CSEC, Canada’s NSA, Is Using Free Airport WiFi to Spy on Canadians

Pearson airport, potential international spy trap. Photo via.

This morning, the CBC released a bombshell story about CSEC, Canada’s NSA. The CBC’s breaking news comes from previously unreleased documents from Edward Snowden, which they analyzed in tandem with Ronald Deibert, founder and director of the University of Toronto’s Citizen Lab—an “interdisciplinary laboratory” that analyzes the contentious intersection between technology and human rights.

I’ve previously reported on CSEC and speculated on their trustworthiness in the wake of Snowden’s unrelenting fire-hose of leaked spy files, but until today there wasn’t much information about the notoriously mysterious agency that operates out of a 72,000 square foot, $800 million dollar surveillance palace in Ottawa.

Last year, thanks to the Guardian, we learned that Enbridge was canoodling with CSEC to gather information on Brazil’s mining and energy industries. Glenn Greenwald also brought Snowden documents to the CBC, who then reported the Canadian government allowed for the NSA to set up a surveillance operation in Ottawa during Toronto’s G20 in 2008, to spy on the other world leaders. The redacted documents from that operation are available to read on Wikipedia.

Around the time CBC broke the G20 story in December, Greenwald warned that more CSEC leaks were just around the corner—adding that there was “very substantial evidence” that CSEC spying on Brazil was “far from aberrational.” He also pointed to Canada’s membership in the Five Eyes spy club—a partnership with the NSA, the UK’s GCHQ, New Zealand’s GCSB, and Australia’s DSD—and explained how those countries have placed “a massive spy net over the entire world.”

So, today’s breaking news greatly illuminates Canada’s role in the Five Eyes and how they are apparently using dragnet surveillance programs to spy, indiscriminately, on “thousands of ordinary airline passengers for days after they leave the [airport] terminal.” CBC is hosting the redacted, top-secret overview of CSEC’s airport-spying program on their website. Apparently CSEC is able to identify airport travelers’ phones and laptops in a massive spying sweep, and then continue to track them backwards and forwards in time, to determine which Canadian hotels and other Canadian airports they’ve visited, what local internet cafes they may have checked in at, and then which international hotels, airports, and other WiFi hubs they’ve logged into abroad.

This ability to go backwards and forwards in time indicates CSEC has access to vast treasure troves of data that they are matching to the wireless devices they’re scooping up and identifying through their airport surveillance program. This helps them to create what sounds like a very comprehensive record of any traveler’s coming and goings throughout the world. I contacted Ronald Deibert this morning to clarify that capability: “CSEC is acquiring data from several sources, including what's described as a ‘Canadian Special Source’ and several databases, which are possibly operated by other private companies or agencies abroad. This means that they likely have the capability to interrogate data in bulk over a large stretch of time—depending on what's contained in those databases and what's been handed to them by the ‘Canadian Special Source.’ I take the latter to mean a large telecommunications provider in Canada.”

Deibert is the author of Black Code: Surveillance, Privacy and the Dark Side of the Internet, a comprehensive, must-read account of the global surveillance and censorship network that the governments of the world have unleashed on the planet. Much of the book deals with the secretive, internet security and military industrial complex formed by government agencies such as the NSA, and private contractors like Edward Snowden’s former employer, Booz Allen. While journalists and activists—like the currently imprisoned Barrett Brown, or the Telecomix group, through their Bluecabinet Wiki—have done extensive research in the United States to discover how this shadowy network operates, very little is known about how CSEC operates alongside private contractors to gather information.

According to Deibert’s own interpretation of today’s bombshell, CSEC may be using information collected from private companies, along with Canadian telecom providers, to create a massive database of information they can use to track the comings and goings of large amounts of people en masse. Revelations like today’s CSEC leaks show how our laptops and smartphones are treated, in Deibert’s words, as “digital dog tags” to the surveillance agencies that ostensibly aim to track every single movement that occurs on planet Earth.

This morning’s report from the CBC states: “CSEC claims ‘no Canadian or foreign travellers' movements were 'tracked,' although it does not explain why it put the word ‘tracked’ in quotation marks.” After James Clapper, the United States’ Director of National Intelligence, lied to Congress when he said Americans were not being spied on by the NSA—any such statement from a Five Eyes spy agency comes with almost zero credibility.

Top secret CSEC doc, via the CBC.

On top of that, CSEC’s own language in their overview of the airport-spying program does not seem to indicate they’re only collecting data on alleged terrorists or other dangerous targets. The presentation’s slide on “Data Reality” describes how travelers tend not to linger when they arrive at the airport, so their WiFi usage is limited to the wait time between connecting flights, or at baggage claim, or even in private lounges. To me, this kind of high-level, macro-analysis on passenger behaviour describes an all-consuming surveillance program, rather than one that is specifically out there looking for the “bad guys” in the interest of “national security.”

The presentation goes on to describe “a new needle-in-a-haystack analytic” that apparently allows CSEC to sort through the mass amount of information they’re collecting to find specific targets. They use a case study example of a “kidnapper based in a rural area [who] travels to an urban area to make ransom calls,” in an effort to hide-out in an place where there is a greater volume of communication data to spy on and sift through—i.e., a bigger haystack. The CSEC presentation explains to its spies how they can “sweep” a public area to determine where ransom calls, for example, are being made if they know the time of the call—even if the “kidnapper” is using public WiFi at a library or coffee shop.

If CSEC knows the time of the “ransom calls” they can sweep an area where they believe the “kidnapper” is located, and then look for aberrations in the data. For example, they’ll remove all of the “heavy users” from the list that are constantly connected—because their “kidnapper” only popped online to make one quick call.  The more “ransom calls” their “kidnapper” makes, the more information they have to hopefully separate the needle from the haystack—as they put it.

As Ronald Deibert wrote in the Globe and Mail today, in an article titled “Now we know Ottawa can snoop on any Canadian. What are we going to do?”: “When you go to the airport and flip open your phone to get your flight status, the government could have a record. When you check into your hotel and log on to the Internet, there’s another data point that could be collected. When you surf the Web at the local cafe hotspot, the spies could be watching.”

It’s this kind of surveillance-based law enforcement strategy that will likely divide people on the usefulness of agencies like CSEC. If we think about in their terms—i.e. how this kind of dragnet surveillance can be used to catch a kidnapper—it’s easy to get comfortable with such a massive spying power operating in Canada. But when you consider the haystack, beyond the needle, and realize that CSEC is not just collecting information on that one supposed kidnapper, but also the data of the other hundreds of thousands, or millions, of people surrounding that bad person, suddenly the usefulness and even the legality of such a program becomes highly dubious. Ronald Deibert has stated quite clearly he believes this CSEC program is illegal, so it will be very interesting to see how the government reacts—if at all—and if there’s any significant social fallout from this highly revelatory leak.

@patrickmcguire