Get Your Spy On : Bill C-22

International Civil Liberties Monitoring Group : OUR ANALYSIS OF C-22: AN INADEQUATE AND WORRISOME BILL

"The Liberal government has recently tabled Bill C-22, the National Security and Intelligence Committee of Parliamentarians Act, in order to create the long-awaited committee to look over Canada’s national security activities."

Andrew Mitrovica : National security oversight woefully inadequate

"Ralph Goodale's heralded National Security and Intelligence Committee is not robust, independent and meaningful but merely enshrines the lousy status quo into law."

Craig Forcese makes many of the same points - Knee Jerk First Reaction - on the bill designed to deliver parliamentary oversight to CSIS, CSEC, RCMP among 20 other national security agencies, but nonetheless gives Bill C-22 a "high pass".

The committee will consist of seven MPs and two senators, all appointed on the recommendation of the PM. I'm guessing the more stringent security clearance they will need to undergo has something to do with Harper having appointed Arthur Porter to SIRC, the watchdog committee overseeing CSIS.

And yes, CSE really is following 34 people on twitter. I imagine they're also on The Book of Faces. ;-)
.

Here's looking at you, kid

Nine out of 12 big telecoms in Canada deigned to reply to Privacy Commissioner Jennifer Stoddart with info about their disclosure of customer data to law enforcement in 2011

• Law enforcement agencies made 1,193,630 requests for subscriber data in 2011
• Or, one request every 27 seconds
• Three telecom providers alone disclosed information from 785,000 customer accounts
• If each request had been for a different subscriber, that would work out to one in every 28 Canadians including babies
• In 2010, 94% of RCMP requests for name and address were made without a warrant
• Customers are not informed their private info has been disclosed
• At least one telecom appears to have instituted a special law enforcement direct access database

And this info, these figures, are three years old.
Meanwhile the Cons look to expand that cozy relationship with two new bills :

• Bill C-13, the cyberbullying bill, will also give immunity from civil or criminal liability to telecoms coughing up info without a warrant
• Bill S- 4 extends the ability to disclose subscriber info without a warrant to private sector organizations as well

As telecom customers, we're paying them twice to peddle our info - once when we pay the telecoms to collect the info about us and deliver it to law enforcement and again when law enforcement agencies use our taxes to pay the telecoms for the info.

The irony here is how important privacy and anonymity are to the telecoms - their own at least.
Their response to Stoddart included the strategy of having their answers collated by a law firm and delivered to her as a bulk package that doesn't identify which telecom provided each piece of info. Why? To preserve their own privacy and anonymity.

Remember when we were aghast to learn that there was a "Canadian Special Source" providing CSEC with wifi data on random Canadians as part of a 2012 airport surveillance exercise? Ah the good old days of three whole months ago. 

Want to know what your telco has divulged about you? They are compelled by law to respond to you with something if you ask as an individual subscriber to their services.
Citizen Law provides a template letter and the telco contact details to send it to. Takes just a few seconds. When I get my response, I'll post it.

h/t  Lux ex Umbra and Michael Geist
.

CSEC : Get Your Plouffe On!

CBC : CSEC exoneration a 'mockery of public accountability'

"The CSEC watchdog, headed on a part-time basis by a semi-retired judge, Jean-Pierre Plouffe, concluded:  “No CSEC activity was directed at Canadians or persons in Canada…that would be illegal.” 

Plouffe’s office says its investigation exonerating CSEC consisted almost entirely of talking to CSEC."

Lux ex Umbra : Q: Why did CSEC spy on Canadian wi-fi?  A: It's all good!
.

Edward Snowden interview

Wed. Feb 5 Update : Video removed at source from Vimeo last night, leaving the above note in its place on Creekside. Alternate copy of Snowden interview can be seen here.

Great interview recorded a week ago, including a few choice words applicable to recent revelations about CSEC scooping up Canadians' IP IDs and tracking them across airports, hotels, conference centres, coffee shops, and libraries, and DefMin Rob Nicholson's response.

"What we saw initially in response to the revelations was sort of a circling of the wagons of government ...  Instead of circling around the public and protecting their rights, the political class circled around the security state and protected their rights."

"The Five Eyes alliance is sort of an artefact of the post-WW2 era where the anglophone countries of the major powers banded together to co-operate and share the costs of intelligence gathering infrastructure. So we have the UK's GCHQ, we have the US NSA, we have Canada's CSEC, we have Australia's Signals Intelligence Directorate and we have New Zealand's DSD. What the result of this was over decades and decades was a supranational intelligence organization that doesn't answer to the laws of its own countries." 

"The key is to remember that the surveillance and the abuse doesn't occur when people look at the data, it occurs when people gather the data in the first place."

There have been complaints of this interview disappearing off Vimeo and being entirely erased from Youtube, the latter possibly for copyright reasons. Should this one go down however, here's an alternate copy.
.

CSEC : Spy vs. WiFi

So what exactly have we learned here from this 2012 CSEC pilot project that tracked wireless devices across airports, hotels, conference centres, coffee shops, and libraries, starting from a "single Canadian airport WiFi IP address" and "two weeks worth of IP-ID data" from a "Special Canadian Source", using ">300,000 active IDs over two weeks" in a "modest size city" as a control group?

1.  As Defence Minister Rob Nicholson, CSEC, and CSEC watchdog commissioner Plouffe have all now explained to us, CSEC wasn't "tracking" these Canadians because that would be illegal and our privacy is important to them.

2. If you haven't been issued a special decoder ring providing a CSECret definition of the words "tracking" and "metadata", whose fault is that?

3. If you are a hypothetical kidnapper from a rural area coming to the big city to make your three ransom phone calls - carefully spaced exactly 40 hours apart as seen in the nice CSEC powerpoint spreadsheet - at least try to blend in with the rest of the internet by forwarding some cat pictures around as well so your lone ransom calls don't stick out like a sore thumb.

If you don't much care for forwarding cat pictures, use a friggin' payphone.

.

Sat AM update : For those of you wondering what the fuck Calandra meant in the House yesterday when he called Glenn Greenwald, co-journalist on the CBC exposé, "a porn spy" - it's the Canadian nonsense version of "espionage pornographer", used two weeks ago by American Enterprise Institute's Marc Thiessen to describe whistleblower Edward Snowden.  

I guess the PMO thought Thiessen's version sounded too elitist.    h/t Techdirt

.

Sun AM update : Ryan Gallagher, one of the three journos on the original CBC piece, parses the CSEC and gov reaction. 

.

The always incisive Lux Ex Umbra looks at how we should interpret CSEC's mandate now. 

If, as CSEC seems to maintain, its collection of metadata is both legally within its mandate and likely to be upheld by the courts, then it would appear :

1. there is no upper limit to collection of that data
2. the section of its mandate referring to not directing its operations "at Canadians or any person in Canada" does not apply, and  
3. given that part 3 of CSEC's mandate is to assist CSIS, the RCMP, CBSA, and other intelligence agencies, do those agencies require a separate warrant to access CSEC's metadata collection?

And a question of my own - Does this metadata automatically get shared with FiveEyes?

Or to put it more dramatically - is Skynet operational now?

.

Inside the Senate Committee on National Security

On Monday the Senate Committee on National Security and Defence heard from the watchdogs of both CSIS and CSEC - Chuck Strahl, Chair of the Security Intelligence Review Committee (SIRC), and CSEC Commissioner Jean-Pierre Plouffe.

Here Plouffe is explaining to Senator Romeo Dallaire why Justice Mosley slapped down CSIS for outsourcing their spying to their Five Eyes partners (US, UK, NZ, and Australia) via CSEC. Plouffe :

"CSIS has a jurisdiction which is limited to Canada, whereas CSE's jurisdiction reaches abroad. So CSIS, in accomplishing its activities, believes it has need of assistance from allies abroad and in order to obtain this, CSIS has to go through CSE because CSE deals directly with allies. In Justice Mosley's decision, CSIS asked for assistance from CSE because both individuals in question were abroad. And what happened is unfortunately CSIS did not disclose to Justice Mosley that they sought assistance from Five Eyes. So it is legal for CSE to call on the Five Eyes, however in this case there was a warrant from the court that specified it be within Canada not abroad. Mosley said CSIS was lacking in candor and good faith." 

Plouffe added this has "complicated" CSEC's relationship with the NSA and other partners.
The impression you get from listening to Plouffe is that the Five Eyes partners share just about anything and everything, with the Canadian contact being CSEC.

CSIS watchdog Chuck Strahl addressed this as problem for the privacy of Canadians, saying "we must put legal caveats on CSIS/CSE-generated intel" shared with Five Eyes partners and third parties :

 "CSIS is concerned with erosion of control of intelligence given to CSEC and by extension to the Five Eyes community." 

"CSIS has developed information privacy protocols with only one Five Eyes partner."

While Strahl doesn't reveal which Five Eyes partner it is we do have a privacy protocol with, a 2009 Memo of Understanding between the NSA and its Israeli counterpart does mention one between NSA and Canada. This was the Snowden-leaked doc which revealed an NSA agreement purporting to share raw unfiltered intelligence data with Israel, who is not a Five Eyes member, with the proviso that Israel weed out intel about Americans and other Five Eyes citizens .

Or as Strahl put it : "A Five Eyes partner may act independently on CSIS-originated info."

He said his office was limited to the oversight of CSIS and so his investigators were unable to follow threads that led into CSEC. Likewise Plouffe said his office could not stray into investigating CSIS. 

This was not, Strahl said, what O'Connor and Iacobucci had in mind when they each recommended a joint oversight, adding there is "no provision in current legislation, which is 30 years old, for parliamentary oversight", the only Five Eyes partner not to have any.

On Abdelrazik, Strahl said CSIS created an "exaggerated threat assessment" and "inappropriately disclosed classified information". 

The senators seemed far more concerned with what new measures had been put in place to prevent a "Snowden nightmare" in Canada than in the content his leaks revealed. They didn't ask a single question of Plouffe or Strahl about spying on the G20 in Canada and Brazil or allowing the NSA to build backdoors into internet encryption under our watch.

Not one.

For his part, Strahl said "Snowden has caused us to question how we work and that's good."

Asked what possessed him to come out of retirement last year to head up SIRC, Strahl laughed and said it was classified. 

I'll bet. SIRC has had an interim chair since the former SIRC chair and fraudster appointed by Harper, Dr. Arthur Porter, resigned in disgrace in 2011.

.
Dec 20 Update : Plouffe's explanation above - on Justice Mosley chastising CSEC/CSIS for outsourcing their spying on Canadians to Five Eyes partners - goes public :

CSIS asked foreign agencies to spy on Canadians, kept court in dark, judge says

Canada's spy agencies chastised for duping courts

Canada’s spy agencies have deliberately misled judges to expand their eavesdropping powers unlawfully

Update : Senate Committee transcript up.
.

Spysplaining

Leaks on Five Eyes spy network are fuelling ‘misinformation,’ CSEC chief says reads the G&M headline.

Actually it was the CSEC watchdog and not the CSEC chief who fretted to a senate committee today about CSEC info being made public, but you can see how the G&M headline writer could have confused the two. Lone CSEC watchdog commissioner Jean-Pierre Plouffe, appointed two months ago to ensure CSEC stays within the law, talked a lot more like a chief defending his outfit than an independent watchdog holding it to account.

Plouffe is worried about "sensational" docs leaked to the media being "taken out of context" and turned into "myths" and "misinformation", and sees it as his job to correct that.

One of the *myths* Plouffe will presumably soon be spysplaining for us is last night's CBC story bylined by Glenn Greenwald :

Snowden document shows Canada set up spy posts for NSA

Canada has set up covert spying posts around the world and conducted espionage against trading partners at the request of the U.S. National Security Agency in "approximately 20 high-priority countries."

"Co-operative efforts include the exchange of liaison officers and integrees," the document reveals, a reference to CSEC operatives working inside the NSA, and vice-versa.

It notes the NSA also supplies much of the computer hardware and software CSEC uses.

Other Snowden-leaked docs from Glenn Greenwald in need of Plouffe's corrective touch will include :

• CSEC partnering with the NSA to conduct spying operations on Canadian soil during the 2010 Toronto G-20 summit to "support U.S. policy goals" .
• CSEC spying on Brazil's Ministry of Mines and Energy.
• CSEC using its trusted position as overseer of the standardization of cryptography to allow the NSA to build a “back-door” into the encryption, allowing the USA to secretly spy on 163 ally nations for years.

It was a puppet head trifecta today - the new CSEC *watchdog* defending NSA puppet CSEC to the PMO puppet Senate.

No mention as to whether CSEC got to join the NSA and GCHQ in infiltrating World of Warcraft and Second Life.

For much more in-depth CSEC coverage : Lux ex Umbra 

.

Paul Calandra attacks Glenn Greenwald and CBC

I think Calandra read off his bit of paper from Steve rather well today, don't you? 
Love the bit about how :

"CBC only admitted to their cash-for-news scheme after The Wall Street Journal forced it out of them"

...  by cleverly reading Greenwald's byline alongside those of Greg Weston and Ryan Gallagher at the top of the CBC article.

A byline that has also graced the pages of The Guardian and the New York Times, where, presumably, Greenwald also got paid as a journalist.

And I'm sure the actual subject matter of the CBC article :

New Snowden docs show U.S. spied during G20 in Toronto 

"Stephen Harper's government allowed the largest American spy agency to conduct widespread surveillance in Canada during the 2010 G8 and G20 summits.  

An NSA briefing note describes the American agency's operational plans at the Toronto summit meeting and notes they were "closely co-ordinated with the Canadian partner."

had nothing at all to do with monkeynuts using his parliamentary privilege to refer to constitutional lawyer/author/journalist Glenn Greenwald as a "Brazilian-based former porn industry executive". 

Transcript ... for Steve's scrapbook : 
Mr. Paul Calandra, Parliamentary Secretary to the Prime Minister :

Mr. Speaker, the CBC’s Journalistic Standards and Practices make clear that and I quote : 

To ensure we maintain our independence, we do not pay for information from a source in a story.  

When CBC’s The National aired a report about U.S. activities during the G8 and G20, neither Peter Mansbridge nor Greg Weston disclosed that they had paid their source, Glenn Greenwald. Greenwald is a Brazilian based former porn industry executive, now assisting Edward Snowden leak national security information.  

CBC only admitted to their cash for news scheme after The Wall Street Journal forced it out of them. CBC is trying to justify the violation of their own ethical standards by claiming that Greenwald is a *freelancer*. 

Mr. Speaker Greenwald has strong and controversial opinions about national security and of course, that's his right, but when CBC pays for news, we have to ask why furthering Glenn Greenwald’s agenda and lining his Brazilian bank account more important than maintaining the public broadcaster’s journalistic integrity?

h/t Canadian Cynic for this link to Greenwald's blistering debunking of the unfortunate WSJ article referred to by Calandra :
 http://utdocuments.blogspot.ca/2013/11/wall-street-journals-alistair-macdonald.html
.

Camelot Security Establishment: "It's only a model"

Michael Byers makes a good case that Canada's military procurement is like a Monty Python movie, akin to "a knight riding a make-believe horse while knocking two coconuts together."

Also rather like the dead parrot sketch but he missed the most obvious Python Holy Grail allusion of all  - that DND is building CSEC a massive new $1B home they've nicknamed Camelot.
The Camelot sketch from Holy Grail is one of my all time faves so here it is with updated Camelot Security Establishment lyrics below.  Sing 'em loud!



Knights, I bid you welcome to your new home - let us ride to Camelot.

We're Knights of the CSEC Table
We hack whene'er we're able
We snoop emails and "Search" details
On fibre optic cable.
We dine well here in Camelot
Coz a billion bucks buys quite a lot.

We're Knights of the CSEC Table
Our building's formidable, 
Catching Pierre Poutine is not our scene
That case is unbreakable.
Brazil is mad at Camelot
Coz we sing to NSA a lot.

As spooks we're tough and able
Quite indefatigable.
But Greenwald's leaks on our techniques
Have made things quite unstable.
It's a busy life in Camelot
Appeasing Uncle Sam a lot
.

CSEC data mining Brazil's mining data

Amusing to see both NaPo and the G&M are hosting remarks from former CSIS deputy director Ray Boisvert dismissing the recent Snowden/Greenwald docs which revealed CSEC spied on Brazil's Mines and Energy Ministry. 
Snowden was present at the Five Eyes conference where the CSEC presentation on their Olympia spying program on Brazil took place.
Boisvert in both papers:

“We were all too busy chasing bad guys who can actually kill people. The idea that we spend a lot of time, or any time at all, on a country like Brazil is pretty low margin stuff, not likely to happen.”

The docs probably only represent "a war gaming exercise", says Boisvert, just “paper exercises” :

 'OK, let’s say our target in counter-terrorism lives in Mali and we have to go up against the Malian telecommunications system.’ They’ll go look at another country and say, ‘OK, well they have a similar network so let’s do a paper exercise and say ‘what do we need?’” he said. “I think that’s all this was.'

Because when you're "busy chasing bad guys who can actually kill people" and stuff, naturally your anti-terrorism war games will entail a cyber-espionage program searching for corporate secrets in a country where 40 of your own country's mining corporations are operating. 

Wouldn't have anything to do with looking for info on Brazil wanting to block a Canadian mining company from opening the largest open pit gold mine in Brazil, would it? Brazilian prosecutors say the company has failed to study the impact on local Indian communities and has advertized on its own website "plans to build a mine twice the size of the project first described in an environmental assessment it gave state officials."

Ok, foreign media. The Guardian, today : 
Canadian spies met with energy firms, documents reveal

The Canadian government agency that allegedly hacked into the Brazilian mining and energy ministry has participated in secret meetings in Ottawa where Canadian security agencies briefed energy corporations.

According to freedom of information documents obtained by the Guardian, the meetings – conducted twice a year since 2005 – involved federal ministries, spy and police agencies, and representatives from scores of companies who obtained high-level security clearance. 

Meetings were officially billed to discuss "threats" to energy infrastructure but also covered "challenges to energy projects from environmental groups", "cyber security initiatives" and "economic and corporate espionage".

The documents – heavily redacted agendas – do not indicate that any international espionage was shared by CSEC officials, but the meetings were an opportunity for government agencies and companies to develop "ongoing trusting relations" that would help them exchange information "off the record", wrote an official from the Natural Resources ministry in 2010.

Thank you, Enbridge, for providing the snacks for the one in May 2013.  

Keith Stewart, an energy policy analyst with Greenpeace Canada, said:

"There seems to be no limit to what the Harper government will do to help their friends in the oil and mining industries. They've muzzled scientists, gutted environmental laws, reneged on our international climate commitments, labelled environmental critics as criminals and traitors, and have now been caught engaging in economic espionage in a friendly country. Canadians, and our allies, have a right to ask who exactly is receiving the gathered intelligence and whose interests are being served."

Good question. And did no Canadian media request these same FOIs?
You know, I think I blogged about government security briefings to energy companies a few years ago - I'll see if I can find it.

Meanwhile, would be interesting to hear Boisvert's explanation as to why the CSEC logo appeared on another NSA doc about intercepting phone calls and emails of ministers and diplomats at the 2009 G20 summit in London. 
More "paper exercises"? Filling in an empty spot on the page while chasing bad guys? 

And re the recent NSA spying on Brazil PM Dilma Rousseff and the state oil company Petrobras. Did CSEC help out its Five Eyes partner there too?
Back in 1983, CSEC spied on two of Margaret Thatcher's cabinet ministers on behalf of Thatcher and Britain's spy agency GCHQ, so this wouldn't exactly be new territory for CSEC.

Fun fact : The annual report on CSEC produced by its independent watchdog commissioner must first be vetted by CSEC "for national security reasons" before it can be released. [head/desk]
.
P.S. I pillaged the CSEC slide at top from Lux ex Umbra, where you can view the rest of them.

Friday update : Don't shrug at spying.
.

CSEC presents Hackfest

Nope, not a photoshop this time. It's CSEC, the Canadian government's version of the NSA, presenting a hacker conference for computer security enthusiasts this November in Quebec. [h/t Lux ex Umbra] 
Events scheduled for Hackfest Strikes Back include :

• Hide yo Apache, hide yo SSH cause they backdoorin’ everybody out there
• Bypassing Security Controls with Mobile Devices
• Bypassing whitelisting/blacklisting, anti-virus, and other preventative technologies
• Bypassing Security Defenses – Secret Penetration Testing Techniques - $995.

And a panel discussion : "How can researchers make money selling vulnerabilities? Should they or is it extortion?"

A talk titled Why the NSA should have every vulnerability by now explains :

"High budgeted intelligence organizations, such as the NSA, will not help fix vulnerabilities, only find as many as possible. The intention is to use these vulnerabilities for offensive operations and fixing them is counter-intuitive to that goal."

Difficult to escape the irony here.

In 2006 CSEC was entrusted with overseeing the global encryption standards process for 163 countries. CSEC handed those keys to the NSA, which promptly used them to insert vulnerabilities and backdoors to allow them to spy on foreign companies and governments. The NY Times quotes an NSA memo on how they pwned CSEC:

"... beginning the journey was a challenge in finesse. After some behind-the-scenes finessing with the head of the Canadian national delegation and with C.S.E., the stage was set for N.S.A. to submit a rewrite of the draft … Eventually, N.S.A. became the sole editor.”

And now CSEC presents workshops and panel discussions on the efficacy and ethics of profiting from those same backdoors and vulnerabilities. 

.

Update : Dear CSEC : Stop bullshitting us.
When Clapper was asked by the US Congress if the NSA spies on Americans he said no.
When CSEC was asked, CSEC chief John Forster answered :

“CSEC does not direct its activities at Canadians and is prohibited by law from doing so."

which completely ignores Part C of CSEC's own 3-part mandate in law [emphasis mine] :

1. to provide technical assistance to CSIS and Canadian law enforcement agencies;  

2. to assist CSIS under s. 16 of the CSIS Act; and  

3. to assist CSIS and Canadian law enforcement agencies by intercepting the communications of a Canadian/person in Canada that is subject to a CSIS warrant or authorization from law enforcement agencies.

.

Get Your NSA On, Zombies!

NYTimes: New iPhone's Fingerprint Scanner : "Coming just one day after leaked documents suggested that the National Security Agency is able to hack into smartphones, the unveiling of a new iPhone with a built-in fingerprint scanner prompted dismay and mockery..."

Business Insider : NSA Slides Refer To iPhone Owners As 'Zombies'

Cryptome/ Spiegel Online: How the NSA Accesses Smartphone Data

See the NSA slides at both links above.

Tech Dirt : The NSA impersonates Google Servers

Reuters : Google Streetview captures emails, usernames, passwords

And, as noted by Agent Smith above, it's all turning into a giant hairball :

The NSA Machine: Too Big For Anyone to Understand ... including the NSA

Ok, the Canadian CSEC connection ...

The NSA has deliberately weakened encryption on the net by, among other attacks, introducing encryption vulnerabilities and an NSA backdoor into the standards set by the National Institute of Standards and Technology, and used by banks, corporations, governments, and individual people to protect sensitive data sent over the internet.
NY Times, Sept 10 :

"Canada’s Communications Security Establishment ran the standards process for the international organization, but classified documents describe how ultimately the N.S.A. seized control.  

"After some behind-the-scenes finessing with the head of the Canadian national delegation and with C.S.E., the stage was set for N.S.A. to submit a rewrite of the draft,” the memo notes. “Eventually, N.S.A. became the sole editor."

Bill Robinson at Lux ex Umbra, a Canadian authority on CSEC, does not believe CSEC was duped into this by the NSA but rather 

"CSE and the NSA worked hand-in-glove to game the standards process."

Update : CSEC responds to Jesse Brown at Maclean's and declines to deny that they were "finessed" by the NSA into betraying global encryption standards.
.

CSEC spies on Canadians : watchdog report

While whistleblower Edward Snowden and Glenn Greenwald have published reports about the USA's NSA and UK's GCHQ joint electronic surveillance of Brits and Americans, we've been pretty much in the dark in Canada about our own government's surveillance of us.

An annual report tabled two days ago from the independent watchdog commissioner for Canada's electronic eavesdropping agency Communications Security Establishment Canada elicited the following timid headlines repeated throughout yesterday's press coverage.

Post Media : Canadians may be victims of illicit spying 

NaPo : Canada’s spy agency may have illegally targeted Canadians: watchdog 

CBC : Security watchdog says agency may be spying on Canadians  

Star : Eavesdropping agency may have spied on Canadians, watchdog says

Whoa. "May be spying on Canadians"? "may"?   Which report did they read?

Several of the articles quote this reaction from a spokesy for DefMin Rob Nicholson :

 "The privacy of Canadians is of utmost importance. CSEC is prohibited by law from directing its activities at Canadians anywhere in the world or at any person in Canada."

Sure. Part (a) of CSEC's mandate** prohibits spying on "any person in Canada" or Canadians anywhere in the world.
Part (b) is a little looser, permitting CSEC to use information acquired by the Government of Canada system owners to protect their computer systems from mischief.

But Part (c) ... Part (c) specifically directs CSEC on when it may spy on Canadians on behalf of CSIS.

Communications Security Establishment Commissioner, 
Annual Report 2012 - 2013

CSEC assistance to CSIS under part (c) of CSEC’s mandate (Page 21)

In 2009 ... the Honourable Justice Richard Mosley*** ... issued the first warrant permitting CSIS to intercept the communications of Canadians located outside Canada using the interception capabilities of CSEC ... from within Canada.This assistance includes CSEC supporting CSIS with the interception of Canadians’ communications if CSIS has a judicially authorized warrant. 

CSIS is authorized to collect threat-related information about Canadian persons and others and, as discussed above, is not subject to territorial limitation.

...  the collection of the information by CSIS with CSE[C] assistance, as proposed, falls within the legislative scheme approved by Parliament and does not offend the Charter.
CSEC’s assistance to CSIS under the warrants may include use of Canadian identity information and the interception of the communications of Canadians.

So what's with these timid headlines, national press? Are you suggesting that while CSEC was permitted to spy on Canadians for CSIS, they didn't actually do any?

No, obviously not. Page 24 :

During the period under review, CSEC responded appropriately to two related privacy incidents it identified involving the unintentional release of Canadian identity information of some of the subjects of the warrants. 

 ... another incident involv[ed] the interception of communications for CSIS for a small number of days after a particular warrant had expired [due to] unintentional human error 

 Page 27 : the amount and treatment of private communications and Canadian identity information acquired by the activities as well as a sample of those private communications and Canadian identity information used by CSEC

Private Communication: “any oral communication, or any telecommunication, that is made by an originator who is in Canada or is intended by the originator to be received by a person who is in Canada"

Page 33 : In 2012, CSEC started using a new on-line secure system to process requests for and disclosures of Canadian identity information. CSEC provided my employees with a demonstration of the system, which is currently used with CSEC’s principal clients. CSEC intends to extend its use to other partners starting in the coming fiscal year. 

Headlines later on in the day gave us the CSEC response : 

Ottawa Citizen : CSEC Says It Is Not Breaking The Rules About Spying On Canadians  

PostMedia : In wake of spying allegations, Communications Security Establishment Canada insists it didn’t break law

No, CSEC isn't breaking the rules but only because those rules allow it to spy on Canadians while working under the guidelines of CSIS. 
But they don't say that, do they? Instead we get weasel crap like this :

“The commissioner’s statement about a lack of records is a reference to a single review of a small number of records gathered in the early 2000s, in relation to activities directed at a remote foreign location,” the agency said in an emailed response.

Yes, part of the commissioner's complaint is directed at incomplete records in "early years". Doesn't exactly address CSEC spying on Canadians since though, does it?

So how did all you reporters at different media outlets all separately decide to downplay the watchdog commissioner's report on electronic surveillance of Canadians to "may be" spying?

Yes, I realize he wrote a nice positive preamble about how he sees himself as working with CSEC on a "complementarity" not an adversarial basis, "more as CSEC’s conscience than as a sword of Damocles" and how he's been quite pleased with the results.   Further he writes that "where I have no mandate to follow-up, I may refer questions to SIRC that concern CSIS".

We recently learned that since 2009, CSEC - as a Five Eyes intelligence partner with the US, UK, New Zealand, and Australia alongside CSIS, RCMP, and CBSA - has been authorized to exchange intelligence with other nations even if there is “substantial risk” that sending info to or requesting info from a foreign agency would result in torture ... just as long as a deputy minister or agency head gives it the ok. 

What happened to Maher Arar - once so shocking to all of us - has a legal basis here now.

So you reporters in the Canadian media can't be letting us down like this.  
Read the friggin report - it's only 46 pages long.


More from POGGE : On watchdogs with no bite.

**CSEC’s mandate [Page 9 from Commissioner Robert Décary's report ]

When the Anti-terrorism Act came into effect on December 24, 2001, it added Part V.1 to the National Defence Act, and set out CSEC’s three-part mandate:  

• part (a) authorizes CSEC to acquire and use foreign signals intelligence in accordance with the Government of Canada’s intelligence priorities;  

• part (b) authorizes CSEC to help protect electronic information and information infrastructures of importance to the Government of Canada; and 

• part (c) authorizes CSEC to provide technical and operational assistance to federal law enforcement and security agencies, including helping them obtain and understand communications collected under those agencies’ own lawful authorities.

***The Honourable Justice Richard Mosley was a primary architect in the drafting of the 2001 Anti-Terror Act and more recently the judge in the six-riding election fraud case.
.
Sunday update : Michael Geist :

"Canadian domestic communications that travel from one Canadian location to another may still transit through the U.S. and thus be captured by U.S. surveillance. Despite these risks, Bell requires other Canadian Internet providers to exchange Internet traffic outside the country at U.S. exchange points, ensuring that the data is potentially subject to U.S. surveillance."

Did Canada spy on journos at the Toronto G8/20 summit?

Image from leaked UK Government Communications Headquarters briefing slide featuring the logos of Canadian, US, and UK signals intelligence spying agencies.

Ten days ago The Guardian published GCHQ briefing slides, courtesy of former NSA contractor turned whistleblower Edward Snowden, revealing :

Foreign politicians and officials who took part in two G20 summit meetings in London in 2009 had their computers monitored and their phone calls intercepted on the instructions of their British government hosts, according to documents seen by the Guardian. This included:
• Setting up internet cafes where they used an email interception programme and key-logging software to spy on delegates' use of computers;
• Penetrating the security on delegates' BlackBerrys to monitor their email messages and phone calls

The inclusion in the docs of the Communications Security Establishment Canada logo along side those of NSA and GCHQ, and the mention of bugged internet cafes and BlackBerrys, put me in mind of Canada's $2-million indoor fake lake built for the G8/20 the following year so that 3,000+ Canadian and foreign journos could, in Greg Weston's words at the time :

"file their reports ... their feet dangling in the water ... from only cottage dock in existence with bar service and high-speed Internet connections."

And according to Weston, they were all provided with free "special summit edition BlackBerrys" too.