Last week, Canadians learned that their foreign signals intelligence agency, the Communications Security Establishment (CSE), had improperly shared information with their American, Australian, British, and New Zealand counterparts (collectively referred to as the “Five Eyes”). The exposure was unintentional: Techniques that CSE had developed to de-identify metadata with Canadians’ personal information failed to keep Canadians anonymous when juxtaposed with allies’ re-identification capabilities. Canadians recognize the hazards of such exposures given that lax information-sharing protocols with US agencies which previously contributed to the mistaken rendition and subsequent torture of a Canadian citizen in 2002.
Tamir Israel (of CIPPIC) and I wrote and article for Just Security following these revelations. We focused on the organization’s efforts, and failure, to suppress Canadians’ identity information that is collected as part of CSE’s ongoing intelligence activities and the broader implications of erroneous information sharing. Specifically, we focus on how such sharing can have dire life consequences for those who are inappropriately targeted as a result by Western allies and how such sharing has led to the torture of a Canadian citizen. We conclude by arguing that the collection and sharing of such information raises questions regarding the ongoing viability of the agency’s old-fashioned mandates that bifurcate Canadian and non-Canadian persons’ data in light of the integrated nature of contemporary communications systems and data exchanges with foreign partners.
Read the Article
Tamir is staff lawyer with the Samuelson-Glushko Canadian Internet Policy & Public Interest Clinic (CIPPIC) at the University of Ottawa Faculty of Law, where he conducts research and advocacy on various digital rights-related topics, with a focus on online privacy and anonymity, net neutrality, intellectual property, intermediary liability, spam, e-commerce, and consumer protection generally.
Dr. Christopher Parsons received his Bachelor’s and Master’s degrees from the University of Guelph, and his Ph.D from the University of Victoria. He is currently the Managing Director of the Telecom Transparency Project and a Postdoctoral Fellow at the Citizen Lab, in the Munk School of Global Affairs.
Photo credit: Spies by Kieran Lamb (CC BY-SA 2.0) https://flic.kr/p/416nVf
Earlier this year I had a book chapter, titled “Stuck on the Agenda: Drawing Lessons from the Stagnation of “Lawful Access” Legislation in Canada” published in Law, Privacy and Surveillance in Canada in the Post-Snowden Era. The book was edited by Michael Geist and is freely available in .pdf format from the University of Ottawa Press. The edited collection brings together many of Canada’s leading thinkers on privacy and national security issues, with authors outlining how Canadian-driven intelligence operations function, the legal challenges facing Canadian signals intelligence operations, and ways to reform Canada’s ongoing signals intelligence operations and the laws authorizing those operations.
The book arguably represents the best, and most comprehensive, examination of the Communications Security Establishment (CSE) in recent history. While not providing insiders’ accounts, many of the chapters draw from access to information documents, documents provided to journalists by Edward Snowden, and publicly available information concerning how intelligence operations are conducted by Canadian authorities. In aggregate they critically investigate the actual and alleged intelligence practices undertaken by Canadian authorities.
My contribution focuses on the politics associated with Canada’s lawful access legislation, and identifies some of the political conditions that may precede successful opposition to legislation that expands or reifies both domestic and foreign intelligence surveillance practices. Specifically, the chapter begins by outlining how agenda-setting operates and the roles of different agendas, tactics, and framings. Next, it turns to the Canadian case and identifies key actors, actions, and stages of the lawful access debates. The agenda-setting literature lets us identify and explain why opponents of the Canadian legislation were so effective in hindering its passage and what the future holds for opposing similar legislative efforts in Canada. The final section steps away from the Canadian case to suggest that there are basic as well as additive general conditions that may precede successful political opposition to newly formulated or revealed government surveillance powers that focus on either domestic or signals intelligence operations. You can read the chapter on pages 256-283.
Download the book from University of Ottawa Press
Image credit: Book Cover from Michael Geist (Ed.) (CC BY-NC-SA 3.0) http://www.press.uottawa.ca/law-privacy-and-surveillance
In our recent report, “The Governance of Telecommunications Surveillance: How Opaque and Unaccountable Practices and Policies Threaten Canadians,” we discussed how the Communications Security Establishment (CSE) developed and deployed a sensor network within domestic and foreign telecommunications networks. While our report highlighted some of the concerns linked to this EONBLUE sensor network, including the dangers of secretly extending government surveillance capacity without any public debate about the extensions, as well as how EONBLUE or other CSE programs programs collect information about Canadians’ communications, we did not engage in a comparison of how Canada and its closest allies monitor domestic network traffic. This post briefly describes the EONBLUE sensor program, what may be equivalent domestic programs in the United States, and the questions that emerge from contrasting what we know about the Canadian and American sensor networks.
What is EONBLUE?
EONBLUE was developed and deployed by the CSE. The CSE is Canada’s premier signals intelligence agency. The EONBLUE sensor network “is a passive SIGINT system that was used to collect ‘full-take’ data, as well as conduct signature and anomaly based detections on network traffic.” Prior Snowden documents showcased plans to integrate EONBLUE into government networks; the network has already been integrated into private companies’ networks. Figure one outlines the different ‘shades of blue’, or variations of the EONBLUE sensors: