Canada’s top security and spy-agency officials have given the first detailed public defence of secret government surveillance programs that collect telecommunications “metadata.”
“We wouldn’t be able to find or locate our targets without it,” John Forster, chief of the Communications Security Establishment Canada, told a parliamentary committee.
The head of the foreign-intelligence electronic-eavesdropping agency, Mr. Forster said snooping on metadata is fundamental for the Canadian government to pick out foreign terrorists and other targets “in a sea of billion and billions of communications traversing the globe.”
For nearly a decade, Canada’s surveillance sleuths at CSEC have been collecting and analyzing Internet Protocol addresses, phone logs and other metadata. Government lawyers have told them this kind of surveillance is legally sound – and not the same as illegally wiretapping phone calls or steaming open letters.
This means that standard privacy strictures – such as not intercepting Canadian material without warrants – do not necessarily apply. In the search for foreign intelligence “targets” outside Canada, CSEC analysts are allowed to use metadata regardless of whether the underlying communications originate in Canada.
Parliamentarians were oblivious to this because they are not cleared to briefed on secret laws that allow such practices. Last June, The Globe and Mail reported on directives dating back to 2005 that authorize CSEC to collect metadata. The CBC last week published a leaked CSEC presentation showing that the spy agency studied the metadata trails of devices that used wireless Internet at a Canadian airport in 2012.
Such reports got the attention of the Senate Committee on National Security and Defence, whose members on Monday grilled several officials making scheduled appearances – including CSEC’s Mr. Forster, Canadian Security Intelligence Service director Michel Coulombe, and Stephen Rigby, the national security adviser to the Prime Minster.
“It is data about data, so it is well within the parameters,” Mr. Rigby told the committee.
Mr. Forster said airport metadata monitoring was about identifying data transmission patterns and never spying on people.
“This was not an operational surveillance program. ... we weren’t monitoring anyone’s movements,” he told the Senate committee. He explained that CSEC wanted to build a picture of the data signatures of public WiFi spots, such as Internet cafés, hotels and airports.
Such models, Mr. Forster said, were developed two years ago in hopes of helping CSEC track possible hostage-takers or terrorists who use the Internet in such places.
“I’m aware of two cases in the past two months where this model has been and is being used to identify a foreign target,” he said on Monday.
Responding to an earlier leak, Mr. Forster also said CSEC never helps Canadian firms spy on their rivals. “We don’t collect that information; that’s not what we do,” he said.
The security officials did not say why they studied a Canadian airport rather than a foreign one. And while they said CSEC keeps metadata for a limited time, they did not say how long.
Such practices are at issue in court. Last fall, the B.C. Civil Liberties Association launched a lawsuit against CSEC, alleging its metadata collection runs afoul of the Charter of Rights and Freedoms.
Meanwhile, the officials revealed on Monday they are appealing a Federal Court ruling from last year in which they were found to have kept a judge in the dark about key facts in warrant applications.