Canada stops sharing intelligence with Five Eyes partners over data breach

CSE CanadaCanada says it will stop sharing certain types of intelligence with some of its closest international allies until it ensures that Canadian citizens’ information is not included in the data given to foreign spy agencies. The announcement follows an official admission, made earlier this week, that a Canadian intelligence agency failed to remove Canadian citizens’ data from information it shared with member-agencies of the so-called Five Eyes Agreement. The pact, which is sometimes referred to as the UK-USA Security Agreement, has been in existence since World War II. It provides a multilateral framework for cooperation in signals intelligence (SIGINT) between the United Kingdom, the United States, Canada, Australia, and New Zealand.

On Thursday, the Commissioner of the Communications Security Establishment (CSE) of Canada, Jean-Pierre Plouffe, published a report on the activities of the CSE —the country’s primary SIGINT agency. The document, which is published annually by the Commissioner, states that the majority of the CSE’s SIGINT collection activities took place in accordance with Canadian law. However, the report found that some of the data shared by CSE with its Five Eyes partners contained data that could potentially be used to identify the identities of Canadian citizens. According to Canadian law, the CSE is not allowed to specifically target the communications of —or information about— Canadian citizens or Canadian companies. Moreover, information pertaining to those, which may be indirectly collected in the course of legitimate targeting of foreign citizens, is supposed to be immediately purged by CSE collection staff.

However, the Commissioner’s report found that some metadata —namely information pertaining to communications other than their content— that could be used to identify Canadian citizens had been shared by the CSE with Five Eyes spy agencies. Later on Thursday, Harjit Sajjan, Canada’s Minister of Defense, announced that SIGINT intelligence-sharing would be suspended until the metadata breach identified in the Commissioner’s report could be adequately addressed and corrected. Minister Sajjan said the roots of the breach had to do with “technical deficiencies” at the CSE, but added that it was crucial that the privacy of Canadians was protected. Therefore, he said, the spy agency would “not resume sharing this information with our partners” until he was “fully satisfied” that the proper control systems were in place.

Author: Joseph Fitsanakis | Date: 29 January 2016 | Permalink

NSA gives Israel raw intercepts containing US citizens’ data

NSA headquartersBy JOSEPH FITSANAKIS | intelNews.org |
The United States National Security Agency (NSA) shares raw intercepted data with Israeli intelligence without first deleting information pertaining to American citizens, according to a leaked document. British newspaper The Guardian published on Wednesday an informal memorandum of understanding between the NSA and the Israel SIGINT National Unit (ISNU). The five-page document was supplied to the newspaper by Edward Snowden, a technical contractor for the NSA who defected to Russia this past summer. It outlines an agreement reached in 2009 between the NSA and the ISNU, under which the American side provides the Israelis with raw intercepts, which often contain telephone and email data belonging to American citizens. The memorandum describes this type intelligence sharing as a “routine” aspect of a broader “SIGINT relationship between the two organizations”. SIGINT refers to signals intelligence, a term used in the intelligence community to describe the interception of communications data or content. Additionally, the document specifically mentions that the data shared with the Israelis is “raw” or “unminimized”, meaning it has not been subjected to the process of extracting and deleting information that identifies US citizens or residents —known as “US persons”. By law, the NSA is not permitted to spy on US persons and is required to ‘minimize’ intercepted data so that the communications of US persons remain private, unless they are absolutely indispensible in understanding a piece of foreign intelligence. The memorandum describes a number of restrictions on the use of this information by Israeli intelligence, stating that the ISNU is forbidden from using it in order to target US persons. It also states that the ISNU must shield the identities of US persons when sharing the information with other Israeli government agencies. Read more of this post

NSA ‘broke, circumvented Internet encryption standards’

NSA headquartersBy IAN ALLEN | intelNews.org |
The United States National Security Agency (NSA) has been able to crack or get around basic encryption standards used daily by hundreds of millions of Internet users, according to newly leaked documents. The New York Times said on Friday that it was in possession of documents that prove that the NSA is not restrained by universal encryption standards used in the US and abroad. The NSA, which is America’s largest intelligence agency, and is tasked by the US government with intercepting electronic communications worldwide, is now able to routinely circumvent Secure Sockets Layer or virtual private networks, as well as encryption protection standards used on fourth-generation cell phones. It therefore has instant access to the content of billions of encrypted messages exchanged by users of some of the Internet’s most popular email companies, including Gmail, Hotmail, Yahoo and Facebook. The paper said it obtained the documents from Edward Snowden, a technical contractor for the NSA who defected to Russia this past summer. They include internal NSA memoranda that suggest the NSA deployed specially built supercomputers to break Internet encryption standards. In other cases, the Agency worked with selected companies and convinced them to “build entry points into their products”. The multi-billion effort was apparently launched by the NSA in the early 2000s, soon after the US government lost a lengthy battle with the communications industry centering on the so-called ‘clipper chip’. Read more of this post

News you may have missed #849 (analysis edition)

Edward SnowdenBy IAN ALLEN | intelNews.org |
►►Are American spies the next victims of the Internet age? The furor over the NSA’s data collection and surveillance programs has been fierce. But Daniel Prieto, of the Center for Strategic and International Studies, argues that the debate should be focusing on the US intelligence apparatus, transformed in the dozen years since 9/11, can meet the challenges and that the US faces today and into the future. He asks whether the “business model” of US intelligence –how intelligence is gathered, analyzed, and used– is sufficient and sustainable, or whether it needs to evolve to “something different or something more”.
►►What did Edward Snowden get wrong? Everything. Andrew Liepman, senior analyst at RAND Corporation, former career officer at the CIA, and former deputy director of the US National Counterterrorism Center, offers an insider’s view on the Edward Snowden case. He argues that those following the Snowden saga fail to understand that the US government “truly does make strenuous efforts not to violate privacy”. This is not simply because it respects privacy on principle, he says, but also because “it simply doesn’t have the time” to access irrelevant information that is not closely connected to possible espionage or terrorist plots against Americans.
►►Why US diplomatic missions became fortresses. Even during the Cold War, American diplomatic facilities were designed to be welcoming and to project the American values of openness and individual liberty. No more, argues John Campbell, former US Ambassador to Nigeria and Ralph Bunche Senior Fellow for Africa Policy Studies at the Council on Foreign Relations. Nowadays, US diplomatic facilities increasingly showcase “Fortress America”, he argues. And he concludes that, “the need to subordinate so much to security diminishes US soft power by undermining its traditional message of openness and welcome”.

Germany probes UK spy program revealed by CIA whistleblower

Sabine Leutheusser-SchnarrenbergerBy JOSEPH FITSANAKIS | intelNews.org |
Germany wants to know whether its citizens were spied on under a British government surveillance program revealed by American intelligence whistleblower Edward Snowden. The program, codenamed Project TEMPORA, was disclosed earlier this week by Snowden, a former technical assistant for the United States Central Intelligence Agency (CIA). Snowden remains holed up at Moscow’s Sheremetyevo International Airport, as Russian authorities have rejected repeated requests by Washington to extradite him to the US. According to British newspaper The Guardian, which first wrote about Project TEMPORA on June 21, Britain’s General Communications Headquarters (GCHQ) has been able to “plug into the cables that carry internet traffic into and out” of the United Kingdom. The agency, which is tasked with communications interception, has therefore collected and stored massive quantities of foreign telephone call data and email messages, and has shared much of it with its US counterpart, the National Security Agency. On June 25, Germany’s Federal Minister of Justice, Sabine Leutheusser-Schnarrenberger, wrote a letter to her British counterpart, Chris Grayling, asking for immediate clarification on the precise legal basis for Project TEMPORA. In her letter, which was copied to the British Home Secretary, Theresa May, the German cabinet minister also inquires whether TEMPORA has been authorized by the appropriate judicial authorities. She argues that “European institutions should shed light on this [issue] immediately” and warns her British colleagues that she plans to raise the subject during the July 2013 meeting of European  Union Justice and Home Affairs ministers, which will be held in Brussels, Belgium. Read more of this post

Analysis: PRISM revelations harm US political, financial interests

NSA headquartersBy JOSEPH FITSANAKIS | intelNews.org |
Ever since June 6, when Edward Snowden, a former United States Central Intelligence Agency (CIA) technician, exposed a vast communications spying system called PRISM, observers have focused on the ramifications of this controversy inside America. But in an excellent analysis written for ComputerWorld magazine’s New Zealand edition, Taylor Armerding points out that Snowden’s revelation could result in extensive international blowback for the United States, in both the political and economic realms. Armerding quotes Toronto University political science professor Ron Deibert, who argues that this latest revelation of massive communications interception activity by the National Security Agency (NSA) carries with it “unintended consequences […] that will undermine US foreign policy interests”. Deibert points out that the spy scandal has the potential to undercut America’s role and influence in global Internet governance. In the words of renowned security expert Bruce Schneier, many around the world are beginning to view the US as “simply too untrustworthy to manage the Internet”. Even policymakers and ordinary users friendly to Washington are worried about what they perceive as the “huge disadvantages” of their dependence on US-managed Internet networks that host the content of social media sites, cloud computing databases, or telecommunications exchanges, says Deibert. But the biggest potential damage to US interests, argues Armerding, is not political, but economic. “It is not just personal information that is being swept into the NSA’s massive databases”, he notes; “it is corporate data as well”. Indeed, the vast foreign and domestic spying represented by PRISM poses a direct threat to the global competitiveness of the American technology sector. Read more of this post

News you may have missed #794

GCHQ center in Cheltenham, EnglandBy IAN ALLEN | intelNews.org |
►►Racism charge against GCHQ settled out of court. The British government’s SIGINT agency, GCHQ has been spared having its inner workings broadcast in public after a potentially embarrassing racism case was settled out of court at the last minute. The racial harassment and constructive dismissal lawsuit had been filed by Alfred Bacchus, a 42-year-old former employee. There are unconfirmed reports that, as part of the settlement, the plaintiff has signed a non-disclosure agreement banning him from revealing any more details about his complaints.
►►US spy agencies renew call for electronic surveillance rights. US intelligence officials had made a public plea on Tuesday, the 11th anniversary of the September 11, 2001, attacks, for quick Congressional action to extend a sweeping but controversial US electronic surveillance law. If the law, which expires at the end of 2012, is not extended, US spy agencies say they would lose access to what they describe as a “very, very important source of valuable intelligence information”. But at least one congressional critic of the surveillance law, Democratic Senator Ron Wyden, says he is willing to use legislative tactics to stall the bill, which has been passed by the House, unless the administration and other legislators agree to include stronger provisions to protect Americans’ civil liberties.
►►Yemen claims arrest of ‘Mossad agent’. Al-Nas, a Yemeni weekly associated with the Islamist Yemeni Reform Party, reported last weekend that an Israeli citizen, identified only by his initials and year of birth, 1982, was arrested in the southwestern city of Taizz. He reportedly admitted to smuggling children out of Yemen to neighboring countries and from there to Israel “through Zionist organizations”. Bizarrely, the man reportedly told his Yemeni interrogators that he “spent three years in a Greek prison for researching the biographies of well-known computer hackers”.

Follow

Get every new post delivered to your Inbox.

Join 1,119 other followers