A Crisis of Accountability — The Canadian Situation

/ Christopher Parsons

CanadaThe significance of Edward Snowden’s disclosures is an oft-debated point; how important is the information that he released? And, equally important, what have been the implications of his revelations? Simon Davies, in association with the Institute of Information Law of the University of Amsterdam and Law, Science, Technology & Social Studies at the Vrie Universiteit of Brussels, has collaborated with international experts to respond to the second question in a report titled A Crisis of Accountability: A global analysis of the impact of the Snowden revelations.

In what follows, I first provide a narrative version of the report’s executive summary. The findings are sobering: while there has been a great deal of international activity following Snowden’s revelations, the tangible outcomes of that activity has been globally negligible. I then provide the text of the Canadian section of the report, which was drafted by Tamir Israel, myself, and Micheal Vonn. I conclude by providing both an embedded and downloadable version of the report.

Report Summary

The findings of the report are sobering; while there has been a noticeable shift in the thinking across the world towards increased awareness of the importance of accountability, transparency, and the rule of law, the overwhelming majority of countries assessed in the report have not responded in significant tangible or measurable ways over the past year. While there has been a notable volume of “activity” in the form of diplomatic representations, parliamentary inquiries, media coverage, campaign strategies, draft legislation and industry initiatives, there has – at the global level – been an insignificant number of tangible reforms adopted to address the concerns raised by the Snowden disclosures. Two thirds of legal professionals and technology experts from 29 countries surveyed for this study reported that they could recall no tangible measure taken by government.

Further, authors reported that obfuscation and denial tactics had been reported across governments, with the UK in particular – as America’s principle operational and diplomatic security partner – singled out because of its almost total disregard for any of the issues raised by the Snowden disclosures. In tandem, the operational relationship between security services, law enforcement agencies and global police organisations such as INTERPOL remains largely unknown and – in terms of data policy – continues to be largely unaccountable. While important new information has been made public about how security agencies collect and exchange data within their own security community, almost nothing is known about the use of that information or the extent to which it is passed to law enforcement agencies.

There have admittedly been a series of small reforms that have been adopted by governments (most notably the US). However, these appear to create no meaningful protections for personal data at the global level. While, for example, President Obama declared an interest in providing some protections for non-US persons, the protections themselves were marginal at best, and have so far failed to materialise. Indeed the available evidence indicates that the US administration has engaged in a global campaign to neutralise attempts by some governments to create reform of international security relationships.

Despite a perception that the Snowden disclosures have became a global news story, reports from the majority of non-US nations indicate that media coverage in many countries has been minimal or non-existent. Concern was expressed that the story was “owned” as a proprietary package by the Anglo-American press and was of little direct relevance to most parts of the world. This perception only shifted at the local level when such countries as Pakistan and Mexico were specifically cited in leaked documents. Possibly in part because of the predominant US focus in reporting, media coverage of the relevant issues has declined globally to less than two percent of the initial traffic of a year ago – and continues to diminish. As a consequence, public concern about the issues raised by the disclosures has – at best – reached a plateau. This drop-off is particularly steep in non-US and non-English language media.

A significant number of corporations have responded to the disclosures by introducing a range of accountability and security measures (transparency reports, end-to-end encryption etc). Nonetheless, while acknowledging that these reforms are “a promising start” nearly sixty percent of legal and IT professionals surveyed for this report believe that they do not go far enough, with more than a third of respondents reporting that they felt the measures were “little more than window dressing” or are of “little value” outside the US.

The report’s primary compiler and editor, Simon Davies, concludes by asserting that civil society and the tech community have not adequately adapted to the challenges raised by the Snowden revelations. For example, the interface and the communications between policy reform (e.g. efforts to create greater accountability measures, privacy regulations) and technical privacy solutions (e.g. designing stronger embedded security) is worryingly inconsistent and patchy. Few channels of communication and information exchange exist between these disparate communities.

A Crisis of Accountability – Canada

Snowden’s revelations have implicated Canada’s foreign intelligence signals agency – the Communications Security Establishment Canada (CSEC) – in expansive domestic and foreign surveillance initiatives. To date, however, the Snowden effect has led to few tangible or significant reforms designed to remedy problematic surveillance practices exposed by the Snowden revelations. The most significant responses have included civil society and media commentary, some parliamentary action in the form of criticism, fact-finding activities and reform efforts, and early judicial and quasi-judicial interventions. These collective efforts have dovetailed with (and enhanced) previous efforts at reform of Canada’s foreign intelligence and domestic surveillance regime. While the net result has led to a greater understanding of CSEC’s activities and objectives, there has been minimal concrete movement towards reform aside from some early judicial proceedings.

Canadian media have received and published several Snowden documents implicating CSEC. These publications have been supplemented by domestic investigative media efforts. CSEC has been controversially implicated in surveillance of the Brazilian Ministry which grants resource exploitation contracts, [1] in undermining of international security standards, [2] in aiding five eyes partners to spy on political allies during G8 and G20 meetings, [3] and in using CSEC’s metadata reserves to map individual movements and infrastructure in Canada by monitoring public wifi networks. [4] Canadian media has also documented the dramatic growth in CSEC’s budget in recent years, as well as its close financial links to foreign agencies such as the U.S. National Security Agency. [5] General concern over CSEC has led to calls for reform of Canada’s foreign intelligence surveillance apparatus by a number of major Canadian newspapers. [6] It should be noted that while the media response has been significant by historical standards, it has largely remained driven by Canadian-specific revelations.

In response to the Snowden disclosures, Canadian civil society and academics have worked to raise awareness of state surveillance. This has included education campaigns and online actions. Notably, the Protect Our Privacy Coalition – comprised of over 50 major organizations and two-dozen leading academics – launched an online action calling on Members of Parliament to rein in CSEC’s more intrusive activities as part of an internatoinal day of action. [7] Academics have convened workshops and high profile debates, [8] and publicly explained the significance of state surveillance online and through media. One workshop launched a book on surveillance in Canada [9] and generated the Ottawa Statement on Mass Surveillance. [10] Additional efforts from researchers at the University of Toronto have tried to ascertain how long Internet service providers collect, retain, and handle subscriber data, as well as data routing practices, [11] and to pressure telecommunications companies into improving their transparency regarding disclosure of customer data to state agencies. [12] These efforts have only recently begun yielding some responses from private telecommunications companies in the form of transparency reports, [13] but no commitment to change from the federal government or from CSEC.

Canada’s legislative bodies have also been active. The Senate Standing Committee on National Security and Defence is studying CSEC’s activities [14] and may produce a report with recommendations for reform. Opposition parties in Canada’s primary legislative body – the House of Commons – have called for an emergency debate on CSEC’s surveillance activities [15] and for the government to commit to transparency and reform of CSEC. [16] Opposition MP Charmaine Borg attempted to force the disclosure of statistics concerning the scope of government’s agencies’ surveillance efforts (including CSEC’s) and met with limited response from domestic agencies and none from CSEC. [17] Finally, two bills have been introduced by individual MPs to enhance oversight of CSEC’s activities; [18] unfortunately, neither has the government’s support nor do they include amendments to CSEC’s substantive legal or operational framework.

The most promising developments in Canada have arisen from judicial and quasi-judicial initiatives. First, Justice Mosley of the Federal Court reconsidered, on his own initiative, a surveillance authorization decision he had issued in 2009. The authorization let the Canadian Security and Intelligence Service intercept, with CSEC’s assistance, the communications of two Canadians travelling abroad as long as the communications transited through Canada. [19] In late 2013, Justice Mosley issued a strong rebuke to CSEC and CSIS for strategically omitting critical information in their 2009 warrant application relating to CSEC’s use of its significant and expansive Five Eyes resources in support of the authorized interceptions. [20] As a result of this decision (which will be appealed) CSEC cannot use its Five Eyes resources when assisting domestic agencies with their surveillance activities.

Additionally, the British Columbia Civil Liberties Association (BCCLA) has brought a constitutional challenge to key aspects of the legal and operational framework that governs CSEC. The suit alleges that CSEC’s current operations and limited oversight infringe sections 8 and 2(b) of the Canadian Charter of Rights and Freedoms which enshrine the right to be free of unreasonable search and seizure and the freedom of thought, belief, opinion and expression, including freedom of the press and other media of communication. [21] The BCCLA has also filed a proposed national class action lawsuit on behalf of Canadians whose private communications and metadata have been collected by CSEC in a manner that violates the Charter. [22] The Canadian Civil Liberties Association (CCLA) has also launched a lawsuit, challenging the constitutionality of key provisions of PIPEDA, Canada’s federal data protection statute, which prevent private companies such as ISPs from effectively notifying customers when their data has been handed over to state agencies such as CSEC for investigative purposes. [23] Finally, the federal privacy commissioner also released information concerning the regularity at which telecommunications companies were asked for data by government agencies in 2011, though without specificity concerning how often these requests were made by, or on the behalf of, CSEC. [24]

In conclusion, the media and Parliament’s attention to signals intelligence has increased significantly, and these efforts have dovetailed with ongoing concerns over the scope and nature of privacy-invasive activities by domestic state agencies. However, this attention has yet to culminate in any concrete outcomes, as the federal government has so far refused to respond to public criticism of CSEC’s activities. The most promising actions to date have manifested in the courts, though these actions remain in a nascent state.

Read the Report

You can download the report, titled ‘A Crisis of Accountability: A global analysis of the impact of the Snowden revelations’ from our website or read following embedded version of the report below.

Click to access Snowden-final-report-for-publication.pdf

 

ENDNOTES:

  1. Colin Freeze and Stephanie Nolen. 2013. “Charges that Canada spied on Brazil unveil CSEC’s inner workings,” The Globe and Mail, October 7, 2013, http://www.theglobeandmail.com/news/world/brazil-spying-report-spotlights-canadas-electronic-eavesdroppers/article14720003/; Colin Freeze, “Read a CSEC Document that was first acquired by Edward Snowden,” The Globe and Mail, November 30, 2013, http://www.theglobeandmail.com/news/politics/read-a-csec-document-on-brazil-that-was-first-acquired-by-edward-snowden/article15699941/; for the most publicly detailed analysis of the program see: Anonymous, “OLYMPIA: How Canada’s CSEC maps phone and internet connections,” Top Level Communications, May 14, 2014, http://electrospaces.blogspot.ca/2014/03/olympia-how-canadas-csec-maps-phone-and.html.  ↩
  2. “Government Announces Steps to Restore Confidence on Encryption Standards,” http://bits.blogs.nytimes.com/2013/09/10/government-announces-steps-to-restore-confidence-on-encryption-standards/; Michael Geist, “Canada Facilitated NSA’s Effort to Weaken Encryption Standards”, September 11, 2013, MichaelGeist.ca, http://www.michaelgeist.ca/content/view/6951/196/; Omar El Akkad, “The Strange Connection Between the NSA and an Ontario Tech Firm”, January 20, 2014, Globe and Mail, http://www.theglobeandmail.com/technology/business-technology/the-strange-connection-between-the-nsa-and-an-ontario-tech-firm/article16402341/.  ↩
  3. “NSA document raises questions about Canada in G8 spying,” http://www.cbc.ca/news/politics/nsa-document-raises-questions-about-canada-in-g8-spying–1.2447398; “NSA Briefing Note on G8/G20 Summits,” http://www.cbc.ca/news2/pdf/summit-doc.pdf.  ↩
  4. Greg Weston, Glen Greenwald & Ryan Gallagher, “CSEC used airport Wi-Fi to track Canadian travellers: Edward Snowden documents,” January 31, 2014, CBC News, http://www.cbc.ca/news/politics/csec-used-airport-wi-fi-to-track-canadian-travellers-edward-snowden-documents–1.2517881; “IP Profiling Analytics & Mission Impacts (Snowden slides),” http://www.cbc.ca/news2/pdf/airports_redacted.pdf; for analyses of the slides see: Tope Level Telecommunications, “Did CSEC really track Canadian airport travellers”, February 4, 2014, http://electrospaces.blogspot.ca/2014/02/did-csec-really-tracked-canadian.html; and R. Deibert, “Now we know Ottawa can snoop on any Canadian. What are we going to do?” January 31, 2014, http://www.theglobeandmail.com/globe-debate/now-we-know-ottawa-can-snoop-on-any-canadian-what-are-we-going-to-do/article16625310/.  ↩
  5. Colin Freeze, “How CSEC Became an Electronic Spying Giant”, November 30, 2013, Globe and Mail, http://www.theglobeandmail.com/news/politics/how-csec-became-an-electronic-spying-giant/article15699694/; Ian MacLeod, “Canadian Spies Receive U.S. Money for Research and Surveillance, Book Says”, December 5, 2014, Ottawa Citizen, http://www.ottawacitizen.com/Canadian+spies+receive+money+research+surveillance+book+says/9835864/story.html.  ↩
  6. “Globe Editorial: Hey CSEC, stop spying on me,” April 3, 2014, http://www.theglobeandmail.com/globe-debate/editorials/dont-spy-on-me-csec/article17781948/; “Globe Editorial: Canada needs a royal commission on spying and privacy of Canadians,”, May 21, 2014, http://www.theglobeandmail.com/globe-debate/editorials/we-need-a-royal-commission-on-spying/article18786038/; “Canada’s oversight of spy agencies falls short,” http://www.thestar.com/opinion/editorials/2014/02/02/canadas_oversight_of_spy_agencies_falls_short_editorial.html; “National Post Editorial Board: Our spies need oversight,” October 11, 2013, http://fullcomment.nationalpost.com/2013/10/11/national-post-editorial-board-our-spies-need-oversight/.  ↩
  7. See: the “Protect Our Privacy Coalition”, https://openmedia.ca/ourprivacy. Major actions by participants include: “Call on your MP to stand against costly online spying,” https://openmedia.ca/stand; “World Speaks Out Against Mass Surveillance in Global Day of Online Protest: Day We Fight Back,” https://www.cippic.ca/en/news/day_we_fight_back; L. Tribe, “The day we fight back: Stand up against mass surveillance,” February 11, 2014, https://cjfe.org/blog/day-we-fight-back-stand-against-mass-surveillance; PEN Canada, “The Day We Fight Back: Calling for an End to Mass Surveillance,” February 11, 2014, http://pencanada.ca/campaigns/day-we-fight-back-pen-canada-calls-end-mass-surveillance/. Other major online actions have included: “Tell Harper: Defend Online Privacy,” https://openmedia.ca/defendprivacy; “Call on your MP to stand against costly online spying,” https://openmedia.ca/stand; “Stand with the BCCLA,” https://openmedia.ca/csec; “Protect Our Privacy,” https://openmedia.ca/ourprivacy.  ↩
  8. Examples include: Ontario Information & Privacy Commissioner, “Big Surveillance Demands Big Privacy – Enter Privacy-Protective Surveillance”, Toronto, http://www.realprivacy.ca/index.php/international-privacy-day-symposium/; “The Politics of Surveillance: Advancing Democracy in a Surveillance Society,” May 8–10 at University of Ottawa; “Munk Debates on State Surveillance,” May 2, 2014; RightsWatch Conference 2013, September 20–21, 2013, Toronto, http://ccla.org/events/rightswatch–2013/#Program; “CSEC Panel,” April 8, 2014 at Queen’s University; “Intelligence and National Security Panel,” March 21, 2014 at University of Toronto; “Privacy at Risk? The NSA and CSEC, its Canadian Surveillance Partner,” March 12, 2014 at University of Toronto; “Who is Watching the Watchers? A Panel of Canadian Privacy and Surveillance in the Post-Snowden Era”, October 16, 2013, University of Ottawa, Centre for Law, Technology & Society.  ↩
  9. “Transparent Lives: Surveillance in Canada,” http://www.aupress.ca/index.php/books/120237.  ↩
  10. “The Ottawa Statement on Mass Surveillance,” http://www.digitallymediatedsurveillance.ca/the-ottawa-statement/.  ↩
  11. “Towards Transparency in Canadian Telecommunications,” https://citizenlab.org/2014/01/towards-transparency-canadian-telecommunications/; “The Murky State of Canadian Telecommunications Surveillance,” https://citizenlab.org/2014/03/murky-state-canadian-telecommunications-surveillance/; “IXMaps – See where your packets go,” http://ixmaps.ca/.  ↩
  12. “Data Privacy Transparency of Canadian Internet Service Providers,” http://ixmaps.ca/transparency.php; “Responding to the Crisis in Canadian Telecommunications,” https://citizenlab.org/2014/05/responding-crisis-canadian-telecommunications/.  ↩
  13. C. Freeze, C. Dobby & J. Wingrove, “TekSavvy, Rogers Break Silence Over Government Requests for Data”, June 5, 2014, Globe and Mail, http://www.theglobeandmail.com/technology/tech-news/teksavvy-opens-books-on-government-data-requests/article18999107/. M. Geist, “Rogers’ Shocking Admission: It Does Not Track Disclosures of Subscriber Information to Authorities”, June 6, 2014, http://www.michaelgeist.ca/content/view/7151/125/.  ↩
  14. Proceedings of the Senate Standing Committee on National Security and Defence, Canada’s National Security and Defence Policies, Practices, Circumstances and Capabilities, February 3, 2014, 62 Elizabeth II, 41st Parliament, 2nd Session, Issue 2, http://www.parl.gc.ca/content/sen/committee/412/SECD/pdf/02issue.pdf.  ↩
  15. Charmaine Borg, Terrebonne-Blainville, QC, “Charmaine Borg on Request for Emergency Debate”, excerpts from: House of Commons Debates, June 13, 2013, 62 Elizabeth II, 41st Parliament, 2nd Session, http://openparliament.ca/debates/2013/6/13/charmaine-borg–1/only/.  ↩
  16. Debates of the Senate, October 24, 2013, 62 Elizabeth II, 41st Parliament, 2nd Session, Volume 149, Issue 5, http://www.parl.gc.ca/Content/Sen/Chamber/412/Debates/005db_2013–10–24-e.htm#35.  ↩
  17. Christopher Parsons, “Mapping the Canadian Government’s Telecommunications Surveillance”, March 27, 2014, Citizen Lab, https://citizenlab.org/2014/03/mapping-canadian-governments-telecommunications-surveillance/; Michael Geist, “How Telcos and ISPs Hand Over Subscriber Data Thousands of Times Each Year Without a Warrant”, April 1, 2014, MichaelGeist.ca, http://www.michaelgeist.ca/content/view/7100/135/; Order/Address of the House of Commons, “Responses to Written Question Q–233 – Ms. Borg (Terrebonne-Blainville)”, march 24, 2014, et seq, http://www.christopher-parsons.com/Main/wp-content/uploads/2014/03/8555–412–233.pdf.  ↩
  18. Bill S–220, An Act to Establish the Intelligence and Security Committee of Parliament, October 16, 2013, 62 Elizabeth II, 41st Parliament, 2nd Session, 1st Reading, http://www.parl.gc.ca/content/hoc/Bills/412/Private/S–220/S–220_1/S–220_1.PDF. Bill C–551, An Act to Establish the National Security Committee of Parliamentarians, November 7, 2013, 62 Elizabeth II, 41st Parliament, 2nd Session, 1st Reading, http://www.parl.gc.ca/content/hoc/Bills/412/Private/C–551/C–551_1/C–551_1.PDF.  ↩
  19. Michael Geist, “Why CSEC and CSIS Should Be the Subject of an Independent Investigation”, January 8, 2014, MichaelGeist.ca, http://www.michaelgeist.ca/content/view/7043/135/.  ↩
  20. Re X, 2013 FC 1275, https://www.canlii.org/en/ca/fct/doc/2013/2013fc1275/2013fc1275.html. See also: Re X, 2009 FC 1058, https://www.canlii.org/en/ca/fct/doc/2009/2009fc1058/2009fc1058.html and Re CSIS Act, 2008 FC 301, https://www.canlii.org/en/ca/fct/doc/2007/2007canlii62002/2007canlii62002.html.  ↩
  21. British Columbia Civil Liberties Association, “Spying in Canada: Civil Liberties Watchdog Sues Surveillance Agency Over Illegal Spying on Canadians”, October 22, 2013, BCCLA.org, http://bccla.org/wp-content/uploads/2013/10/Final-Press-Release-Spying–10_21_131.pdf; British Columbia Civil Liberties Association v. Attorney General of Canada, British Columbia Supreme Court File No.: VLC-S-S–137827, October 22, 2013, Notice of Civil Claim, http://bccla.org/wp-content/uploads/2013/10/2013–10–22-Notice-of-Civil-Claim.pdf.  ↩
  22. British Columbia Civil Liberties Association, “Illegal Spying: BCCLA Files Class Action Lawsuit Against Canada’s Electronic Spy Agency”, April 1, 2014, BCCLA.org, http://bccla.org/news/2014/04/illegal-spying-bccla-files-class-action-lawsuit-against-canadas-electronic-spy-agency/; Lyster v. Attorney General of Canada, Federal Court File No. T–796–14, Statement of Claim, April 1, 2014, http://bccla.org/wp-content/uploads/2014/04/20140401-Statement-of-Claim-Class-Action-Proceeding.pdf; Omar Ha-Redeye, “BCCLA Files Class Action for Spying by CSEC”, April 13, 2014, Slaw.ca, http://www.slaw.ca/2014/04/13/bccla-files-class-action-for-spying-by-csec/.  ↩
  23. Canadian Civil Liberties Association (CCLA), “The Canadian Civil Liberties Association Challenges Constitutionality of Privacy Legislation”, May 22, 2014, CCLA.org, http://ccla.org/2014/05/22/press-release-ccla-challenges-constitutionality-of-privacy-legislation/; Corporation of the Canadian Civil Liberties Association et. al. v. Attorney General of Canada, Ontario Superior Court File No.: CV–14–504139, Notice of Application, May 13, 2014, http://ccla.org/wordpress/wp-content/uploads/2014/05/Notice-of-Application-re-PIPEDA-Issued.pdf.  ↩
  24. Bernier, Chantal, “Statement from the Interim Privacy Commissioner of Canada Regarding Telecommunications Companies’ Responses to Information Requests from Government Authorities”, April 30, 2014, Office of the Privacy Commissioner of Canada, http://www.priv.gc.ca/media/nr-c/2014/s-d_140430_e.asp, Canadian Wireless Telecommunication Association, “Response to Request for General Information From Canadian Wireless Telecommunications Association (the “CWTA”) Members”, December 14, 2011, http://www.priv.gc.ca/media/nr-c/2014/let_140430_e.pdf; Michael Geist, “Canadian Telcos Asked to Disclose Subscriber Data Every 27 Seconds”, April 30, 2014, MichaelGeist.ca, http://www.michaelgeist.ca/content/view/7116/125/.  ↩