News

Who Is Watching the Watchers?: Ten Questions About Canada’s Secret Metadata Surveillance Activities

The surveillance story may have started last week in the U.S. with the leak of several secret surveillance programs including massive surveillance of the metadata from all cellphone calls, but the Canadian questions continue to mount. The U.S. disclosures immediately raised questions about the possibility of Canadian involvement or the inclusion of Canadian data. Given the common communication infrastructure and the similarity between Canadian and U.S. laws, it seemed likely that Canada was engaged in much the same activities.

By Monday, the Globe was reporting  that the CSEC has its own metadata surveillance program with approval granted through a ministerial directive from Defence Minister Peter MacKay in 2011. When questioned about the issue, MacKay sought to assure Canadians that the surveillance only involved foreign communications.  Despite those assurances, the questions have continued to mount:

  1. How much U.S. collected data is shared with Canadian agencies?  Liberal MP Wayne Easter, who was a cabinet minister with responsibility for CSIS in 2002-03, told the Toronto Star that such sharing was common, providing a back-door way to access information.
  2. Was the metadata surveillance program halted for several years as the Globe reported or was it always operational? The Toronto Star reported that Wesley Wark believes the program was never stopped. The CSEC 2010-11 Annual Report suggests that some activities were halted.
  3. Who actually knows the specifics on the metadata program?  The Globe reports today that Senator Hugh Segal, the chair of the parliamentary anti-terrorism committee, was unaware of the details of the program.
  4. What level of cooperation exists with Canadian telecom companies? They aren’t talking, prevented from doing so by gag orders that keep their participation largely secret.
  5. The CSEC 2006-07 annual report indicated that there was a review of CSEC use of metadata underway.  What happened to that review?
  6. How extensive is the CSEC activities on metadata? The organization is currently recruiting data mining specialists and data mining is a key research focus for its Tutte Institute for Mathematics and Computing. In fact, Bill Robinson pointed out the CSEC’s emphasis on data mining as far back as 2007.
  7. Does the CSEC even believe that metadata surveillance constitutes an intercept?  Robinson notes that in 2007, then CSE Chief John Adams seemed to argue that it would not. This is particularly relevant given that the law requires permission for surveillance of private communications. As Craig Forcese notes, if the scope of metadata is limited, no permission would be needed.
  8. Does the CSEC believe that there is a reasonable expectation of privacy for metadata?  The government tried to downplay the privacy significance of IP addresses during the fight over lawful access (Bill C-30). Would it try to argue that the metadata does not enjoy privacy protections?  Forcese raises the Charter of Rights issues that hang in the balance.
  9. What does Privacy Commissioner of Canada Jennifer Stoddart know? What is she prepared to do as part of a promised investigation? Will the office use its audit power to also focus on the major Canadian telecom companies?
  10. How have Canadian courts addressed these issues? Reported cases are heavily redacted.

So far, there are many questions but few answers.

10 Comments

  1. Don’t Fear
    Have no fear, I’m sure Harper wouldn’t do anything that would hurt Canada and it’s citizens. (that’s sarcasm)

  2. 11. Will Minster Towes please stick his foot in his mouth once more to raise this important issue’s exposure?

  3. Share and Share Alike
    #1. This is the loophole. It’s the voluntary sharing of information amongst allies through organizations like the Five Eyes. Canada watches the British, who watch the Americans, etc. and all of the countries voluntarily share information amongst each other. Therefore, each country need not watch its own citizens in violation of privacy laws. They let an ally do it, in exchange for information on the ally’s citizens. There are no laws to prevent the voluntary sharing of such information.

    Doesn’t this remind you of the same loopholes used to get around information obtained by the use of torture?

  4. Anonymous says:

    What to do.
    While I think it is safe to say that the open global dialogue has begun, it will be years before we have firmly reached the point where it is generally understood that free speech, privacy and anonymity are most important here, and where we can go back to being the free beings we were before this.

    In the meantime, the fascists, spooks, thugs and other power-loving power-wielding politicos and the hackers they employ have operated on the basis that “It is easier to ask for forgiveness afterward than it is to ask for permission beforehand.”

    Therefore, our patriotic duty to freedom, democracy and all that we hold dear, is to learn how to encrypt, to evade surveillance, join the Anonymous and teach others to do so.

    And when governments try to take away these tools with bills like CISPA and C-51, we must eject those governments immediately, and stop those bills, just as with SOPA.

    As Daniel Ellsberg of the Pentagon Papers fame has said, this NSA leak has been the most important leak in the history of the United States. Or as one brave Canadian once said “Stop Harper”!

  5. Routing
    “McKay sought to assure Canadians that the surveillance only involved foreign communications.”

    That’s deliberately deceptive. I’m sure that McKay knows that much Canadian communications is routed through the US and that you often cannot clearly distinguish the origin – particularly if a Canadian is using a VPN in the US or some other country.

  6. Christopher Mackay says:

    MacKay, not “McKay”
    Perhaps I’m over-sensitive: the Minister’s name is spelt “Peter MacKay”, not “Peter McKay”.

  7. Chris Reid says:

    The inevitable “What now?” question….
    Which is exactly what this is. Finding out about PRISM (while not terribly surprising) was bad enough … but now the (also unsurprising) revelation that our own government has been doing the same damn thing? Where does one start, as far as making their voice – in full opposition of such utterly invasive practices – known? And in a way that has some weight behind it? The US at least has organizations like the EFF to focus the combined effort of individuals. We don’t seem to have anywhere near as unified a voice for this country, and while I think the individual is always where change for the better has to start – you can push an elephant out of the room a lot easier with a unified effort than you can with people taking turns shoving it at different spots.

  8. BemusedLurker says:

    Cost Saving measures – Snark
    I am waiting for the joint announcement out of the Security Apparachex in both countries…

    Canadians no longer need to invest in backup software – CONTACT NSA for inadvertently deleted files.
    Americans no longer need to invest in backup software – CONTACT CSIS* for inadvertently deleted files.

    * hosted by google

  9. thanks, A Plebe
    Your post warrants re-posting – it’s what I came here to say:

    “#1. This is the loophole. It’s the voluntary sharing of information amongst allies through organizations like the Five Eyes. Canada watches the British, who watch the Americans, etc. and all of the countries voluntarily share information amongst each other. Therefore, each country need not watch its own citizens in violation of privacy laws. They let an ally do it, in exchange for information on the ally’s citizens. There are no laws to prevent the voluntary sharing of such information. ”

    And MacKay knows all of that.

  10. BitMessage
    https://bitmessage.org/wiki/Main_Page

    BitMessage is in its early development but eventually it will be a add-on for common e-mail clients like thunderbird.

    My BitMessage address is: BM-2DAfiutsMtsJRfk4LKg2f8gN3gDREY1paZ please feel free to contact me.