Yesterday, the Canadian Broadcasting Corporation (CBC) broke the news about an invasive domestic collection activity of the Communication Security Establishment Canada (CSEC), the country’s foreign signals intelligence agency. A presentation, classified “Top Secret” and leaked by former National Security Agency (NSA) contractor Edward Snowden, outlines the 2 week experimental run of what was labeled “IP Profiling Analytics.” The measure allowed the intelligence agency to pick up travelers’ electronic devices at airport Wi-Fi hotspots and track them throughout the country, whenever they would connect again to a hotel, coffee shop, library, transportation hub, or any other public hotspot in Canada.
Cyber security authority Ronald Deibert reviewed the leaked document and summarized his findings in an op-ed, published today by The Globe and Mail, Canada’s newspaper of record. The University of Toronto Professor held that
[a]ssuming the documents are legitimate, it is difficult not to reach the conclusion that these activities constitute a clear violation of CSEC’s mandates and almost certainly of the Charter of Rights and Freedoms [the first part of Canada’s Constitution Act, 1982, similar to the United States Bill of Rights].
Also,
[t]he revelations […] throw into sharp relief the obvious inadequacy of the existing ‘oversight’ mechanism, which operates entirely within the security tent.
Correspondingly, Deibert brought up three concerns:
- The mission: In response to the CBC coverage, CSEC reconfirmed its mission in a written statement, due to which it “is mandated to collect foreign signals intelligence to protect Canada and Canadians, and by law, only directs its foreign intelligence activities at foreign entities.” Further, “[i]t is important to note that no Canadian or foreign travelers were tracked.” Yet, due to Deibert, the leaked presentation implies the opposite.
- The law: According to its mandate, CSEC is further “legally authorized to collect and analyze metadata.” As Deibert put it, the objective of such a bulk metadata collection is “to separate the ‘needle from the haystack’ – the haystack being, of course, all of us [Canadian citizens].” Accordingly, the courts will have to decide, if metadata relating to Canadian citizens is covered by CSEC’s statutory mandate, thus constituting foreign signals intelligence in a wider sense, or if it is “Canadian communication” protected by the country’s Constitution Act, 1982.
- The oversight mechanism: Experts already stated before this revelation that CSEC operations would be even more secretive and less checked in democratic terms than those of the NSA. What Deibert referred to as “obvious inadequacy of the existing ‘oversight’ mechanism” is the fact that CSEC is overseen by only one commissioner, appointed by the prime minister and reporting to the minister of defense, who is also responsible for the intelligence agency. Additionally, a CBC inquiry documented several commissioners’ doubts in CSEC’s compliance with laws and regulations in place.
Following Canadian media since Snowden’s first interview in Hong Kong, it is my perception that the invasive scope of CSEC operations has remained in the shadow of the ubiquitous coverage of NSA activities. This latest Snowden revelation may raise public awareness and spark the political debate in Ottawa about adequate oversight of intelligence collection.
Leave a Reply