Technology, Thoughts & Trinkets

Touring the digital through type

Tag: Surveillance (page 1 of 30)

Update to the SIGINT Summaries

As part of my ongoing research into the Edward Snowden documents, I have found and added an additional two documents to the Canadian SIGINT Summaries. The Summaries include downloadable copies of leaked Communications Security Establishment (CSE) documents, along with summary, publication, and original source information. CSE is Canada’s foreign signals intelligence agency and has operated since the Second World War.

Documents were often produced by CSE’s closest partners which, collectively, form the ‘Five Eyes’ intelligence network. This network includes the CSE, the National Security Agency (NSA), the Government Communications Headquarters (GCHQ), Australian Signals Directorate (ASD), and Government Communications Security Bureau (GCSB).

All of the documents are available for download from this website. Though I am hosting the documents they were all first published by another party. The new documents and their summaries are listed below. The full list of documents and their summary information is available on the Canadian SIGINT Summaries page.

These documents came to light as I examined the activities that took place between the NSA and New Zealand signals intelligence agencies. The first, “NSA Intelligence Relationship with New Zealand” notes that Canada is a member of the SIGINT Seniors Pacific group as well as SIGINT Seniors Europe. The second, “SIGINT Development Forum (SDF) Minutes”, notes how CSE and GCSB define shaping as “industry engagement and collection bending” as well as CSEC had considered audit analysts’ accounts similar to the NSA, though the prospect of such auditing had rearisen as a discussion point.

NSA Intelligence Relationship with New Zealand

Summary: This document summarizes the status of the NSA’s relationship with New Zealand Government Communications Security Bureau (GCSB). The GCSB has been forced to expend more of its resources on compliance auditing following recommendations after it exceeded its authority in assisting domestic law enforcement, but continues to be focused on government and five eyes priorities and encouraged to pursue technical interoperability with NSA and other FVEY nations.

The NSA provides GCSB with “raw traffic, processing, and reporting on targets of mutual interest, in addition to technical advice and equipment loans.” The GCSB primarily provides the NSA with access to communications which would otherwise remain inaccessible. These communications include: China, Japanese/North Korean/Vietnamese/South American diplomatic communications, South Pacific Island nations, Pakistan, India, Iran, and Antartica, as well as French police and nuclear testing activities in New Caledonia.

Of note, GCSB is a member of SIGINT Seniors Pacific (SSPAC) (includes Australia, Canada, France, India, Korea, New Zealand, Singapore, Thailand, United Kingdom, and United States) as well as SIGINT Seniors Europe (SSEUR) (includes Australia, Belgium, Canada, Denmark, France, Germany, Italy, Netherlands, New Zealand, Norway, Spain, Sweden, United Kingdom, and United States).

Document Published: March 11, 2015
Document Dated: April 2013
Document Length: 3 pages
Associated Article: Snowden revelations: NZ’s spy reach stretches across globe
Download Document: NSA Intelligence Relationship with New Zealand
Classification: TOP SECRET//SI//REL TO USA, FVEY
Authoring Agency: NSA
Codenames: None

SIGINT Development Forum (SDF) Minutes

Summary: This document summarizes the state of signals development amongst the Five Eyes (FVEY). It first outline the core imperatives for the group, including: ensuring that the top technologies are being identified for use and linked with the capability they bring; that NSA shaping (targeting routers) improves (while noting that for CSE and GCSB shaping involves “industry engagement and collection bending”); improving on pattern of life collection and analysis; improving on IP address geolocation that covers Internet, radio frequency, and GSM realms; analyzing how convergence of communications systems and technologies impacts SIGINT operations.

Privacy issues were seen as being on the groups’ radar, on the basis that the “Oversight & Compliance team at NSA was under-resourced and overburdened.” Neither GCSB or DSD were able to sponsor or audit analysts’ accounts similar to the NSA, and CSEC indicated it had considered funding audit billets; while dismissed at the time, the prospect has re-arisen. At the time the non-NSA FVEYs were considering how to implement ‘super-user’ accounts, where specific staff will run queries for counterparts who are not directly authorized to run queries on selective databases.

GCSB, in particular, was developing its first network analyst team in October 2009 and was meant to prove the utility of network analysis so as to get additional staff for later supporting STATEROOM and Computer Network Exploitation tasks. Further, GCSB was to continue its work in the South Pacific region, as well as expanding cable access efforts and capabilities during a 1 month push.  There was also a problem where 20% of GCSB’s analytic workforce lacked access to DSD’s XKEYSCORE, which was a problem given that GCSB provided NSA with raw data. The reason for needing external tools to access data is GCSB staff are prohibited from accessing New Zealand data.

Document Published: March 11, 2015
Document Dated: June 8-9, 2009
Document Length: 3 pages
Associated Article: Snowden revelations: NZ’s spy reach stretches across globe
Download Document: SIGINT Development Forum (SDF) Minutes
Classification: TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL
Authoring Agency: NSA
Codenames: STATEROOM, XKEYSCORE

Transparency in Surveillance: Role of various intermediaries in facilitating state surveillance transparency

‘Communication’ by urbanfeel (CC BY-ND 2.0) at https://flic.kr/p/4HzMbw

Last year a report that I wrote for the Centre for Law and Democracy was published online. The report, “Transparency in Surveillance: Role of various intermediaries in facilitating state surveillance transparency,” discusses how governments have expanded their surveillance capabilities in an effort to enhance law enforcement, foreign intelligence, and cybersecurity powers and the implications of such expansions. After some of these powers are outlined and the impact on communicating parties clarified, I explore how the voluntary activities undertaken by communications intermediaries can also facilitate government surveillance activities. However, while private companies can facilitate government surveillance they can also facilitate transparency surrounding the surveillance by proactively working to inform their users about government activities. The report concluded by discussing the broader implications of contemporary state surveillance practices, with a focus on the chilling effects that these practices have on social discourse writ large.

Cite as: Parsons, Christopher. (2016). “Transparency in Surveillance: Role of various intermediaries in facilitating state surveillance transparency,” Centre for Law and Democracy. Available at: http://responsible-tech.org/wp-content/uploads/2016/06/Parsons.pdf

Read “Transparency in Surveillance: Role of various intermediaries in facilitating state surveillance transparency

Curated Canadian IMSI Catcher Resources

‘Untitled’ by Andrew Hilts

IMSI Catchers enable state agencies to intercept communications from mobile devices and are used primarily to identify otherwise anonymous individuals associated with a mobile device or to track them. These devices are also referred to as ‘cell site simulators’, ‘mobile device identifiers’, and ‘digital analyzers’, as well as by the brandnames such as ’Stingray’, DRTBox’, and ‘Hailstorm’. These surveillance devices are not new – their use by state agencies spans decades. However, the ubiquity of the mobile communications devices in modern day life, coupled with the plummeting cost of IMSI Catchers, has led to a substantial increase in the frequency and scope of IMSI Catcher use by government and non-government agents alike. The devices pose a serious threat to privacy given that they are highly intrusive, surreptitious, and subject to limited controls in relation to their licit and illicit sale or operation.

One of the challenges with understanding the current policy landscape around IMSI Catchers in Canada stems from different government agencies’ deliberate efforts to prevent the public from learning about whether agencies use such devices. Journalists and academics have tried to determine whether and how the devices are used over the course of approximately a decade; this means that information concerning their operation has unfolded over a significant length of time. Without a centralized resource to curate the successes and failures of these investigations it is often challenging for non-experts to understand the full context and history of IMSI Catchers’ operation in Canada.

Only recently have journalists, advocacy groups, and academics in North America learned about how their respective governments have historically, and presently, operated IMSI Catchers. Such revelations began around four years ago in the United States and within the past year and a half in Canada. Such revelations are the culmination of extensive preparatory work: though news articles and research reports appear more frequently, now, their existence today is predicated on the hidden labour that took place over the prior years.

For Canadians, the release of select court documents enabled more informed analysis of how these devices were used by federal, provincial, and municipal agencies. Such information was drawn on to prepare a report on IMSI Catchers that I wrote with Tamir Israel last year, in which we canvassed, collated, and analyzed what was technically understood about how IMSI Catchers operate, as well as the challenges Canadians have faced using freedom of information request to learn more about the technology. That report also included legal analyses of different ways of authorizing the devices’ operation and the Charter implications of their operation. Furthermore, in recent weeks the RCMP finally admitted to the public that it has used IMSI Catchers after previously claiming that any revelation of whether and how they used the devices would infringe on national security or ongoing investigations. Many other agencies have since followed suit, also informing the public whether they possess and operate IMSI Catchers in the course of their investigations.

To help interested members of the public, journalists, advocacy and activist groups, and fellow academics, I have collated a list of IMSI Catcher-related resources that pertain to the Canadian situation. This listing includes the most important primary and secondary documents to read to understand the state of play in Canada. Some of the resources are produced by academics and technologists, some focus on technology or policy or law, and others encompass the major news stories that have trickled out about IMSI Catchers over the past several years. If you believe that I have missed any major documents feel free to contact me.

Access the IMSI Catcher in Canada Resources

Pleading the Case: How the RCMP Fails to Justify Calls for New Investigatory Powers

'RCMP' by POLICEDRIVER2 (CC BY 2.0) https://flic.kr/p/sEM7W5

‘RCMP’ by POLICEDRIVER2 (CC BY 2.0) https://flic.kr/p/sEM7W5

A pair of articles by the Toronto Star and CBC have revealed a number of situations where the authors report on why authorities may be right to ask for new investigatory powers. A series of cases, combined with interviews with senior RCMP staff, are meant to provide some insight into the challenges that policing and security agencies sometimes have when pursuing investigations. The articles and their associated videos are meant to spur debate concerning the government’s proposal that new investigatory powers are needed. Such powers include a mandatory interception capability, mandatory data retention capability, mandatory powers to compel decryption of content, and easy access to  basic subscriber information.

This post does not provide an in-depth analysis of the aforementioned proposed powers. Instead, it examines the specific ‘high priority’ cases that the RCMP, through a pair of journalists, has presented to the public. It’s important to recognize that neither the summaries nor underlying documents have been made available to the public, nor have the RCMP’s assessments of their cases or the difficulties experienced in investigating them been evaluated by independent experts such as lawyers or technologists. The effect is to cast a spectre of needing new investigatory powers without providing the public with sufficient information to know and evaluate whether existing powers have been effectively exercised. After providing short commentaries on each case I argue that the RCMP has not made a strong argument for the necessity or proportionality of the powers raised by the government of Canada in its national security consultation.

Continue reading

Older posts