Touring the digital through type

Author: Christopher Parsons (Page 2 of 104)

Dr. Christopher Parsons’ research, teaching, and consulting interests involve how privacy is affected by digitally mediated surveillance, and the normative implications that such surveillance has in (and on) contemporary Western political systems. He is a Senior Research Associate at the Munk School’s Citizen Lab at the University of Toronto, where his research focuses on third-party access to telecommunications data, data privacy, data security, and national security. Christopher holds a Ph.D in Political Science from the Department of Political Science at the University of Victoria, where he completed a dissertation that examined the political drivers of Internet service providers’ network surveillance practices. He is also a Privacy by Design Ambassador and former Principal at Block G Privacy and Security Consulting.

Review: The Bridge in the Parks-The Five Eyes and Cold War Counter-Intelligence

There are innumerable books, movies, podcasts, and TV shows that discuss and dramatize the roles of intelligence services during the Cold War. Comparatively few of those media, however, discuss Canada’s role during the same period. Molinaro’s edited volume, The Bridge in the Parks: The Five Eyes and Cold War Counter-Intelligence, goes a way to correcting this deficiency by including five chapters on Canada,1 as well as post-script, in a nine chapter book about Cold War counter-intelligence practices.

The Bridge in the Parks is written by historians who have used archival research and access to information laws to unearth information about a variety of Five Eye security services. The aim of the text as a whole is to “add nuance to what has often been a polarizing historical field in which scholars are forced to choose between focusing on abuses and the overreach of intelligence agencies in the Cold War or discussing successfully prosecuted individuals cases of counter-intelligence. This volume thus seeks to add complexity to this history, more in line with the “grey” world in which counter-intelligence has often existed” (8). On the whole, the book is successful in achieving this aim.

Continue reading

Lawful Access Returns: Online Harms and Warrantless Access to Subscriber and Transmission Data

zombies behind shabby door
Photo by cottonbro on Pexels.com

For the better part of twenty years, law enforcement agencies in Canada have sought warrantless access to subscriber data that is held by telecommunications service providers and other organizations. The rationale has been that some baseline digital identifiers are needed to open investigations into alleged harms or criminal activities that have a digital nexus. Only once these identifiers are in hand can an investigation bloom. However, due to the time that it takes to obtain a relevant court order, as well as challenges in satisfying a judge or justice that there is a legitimate need to obtain these identifiers in the first place, these same agencies recurrently assert that an initial set of seed digital identifiers should be disclosed to officers absent a court order.

The Government of Canada has, once more, raised the prospect of law enforcement officers obtaining subscriber or transmission data without warrant when undertaking activities intended to “enhance efforts to curb child pornography.” This time, the argument that such information should be made available is in the context of combatting online harms. The government has heard that companies should include basic subscriber or transmission data in their child pornography-related reports to law enforcement, with the effect of law enforcement agencies getting around the need to obtain a warrant prior to receiving this information.

In this post I start by discussing the context in which this proposal to obtain information without warrant has been raised, as well as why subscriber and transmission data can be deeply revelatory. With that out of the way, I outline a series of challenges that government agencies regularly experience but which tend not to be publicly acknowledged in the warrantless access debates associated with child sexual abuse material (CSAM). It is only with this broader context and awareness of the challenges facing government agencies in mind that it becomes apparent that warrantless access to subscriber or transmission data cannot ‘solve’ the issues faced by agencies which are responsible for investigating CSAM offences. To develop appropriate policy solutions, then, we must begin by acknowledging all of the current obstacles to investigating these offences. Only then can we hope to develop proportionate policy solutions.

Continue reading

Canadian Government’s Pandemic Data Collection Reveals Serious Privacy, Transparency, and Accountability Deficits

faceless multiethnic students in masks in subway train with phone
Photo by Keira Burton on Pexels.com

Just before Christmas, Swikar Oli published an article in the National Post that discussed how the Public Health Agency of Canada (PHAC) obtained aggregated and anonymized mobility data for 33 million Canadians. From the story, we learn that the contract was awarded in March to TELUS, and that PHAC used the mobility data to “understand possible links between movement of populations within Canada and spread of COVID-19.”

Around the same time as the article was published, PHAC posted a notice of tender to continue collecting aggregated and anonymized mobility data that is associated with Canadian cellular devices. The contract would remain in place for several years and be used to continue providing mobility-related intelligence to PHAC.

Separate from either of these means of collecting data, PHAC has been also purchasing mobility data “… from companies who specialize in producing anonymized and aggregated mobility data based on location-based services that are embedded into various third-party apps on personal devices.” There has, also, been little discussion of PHAC’s collection and use of data from these kinds of third-parties, which tend to be advertising and data surveillance companies that consumers have no idea are collecting, repackaging, and monetizing their personal information.

There are, at first glance, at least four major issues that arise out of how PHAC has obtained and can use the aggregated and anonymized information to which they have had, and plan to have, access.

Continue reading

Unpacking NSIRA’s 2020 Annual Report

black and white typewriter on table
Photo by Markus Winkler on Pexels.com

On December 13, 2021, the National Security Intelligence Review Agency (NSIRA) released its 2020 Annual Report. NSIRA is responsible for conducting national security reviews of Canadian federal agencies, and their annual report summarizes activities that have been undertaken in 2020 and also indicates NSIRA’s plans for future work.

I want to highlight three points that emerge from my reading of report:

  1. NSIRA has generally been able to obtain the information it required to carry out its reviews. The exception to this, however, is that NSIRA has experienced challenges obtaining information from the Communications Security Establishment (CSE). It is not entirely clear why this has been the case.
  2. While most of NSIRA’s reviews have been completed in spite of the pandemic, this is not the case with CSE reviews where several remain outstanding.
  3. NSIRA has spent time in the annual report laying out tripwires that, if activated, will alert Canadians and their elected officials to problems that the review agency may be experiencing in fulfilling its mandate. It is imperative that observers pay close attention to these tripwires in future reviews. However, while these tripwires are likely meant to demonstrate the robustness of NSIRA reviews they run the risk of undermining review conclusions if not carefully managed.

In this post, I proceed in the order of the annual review and highlight key items that stood out. The headings used in this post, save for analysis headings, are correlated with the headings of the same name in the annual report itself.

Continue reading
« Older posts Newer posts »