Friday, February 27, 2015

Canada's Communications Security Establishment collecting million of Canadian emails sent to government sites

Canada's Communications Security Establishment(CSE) is collecting millions of emails sent by Canadians to government sites on the Internet. The collected emails are searched for malware that could attack government computer networks.
A top secret document obtained by the CBC and the US news site The Intercept revealed details about the collection of emails. The document is from 2010. It is among the documents obtained from NSA whistle blower Edward Snowden. The Communications Security Establishment (CSE) is Canada's cryptologic agency, responsible for foreign signals intelligence (SIGINT) and also for protection of government electronic and communication networks. Recently a new headquarters was built for the agency at a cost of $1.1 billion, making it the most expensive government facility ever built. This no doubt shows the priority of the Canadian Conservative government. Many who support the government constantly complain of government spending but when it comes to national security matters efficiency and control of costs do not seem to count. The facilities are on 83 acres and the headquarters occupy 1.2 million square feet. It is next door to the broader spy agency Canadian Security Intelligence Service (CSIS).
The CSE collected about 400,000 emails sent to government sites each day. Some of the data was stored for years. I expect that the agency thinks that some day it might be useful to mine the data for a specific purpose. The numbers collected have probably grown considerably since 2010 assuming the process is still ongoing. The emails include those of people filing taxes on line, sending emails to members of parliament, and applying for passports.
While the aim of protecting government sites from malware is laudable, there are questions as to the breadth of the collections and whether there are any rules regarding the length of time the emails are kept. As a member of the Five Eyes, these emails may very well be shared with spy agencies in the US, UK, New Zealand, and Australia. The Five Eyes operates beyond the laws of its member countries according to Snowden: The former NSA contractor Edward Snowden described the Five Eyes as a "supra-national intelligence organisation that doesn't answer to the known laws of its own countries".Documents leaked by Snowden in 2013 revealed that the FVEY have been spying on one another's citizens and sharing the collected information with each other in order to circumvent restrictive domestic regulations on domestic spying.While Chris Parsons, an internet security expert, said that there are legitimate reasons why the agency might monitor you communications with the government: “But you should be able to communicate with your government without the fear that what you say … could come back to haunt you in unexpected ways, When we collect huge volumes, it’s not just used to track bad guys. It goes into data stores for years or months at a time and then it can be used at any point in the future.”The CSE uses a tool called PonyExpress to search for suspicious links or attachments.The PonyExpress finds about 400 suspicious emails each or about 146,000 a year. CSE analysts look at each suspicious email to see if it poses a threat. About four emails a day are found to be serious enough a threat for the agency to contact the government departments that may face a potential threat. The emails themselves may be held for days up to months. The metadata containing details about who sent the email, when and where, can be kept for years. The CSE is barred from targeting content of Canadians' emails or phone calls, but it can receive ministerial exemptions if the situation involves protecting government IT infrastructure.
The CSE refuses to provide any specifics about how much email and metadata they collect or when they are deleted. They insist such information could be helpful to those engaged in malicious cyberactivity directed against government networks. Michael Vonn, policy director at the B.C. Civil Liberties Association argues that Canadians could be told how long the agency holds the data without putting the security of government networks at risk. Vonn said: “It’s distressing that we have to find [details] out in dribs and drabs as opposed to having the appropriate discussion nationally and democratically. If we're going to have trust that our agencies are acting responsibly, we need as much light shone on the architecture, the laws and the rules, as possible."Actually, much information only comes courtesy of whistle blowers such as Snowden who make public classified information.The CSE mandate allows it to hold email addresses, IP addresses, and other identifiers for up to thirty years. It can then transfer it to Library and Archives Canada. CSE claims that hackers probe government networks about 80 million times a day searching for vulnerabilities.