security, says there is need for a review body that can actually investigate how Mandate C is used, “in a way typically that the current CSE Commissioner has not, I don’t think, very fully.”

“The Ministry returned the letter requesting further details to address concerns raised by the Minister’s Office in relation to CSIS authority to enter into subsequent arrangements without further approval from the Minister each time,” reads a summary of changes requested to the documents.

It’s unclear if the minister’s change was actually made.

“If the minister put a stop to that, he should be congratulated,” says Parsons. The simple fact that the agencies were trying to bestow themselves that power is “more than a little bit concerning,” he says.

It’s long been speculated that signals intelligence has been the basis for many warrants and criminal charges, but that the fingerprints of CSE’s involvement were scrubbed before the application to the court was made.

“There’s a real question whether it’s CSE or CSIS in the driver’s seat,” says Parsons.

 

Categories
Links

CSIS can’t keep up with ‘daily’ state-sponsored cyber attacks | Toronto Star

CSIS can’t keep up with ‘daily’ state-sponsored cyber attacks:

OTTAWA—Canada’s spies admit they can’t keep up with daily cyber attacks from state-sponsored hackers, according to an internal report obtained by the Star.

Christopher Parsons at University of Toronto’s Citizen Lab said the documents point to a larger conflict that’s largely been taking place behind the scenes — the militarization of the Internet.

“Canada is hardly alone as the target — or originator — of state-sponsored hacking,” Parsons said.

As countries, including Canada, continue to develop both offensive and defensive Internet capabilities, he said it’s become urgent to come to an international consensus of what counts as legitimate targets in the Internet age.

“The internet has become militarized behind the backs of most citizens, and I think that if we’re not going to roll back that militarization entirely … at the very least principled agreements about what are legitimate and illegitimate modes of militarization have to be established,” Parsons said.

 

Categories
Links

New Mass Surveillance Laws Come to Canada, France, and the United Kingdom, as the NSA May Have Its Wings Clipped | VICE News

New Mass Surveillance Laws Come to Canada, France, and the United Kingdom, as the NSA May Have Its Wings Clipped:

Canada’s Anti-Terrorism Act is just one step away from becoming law, with its controversial information-sharing and secret police powers still intact. France’s cyber-snooping bill is facing broad political support. And the United Kingdom’s nanny state law has been in effect for months, despite protestations of a coalition of anti-spying activists.

Christopher Parsons, postdoctoral fellow at the University of Toronto’s Citizen Lab, said that while neutering the Patriot Act might impede how Americans’ data gets scooped up, nobody should expect these changes will do much to kneecap the NSA’s mass spying regime.

“I think they can do it anyway,” Parsons told VICE News, pointing to Executive Order 12333 — the directive issued by Ronald Reagan that first permitted the NSA to spy on foreign soil.

“In an era of cloud computing, there is a strong argument to be made that even after that section of the Patriot Act goes away, where and when Americans’ data flows across international boundaries, it can be collected anyway,” he said.

And while the NSA’s ability to collect data within the United States might be “slightly diminished,” other American agencies with mandates to surveil domestic threats could simply take over.

Parsons says the emerging relationship between Washington and its Five Eyes partners – Canada, the United Kingdom, Australia and New Zealand — is evolving into something much more advanced.

“All the various signals intelligence agencies have become increasingly sophisticated in, not just their ability to collect data, but also their ability to share data with one another,” Parsons said.

 

Categories
Links

Lack of public Wi-Fi in Toronto raises privacy concerns: experts

Lack of public Wi-Fi in Toronto raises privacy concerns: experts:

The lack of public Wi-Fi in Toronto means those in need of wireless Internet must trade their privacy for connectivity, experts say.

Privacy concerns aside, Christopher Parsons with the Citizen Lab at U of T said leaving Wi-Fi in the hands of businesses limits access. While a public Wi-Fi system would be open to all, not everyone can afford the price of admission – implied or otherwise – at places like Starbucks.

“For some people, stepping in and getting a latte for five dollars is fine, but for other people that five-dollar latte is an incredible extravagance. They may not feel comfortable in that situation, or they may not feel welcome.”

Categories
Links Quotations

What’s worse than a cookie? A ‘perma-cookie’

What’s worse than a cookie? A ‘perma-cookie’:

Last fall, Verizon in the U.S. was found to be using the headers to cash in on the mobile advertising market and deliver targeted ads to customers.

It was later revealed that other advertisers, unaffiliated with Verizon’s own advertising program, were taking advantage of the headers to then track and target cellphone users for ads, even if customers had opted out.

Privacy experts also worry about the potential for governments and criminals to hijack the data.

Christopher Parsons, the managing director of a telecom transparency project run out of the Citizen Lab at the University of Toronto, says that national security services and agencies “already track Canadians, Americans and citizens of other nations using unencrypted identifying information and there’s no reason to believe they wouldn’t use perma-cookies for similar tracking purposes.”

 

Categories
Links

FBI watched as hacker dumped Bell Canada passwords online

FBI watched as hacker dumped Bell Canada passwords online:

When Bell Canada’s website was hacked last year — and the accounts and passwords of more than 12,000 Canadians posted online — the Federal Bureau of Investigation was not only watching, but letting the hackers stage the attack from what was secretly an FBI server.

Christopher Parsons, a postdoctoral fellow who studies state access to telecommunication data at the Citizen Lab at the Munk School of Global Affairs in Toronto, said it made “good tactical sense” that the FBI used confidential informants and an undercover server to build their case.

It was the fact they did nothing to stop the crime before it occurred that makes this case unusual, Parsons said.

“In this case it sounds like the FBI had that ability, had that option to prevent these things from happening, perhaps with a weaker case, but instead they opted to endanger innocents in order to build a stronger case,” said Parsons. “The problem there is there is no indication Bell had been notified. This wasn’t dummy data that was released — this was live, real customer data.”

 

Categories
Links

Rogers reports sharp drop in police demands for customer data

Rogers reports sharp drop in police demands for customer data:

Christopher Parsons, a researcher at the University of Toronto’s Citizen Lab, said Rogers’ commitment to regularly releasing such data is commendable. Yet, he argued the company could go even further with certain aspects of its report, such as including information about when it discloses to customers that a law enforcement request has been made.

He noted that authorities are required to notify individuals who have been subject to wiretap requests or any intercept of live information. However, he said requests for stored data do not trigger a statutory requirement to inform the person that they were under investigation and unless the information is introduced in a court proceeding, they would never know.

“Rogers could advance the privacy discussion in Canada that much more by trying to push government and law enforcement agencies to let the company disclose that their customers were subject to a request,” Mr. Parsons said.

 

Categories
Links

Police asked telcos for client data in over 80% of criminal probes

Police asked telcos for client data in over 80% of criminal probes:

In recent years, civil liberty advocates, journalists and Canada’s privacy watchdog have repeatedly sought details on the frequency with which telecom companies hand over data to police officers.

Not all are convinced that the 80-95 per cent estimate is accurate.

“How exactly did they derive such high numbers? What is the methodology?” asks Chris Parsons, a post-doctoral fellow at Citizen Lab, an academic unit at the University of Toronto’s Munk School of Global Affairs.

“If it is sound, that indicates an incredibly high rate, assuming that all crimes or all investigations are some way linked with telecommunications data.”

Last year, TekSavvy, Rogers and Telus became the first telecommunications companies to release transparency reports — following in the footsteps of their U.S. counterparts and spurred to action by a questionnaire sent by a group of academics led by Parsons. Bell Canada was alone among the large telcos not to issue a report.

Previously released government documents suggested that Public Safety officials worried that the firms might divulge “sensitive operational details” in their reports.

The federal department sought advice on whether any potential legal issues might exist around the disclosure of how telecommunication companies interacted with police, the newly released ministerial briefing says.

“If I were being very charitable, it could be a way to assuage the concerns that ISPs [internet service providers] may have had,” said Parsons. “Less charitably, it could also mean that Public Safety was interested in seeing if there was a way to prevent the reports from coming out.”

Many internet and phone service providers cited potential legal issues — along with a litany of other reasons — as why they failed to disclose any figures.

 

Categories
Links

Evening Brief: Tuesday, May 26, 2015

Evening Brief: Tuesday, May 26, 2015:

A new report from Citizen Lab at the Munk School says “Canadian telecommunications providers have been handing over vast amounts of customer information to law enforcement and government departments and agencies with little transparency or oversight,” reports CBC. “We conclude that serious failures in transparency and accountability indicate that corporations are failing to manage Canadians’ personal information responsibly,” says the report. “Access to our private communications is incredibly sensitive,” said Christopher Parsons, lead author of the study and a postdoctoral researcher at Citizen Lab.

Categories
Links Writing

Christopher Parsons: Canada has a spy problem

I published a comment piece with the National Post today that quickly summarizes the importance and harms of Canada’s signals intelligence activities, especially as it pertains to persons living in Canada.

The key takeaway is:

Canadians are routinely accused of having sleepwalked into a surveillance nation. We haven’t. Instead, the federal government of Canada has secretly deployed mass-surveillance technologies focused on domestic and foreign communications alike and, even when caught red-handed, the government refuses to have a reasonable conversation about the appropriateness or legality of such technologies. Canadians deserve better from their government. More oversight and accountability is needed at a minimum, and cannot be dismissed as “red tape” given the magnitude of the surveillance operations conducted upon the population of Canada by its own government.

You can read the whole piece over at the National Post.