Canada Temporarily Drops Out Of Five Eyes Spying Coalition, After Realizing It Wasn't Properly Protecting Information

from the an-eye-for-an-eye dept

Of course, by now you know about the "Five Eyes" coalition of the signals intelligence agencies of the US, UK, Canada, Australia and New Zealand all sharing certain intelligence information between them. Some of the Snowden docs have made clear that this collaboration helps the various countries get around restrictions on "domestic" surveillance by effectively offshoring it to other "friendly" electronic spy agencies. Well, at least for now, it appears that that the Five Eyes effort has lost an Eye.

Canada's signals intelligence agency, the Communications Security Establishment (CSE), has stopped sharing data with the other Four Eyes after realizing that it hadn't done a particularly good job of protecting the metadata it collected on Canadians.
"While I was conducting this current comprehensive review, CSE discovered on its own that certain metadata was not being minimized properly," Plouffe explained in the report.

"Minimization is the process by which Canadian identity information contained in metadata is rendered unidentifiable prior to being shared …."

"The fact that CSE did not properly minimize Canadian identity information contained in certain metadata prior to being shared was contrary to the ministerial directive, and to CSE's operational policy."
I guess it's nice that the CSE figured out that it had screwed up on its own, but really, it makes you wonder just how much information the Canadian gov't was sending abroad on its own citizens.

Of course, the sharing will start back up again at some point in the future, once they've decided that they've properly "minimized" the data. And while Canadian politicians seem to be accepting the very Canadian apology of the CSE and saying that this was all an accident, shouldn't this kind of "mistake" lead to a bit more than a "sorry" and "we'll make sure it's better next time"? Shouldn't we be examining why such mass surveillance and data sharing are happening in the first place?

Reader Comments (rss)

(Flattened / Threaded)

  1. icon
    That Anonymous Coward (profile), Jan 28th, 2016 @ 3:52pm

    One wonders which powerful person got snagged in something.

    One does find it hard to believe that any changes in course are because of concern for the "little people" who have been wholesale sold out as they look for ways to bypass the laws put into place to protect us from exactly what they are doing.

    These methods used in other countries are decried, while at the same time embraced by those who point fingers at the other guy. Perhaps they should notice while they are pointing at others there are 4 fingers pointing back that should be poked in the 4 other eyes.

    reply to this | link to this | view in thread ]

  2. identicon
    Anonymous Coward, Jan 28th, 2016 @ 4:07pm

    The intelligence community had better start reaching out to their contacts. Nobody likes being called Four Eyes.

    reply to this | link to this | view in thread ]

  3. identicon
    Personanongrata, Jan 28th, 2016 @ 4:07pm

    Total Surviellance for Profit

    Shouldn't we be examining why such mass surveillance and data sharing are happening in the first place?

    Insider trading, blackmail and industrial espionage leap into mind.

    Not only do defense contractors get lucrative contracts to create, service and operate the surveillance boondoggles system users and program insiders can benefit by using purloined data for personal gain.

    reply to this | link to this | view in thread ]

  4. icon
    tqk (profile), Jan 28th, 2016 @ 4:24pm

    CSE, please hire better people.

    Having met and worked with and been pushed under the bus by a CSE alumnus (though ultimately vindicated), I'm not the least bit surprised these technical wizards can't code a correct SQL select statement to extract only the columns necessary from an rdb table containing raw ISP data. It makes me wonder if the NSA told them, "Just use this", and they blindly did a copy & paste.

    What trusting sorts we Canucks can be. Now we get to have them play with C-51. Great. :-P

    reply to this | link to this | view in thread ]

  5. identicon
    Wowza, Jan 28th, 2016 @ 6:28pm

    Get a grip guy

    Don't feel bad Canada. I'm sure Australia has been sharing ALL of its data for many years. But even if that weren't true we've just instigated a new system to make sure we collect way more than is absolutely necessary and share it with everyone else, including gambling 'agencies'

    http://www.gizmodo.com.au/2016/01/heres-every-government-agency-that-wants-your-metadata/

    reply to this | link to this | view in thread ]

  6. identicon
    Mark Wing, Jan 28th, 2016 @ 6:37pm

    Careful with that data. You could put an eye out.

    reply to this | link to this | view in thread ]

  7. identicon
    Anonymous Coward, Jan 29th, 2016 @ 2:11am

    We have had a change in government recently so maybe that's the reason and the new PM honestly wants to safeguard Canadians over lining his wallet like the last one was mainly concerned with.

    reply to this | link to this | view in thread ]

  8. identicon
    Anonymous Coward, Jan 29th, 2016 @ 3:56am

    Re:

    Is it not possible that this is the case of a civil servant actually doing his/her job? We have a few of those in Canada. Witness the slew of Auditors General and Privacy Commissioners, who have become minor hero figures. Well, at least to me, that is.

    That, and a new government that has promised to open, transparent governance, that has much more Internet-savvy than the previous one, combined with an easy, clear call that doesn't really have any great cost.

    reply to this | link to this | view in thread ]

  9. icon
    Paul Renault (profile), Jan 29th, 2016 @ 3:58am

    Re: Re:

    Dang! I signed in to my password manager and then forgot to sign in here... In case anyone care, I take ownership of the reply above.

    reply to this | link to this | view in thread ]

  10. identicon
    Yes, I know I'm commenting anonymously, Jan 29th, 2016 @ 4:04am

    I would like to object to the use of the term coalition?
    And also propose the more accurate term surveillance cartel. It has the right connotations.

    reply to this | link to this | view in thread ]

  11. identicon
    Anonymous Coward, Jan 29th, 2016 @ 5:54am

    I came for the four-eyes jokes

    reply to this | link to this | view in thread ]

  12. identicon
    Anonymous Coward, Jan 29th, 2016 @ 6:04am

    Re:

    and please update the wikipedia article on four eyes
    FVEY to FREY

    reply to this | link to this | view in thread ]

  13. identicon
    Anonymous Coward, Jan 29th, 2016 @ 7:29am

    Re: Re:

    "While I was conducting this current comprehensive review, CSE discovered on its own that certain metadata was not being minimized properly," Plouffe explained in the report. "

    I agree it certainly sounds like CSE realized their "mistake" as soon as it looked like they were about to be caught by Plouffe, or maybe who he reports to.

    reply to this | link to this | view in thread ]

  14. icon
    Sanjnakumar (profile), Jan 29th, 2016 @ 8:37am

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Insider Shop - Show Your Support!

Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.