Twenty-Year-Old Requirement For 'Real-time, Full-time' Eavesdropping On Canadian Mobiles Revealed

from the thanks-to-Mr-Snowden dept

Even if it now seems likely that Linus Torvalds wasn’t approached to add a backdoor to Linux, there are plenty of others that were asked and acquiesced, as this story from The Globe and Mail in Canada makes clear:

For nearly two decades, Ottawa officials have told telecommunications companies that one of the conditions of obtaining a licence to use wireless spectrum is to provide government with the capability to monitor the devices that use the spectrum. The Sept. 17 kickoff of the auction-countdown process will underscore that commitment, made out of sight of most Canadians because it is deemed too sensitive by the government.

The secret agreement apparently contains specific details of what telecom companies must provide:

“Real-time, full-time” eavesdropping on conversations is just one of the capabilities sought by police, according to the standards. Authorities also want records of call logs, texts, keystrokes and other data, including “the most accurate geographical location known.”

Communications made with encryption provided by the carrier must be decrypted:

Carriers that help their customers scramble communications must decrypt them. “Law enforcement requires that any type of encryption algorithm that is initiated by the service provider must be provided to the law-enforcement agency unencrypted.”

No doubt, many people might think phone companies should provide this kind of information, provided a properly executed court warrant is presented. What’s problematic here is that this has been going secretly on for 20 years, with no public oversight and with no debate about where to draw the line for such surveillance. That discussion would hardly compromise police operations, but would provide vital transparency and legitimacy. The fact that two decades after the practice started the Canadian people are finally hearing about this capability now is probably yet another beneficial knock-on effect of Edward Snowden’s leaks.

Follow me @glynmoody on Twitter or identi.ca, and on Google+

Filed Under: , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Twenty-Year-Old Requirement For 'Real-time, Full-time' Eavesdropping On Canadian Mobiles Revealed”

Subscribe: RSS Leave a comment
24 Comments
out_of_the_blue says:

"asked and acquiesced" -- No executive says no to MONEY.

Duty is to shareholders not the public. See how those statutes corporatists get passed are actually used against The People?

One of the three-letter spy agencies is RIM, which has for years claimed that Blackberry messages were secure, a lie that was slowly revealed as foreign gov’ts required it to open up the messages for them TOO.

“another beneficial knock-on effect of Edward Snowden’s leaks.”??? — Beneficial HOW? Only way is if one believes that knowing details of the tyranny you’re under somehow lightens it! — Otherwise, the knowledge just leads to chilling effects on speech and actions, backed up by a Gestapo that makes charges based on evidence that can’t be revealed even in court. And kids actually PAY to put SPY gadgets in their pocket ’cause it’s SO cool!

The corporatized surveillance state is far greater threat to us all than what fanboys here rage against: alleged lack of “due process” for links to infringed content on pirate sites, Megaupload being shut down, abuses of copyright or DMCA, locked phones, and other typical Techdirt fare.

David Muir (profile) says:

It is bad for sure, but there may be some statements at odds here:

Glyn said:
“No doubt, many people might think phone companies should provide this kind of information, provided a properly executed court warrant is presented.”

The article said:
“Wireless carriers are told they must be ready to hand over such data should police or intelligence agencies compel the release of the information through judicially authorized warrants.”

I think we’re a tiny bit better off in Canada because the warrants are not being authorized by a secret court. Of course, I may be naive.

mattshow (profile) says:

Re: Re:

I think we’re a tiny bit better off in Canada because the warrants are not being authorized by a secret court. Of course, I may be naive.

CSE’s doesn’t really need a warrant because they’re not supposed to be operating in Canada unless they’re providing technical support to another agency (in which case, they are limited to whatever authorization that agency has managed to obtain).

Technically, the court where CSIS gets it’s warrants from isn’t secret: it’s the Federal Court. But while the court might not be secret, quite often the proceedings are, so it’s not a big gain.

Ryk (profile) says:

Hang on...

and which common carrier had provided you with a guarantee of privacy? Please present written proof…

It is clear that many have been acting on an assumption of privacy…

Remember this simple rule… “if you do not own the media which you communicate over, assume it to be untrusted and act accordingly”.

The fact that it is believed that there is privacy over a common carrier network is your own oversight. If you wish to secure your voice and data, apply your own encryption. It may not be infallible, but it will thwart casual interception. If you are the target of a legal intercept, then you have far greater issues to contend with.

mattshow (profile) says:

This is one of the topics that hasn’t exactly been a secret; it’s just that no one has been talking about it.

If you google “Solicitor General’s Enforcement Standards” you can find all sorts of interesting documents, including this one-pager from the Department of the Solicitor General complaining that the requirements only apply to circuit-switched phone networks and not packet-based ones (it’s an old document, I’m not sure if the SGES have been updated to address this).

http://www.ic.gc.ca/eic/site/smt-gst.nsf/vwapj/solcitor.pdf/$FILE/solcitor.pdf

BernardoVerda says:

Re: No surprise. It's not actually hidden (hiding in plain sight)

I learned this by complete accident some years ago while killing time by wandering around a bit while waiting for a friend to meet me at the local mega-mall’s transit stop — near which, it turned out, CSIS and CSE openly occupied several floors of the Rogers-owned (and branded) 2nd tower in the local mega-mall complex, immediately adjacent to Rogers’ own floors — they were listed, quite plainly, on the building directory.

DannyB (profile) says:

Something else to think about

Consider this.

A phone OEM (original equipment manufacturer), let’s give them a fictitious name, Samsorolpple.

Now Samsorolpple finds that in order to sell its devices in Canada, its equipment must meet this spying requirement.

Once Samsorolpple has gone through the design, engineering and manufacturing of a mobile phone, should it have yet another model device for non-Canadian countries? Or would it be cheaper to just market the same spying enabled device in other countries?

Now, suppose the spooks in another country, let’s say the People’s Democratik Untied Skates (or PDUS) get wind of this. Do you suppose the PDUS will also want in on the spying enabled action of Samsorolpple’s phones, and those of every other OEM?

Could the PDUS learn of this from the Canadian’s by secret cooperation? What about an Untied Kingdom? Or a far south pacific upside down land peopled entirely by criminals?

So what are the odds that people in non free countries are already being spied on by their governments, for the last 20 years, in some cases in violation of their own laws and constitutions?

Thank goodness that we who live in the good ol’ US and other major developed free world countries don’t have to worry about this.

ChrisB (profile) says:

Re: Something else to think about

This isn’t a device problem, it is a telco problem. They require that data coming in from the mobile phone must be monitored and provided to CSIS.

This can’t be device issue. Think about it, the only reason the telco knows its you making a call is the SIM card in your phone. You can move the SIM card to another phone and make a call.

This issue has nothing to do with Samsung, Apple, etc.

DannyB (profile) says:

Re: Re: Something else to think about

from TFA…

Authorities also want records of call logs, texts, keystrokes and other data

At least for keystrokes and logs, the easiest and maybe only way to get it is to compromise the device. Have a software agent (or “service”) running in the device that communicates with the telco mother ship. Most telcos put their own non-removable apps into devices anyway. So it’s not a big deal to imagine that some level of compromise exists within the device.

But you’re right, it doesn’t necessarily mean that the OEM had to put it there. The telco probably could do it.

Anonymous Coward says:

i would have thought that now this most important piece of information is out, the next most important bit is who wanted/introduced it, closely followed by what reasons were given to warrant spying on the Canadian people in the first place? was this some drag on from the end of an era somewhere? considering the number of countries that appear to have been doing this, it doesn’t bode good for Democracy, does it? these countries seem to have less freedom and privacy than the ones reported as being totally locked down. how can any country that supposedly has freedom and privacy up high on the list of priorities justify this behavior??

Anonymous Coward says:

Isn’t private communication supposed to be a fundamental human right? Does this mean we are all considered sub-human by our governments?

I sure as hell feel sub-human, after the NSA/AT&T tried to man-in-the-middle my encrypted TextSecure messages. After the man-in-the-middle attempt failed, I was then sent a web browser spyware update so they could read my private communications anyway.

Law-abiding citizen here. No reason to tap my phone. Only reason to tap my phone is because I’m considered sub-human. With no rights to private communications.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...
Loading...