Tag: Surveillance

Categories
Links

Feds considering warrantless access to internet subscriber info: police chiefs

Feds considering warrantless access to internet subscriber info: police chiefs:

OTTAWA – A new administrative scheme that would allow police to obtain basic information about Internet subscribers without a warrant is one option being considered by federal officials following a landmark Supreme Court ruling that curbed access to such data, Canadian police chiefs say.

A researcher who has long pressed for more transparency around police access to subscriber data said Monday that law-enforcement agencies have yet to make the case for warrantless access – especially since companies can make information available quickly in a genuine emergency.

“We’re not at a point where it’s clear the police have a legitimate concern,” said Christopher Parsons, a postdoctoral fellow with the Citizen Lab at Toronto’s Munk School of Global Affairs.

In June last year, the Supreme Court ruled police need judicial authorization to obtain subscriber data linked to online activities. The high court rejected the notion the federal privacy law governing companies allowed them to hand over subscriber identities voluntarily.

The court judgment came amid swelling public concern about authorities quietly gaining access to customer information with little evident scrutiny or oversight.

Parsons wants police to release more statistical information about their requests. “They actually have to make the argument with data, so we can have an evidence-based policy discussion.”

He would also like to see civil society groups and others included in the discussions about possible legislative change.

 

Categories
Links

Rampant telecom surveillance conducted with little transparency, oversight

Rampant telecom surveillance conducted with little transparency, oversight:

Canadian telecommunications providers have been handing over vast amounts of customer information to law enforcement and government departments and agencies with little transparency or oversight, a new report says.

“We conclude that serious failures in transparency and accountability indicate that corporations are failing to manage Canadians’ personal information responsibly,” says the report released by Citizen Lab today that examines how Canadian telecommunications data is monitored, collected and analyzed by groups such as police, intelligence and government agencies.

The report also criticizes the government’s “irresponsibility surrounding accountability” with respect to telecommunications surveillance. It warns that that could endanger the development of Canada’s digital economy and breed cynicism among citizens.

“Access to our private communications is incredibly sensitive,” said Christopher Parsons, lead author of the study and a postdoctoral researcher at Citizen Lab, which conducts research on information technology in the context of human rights and global security.

The report, funded by the Canadian Internet Registration Authority, showed Canadians recognize this and are very concerned.

But despite that, evidence suggests governments and law enforcement have been demanding millions of subscriber records from telecom firms in recent years.

“It raises real questions about the appropriateness of the powers or perhaps the appropriateness of the mandates or aggressiveness of the agencies that currently look to keep Canadians safe,” Parsons said.

Outdated laws

He noted there’s no way to know what the requests were about, how many there were or whether any one person’s data was requested, as Canadian law doesn’t require police to record or report any of that information.

Outdated laws require government departments and agencies to report telecommunications interceptions, but not access to stored communications such as emails and text messages, nor “non-sensitive” information such as records of calls dialed and received.

The Canada Border Services Agency is one of the few government departments that tracks such requests. In 2012 and 2013, it made 18,849 requests for telecommunications information. None were interceptions, the study found.

“That really indicates that the interception reports, while they’re very rigorous, they’re such a limited data set that they really don’t explain to parliamentarians or the public the extent or kind of surveillance that are commonplace in Canada today,” Parsons said.

A Supreme Court decision last year has forced police to start getting a warrant before requesting subscriber information from telecoms. While that has slashed the number of police requests for data, Parsons warns that new legislation that is currently before the Senate could make it easy for telecom data to be shared among police and government agencies.

New bill a concern

Bill C-51 would allow, for example, the Canada Revenue Agency to request information about a telecom customer related to a tax issue, then pass it on to the CBSA, RCMP or CSIS to probe something only marginally related, Parsons said.

Meanwhile, oversight bodies such as the privacy commissioner of Canada have no way to share information with other oversight bodies, such as the Security Intelligence Review Committee, which oversees CSIS.

And while the privacy commssioner can go to court to force private companies to comply with Canadian privacy laws, it can’t do that with government departments or agencies under the Privacy Act, Parsons said.

Another concern cited in the report is that governments and telecommunications companies have spent the past decade or so negotiating behind closed doors about technology to allow interceptions and the types of interceptions that should be mandated into law.

“I think that’s incredibly inappropriate,” Parsons said. Such interceptions are “something that we just need to do in contemporary law and order environment, but doesn’t have to take place in secretive back rooms.” He believes discussions about it should involve the public.

The report offers a long list of recommendations for corporations and government as to how they can become more transparent and accountable about telecommunications surveillance.

For example, Parsons hopes that Canadian telecommunications companies, which have just started releasing transparency reports about requests for customer data, will begin to issue more standardized and detailed reports as they do in the U.S.

He added, “I think we’re absolutely behind.”

Categories
Links

Secret Documents Reveal Canada’s Spy Agencies Got Extremely Cozy With Each Other | VICE News

Secret Documents Reveal Canada’s Spy Agencies Got Extremely Cozy With Each Other:

Highly classified documents obtained by VICE News offer new insights into how Canada’s two-headed spy apparatus works to blend its intelligence, skirt court oversight of its spying powers, and intercept communications inside the country’s borders.

Christopher Parsons, postdoctoral fellow at the Munk School, says there is long-standing ambiguity over when CSE can and cannot spy on its own citizens. And it’s worrying.

“Generally, we have questions about how meaningful, or not meaningful, Mandate C actually is,” he told VICE News.

Craig Forcese, law professor at the University of Ottawa and one of Canada’s foremost experts on security policy, says Mandate C is a tunnel through the barrier stopping CSE’s from snooping on Canadians.

“If CSE is providing assistance to CSIS under Mandate C, then CSE is clothed with the same legal authority CSIS has,” Forcese says. “So it can act as CSIS’s technological appendix, including in conducting domestic surveillance.”

University of Ottawa Professor Wesley Wark, a specialist in intelligence and national security, says there is need for a review body that can actually investigate how Mandate C is used, “in a way typically that the current CSE Commissioner has not, I don’t think, very fully.”

“The Ministry returned the letter requesting further details to address concerns raised by the Minister’s Office in relation to CSIS authority to enter into subsequent arrangements without further approval from the Minister each time,” reads a summary of changes requested to the documents.

It’s unclear if the minister’s change was actually made.

“If the minister put a stop to that, he should be congratulated,” says Parsons. The simple fact that the agencies were trying to bestow themselves that power is “more than a little bit concerning,” he says.

It’s long been speculated that signals intelligence has been the basis for many warrants and criminal charges, but that the fingerprints of CSE’s involvement were scrubbed before the application to the court was made.

“There’s a real question whether it’s CSE or CSIS in the driver’s seat,” says Parsons.

 

Categories
Links

New Mass Surveillance Laws Come to Canada, France, and the United Kingdom, as the NSA May Have Its Wings Clipped | VICE News

New Mass Surveillance Laws Come to Canada, France, and the United Kingdom, as the NSA May Have Its Wings Clipped:

Canada’s Anti-Terrorism Act is just one step away from becoming law, with its controversial information-sharing and secret police powers still intact. France’s cyber-snooping bill is facing broad political support. And the United Kingdom’s nanny state law has been in effect for months, despite protestations of a coalition of anti-spying activists.

Christopher Parsons, postdoctoral fellow at the University of Toronto’s Citizen Lab, said that while neutering the Patriot Act might impede how Americans’ data gets scooped up, nobody should expect these changes will do much to kneecap the NSA’s mass spying regime.

“I think they can do it anyway,” Parsons told VICE News, pointing to Executive Order 12333 — the directive issued by Ronald Reagan that first permitted the NSA to spy on foreign soil.

“In an era of cloud computing, there is a strong argument to be made that even after that section of the Patriot Act goes away, where and when Americans’ data flows across international boundaries, it can be collected anyway,” he said.

And while the NSA’s ability to collect data within the United States might be “slightly diminished,” other American agencies with mandates to surveil domestic threats could simply take over.

Parsons says the emerging relationship between Washington and its Five Eyes partners – Canada, the United Kingdom, Australia and New Zealand — is evolving into something much more advanced.

“All the various signals intelligence agencies have become increasingly sophisticated in, not just their ability to collect data, but also their ability to share data with one another,” Parsons said.

 

Categories
Links

Evening Brief: Tuesday, May 26, 2015

Evening Brief: Tuesday, May 26, 2015:

A new report from Citizen Lab at the Munk School says “Canadian telecommunications providers have been handing over vast amounts of customer information to law enforcement and government departments and agencies with little transparency or oversight,” reports CBC. “We conclude that serious failures in transparency and accountability indicate that corporations are failing to manage Canadians’ personal information responsibly,” says the report. “Access to our private communications is incredibly sensitive,” said Christopher Parsons, lead author of the study and a postdoctoral researcher at Citizen Lab.

Categories
Links

Toronto Police Chief Bragged About Monitoring Protesters and Anonymous Is Pissed

Toronto Police Chief Bragged About Monitoring Protesters and Anonymous Is Pissed:

In his speech, Blair bragged about the Toronto Police Service’s (TPS) ability to monitor an Israel/Palestine demonstration in 2012, which happened on the same day as Toronto’s Grey Cup celebration.

VICE contacted Christopher Parsons, a cybersurveillance researcher at the University of Toronto’s Citizen Lab, to discuss this line between legality and ethics.

“The legality of monitoring public communications isn’t entirely black and white… but it doesn’t strike me that what [Bill Blair described] was necessarily illegal,” said Parsons in an emailed statement. “That authorities are monitoring public communications, where authorities are not considered to be a ‘member of the audience,’ really gets to the heart of many contemporary privacy debates: under what conditions is something private or not?”

Parsons said the legal situation is similar to the context of a barroom.

“Bars are public places,” he said. “People talk loudly and are overheard by strangers at neighbouring tables. But we have a privacy-based expectation that when we speak to our friends or colleagues the people three tables down aren’t just overhearing (they might have to if I’m being loud!) but recording the communication for purposes I wouldn’t approve of.”

Categories
Links

What Rogers will tell you about the police looking into your account

What Rogers will tell you about the police looking into your account:

… I emailed Rogers to ask if the police had made inquires about my account. Because of a law called the Personal Information Protection and Electronic Documents Act (PIPED) Rogers has to answer my question.

Rogers’ first response, which arrived by registered mail, was:
“A search of our records revealed that no inquiries have been made by Law Enforcement Agencies….and Rogers is not permitted to advise of this disclosure.”

Christopher Parsons from U of T’s Citizen Lab says Rogers’ response should be read, “Nobody asked for your information and if somebody has asked for your information we’re not allowed to tell you.”

After the Star asked for a clarification, a Rogers spokesman said in an email, “We’re also sorry that the letter you received from us dated January 19, 2015 wasn’t more clear.” They promised to update their letters to make it clear to customers “we are restricted from disclosing most information to customers.”

Last May it was revealed that in 2011 law enforcement agencies in Canada made 1,193,630 requests for subscriber information from telecoms, the majority without a warrant. In June the Supreme Court of Canada said police need a warrant to gain accesses to telecom subscriber information. The Star later reported that the police are still making warrantless requests for customer data, because of disagreement on how to interpret the court’s decisions.

Based on letters he’s seen from different telecom companies a few months ago Parsons says “Rogers’ disclosure and TekSavvy’s disclosure are about the best in the industry.” while “Most are less transparent.”

Categories
Links

How Canadian Spies Infiltrated the Internet’s Core to Watch What You Do Online

How Canadian Spies Infiltrated the Internet’s Core to Watch What You Do Online:

While the locations of EONBLUE sites are not disclosed in the documents, one slide makes reference to the internet’s “core” and describes EONBLUE’s ability to “scale to backbone internet speeds”—implying possible access to telecom operators, data centers, undersea cables and other infrastructure providers worldwide.

Such access would mean that much, if not all of the data, travelling through a location tapped by CSE could be subject to surveillance. Though the agency maintains it cannot legally track Canadians at home or abroad it is hard to fathom how such data could be exempt.

As of November 2010, when the document was dated, EONBLUE had already been under development for ove> r eight years. However, it isn’t clear from the slides for how long EONBLUE has been used, or whether it is still in use today.

“We haven’t seen very much to date that hasn’t been suspected or known about, but it’s the scale and breadth of this activity that is so staggering on a daily basis,” said Christopher Parsons, a postdoctoral fellow at the ​Citizen Lab, an interdisciplinary research group that studies global surveillance issues at the University of Toronto’s Munk School of Global Affairs.

“It’s designed for mass tracking, mass surveillance, on a global level,” Parsons said. ​

 

Categories
Links

Canadaland, LEVITATION, and Mass Surveillance

Snowden documents reveal that CSE has been surveilling global filesharing: Canada included. Christopher Parsons analyzed the leaks for the CBC, and he joins Jesse to explain what “Project LEVITATION” means.

Categories
Links Writing

New Additions to the Canadian SIGINT Summaries

I’ve added three new items to the Canadian SIGINT Summaries. The Summaries include downloadable copies of leaked Communications Security Establishment documents, along with summary, publication, and original source information (CSE).1 CSE is Canada’s foreign signals intelligence agency and has operated since the Second World War.

Documents were often produced by CSE’s closest partners which, collectively, form the ‘Five Eyes’ intelligence network. This network includes the CSE, the National Security Agency (NSA), the Government Communications Headquarters (GCHQ), Australian Signals Directorate (ASD),2 and Government Communications Security Bureau (GCSB)).

All of the documents are available for download from this website. Though I am hosting the documents they were all first published by another party. The new documents and their summaries are listed below. The full list of documents and their summary information is available on the Canadian SIGINT Summaries page.