Author: Christopher Parsons

Policy wonk. Torontonian. Photographer. Not necessarily in that order.

Categories
Links

Lack of public Wi-Fi in Toronto raises privacy concerns: experts

Lack of public Wi-Fi in Toronto raises privacy concerns: experts:

The lack of public Wi-Fi in Toronto means those in need of wireless Internet must trade their privacy for connectivity, experts say.

Privacy concerns aside, Christopher Parsons with the Citizen Lab at U of T said leaving Wi-Fi in the hands of businesses limits access. While a public Wi-Fi system would be open to all, not everyone can afford the price of admission – implied or otherwise – at places like Starbucks.

“For some people, stepping in and getting a latte for five dollars is fine, but for other people that five-dollar latte is an incredible extravagance. They may not feel comfortable in that situation, or they may not feel welcome.”

Categories
Links Quotations

What’s worse than a cookie? A ‘perma-cookie’

What’s worse than a cookie? A ‘perma-cookie’:

Last fall, Verizon in the U.S. was found to be using the headers to cash in on the mobile advertising market and deliver targeted ads to customers.

It was later revealed that other advertisers, unaffiliated with Verizon’s own advertising program, were taking advantage of the headers to then track and target cellphone users for ads, even if customers had opted out.

Privacy experts also worry about the potential for governments and criminals to hijack the data.

Christopher Parsons, the managing director of a telecom transparency project run out of the Citizen Lab at the University of Toronto, says that national security services and agencies “already track Canadians, Americans and citizens of other nations using unencrypted identifying information and there’s no reason to believe they wouldn’t use perma-cookies for similar tracking purposes.”

 

Categories
Links

FBI watched as hacker dumped Bell Canada passwords online

FBI watched as hacker dumped Bell Canada passwords online:

When Bell Canada’s website was hacked last year — and the accounts and passwords of more than 12,000 Canadians posted online — the Federal Bureau of Investigation was not only watching, but letting the hackers stage the attack from what was secretly an FBI server.

Christopher Parsons, a postdoctoral fellow who studies state access to telecommunication data at the Citizen Lab at the Munk School of Global Affairs in Toronto, said it made “good tactical sense” that the FBI used confidential informants and an undercover server to build their case.

It was the fact they did nothing to stop the crime before it occurred that makes this case unusual, Parsons said.

“In this case it sounds like the FBI had that ability, had that option to prevent these things from happening, perhaps with a weaker case, but instead they opted to endanger innocents in order to build a stronger case,” said Parsons. “The problem there is there is no indication Bell had been notified. This wasn’t dummy data that was released — this was live, real customer data.”

 

Categories
Links

Rogers reports sharp drop in police demands for customer data

Rogers reports sharp drop in police demands for customer data:

Christopher Parsons, a researcher at the University of Toronto’s Citizen Lab, said Rogers’ commitment to regularly releasing such data is commendable. Yet, he argued the company could go even further with certain aspects of its report, such as including information about when it discloses to customers that a law enforcement request has been made.

He noted that authorities are required to notify individuals who have been subject to wiretap requests or any intercept of live information. However, he said requests for stored data do not trigger a statutory requirement to inform the person that they were under investigation and unless the information is introduced in a court proceeding, they would never know.

“Rogers could advance the privacy discussion in Canada that much more by trying to push government and law enforcement agencies to let the company disclose that their customers were subject to a request,” Mr. Parsons said.

 

Categories
Links

Police asked telcos for client data in over 80% of criminal probes

Police asked telcos for client data in over 80% of criminal probes:

In recent years, civil liberty advocates, journalists and Canada’s privacy watchdog have repeatedly sought details on the frequency with which telecom companies hand over data to police officers.

Not all are convinced that the 80-95 per cent estimate is accurate.

“How exactly did they derive such high numbers? What is the methodology?” asks Chris Parsons, a post-doctoral fellow at Citizen Lab, an academic unit at the University of Toronto’s Munk School of Global Affairs.

“If it is sound, that indicates an incredibly high rate, assuming that all crimes or all investigations are some way linked with telecommunications data.”

Last year, TekSavvy, Rogers and Telus became the first telecommunications companies to release transparency reports — following in the footsteps of their U.S. counterparts and spurred to action by a questionnaire sent by a group of academics led by Parsons. Bell Canada was alone among the large telcos not to issue a report.

Previously released government documents suggested that Public Safety officials worried that the firms might divulge “sensitive operational details” in their reports.

The federal department sought advice on whether any potential legal issues might exist around the disclosure of how telecommunication companies interacted with police, the newly released ministerial briefing says.

“If I were being very charitable, it could be a way to assuage the concerns that ISPs [internet service providers] may have had,” said Parsons. “Less charitably, it could also mean that Public Safety was interested in seeing if there was a way to prevent the reports from coming out.”

Many internet and phone service providers cited potential legal issues — along with a litany of other reasons — as why they failed to disclose any figures.

 

Categories
Links

Evening Brief: Tuesday, May 26, 2015

Evening Brief: Tuesday, May 26, 2015:

A new report from Citizen Lab at the Munk School says “Canadian telecommunications providers have been handing over vast amounts of customer information to law enforcement and government departments and agencies with little transparency or oversight,” reports CBC. “We conclude that serious failures in transparency and accountability indicate that corporations are failing to manage Canadians’ personal information responsibly,” says the report. “Access to our private communications is incredibly sensitive,” said Christopher Parsons, lead author of the study and a postdoctoral researcher at Citizen Lab.

Categories
Links Writing

Christopher Parsons: Canada has a spy problem

I published a comment piece with the National Post today that quickly summarizes the importance and harms of Canada’s signals intelligence activities, especially as it pertains to persons living in Canada.

The key takeaway is:

Canadians are routinely accused of having sleepwalked into a surveillance nation. We haven’t. Instead, the federal government of Canada has secretly deployed mass-surveillance technologies focused on domestic and foreign communications alike and, even when caught red-handed, the government refuses to have a reasonable conversation about the appropriateness or legality of such technologies. Canadians deserve better from their government. More oversight and accountability is needed at a minimum, and cannot be dismissed as “red tape” given the magnitude of the surveillance operations conducted upon the population of Canada by its own government.

You can read the whole piece over at the National Post.

Categories
Links

Documents Reveal Canada’€™s Secret Hacking Tactics – The Intercept

Documents Reveal Canada’€™s Secret Hacking Tactics – The Intercept:

Canada’s electronic surveillance agency has secretly developed an arsenal of cyberweapons capable of stealing data and destroying adversaries’ infrastructure, according to newly revealed classified documents.

Christopher Parsons, a surveillance expert at the University of Toronto’s Citizen Lab, told CBC News that the new revelations showed that Canada’s computer networks had already been “turned into a battlefield without any Canadian being asked: Should it be done? How should it be done?”

 

Categories
Links

From hacking to attacking, a look at Canada’s cyberwarfare tools

Recently CSE documents outline the range of activities CSE engages in. The CBC has worked with experts, including myself, to explain some of the more controversial or opaque techniques discussed.

Categories
Links

Communication Security Establishment’s cyberwarfare toolbox revealed

Communication Security Establishment’s cyberwarfare toolbox revealed :

Top-secret documents obtained by the CBC show Canada’s electronic spy agency has developed a vast arsenal of cyberwarfare tools alongside its U.S. and British counterparts to hack into computers and phones in many parts of the world, including in friendly trade countries like Mexico and hotspots like the Middle East.

Some of the capabilities mirror what CSE’s U.S. counterpart, the NSA, can do under a powerful hacking program called QUANTUM, which was created by the NSA’s elite cyberwarfare unit, Tailored Access Operations, says Christopher Parsons, a post-doctoral fellow at the Citizen Lab, one of the groups CBC News asked to help decipher the CSE documents. QUANTUM is mentioned in the list of CSE cyber capabilities.

Publicizing details of QUANTUM’s attack techniques fuelled debate south of the border about the project’s constitutionality, says Parsons, who feels a debate is needed here in Canada as well.

“Our network has been turned into a battlefield without any Canadian being asked: Should it be done? How should it be done?” says Parsons.

“With Bill C-51, we’re seeing increased powers being provided to CSIS, and that could mean that they would be able to more readily use or exploit the latent domestic capabilities that CSE has built up,” says Parsons.