Twenty-Year-Old Requirement For 'Real-time, Full-time' Eavesdropping On Canadian Mobiles Revealed
from the thanks-to-Mr-Snowden dept
Even if it now seems likely that Linus Torvalds wasn't approached to add a backdoor to Linux, there are plenty of others that were asked and acquiesced, as this story from The Globe and Mail in Canada makes clear:
For nearly two decades, Ottawa officials have told telecommunications companies that one of the conditions of obtaining a licence to use wireless spectrum is to provide government with the capability to monitor the devices that use the spectrum. The Sept. 17 kickoff of the auction-countdown process will underscore that commitment, made out of sight of most Canadians because it is deemed too sensitive by the government.
The secret agreement apparently contains specific details of what telecom companies must provide:
"Real-time, full-time" eavesdropping on conversations is just one of the capabilities sought by police, according to the standards. Authorities also want records of call logs, texts, keystrokes and other data, including "the most accurate geographical location known."
Communications made with encryption provided by the carrier must be decrypted:
Carriers that help their customers scramble communications must decrypt them. "Law enforcement requires that any type of encryption algorithm that is initiated by the service provider must be provided to the law-enforcement agency unencrypted."
No doubt, many people might think phone companies should provide this kind of information, provided a properly executed court warrant is presented. What's problematic here is that this has been going secretly on for 20 years, with no public oversight and with no debate about where to draw the line for such surveillance. That discussion would hardly compromise police operations, but would provide vital transparency and legitimacy. The fact that two decades after the practice started the Canadian people are finally hearing about this capability now is probably yet another beneficial knock-on effect of Edward Snowden's leaks.
Follow me @glynmoody on Twitter or identi.ca, and on Google+
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: canada, mobile phones, surveillance
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
[ link to this | view in thread ]
"asked and acquiesced" -- No executive says no to MONEY.
One of the three-letter spy agencies is RIM, which has for years claimed that Blackberry messages were secure, a lie that was slowly revealed as foreign gov'ts required it to open up the messages for them TOO.
"another beneficial knock-on effect of Edward Snowden's leaks."??? -- Beneficial HOW? Only way is if one believes that knowing details of the tyranny you're under somehow lightens it! -- Otherwise, the knowledge just leads to chilling effects on speech and actions, backed up by a Gestapo that makes charges based on evidence that can't be revealed even in court. And kids actually PAY to put SPY gadgets in their pocket 'cause it's SO cool!
The corporatized surveillance state is far greater threat to us all than what fanboys here rage against: alleged lack of "due process" for links to infringed content on pirate sites, Megaupload being shut down, abuses of copyright or DMCA, locked phones, and other typical Techdirt fare.
[ link to this | view in thread ]
Glyn said:
"No doubt, many people might think phone companies should provide this kind of information, provided a properly executed court warrant is presented."
The article said:
"Wireless carriers are told they must be ready to hand over such data should police or intelligence agencies compel the release of the information through judicially authorized warrants."
I think we're a tiny bit better off in Canada because the warrants are not being authorized by a secret court. Of course, I may be naive.
[ link to this | view in thread ]
Hang on...
It is clear that many have been acting on an assumption of privacy...
Remember this simple rule... "if you do not own the media which you communicate over, assume it to be untrusted and act accordingly".
The fact that it is believed that there is privacy over a common carrier network is your own oversight. If you wish to secure your voice and data, apply your own encryption. It may not be infallible, but it will thwart casual interception. If you are the target of a legal intercept, then you have far greater issues to contend with.
[ link to this | view in thread ]
If you google "Solicitor General's Enforcement Standards" you can find all sorts of interesting documents, including this one-pager from the Department of the Solicitor General complaining that the requirements only apply to circuit-switched phone networks and not packet-based ones (it's an old document, I'm not sure if the SGES have been updated to address this).
http://www.ic.gc.ca/eic/site/smt-gst.nsf/vwapj/solcitor.pdf/$FILE/solcitor.pdf
[ link to this | view in thread ]
Re:
CSE's doesn't really need a warrant because they're not supposed to be operating in Canada unless they're providing technical support to another agency (in which case, they are limited to whatever authorization that agency has managed to obtain).
Technically, the court where CSIS gets it's warrants from isn't *secret*: it's the Federal Court. But while the court might not be secret, quite often the proceedings are, so it's not a big gain.
[ link to this | view in thread ]
"Lawful Access"
[ link to this | view in thread ]
Re: "Lawful Access"
[ link to this | view in thread ]
Re: Re:
[ link to this | view in thread ]
Something else to think about
A phone OEM (original equipment manufacturer), let's give them a fictitious name, Samsorolpple.
Now Samsorolpple finds that in order to sell its devices in Canada, its equipment must meet this spying requirement.
Once Samsorolpple has gone through the design, engineering and manufacturing of a mobile phone, should it have yet another model device for non-Canadian countries? Or would it be cheaper to just market the same spying enabled device in other countries?
Now, suppose the spooks in another country, let's say the People's Democratik Untied Skates (or PDUS) get wind of this. Do you suppose the PDUS will also want in on the spying enabled action of Samsorolpple's phones, and those of every other OEM?
Could the PDUS learn of this from the Canadian's by secret cooperation? What about an Untied Kingdom? Or a far south pacific upside down land peopled entirely by criminals?
So what are the odds that people in non free countries are already being spied on by their governments, for the last 20 years, in some cases in violation of their own laws and constitutions?
Thank goodness that we who live in the good ol' US and other major developed free world countries don't have to worry about this.
[ link to this | view in thread ]
[ link to this | view in thread ]
Re: Hang on...
We ALL have far greater issues to contend with.
[ link to this | view in thread ]
Re: Re: Re:
[ link to this | view in thread ]
Re: Something else to think about
This can't be device issue. Think about it, the only reason the telco knows its you making a call is the SIM card in your phone. You can move the SIM card to another phone and make a call.
This issue has nothing to do with Samsung, Apple, etc.
[ link to this | view in thread ]
No surprise. It's not actually hidden (hiding in plain sight)
[ link to this | view in thread ]
WTF?
https://www.google.ca/search?q=lawful+intercept+canada
[ link to this | view in thread ]
[ link to this | view in thread ]
I sure as hell feel sub-human, after the NSA/AT&T tried to man-in-the-middle my encrypted TextSecure messages. After the man-in-the-middle attempt failed, I was then sent a web browser spyware update so they could read my private communications anyway.
Law-abiding citizen here. No reason to tap my phone. Only reason to tap my phone is because I'm considered sub-human. With no rights to private communications.
[ link to this | view in thread ]
Re: keystrokes
Is that why touchscreens are so popular now?
[ link to this | view in thread ]
[ link to this | view in thread ]
Re: Re:
[ link to this | view in thread ]
Re: Re: Something else to think about
> Authorities also want records of call logs, texts, keystrokes and other data
At least for keystrokes and logs, the easiest and maybe only way to get it is to compromise the device. Have a software agent (or "service") running in the device that communicates with the telco mother ship. Most telcos put their own non-removable apps into devices anyway. So it's not a big deal to imagine that some level of compromise exists within the device.
But you're right, it doesn't necessarily mean that the OEM had to put it there. The telco probably could do it.
[ link to this | view in thread ]