#CyberFLASH: Goodale to launch C-51 consultations on Thursday

ralph-goodalejpg-jpg-size-custom-crop-1086x784Opponents of the Harper government’s controversial national security legislation, C-51, will have the chance to officially voice their concerns to government starting Thursday, when Public Safety Minister Ralph Goodale kicks off another round of consultations focused on Canada’s national security.

Goodale will make the announcement flanked by Justice Minister Jody Wilson-Raybould in Edmonton Thursday afternoon and it will make up the second part of a two-pronged review of Canada’s national security, the first of which launched last month with a focus on cyber security.

Prime Minister Justin Trudeau promised to fix “problematic elements” of C-51 during the 2015 election campaign, pledging to “guarantee that all Canadian Security Intelligence Service warrants respect the Charter of Rights and Freedoms; establish an all-party national security oversight committee; ensure that Canadians are not limited from lawful protests and advocacy; require that government review all appeals by Canadians on the no-fly list; narrow overly broad definitions, such as defining “terrorist propaganda” more clearly; limit Communications Security Establishment’s powers by requiring a warrant to engage in the surveillance of Canadians; require a statutory review of the full Anti-Terrorism Act after three years; and prioritize community outreach and counter-radicalization, by creating the Office of the Community Outreach and Counter-radicalization Coordinator.”

Several of those items are already ticked off or soon to be: the government announced its plan for a committee tasked with reviewing national security activities in June and has begun the process of launching an office to help individuals whose names match those of people flagged on the no-fly list.

Read more here

#CyberFLASH: National security review tries to tackle needs of law enforcement in digital world

160815_iy0oi_rci-cell-phone_sn635OTTAWA— The Liberal government is taking another crack at making it easier for police and spies to gain “lawful access” to telecom companies’ customers’ subscriber information, online activities, telephone conversations, and encrypted communications.

It comes deep into a sweeping discussion paper on how Canada should overhaul its national security laws.

The so-called “green paper,” released Thursday by Public Safety Minister Ralph Goodale, paints a picture of police and national security agencies stymied by technological advancements that terror suspects turn to their advantage, a Supreme Court of Canada decision that requires time-consuming unwieldy warrants for basic Internet subscriber information, and the failure of legislation to keep up with the bad guys.

The Liberal government is broaching the hot button topic more than four years after the Conservatives triggered an uproar when a senior cabinet minister — Vic Toews — accused opponents of siding with child pornographers if they didn’t support a bill to update state powers of electronic surveillance. Amid a storm of criticism and a backlash from privacy advocates, that bill was withdrawn.

This time, however, the Liberal government is making a detailed legal argument in favour of updating its powers in public and inviting Canadians to weigh in.

Goodale did not refer to the lawful access proposals in a news conference in Edmonton meant to highlight that the Liberals are keeping a promise to consult Canadians on changes to the Anti-Terrorism Act of 2015, also known as Bill C-51.

Read more here

#CyberFLASH: Federal spies suddenly intercepting 26 times more Canadian phone calls and communications

five_eyes_spies_20160603OTTAWA — Interception of Canadians’ private communications by the federal electronic spy agency increased 26-fold last year, for reasons authorities won’t fully explain.

And despite commitments between Canada and its intelligence-sharing allies to respect the privacy of each nation’s citizens, the volume of information on Canadians collected by allied intelligence agencies and informally shared with Canada’s spies has grown to the point that it now requires a formal mechanism to cope with all the data.

At least one intelligence expert is concerned the change sidesteps the spirit of Canadian privacy laws.

Details are contained in the latest annual report by the independent, external oversight organization that reviews activities of the Canadian Security Establishment (CSE), Ottawa’s super-secret foreign signals intelligence agency. Quietly tabled in Parliament July 20, the report concludes CSE’s 2015-16 activities were lawful.

But the watchdog Office of the Commissioner of the Communications Security Establishment notes CSE intercepted 342 private communications in 2014-15, compared to just 13 for the previous year.

By law, CSE can only target communications of foreign entities outside Canada. If one end of that communication is in Canada, making it a “private communication,” it requires a written authorization from the minister of national defence, responsible for the CSE, and only if it is essential for “international affairs, defence or security.”

Read more here

#CyberFLASH: Your passwords aren’t protected


To paraphrase the words of retired U.S. Supreme Court justice John Paul Stevens in a 1988 dissent, “a person may be forced to surrender a key to a lockbox, but he cannot be compelled to reveal the combination to his wall safe.” It is a legal concept that has returned to the spotlight recently, with the Canadian Association of Chiefs of Police calling for the legal power to compel criminal suspects to disclose passwords to electronic devices. It is an inevitable response to increasingly sophisticated, publicly available data encryption, but — the apoplexy of self-righteous Internet libertarians notwithstanding — it is not an unacceptable nor unconstitutional expansion of police powers.

That the police chiefs’ would call for the power to compel passwords comes as no surprise. As the Federal Bureau of Investigation’s spat with Apple over unlocking the phone of the San Bernardino shooter showed, as data encryption advances and becomes more widely available, traditional police investigative tools are increasingly left behind. Sophisticated software could, until recently, be utilized by law enforcement to crack a device’s password. Advanced encryption of the type now used in the latest smartphones and operating systems, however, makes those devices essentially uncrackable and renders previously utilized technology obsolete.

Regardless, several arguments may be made against the police chiefs’ proposal. “Self-incrimination” is the battle cry of opponents to the idea of forcing a suspect to reveal a password. Compared to the United States, however, Canada’s protections against self-incrimination are weak and, in any event, largely inapplicable in the context of unlocking electronic devices. One cannot “plead the fifth” if testifying in Canada, nor are police obliged — as the Supreme Court of Canada has ruled — to stop questioning a suspect who invokes his right to silence.

Read more here

#CyberFLASH: First prominent case testing Canada’s new cyberbullying law begins

mobile-securitySix teens charged with distributing intimate images without consent appeared in court for the first time on Wednesday.

The start of the court case is testing a brand new Canadian law, brought in after the death of Rehtaeh Parsons.

“As technology changes, the law has to change as well to meet that,” says Crown Attorney Leigh-Ann Bryson.

The boys, now 15 and 18, are accused of sharing intimate images of more than 20 young girls with the US-based file sharing service-Dropbox. They’re also charged with possessing and distributing child pornography. Bridgewater Police laid the charges last month.

It all comes after a complaint from a high school principalin May 2015 and a cross border investigation that spanned more than a year.

“These charges are intended to capture something different than that captured just by the child pornography charges,” says Bryson.

Bill C-13 became law in March 2015, following the deaths of Amanda Todd and Rehtaeh Parsons.

“This law doesn’t make sexting illegal. This doesn’t make sharing intimate images amongst partners to an intimate relationship illegal in any way,” says Privacy Lawyer David Fraser. “It’s the nonconsensual part. It’s if the boyfriend receives a picture of the girlfriend and then forwards it to his buddies.”

Bryson says this is a complex and challenging case because there are six accused, all with different lawyers, all dealing with such a new law.

Read more here

#CyberFLASH: How much do we really know about the Canadian intelligence community?

csis.jpg.size.xxlarge.letterboxLast year American whistle-blower Edward Snowden proclaimed that Canadian intelligence agencies have the “weakest oversight” in the Western world and compared the Canadian government’s Bill C-51 to George W. Bush’s post-9-11 U.S. Patriot Act.

Canada became a surveillance state under the Stephen Harper Conservatives. In 2014, for example, it came to light that the Government Operations Centre was monitoring residents of Newfoundland and Labrador, including Indigenous Peoples, residents of the Island’s west coast who opposed fracking, and fishermen who were protesting shrimp quotas. This ongoing problem is further complicated by multiple transnational intelligence sharing agreements, in place since World War II, that remain largely unknown to the general public.

Indeed, the rise of the surveillance state is a global phenomenon that cannot be separated from the rise of the internet. But in Canada, because of the lack of any credible oversight, it has played out in a very specific way. This has everything to do with what the Canadian public knows—and more importantly, does not know—about Canadian intelligence agencies.

Canada’s new and highly invasive so-called anti-terror legislation came into force last year with the support of then-Opposition Leader Justin Trudeau and the Liberal caucus. The Trudeau Liberals knew that in order to win the election they would need to undo—or at least promise to undo—much of the damage done by their predecessors. They would have to address the alienation felt by Canadians from having a government that used national security as an excuse to trade away its citizens’ freedom and civil liberties.

Unfortunately, they have yet to repeal or even reform Bill C-51, and recent terrorist attacks in Europe, the U.S, and here at home in Canada have provided the perfect backdrop against which to further delay the process. On August 10, for example Aaron Driver, a 24-year-old Canadian citizen who was allegedly plotting a terrorist attack in the southern Ontario town of Strathroy, died in a confrontation with police who were following up on a tip from the FBI.

Read more here

#CyberFLASH: U.S. law can’t force American service providers to turn over foreign data: Court

Close up of wooden gavel at the computer keyboardOrganizations worried about the ability of American law enforcement agencies to get at electronic data in foreign data centres have at least some temporary relief after a U.S. federal appeal court ruled the government can’t force Microsoft to turn over a customer’s email held in Ireland.

In a decision released Thursday the court said a search warrant issued under the Stored Communications Act (SCA), which obliges U.S.-based service providers to hand over electronic records under certain circumstances, cannot apply to data held outside the United States and its territories.

Neither the SCA, nor its sister legislation, the Electronic Communications Privacy Act, implicitly or explicitly envision the application of warrants overseas, the appeal court ruled.

A lower court held Microsoft in contempt for refusing to obey the warrant following a long court fight that began in 2013 when the government sought email of a suspected narcotics dealer.

However, while the appeal court decision stands for now, the Obama administration could take the fight to the U.S. Supreme Court. And in an interview Halifax privacy lawyer David Fraser noted Congress could also amend the SCA to specifically say its warrants and subpoenas apply outside the U.S.

The ruling “is one which with I am pleased,” said Fraser, who acts for a number of U.S. technology companies in Canada who intervened in the case. “This is a very important case for determining some very important questions for determining, at least in this case, how far the United States government can reach through the Internet but outside the territory of the United States to compel access to content. But in the big picture it also relates to an will likely have an effect on the extent can other countries do the same sort of thing.”

He noted a growing number of privacy lawyers and professionals are watching this case, particularly after the revelations of former NSA contractor Edward Snowden on the electronic data gathering power of a number of countries, including Canada.

Read more here

#CyberFLASH: Canadian government expects another Snowden-level leak, documents say

Surveillance_610pxOTTAWA–It’s not a matter of if there will be another Edward Snowden, it’s a matter of when, according to internal government documents obtained by the Star.

Global Affairs officials warned minister Stéphane Dion in November an event on the scale of Snowden’s disclosures about Internet surveillance is inevitable.

“Incidents similar to the Snowden disclosures and the Sony hack will happen again and we can expect that sudden events will affect international debates on cyberspace,” the document reads.

The briefing note, prepared for Dion in November and obtained under access to information law, suggests that Snowden’s disclosures about Western mass surveillance “altered the tone” of the international discussion on cyberspace.

In 2013 Snowden, a former employee of the U.S. National Security Agency (NSA), pulled back the curtain on mass surveillance online, detailing the capabilities of the “Five Eyes” countries — Canada, the United States, the U.K., Australia and New Zealand — to monitor activity online. His release of classified NSA documents triggered outrage among those who said he put lives at risk, and praise from others who argued he shed light on questionable practices and has forced needed change. He was forced to flee the U.S. and was granted asylum in Russia.

Then in 2014, hackers broke into Sony company computers and released thousands of emails, documents and sensitive personal information. U.S. federal investigators blamed North Korea.

While Canada has long advocated for an open and free Internet, suggestions that the nation’s spy agency the Communications Security Establishment (CSE) has engaged in mass online surveillance have complicated that narrative.

Read more here

© 2013 CyberTRAX Canada - All Rights Reserved.
Sponsored by C3SA Corp.