#CyberFLASH: RCMP records called ‘incomplete and inaccurate’ in memo: Geist

therrien.jpg.size.xxlarge.letterboxLast fall, Daniel Therrien, the government’s newly appointed Privacy Commissioner of Canada, released the annual report on the Privacy Act, the legislation that governs how government collects, uses, and discloses personal information. The lead story from the report was the result of an audit of the Royal Canadian Mounted Police practices regarding warrantless requests for telecom subscriber information.

The audit had been expected to shed new light into RCMP information requests. Auditors were forced to terminate the investigation, however, when they realized that Canada’s national police force simply did not compile the requested information. When asked why the information was not collected, RCMP officials responded that its information management system was never designed to capture access requests.

While that raised serious concerns – the RCMP has since promised to study mechanisms for reporting requests with recommendations expected in April – documents recently obtained under the Access to Information Act and reported here for the first time reveal that the publicly released audit results significantly understated the severity of the problem. Indeed, after the draft final report was provided to the RCMP in advance for comment, several of the findings were toned down for the public release

Read more here

#CyberFLASH: Valentine’s Day advice from RCMP: don’t get defrauded

tinderLove is in the air, but so is online dating fraud, warn Nova Scotia RCMP ahead of Valentine’s Day.

The financial crime unit says it sometimes receives calls from people who have been defrauded thousands of dollars from people they’ve met on internet dating sites.

Police say they’ve received reports of suspects who “groom” their victims for months, claiming to be able to get them cars, trucks and off-highway vehicles.

RCMP Cpl. Greg Church says as the relationships develop the suspects take advantage of their victims, often asking their victims to wire them money.

“Once the victim gives the suspect a large sum of money, the suspect mysteriously disappears,” said Church in a release.

“If you have been victimized, don’t let fear of embarrassment stop you from reporting an incident to police as secrecy works to the suspect’s benefit.”

Read more here

#CyberFLASH: 5 things to know about Ottawa’s new anti-terrorism measures

passport30.jpg.size.xxlarge.letterboxThe Conservative government introduced anti-terrorism legislation on Friday that would greatly increase powers for spies inside Canada.

Here are five things you should know:

1. The legislation would require building owners to let CSIS agents bug tenants’ rooms, if there’s a court order.

2.The legislation would create a new criminal offence: “advocating or promoting” terrorist activities. This refers to both online and offline activities. It would make it illegal to advocate attacks but not to praise them.

3.Airline boarding passes would be blocked for suspected terrorists. The retooled system would deny a boarding pass to anyone deemed to be a national security threat, even if there is no explicit plan to attack a plane.

4. Internet service providers would be required to take down websites featuring terrorist propaganda. This would require a court order and apply only to websites in Canada.

5.There would be an easier exchange of security-related information about passport holders. The new Security of Canada Information Sharing Act would allow officials to proactively share information with other security agencies.

Read more here

#CyberFLASH: Anti-terror bill: Critics worry about safeguarding civil liberties

Stephen HarperCanada’s new anti-terrorism legislation creates sweeping new powers for the nation’s security services, but it’s not clear there will be equally robust oversight to protect privacy, free speech or civil liberties.

Missing from the act, for instance, is a sunset clause for any of its provisions, though the Jean Chrétien Liberals put such a proviso in their anti-terrorism bill introduced after the terrorist attacks of Sept. 11, 2001. Nor is there a mandatory review by a certain date — though this may yet be added when the bill goes to a parliamentary committee for review.

Some question whether solidifying national security will come at the expense of civil liberties.

“Countries that are free are also safer countries. Civil rights and public safety go hand-in-hand,” NDP foreign affairs critic Paul Dewar said Friday.

The government argues that existing civilian oversight bodies – at the spy agency CSIS, the cyber-spy agency CSE, and the RCMP – are adequate. And the new law does require that the public safety minister regularly report to Parliament on how CSIS is using its new powers. Prime Minister Stephen Harper also said on Friday that the government has worked protections into the bill to prevent erosion of civil liberties in the name of security.

Read more here

#CyberFLASH: CRA data breach should be the final straw

image-12If heads don’t roll after the latest security debacle at the Canada Revenue Agency, they should.

The tax agency revealed yesterday that a spreadsheet containing detailed information on a number of high-profile Canadians, including former PM Jean Chretien, author Margaret Atwood, ex drug czar Richard Pound and media mogul Moses Znaimer, had been sent to the CBC. The 18-page file included names, home addresses, and details of donations made to Canadian museums and galleries.

In a statement released late yesterday, CRA Commissioner Andrew Treusch attributed the accidental release of the personal information to human error, and said it “constitutes a serious breach of privacy.”

The CBC said it received the file electronically in response to an Access to Information Request. In a move that surprises no one, Treusch said the agency “has launched an internal investigation into the privacy breach and its security protocols.”

Read more here

#CyberFLASH: RCMP failed to keep records on warrantless access, watchdog says


OTTAWA—There’s no way to know if the RCMP complied with privacy laws in requesting Canadians’ personal information without a warrant, or even how often the Mounties made such requests, according to Ottawa’s privacy watchdog.

Privacy Commissioner Daniel Therrien said his office was not able to track how often the national police force requested access to Canadians’ personal information without a warrant — because the RCMP don’t track that information themselves.

“We were disappointed to find that limitations in the RCMP’s information management systems meant we were unable to assess whether such controls were in place,” said Therrien, in a statement.

“It was not possible to determine how often the RCMP collected subscriber data without a warrant. Nor could we assess whether such requests were justified.”

Therrien’s office revealed they were formally reviewing the RCMP’s warrantless access practices after the Star and the Halifax Chronicle Herald reported that police forces asked nine telecommunications companies for their customers’ information 1.2 million times in 2011 alone.

Read more here

#CyberFLASH: New counterterrorism powers already coming in cyberbullying bill

attack-powers28nw2Police in Canada will soon have new tools to track terror suspects through online records, bank accounts and other means – powers the RCMP Commissioner called for this week but which are already moving through Parliament.

RCMP Commissioner Bob Paulson made the request for new powers Monday after a pair of attacks last week that killed Warrant Officer Patrice Vincent and Corporal Nathan Cirillo. The Commissioner said police should, in some cases, need less hard evidence to get court approval to track suspects or to monitor them online or by phone.

However, police are already getting some of those powers. Bill C-13, the government’s anti-cyberbullying law with several controversial surveillance powers, would allow police to seek court orders for information, such as online records and bank account details, with what critics and privacy advocates say is too little evidence to back up the request.

The killing of the two soldiers has spurred Canada to review what powers it gives police to investigate terror cases, setting up a showdown over privacy rights.

Read more here

#CyberFLASH: ISIS supporter hacks website of University of New Brunswick Student Union


The University of New Brunswick Student Union has made a statement to the RCMP after their website was hacked by someone posting messages in support of the terror group ISIS.

On Monday night, the website was hacked by “Team System Dz,” with the header “I love you, ISIS” on top of the page.

The message on the website continued, “the state of Islam and the list expands, God willing… this time is a time of Islam and victory and lift the injustice for Muslims and the elimination of America and the allies of the infidels will not keep silent.”

The hacked message, in barely comprehensible English, was left on the website for about two hours.

“We were notified this evening that our website has been hacked, and have contacted our website provider and the RCMP. We are very concerned and upset about what has happened to our website and will be doing our best to rectify this situation as soon as possible,” the UNB Student Union said on their Facebook account Monday night.

Read more here

© 2013 CyberTRAX Canada - All Rights Reserved.
Sponsored by C3SA Corp.