Did domestic snooping by Canadian spy agency increase 26-fold in a year?

CSE Canada - IAThe volume of domestic communications that were intercepted by Canada’s spy agency increased 26 times between 2014 and 2015, according to a recently released report by a government watchdog. The same report states that intercepted information about Canadian citizens, which is given to Canada’s spy agency by the intelligence organizations of other Western countries, has increased so much that it now requires an elaborate mechanism to analyze it. When asked to explain the reasons for these increases, Canadian government officials said they could not do so without divulging secrets of national importance.

Information about these increases is contained in the latest annual report by the Office of the Commissioner of the Communications Security Establishment. The body was set up in 1996 to review the operations of the Communications Security Establishment (CSE). Founded in 1946, CSE is Canada’s primary signals intelligence agency. It is responsible for interception foreign communications while at the same time securing the communications of the Canadian government. The Office of the Commissioner monitors CSE’s activities and ensures that they conform with Canadian law. It also investigates complaints against the CSE’s conduct of and its officers.

Canadian law forbids the CSE from intercepting communications in which at least one of the parties participating in the exchange is located in Canada. If that happens, the message exchange is termed “private communication” and CSE is not allowed to intercept it, unless it gets written permission from Canada’s National Defense minister. Such permission is usually given only if the interception is deemed essential to protect Canadian national security or national defense. If a “private communication” is inadvertently intercepted, CSE is required to take “satisfactory measures” to protect the personal privacy of the participant in the exchange that is located inside Canada.

According to the CSE commissioner’s report for 2015, which was released in July, but was only recently made available to the media, CSE intercepted 342 “private communications” in 2014-2015. The year before, the spy agency had intercepted just 13 such exchanges. The report states that all 342 instances of interception during 2014-2015 were either unintentional or critical for the protection of Canada’s security. It further states that the reason for the huge increase is to be found in “the technical characteristics of a particular communications technology and of the manner in which private communications are counted”.

Canadian newspaper The Ottawa Citizen asked the CSE commissioner, Jean-Pierre Plouffe, to explain what he meant by “technical characteristics of a particular communications technology” in his report. His office responded that the commissioner could not explain the subject in more detail, because doing so would “reveal CSE operational capabilities” and thus hurt Canada’s national security. The newspaper also contacted CSE, but was given a similar answer. Some telecommunications security experts speculate that the increase in intercepted “private communications” may be due to exchanges in social media, whereby each message is counted separately.

Author: Ian Allen | Date: 25 August 2016 | Permalink

Canada stops sharing intelligence with Five Eyes partners over data breach

CSE CanadaCanada says it will stop sharing certain types of intelligence with some of its closest international allies until it ensures that Canadian citizens’ information is not included in the data given to foreign spy agencies. The announcement follows an official admission, made earlier this week, that a Canadian intelligence agency failed to remove Canadian citizens’ data from information it shared with member-agencies of the so-called Five Eyes Agreement. The pact, which is sometimes referred to as the UK-USA Security Agreement, has been in existence since World War II. It provides a multilateral framework for cooperation in signals intelligence (SIGINT) between the United Kingdom, the United States, Canada, Australia, and New Zealand.

On Thursday, the Commissioner of the Communications Security Establishment (CSE) of Canada, Jean-Pierre Plouffe, published a report on the activities of the CSE —the country’s primary SIGINT agency. The document, which is published annually by the Commissioner, states that the majority of the CSE’s SIGINT collection activities took place in accordance with Canadian law. However, the report found that some of the data shared by CSE with its Five Eyes partners contained data that could potentially be used to identify the identities of Canadian citizens. According to Canadian law, the CSE is not allowed to specifically target the communications of —or information about— Canadian citizens or Canadian companies. Moreover, information pertaining to those, which may be indirectly collected in the course of legitimate targeting of foreign citizens, is supposed to be immediately purged by CSE collection staff.

However, the Commissioner’s report found that some metadata —namely information pertaining to communications other than their content— that could be used to identify Canadian citizens had been shared by the CSE with Five Eyes spy agencies. Later on Thursday, Harjit Sajjan, Canada’s Minister of Defense, announced that SIGINT intelligence-sharing would be suspended until the metadata breach identified in the Commissioner’s report could be adequately addressed and corrected. Minister Sajjan said the roots of the breach had to do with “technical deficiencies” at the CSE, but added that it was crucial that the privacy of Canadians was protected. Therefore, he said, the spy agency would “not resume sharing this information with our partners” until he was “fully satisfied” that the proper control systems were in place.

Author: Joseph Fitsanakis | Date: 29 January 2016 | Permalink