Four years after NSA contractor Ed Snowden exposed the US government’s massive internet spying apparatus (and incidentally revealed the “five eyes” global surveillance partnership that includes Canada), Canadians are more concerned about their digital privacy than ever before.
But, according to a new report from the Canadian Internet Registration Authority (CIRA), which manages the .ca top-level domain, the vast majority simply do not understand the risks of being exposed to NSA surveillance, despite their concern. This, to say the least, is concerning.
The internet is a physical system with gateways located in different geographic locations, where the data that passes through is subject to local laws. Most Canadian internet traffic is routed through the US, where it is not protected by Canadian privacy laws and may be snooped on by American spy agencies. This includes, for example, information that you send through Facebook. Many cloud storage services are also physically located in the US, exposing files stored there to the same surveillance risk.
According to CIRA’s Internet Factbook 2017, a survey-based report the organization produces annually, 76 percent of Canadians are worried about their data’s privacy if it is routed through the US. That figure is up 12 percent from 2016. However, the report states that only a third of Canadians know that their data is routed through the US and that cloud storage services may be based in the US.
Clearly, there’s a disconnect here, but it’s not necessarily because the government hasn’t done anything on this front. “Data localization,” a notion that enshrines in law the principle that Canadians’ data should be stored in-country, has been a talking point for the government here for years. Storing Canadian data on Canadian soil is part of the current and ongoing NAFTA negotiations with the US, although some industry players worry the Canadians are being too soft on the issue.
The US, in contrast, is in favour of global data flows and is reportedly pushing hard to nix data localization language in a re-negotiated NAFTA. The US was also against Canadian data localization during Trans-Pacific Partnership negotiations before the country exited the agreement process.
So, it’s a whole thing. Thankfully though, if you’re among the two-thirds of Canadians who doesn’t quite “get” how this whole data localization thing works (and clearly there’s no shame here, you’re not alone), University of Toronto professor Andrew Clement released a tool this year that shows you where your data goes, geographically speaking.
Happy freaking out, eh!
Get six of our favorite Motherboard stories every day by signing up for our newsletter .
CORRECTION: An earlier version of this article stated that the IXmaps tool was released by the Office of the Privacy Commissioner (OPC) of Canada. In fact, it was produced by University of Toronto professor Andrew Clement and funded by the OPC. Motherboard regrets the error.