Canada Temporarily Drops Out Of Five Eyes Spying Coalition, After Realizing It Wasn't Properly Protecting Information

from the an-eye-for-an-eye dept

Thu, Jan 28th 2016 3:33pm — Mike Masnick

Of course, by now you know about the "Five Eyes" coalition of the signals intelligence agencies of the US, UK, Canada, Australia and New Zealand all sharing certain intelligence information between them. Some of the Snowden docs have made clear that this collaboration helps the various countries get around restrictions on "domestic" surveillance by effectively offshoring it to other "friendly" electronic spy agencies. Well, at least for now, it appears that that the Five Eyes effort has lost an Eye.

Canada's signals intelligence agency, the Communications Security Establishment (CSE), has stopped sharing data with the other Four Eyes after realizing that it hadn't done a particularly good job of protecting the metadata it collected on Canadians.

"While I was conducting this current comprehensive review, CSE discovered on its own that certain metadata was not being minimized properly," Plouffe explained in the report.

"Minimization is the process by which Canadian identity information contained in metadata is rendered unidentifiable prior to being shared …."

"The fact that CSE did not properly minimize Canadian identity information contained in certain metadata prior to being shared was contrary to the ministerial directive, and to CSE's operational policy."

I guess it's nice that the CSE figured out that it had screwed up on its own, but really, it makes you wonder just how much information the Canadian gov't was sending abroad on its own citizens.

Of course, the sharing will start back up again at some point in the future, once they've decided that they've properly "minimized" the data. And while Canadian politicians seem to be accepting the very Canadian apology of the CSE and saying that this was all an accident, shouldn't this kind of "mistake" lead to a bit more than a "sorry" and "we'll make sure it's better next time"? Shouldn't we be examining why such mass surveillance and data sharing are happening in the first place?

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: canada, five eyes, mass surveillance, metadata, minimization, nsa, sigint, surveillance

14 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

That Anonymous Coward (profile), 28 Jan 2016 @ 3:52pm

One wonders which powerful person got snagged in something.

One does find it hard to believe that any changes in course are because of concern for the "little people" who have been wholesale sold out as they look for ways to bypass the laws put into place to protect us from exactly what they are doing.

These methods used in other countries are decried, while at the same time embraced by those who point fingers at the other guy. Perhaps they should notice while they are pointing at others there are 4 fingers pointing back that should be poked in the 4 other eyes.
[ link to this | view in chronology ]
- Anonymous Coward, 29 Jan 2016 @ 3:56am
  
  Re:
  Is it not possible that this is the case of a civil servant actually doing his/her job? We have a few of those in Canada. Witness the slew of Auditors General and Privacy Commissioners, who have become minor hero figures. Well, at least to me, that is.
  
  That, and a new government that has promised to open, transparent governance, that has much more Internet-savvy than the previous one, combined with an easy, clear call that doesn't really have any great cost.
  [ link to this | view in chronology ]
  - Paul Renault (profile), 29 Jan 2016 @ 3:58am
    
    Re: Re:
    Dang! I signed in to my password manager and then forgot to sign in here... In case anyone care, I take ownership of the reply above.
    [ link to this | view in chronology ]
  - Anonymous Coward, 29 Jan 2016 @ 7:29am
    
    Re: Re:
    "While I was conducting this current comprehensive review, CSE discovered on its own that certain metadata was not being minimized properly," Plouffe explained in the report. "
    
    I agree it certainly sounds like CSE realized their "mistake" as soon as it looked like they were about to be caught by Plouffe, or maybe who he reports to.
    [ link to this | view in chronology ]
Anonymous Coward, 28 Jan 2016 @ 4:07pm

The intelligence community had better start reaching out to their contacts. Nobody likes being called Four Eyes.
[ link to this | view in chronology ]
Personanongrata, 28 Jan 2016 @ 4:07pm

Total Surviellance for Profit
Shouldn't we be examining why such mass surveillance and data sharing are happening in the first place?

Insider trading, blackmail and industrial espionage leap into mind.

Not only do defense contractors get lucrative contracts to create, service and operate the surveillance boondoggles system users and program insiders can benefit by using purloined data for personal gain.
[ link to this | view in chronology ]
tqk (profile), 28 Jan 2016 @ 4:24pm

CSE, please hire better people.
Having met and worked with and been pushed under the bus by a CSE alumnus (though ultimately vindicated), I'm not the least bit surprised these technical wizards can't code a correct SQL select statement to extract only the columns necessary from an rdb table containing raw ISP data. It makes me wonder if the NSA told them, "Just use this", and they blindly did a copy & paste.

What trusting sorts we Canucks can be. Now we get to have them play with C-51. Great. :-P
[ link to this | view in chronology ]
Wowza, 28 Jan 2016 @ 6:28pm

Get a grip guy
Don't feel bad Canada. I'm sure Australia has been sharing ALL of its data for many years. But even if that weren't true we've just instigated a new system to make sure we collect way more than is absolutely necessary and share it with everyone else, including gambling 'agencies'

http://www.gizmodo.com.au/2016/01/heres-every-government-agency-that-wants-your-metadata/
[ link to this | view in chronology ]
Mark Wing, 28 Jan 2016 @ 6:37pm

Careful with that data. You could put an eye out.
[ link to this | view in chronology ]
Anonymous Coward, 29 Jan 2016 @ 2:11am

We have had a change in government recently so maybe that's the reason and the new PM honestly wants to safeguard Canadians over lining his wallet like the last one was mainly concerned with.
[ link to this | view in chronology ]
Yes, I know I'm commenting anonymously, 29 Jan 2016 @ 4:04am

I would like to object to the use of the term coalition?
And also propose the more accurate term surveillance cartel. It has the right connotations.
[ link to this | view in chronology ]
Anonymous Coward, 29 Jan 2016 @ 5:54am

I came for the four-eyes jokes
[ link to this | view in chronology ]
- Anonymous Coward, 29 Jan 2016 @ 6:04am
  
  Re:
  and please update the wikipedia article on four eyes
  FVEY to FREY
  [ link to this | view in chronology ]
Sanjnakumar (profile), 29 Jan 2016 @ 8:37am

Canada Temporarily
[ link to this | view in chronology ]