IMSI Catchers enable state agencies to intercept communications from mobile devices and are used primarily to identify otherwise anonymous individuals associated with a mobile device or to track them. These devices are also referred to as ‘cell site simulators’, ‘mobile device identifiers’, and ‘digital analyzers’, as well as by the brandnames such as ’Stingray’, DRTBox’, and ‘Hailstorm’. These surveillance devices are not new – their use by state agencies spans decades. However, the ubiquity of the mobile communications devices in modern day life, coupled with the plummeting cost of IMSI Catchers, has led to a substantial increase in the frequency and scope of IMSI Catcher use by government and non-government agents alike. The devices pose a serious threat to privacy given that they are highly intrusive, surreptitious, and subject to limited controls in relation to their licit and illicit sale or operation.
One of the challenges with understanding the current policy landscape around IMSI Catchers in Canada stems from different government agencies’ deliberate efforts to prevent the public from learning about whether agencies use such devices. Journalists and academics have tried to determine whether and how the devices are used over the course of approximately a decade; this means that information concerning their operation has unfolded over a significant length of time. Without a centralized resource to curate the successes and failures of these investigations it is often challenging for non-experts to understand the full context and history of IMSI Catchers’ operation in Canada.
Only recently have journalists, advocacy groups, and academics in North America learned about how their respective governments have historically, and presently, operated IMSI Catchers. Such revelations began around four years ago in the United States and within the past year and a half in Canada. Such revelations are the culmination of extensive preparatory work: though news articles and research reports appear more frequently, now, their existence today is predicated on the hidden labour that took place over the prior years.
For Canadians, the release of select court documents enabled more informed analysis of how these devices were used by federal, provincial, and municipal agencies. Such information was drawn on to prepare a report on IMSI Catchers that I wrote with Tamir Israel last year, in which we canvassed, collated, and analyzed what was technically understood about how IMSI Catchers operate, as well as the challenges Canadians have faced using freedom of information request to learn more about the technology. That report also included legal analyses of different ways of authorizing the devices’ operation and the Charter implications of their operation. Furthermore, in recent weeks the RCMP finally admitted to the public that it has used IMSI Catchers after previously claiming that any revelation of whether and how they used the devices would infringe on national security or ongoing investigations. Many other agencies have since followed suit, also informing the public whether they possess and operate IMSI Catchers in the course of their investigations.
To help interested members of the public, journalists, advocacy and activist groups, and fellow academics, I have collated a list of IMSI Catcher-related resources that pertain to the Canadian situation. This listing includes the most important primary and secondary documents to read to understand the state of play in Canada. Some of the resources are produced by academics and technologists, some focus on technology or policy or law, and others encompass the major news stories that have trickled out about IMSI Catchers over the past several years. If you believe that I have missed any major documents feel free to contact me.
PR? by Ged Carrol (CC BY 2.0) https://flic.kr/p/6jshtz
In this brief post I debunk the language used by CSIS Director Michel Coulombe in his justification of CSIS’s indefinite data retention program. That program involved CSIS obtaining warrants to collect communications and then, unlawfully, retaining the metadata of non-targeted persons indefinitely. This program was operated out of the Operational Data Analysis Centre (ODAC). A Federal Court judge found that CSIS’ and the Department of Justice’s theories for why the program was legal were incorrect: CSIS had been retaining the metadata, unlawfully, since the program’s inception in 2006. More generally, the judge found that CSIS had failed to meet its duty of candour to the court by failing to explain the program, and detail its existence, to the Court.
The public reactions to the Federal Court’s decision has been powerful, with the Minister of Public Safety being challenged on CSIS’s activities and numerous mainstream newspapers publishing stories that criticize CSIS’ activities. CSIS issued a public statement from its Director on the weekend following the Court’s decision, which is available at CSIS’ website. The Federal Court’s decision concerning this program is being hosted on this website, and is also available from the Federal Court’s website. In what follows I comprehensively quote from the Director’s statement and then provide context that, in many cases, reveals the extent to which the Director’s statement is designed to mislead the public.
The Citizen Lab and CIPPIC released a report, Gone Opaque? An Analysis of Hypothetical IMSI Catcher Overuse in Canada, which examined the use of devices that are commonly referred to as ‘cell site simulators’, ‘IMSI Catchers’, ‘Digital Analyzers’, or ‘Mobile Device Identifiers’, and under brand names such as ‘Stingray’, DRTBOX, and ‘Hailstorm’. IMSI Catchers are a class of of surveillance devices used by Canadian state agencies. They enable state agencies to intercept communications from mobile devices and are principally used to identify otherwise anonymous individuals associated with a mobile device and track them.
Though these devices are not new, the ubiquity of contemporary mobile devices, coupled with the decreasing costs of IMSI Catchers themselves, has led to an increase in the frequency and scope of these devices’ use. Their intrusive nature, as combined with surreptitious and uncontrolled uses, pose an insidious threat to privacy.
This report investigates the surveillance capabilities of IMSI Catchers, efforts by states to prevent information relating to IMSI Catchers from entering the public record, and the legal and policy frameworks that govern the use of these devices. The report principally focuses on Canadian agencies but, to do so, draws comparative examples from other jurisdictions. The report concludes with a series of recommended transparency and control mechanisms that are designed to properly contain the use of the devices and temper their more intrusive features.
The report is structured across four sections:
Section One provides an overview of the technical capabilities of IMSI Catchers.
Section Two focuses on civil society and journalists’ efforts to render transparent how IMSI Catchers are used.
Section Three examines the regulation of IMSI Catchers and avenues towards lawful regulation of their use.
Section Four sets out best practices that should be incorporated into a framework governing IMSI Catcher use.
In more detail, Section One provides an overview of the technical capabilities of IMSI Catchers. The report principally focuses on how the devices can be used in ‘identification mode’, where they intercept digital numbers that are unique to mobile devices. IMSI Catchers exploit weaknesses in the design of mobile communications systems to induce mobile devices to transmit these unique numbers that, typically, are only sent to telecommunications carriers. From a privacy perspective, the report argues that IMSI Catchers are inherently intrusive: by design, they capture mobile identifiers from all phones in range, leading to significant collateral privacy impact that can affect the privacy of thousands of non-targets for each individual legitimate target.
Section Two focuses on transparency efforts associated with IMSI Catchers, and how states have routinely sought to prevent information about IMSI Catchers from reaching the public record. After highlighting some of the hard-fought successes to bring documents to the public record in the United States, in particular, the report examines comparable efforts to uncover IMSI Catchers’ use in Canada and these efforts’ comparative successes and failures. In doing so, a case analysis is conducted where the Toronto Police Services Board successfully (and inappropriately) prevented documents from becoming public. The report critiques a number of the justifications that are frequently advanced by state agencies seeking to prevent information related to IMSI Catchers from becoming public. Furthermore, it argues that providing some details on IMSI Catcher use will not undermine the investigative utility of the devices, and that there is substantial public interest that should compel authorities to disclose documents regardless of whether they affect investigative utility. Furthermore, disclosure of such documents is needed to evaluate whether the possession of the devices is inconsistent with the Radiocommunications Act, the Privacy Act, and perhaps the Charter. Equally seriously, refusing to officially acknowledge IMSI Catcher use in the face of a growing body of documents demonstrating their use threatens to undermine public confidence that the devices are being used lawfully and in a manner that is proportionate and minimized their impact on non-targeted members of the public.
Section Three examines the regulation of IMSI Catchers and avenues towards the lawful authorization of their use. After surveying German and American regulatory processes to understand gaps in the Canadian context, the report explores Canada’s ambitious statutory framework for electronic surveillance. Doing so explicates the legal avenues state agencies can exercise to authorize their use of IMSI Catchers. This section reveals how a range of overlapping powers might apply to IMSI Catcher authorization, and that this ambiguity might let agencies deploy IMSI Catchers using powers offering minimal privacy protection. The section concludes by examining the Charter implications of IMSI Catcher uses, and rejects possible justifications of IMSI Catcher deployment which lack prior judicial authorization. A series of safeguards and conditions on the use of IMSI Catchers, such that their operation does not amount to a constitutionally impermissible search, wraps up this section.
Section Four sets out best practices that should be incorporated into a framework governing IMSI Catcher use. The section recommends that IMSI Catcher use by state agencies be subject to comprehensive transparency mechanisms, including annual statistical reporting on use, an individual notice requirement, and compliance with standard reporting obligations typically applied to radio devices owned by state agencies. It further argues for the criminalization of unauthorized uses of IMSI Catchers. Such authorization should be subject to a strict regime that is linked with demonstrating their investigative necessity, including a “serious crimes” provision that limits IMSI Catchers’ use to investigate only the most severe offences. In addition to proportionality measures, targeting and minimization procedures should be imposed to limit the collateral impact of deployment on innocent third-parties.
The report’s Conclusion highlights core findings and also emphasizes the importance of privacy in liberal democratic societies.
We hope that this report will contribute to the growing discussion and debate concerning how, and the appropriateness of, state agencies’ use of IMSI Catchers. Ultimately, it is in the government’s and citizens’ best interest for state agencies to be more transparent and accountable for how they use IMSI Catchers in the course of conducting investigations.
The authors would like to graciously thank a number of sources whose generous funding made this report possible: the Open Society Foundation, Frederick Ghahramani, a Social Sciences and Humanities Research Council (SSHRC) Postdoctoral Fellowship Award, and the Munk School of Global Affairs at the University of Toronto. Furthermore, the authors are grateful for in-depth substantive input on the December 2015 draft of this document from Professor Ron Deibert and Sarah McKune, to Adrian Dabrowski and to participants of Citizen Lab Summer Institute 2016 for key input on technical questions raised by this paper and to Lex Gill for extensive substantive additions and edits. Responsibility for any errors or omissions remains with the authors.
Last week, Canadians learned that their foreign signals intelligence agency, the Communications Security Establishment (CSE), had improperly shared information with their American, Australian, British, and New Zealand counterparts (collectively referred to as the “Five Eyes”). The exposure was unintentional: Techniques that CSE had developed to de-identify metadata with Canadians’ personal information failed to keep Canadians anonymous when juxtaposed with allies’ re-identification capabilities. Canadians recognize the hazards of such exposures given that lax information-sharing protocols with US agencies which previously contributed to the mistaken rendition and subsequent torture of a Canadian citizen in 2002.
Tamir Israel (of CIPPIC) and I wrote and article for Just Security following these revelations. We focused on the organization’s efforts, and failure, to suppress Canadians’ identity information that is collected as part of CSE’s ongoing intelligence activities and the broader implications of erroneous information sharing. Specifically, we focus on how such sharing can have dire life consequences for those who are inappropriately targeted as a result by Western allies and how such sharing has led to the torture of a Canadian citizen. We conclude by arguing that the collection and sharing of such information raises questions regarding the ongoing viability of the agency’s old-fashioned mandates that bifurcate Canadian and non-Canadian persons’ data in light of the integrated nature of contemporary communications systems and data exchanges with foreign partners.
The Canadian SIGINT Summaries includes downloadable copies, along with summary, publication, and original source information, of leaked CSE documents.
Parsons, Christopher; and Molnar, Adam. (2021). “Horizontal Accountability and Signals Intelligence: Lesson Drawing from Annual Electronic Surveillance Reports,” David Murakami Wood and David Lyon (Eds.), Big Data Surveillance and Security Intelligence: The Canadian Case.
Parsons, Christopher. (2015). “Stuck on the Agenda: Drawing lessons from the stagnation of ‘lawful access’ legislation in Canada,” Michael Geist (ed.), Law, Privacy and Surveillance in Canada in the Post-Snowden Era (Ottawa University Press).
Parsons, Christopher. (2015). “The Governance of Telecommunications Surveillance: How Opaque and Unaccountable Practices and Policies Threaten Canadians,” Telecom Transparency Project.
Parsons, Christopher. (2015). “Beyond the ATIP: New methods for interrogating state surveillance,” in Jamie Brownlee and Kevin Walby (Eds.), Access to Information and Social Justice (Arbeiter Ring Publishing).
Bennett, Colin; Parsons, Christopher; Molnar, Adam. (2014). “Forgetting and the right to be forgotten” in Serge Gutwirth et al. (Eds.), Reloading Data Protection: Multidisciplinary Insights and Contemporary Challenges.
Bennett, Colin, and Parsons, Christopher. (2013). “Privacy and Surveillance: The Multi-Disciplinary Literature on the Capture, Use, and Disclosure of Personal information in Cyberspace” in W. Dutton (Ed.), Oxford Handbook of Internet Studies.
McPhail, Brenda; Parsons, Christopher; Ferenbok, Joseph; Smith, Karen; and Clement, Andrew. (2013). “Identifying Canadians at the Border: ePassports and the 9/11 legacy,” in Canadian Journal of Law and Society 27(3).
Parsons, Christopher; Savirimuthu, Joseph; Wipond, Rob; McArthur, Kevin. (2012). “ANPR: Code and Rhetorics of Compliance,” in European Journal of Law and Technology 3(3).