Spying On Sharing: Canada's Intelligence Agency Collecting Data And IP Addresses From Free File-Sharing Sites

from the more-sharing-going-on-than-previously-imagined dept

If it can be accessed with minimal effort, it’s safe to say one government or another is looking at it. Here in the US, phone records, license plate data, cell site location information and any number of communications traveling across international internet backbones are all fair game for the world’s law enforcement and intelligence agencies.

In the first document from Snowden’s stash to detail the spying efforts of our ever-polite and apologetic neighbor to the north, it’s file sharers who are under the microscope mass surveillance macroscope.

The covert operation, revealed Wednesday by CBC News in collaboration with The Intercept, taps into Internet cables and analyzes records of up to 15 million downloads daily from popular websites commonly used to share videos, photographs, music, and other files…

According to the documents, the LEVITATION program can monitor downloads in several countries across Europe, the Middle East, North Africa, and North America. It is led by the Communications Security Establishment, or CSE, Canada’s equivalent of the NSA.

The CSE is keeping tabs on (at least) 102 file-sharing sites (and likely eyeing traffic on BitTorrent networks), but only three are listed in the leaked document: SendSpace, RapidShare and the now-dead MegaUpload. In a statement given to The Intercept, SendSpace said that “no organization has the ability/permission to trawl/search Sendspace for data.” Not that SendSpace’s permission (or promises to its users about data security) ultimately matters.

LEVITATION does not rely on cooperation from any of the file-sharing companies. A separate secret CSE operation codenamed ATOMIC BANJO obtains the data directly from internet cables that it has tapped into, and the agency then sifts out the unique IP address of each computer that downloaded files from the targeted websites.

The documents (dated 2012) say the agency is only looking for about “2,200 documents” related to terrorists and terrorist activity. From the piles of data amassed, the agency begins its straightforward-as-a-patent-thicket sorting process…

…which at least attempts to sort out the TV episodes from the hostage videos.

The agency then uses the captured IP addresses as selectors to trace activity across the web. The slides show that it has had success linking downloads of targeted files to Facebook accounts and Google profile pages by using two intelligence tools created by outside agencies: MARINA Profile and MUTANT BROTH. NSA-developed MARINA harvests a vast amount of internet activity and GCHQ’s MUTANT BROTH intercepts “billions” of ad cookies to help correlate IP addresses.

But, while the agency says it’s only tracking ~2,200 files (leading to 350 “interesting” downloads per month), there’s nothing in the document (other than the filtering out of unwanted files) that suggests the harvested file-sharing activity isn’t stored in bulk. And, like many other spy programs, it bypasses safeguards these sites have implemented and grabs data straight from the backbone.

It’s safe to say that no major file-sharing service is able to protect its users’ data. Even the promise that this information will only be turned over to law enforcement/intelligence services who present the proper legal paperwork is hollow — if unintentionally so. The document notes that the agency “sees” about 10-15 million FFUs (Free File Uploads) per day, but fails to provide any clarification as to what that word entails. If “sees” means “collects,” then the agency has access to millions of non-relevant IP addresses and uploads. If “sees” means “disregards non-‘interesting’ uploads/downloads,” then the effort is more focused than most of its counterparts’ surveillance programs.

On top of that, there’s nothing included here that indicates the program has usefulness beyond harvesting data for data-harvesting’s sake.

It is unclear from the document whether LEVITATION has ever prevented any terrorist attacks. The agency cites only two successes of the program in the 2012 presentation: the discovery of a hostage video through a previously unknown target, and an uploaded document that contained the hostage strategy of a terrorist organization. The hostage in the discovered video was ultimately killed, according to public reports.

When defended, the CSE will probably note that this is part of a suite of tools designed to gather as much information as possible on suspected terrorists. But it has been shown that massive amounts of data makes terrorist hunting harder, rather than easier. And while there is at least some form of targeting built into the system, there’s always the potential for abuse. CSE says it won’t spy on its own citizens but this statement is undercut by its vast collection effort. It can’t have it both ways, especially if it’s gathering data directly from backbones. It could be anybody’s data, but the agency won’t know whose it is until it’s looked at it.

Filed Under: , , , , , , ,
Companies: megaupload, rapidshare, sendspace

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Spying On Sharing: Canada's Intelligence Agency Collecting Data And IP Addresses From Free File-Sharing Sites”

Subscribe: RSS Leave a comment
Anonymous Coward says:

can someone please tell me if they think that any terrorist, bank robber or criminal in general is going to use a free file sharing site to pass on anything at all, let alone anything of importance to whatever their evil agenda may be? i dont believe any would! i believe this was done intentionally to try to justify some funding, or some surveillance or some other function on ordinary people simply because ordinary people are easy to spy on, to listen in on and to have messages, txts emails read! those doing this had to show that they were doing something with the money, with the time so that nothing was taken away from the agency!

Anonymous Coward says:

Re: Re:

can someone please tell me if they think that any terrorist, bank robber or criminal in general is going to use a free file sharing site to pass on anything at all

Terrorists do not want to keep everything secret, they want their propaganda widely distributed, which they can do via such sites, and using cutouts to actually post it..

John Fenderson (profile) says:

It's always hollow

Even the promise that this information will only be turned over to law enforcement/intelligence services who present the proper legal paperwork is hollow

All such promises are hollow (especially in the US), not just because of backbone spying — but because the “proper legal paperwork” is devoid of a lot of meaning, and is trivially easy to obtain.

Although having that paperwork is a good thing because it ensures there’s some sort of paper trail, that sort of statement is functionally equivalent to saying “we’ll let the government access anything they want.”

Torrent Site Staffer says:

I can tell you that jihadi’s do use torrent sites to distribute video content among their friends/allies.

We used to see some jihadi videos on our site sometimes weeks before they showed up in the media. The same users were also uploading encrypted zip files, with no torrent description, and garbage/random names.

We allowed the videos for free speech reasons, but nuked the zip files for violating site rules about no personal/encrypted uploads.

Anonymous Coward says:

Re: Re:

well, theres no guarantee of anybodies identity on the internet, at least thats what its suppose to be, at least not a bloody global database, i guess what i mean is, yes they could be members of the label you mentioned, but then again i, as not being a jihadi, but being against jihadi, could claim to be a jihadi on the internet tomorow to incite anger from people against random boggeyman of the day…… and nobody would be the wiser, hell, many people wont even care to call for validation, because it fits their thinking, they’ll accept it as if its expected………i would not be surprised to find out this going on………yes im gonna say it, i DO think our governments or blind supporters are quite capable of pretending to be the enemy they paint in order to incite violance over those they paint, why…….because its easy to get away with, i.e. secrecy compatible……….whether this is the case with your situation, i have no clue, i suspect not as you seem to be a bright lad

Anonymous Coward says:

One, i call for the total abolishment of ALL snooping surveillance

Second, for the sake of argument, IF , i stress IF, our governments had any kind of fucking common sense in remotely implementing something that could be vaguely seen as a “good idea”, it certainly wouldnt fucki be allow other nations WITH NO FUCKING juristriction to spy on the nation you represent, least not, to even say nothing to that effect PUBLICALLY

Offcourse we all suspect that they are colluding with one another, all having the same goal purely by their already existant participation on global fucking surveillane to fight terrorism but is in actual fact an excuse to implement something they know would look REALLY FUCKING BAD if their wasnt this ever so fucki convinient excuse

At the very fing least, IF, i stress IF, our governments didnt at least want to look like complete and utter incompatent evil fing morons, they would have had the sense to know, at the very fing least, that you should’nt let other fing nations without LEGAL fing juristriction to ILLEGALLY spy on those you SUPPOSEDLY “represent”

Offcourse, we all can guess you are in fact colluding with one another IN SECRET, behind our backs, i.e withou public knowledge……..AND STILL, have the audacity to try and pass illegal laws for things you can ALREADY DO….TODAY,……IF NOT …..MORE……..i.e. recent snoopers charter house of lords debate were one lord made the statement that the bill was asking for something the snowden documents already say they have the capability…………your a bunch of liars, thieves, murderes and backstabbers to your nations(except the ones who care enough to say something and the ones on the fence)………i mean, im confused why i cant get behind that /s

Ffs…….the more you think you reasonably know just how fu our shared situation is, this happens, then the more you realise, what else could be lurking out there

House of lords debate on the bill had a few folks talking about the lack of trust in the system if we pass this laws trampling human rights……im sorry, but its now past the point of no return for me, you thank yourselves, because i dont think i can trust the system without it being COMPLETELY demolished and built brand new…….oh, and trials galore for the too big to jail

Im sorry, i sure as hell dont want to think like that, their not really giving much people a choice, i think they crossed the line a long time ago in the specific case of the entitled surveilance mentality and secret implementation,

God dammit, through your own actions you create your own opposition, and thats why, I, think their is this drive for surveillance sacrificing the what i now see as the illusion of the moral high ground…….it just anothef tool to control, circumvent, disrupt, kidnap/kill? any and ALL that oppose the actions you take………..you are making the action, and you want to CONTROL the RE-action

God dammit man, nothing more in this life infuriates me more to hear about what they are doing what they ALREADY have set up, and being helpless to do anything about it, or exercise my natural right to NOT GIVE MY CONSENT………i SERIOUSLY question the morality of the system as a whole when it comes to using terrorism as the excuse to justify 1984……..

And where was it mandated that information that coincidently and undeniably helps MEDIA distributers and their need to exist, where is it mandated that this this thing that is OBVIOUSLY, NOT solely intended to catch terrorist but to allow a corporation to spy on nation outside their scope of non existant authority

This is wrong,

tqk (profile) says:

In the first document from Snowden’s stash to detail the spying efforts of our ever-polite and apologetic neighbor to the north …

Tim, I love your writings, but you guys have got to get over this fiction. It’s delusional.

Yes, we’re very civilized and polite ordinarily, but you don’t want to be anywhere near us once our dander is up. Ask the Netherlanders. They love us to this day for kicking Nazi butt in some of the most horrific battles of WWII. Hell, we did it in WWI too (Ypres).

CSE is looking for people who’re looking for “Anarchist Cookbook” crap (how to build a gasoline bomb). Compare that to USA’s “troll everybody then hand it to the DEA to try too.”

Don’t ever believe Canucks will just present their hind quarters to tyrants when threatened. It’ll be the last thing you do.

You may’ve forgotten “Don’t tread on me.” We never have nor will. !@#$ with us at your peril.

Have a nice day. 🙂

Anonymous Coward says:

Just a quick thought...

If they tap the internet cables they read every bit that passes through such a cable to find out what everybody is sending… Now, that means they are making copies of the information (yes, computers work this way).

But if they eavesdrop on my (legitimate) streaming of some song, aren’t they infringing on the copyright? Even if they are ‘just listening’.
(Hell, that’s all everyone ever does with songs…)

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...