The sketch: Meta-answers about metadata

CSEC might not be doing anything to worry about, but more oversight might be in order anyway

by Aaron Wherry

On the morning after the CBC reported that the Communications Security Establishment was using airport wi-fi to track Canadian travellers, the Defence Minister was asked “why this agency was tracking and spying on Canadians in our airports.”

“Mr. Speaker,” Rob Nicholson said, “it is my understanding that CSEC made it clear to the CBC that nothing in the documents they had obtained showed that Canadian communications were targeted, collected or used, nor that travellers’ movements were tracked.”

You might notice that this is not actually a direct answer to the question asked. (He would come vaguely closer a little while later.)

CSEC’s own statement on the matter clarified that “no Canadian or foreign travellers were tracked” and “no Canadian communications were, or are, targeted, collected or used.” But the agency had also noted that “in order to fulfill this key foreign intelligence role for the country, CSE is legally authorized to collect and analyze metadata.”

Asked this afternoon about whether CSEC had collected information on Canadians in our airports, Mr. Nicholson appealed to this matter of metadata.

“What I did refer to on Friday, which I will refer to again,” Mr. Nicholson attempted to explain, “is the independent commissioner for CSEC who released a statement on Friday that said: ‘…past commissioners have reviewed CSEC metadata activities and found them to be in compliance with the law and be subject to comprehensive and satisfactory measures to protect the privacy of Canadians.’ That should have the support of everyone.”

Being in compliance with the law is indeed something to be supportive of. And yet the NDP’s Jack Harris was decidedly unimpressed.

“Mr. Speaker, Canadians deserve honest answers, but instead the minister is once again evading simple questions about the activities and oversight of Canada’s national security agency,” the NDP critic lamented, appearing rather agitated. “On Friday and again today, the minister refused to say whether CSEC had been conducting domestic operations. Canadians are worried their government is spying on them. Will the minister now tell us if Communications Security Establishment Canada has been collecting information on Canadians at our airports, yes or no?

Now it was Mr. Nicholson who was unimpressed.

“Mr. Speaker, the honourable member just does not get it,” he lamented. “That is why we have an independent commissioner to have a look at these activities. Again, I refer the member to the statement that was issued on Friday by the independent commissioner and what the commissioner has said. He praised CSEC’s chiefs who have spared no effort to install within CSEC a culture of respect for the law and for the privacy of Canadians. What is his problem with that?”

Brow furrowed, Mr. Nicholson returned to his seat and now Mr. Harris returned to his feet.

“Mr. Speaker, once again, that is evasion pure and simple,” Mr. Harris responded, proceeding to jab his finger in the air variously.

It was with some luck that the chief of CSEC was due to appear a few hours later before a Senate committee. And it was there that we learned that it this metadata is that we’re meta-talking about.

“The document that was released last week refers to a model we were trying to build of typical communications patterns around a public Internet access point, in this case an airport,” explained John Forster, seemingly attempting to sound reassuring. “The work relied on metadata.”

What is metadata?

“So metadata is data about a communication. It’s not the content of a communication.”

There was an analogy here about taking a photograph.

“What we rely on is what’s called metadata. It’s used by computers to route or manage communications over global networks. It doesn’t include any content of emails, phone message or text messages or photos. This was the data we were using in this excerise.”

This was apparently meant to help CSEC “understand global networks” and “to know how to find a legitimate foreign target in a sea of billions of billions of bits of communication.”  In fact, he said, the metadata is used to ensure CSEC is not targeting a Canadian phone number or IP address.

“This was not an operational surveillance program,” he explained. “The purpose of it was to build an analytical model or typical patterns of network activity around a public access node … The end result of this work was to build a mathematical, analytical model. So the end result was formulas, algorithms, software.”

There was an analogy here about finding hostage-takers. Indeed, Mr. Forster claimed to be aware of two cases in the past 12 months in which these models had been used to find “legitimate foreign targets.”

All, he testified, was done within the limits of ministerial directives and previous analyses have been reviewed by commissioners. No Canadians’ communications were targeting, collected or used and no Canadian was identified.

It is on something like this note that the House will take up a Liberal motion tomorrow that would have the House express “deep concern” over all of this and pursue the creation of a parliamentary committee charged with oversight of our national security institutions. We might wish that the Defence Minister had been as full in his explanation as Mr. Forster, but possibly there is both nothing worth worrying too much about here and still something to be said for such a committee anyway.




Browse

The sketch: Meta-answers about metadata

  1. “In fact, he said, the metadata is used to ensure CSEC is not targeting a Canadian phone number or IP address.”

    Orwell himself couldn’t have said it better.

    • Yep, lie and deny while ignoring the truth. Orwell was well ahead of his time.

  2. For heavens’ sake, will someone ask the obvious; where do they get the metadata from?
    The cellphone providers?

  3. Ok i’m gonna say i don’t get this whole we’re just looking at the meta data thing. Isn’t that a bit like saying you didn’t inhale, therefore you aren’t toking up?
    If theyre just looking a meta data traffic but not looking at our emails or listening to the contents of our phone calls, pray tell us what might trigger an intervention. At the moment i simply don’t believe these guys. It’s an enormous temptation for anyone with this kind of power. Does it simply come down to identifying who’s sending emails or texts to Yemen after midnight? If something like that why bother with mass surveillance? But they’re looking for suspicious activity. How can you accomplish that by merely tracking MD? Colour me skeptical. I certainly take no comfort in the dissembling evasions of Rob Nicholson. The man is barely competent enough to watch over a school outing at the seaside let alone look after this stuff.

  4. I don’t believe them. And please explain why then Stephen Harper has an Enemies List.

    • Yep, wrote him a stark email, 4 months later CRA says it sent me a letter I never got. They made a mysterious mistake and I filed a dispute so they are going to stall it.

      Real PITA too to get CRA to fix its problems. Nails have more IQ as they do not even read T4 and T5 slips. Just slam you like Obama did with the IRS audits of Tea Party.

      Can not prove the link but can prove I am right.

  5. Meta data is scooping up any and all info that your smartphone transmits/receives; from voice, emails, internet traffic, gps signals, text messages, videos/photos etc etc… And then we are to trust that this metadata will be stored securily and not used against us., or worse, since all of our private information is now in ONE location, it is that much a bigger threat to our privacy if hackers got a hold of it.

    Think of it like Target having hundreds of thousands of its credit card info stolen, because they hacked Target, yet for hackers to try and hack hundreds of thousands of individuals computers to get the same material, which do you think they will go after first!

    Remember this is the same government that denies any involvement in robocalls, so rather than an “inside” job, Pierre Poutine supposedly hacked the Conservatives secret and highly guarded CIMS database with millions of Canadians info on it, even credit card #’s used to make donations. Trust US they say.. yeah right!

    • Liberals denied them too, NDP used unions to do it. They are all corrupt in this regard. Happens provincially too.

  6. Is not just WiFi, cell phones make great tracking devices. GPS and all. Get stored and call history too.

    We have no privacy on the grid. Even if they say they do not, they do. The system has unrestricted eves dropping capabilities, even with SSL it can be intercepted….

  7. If the Harper Conservatives were able to give honest answers then perhaps the public could feel more at ease but when we are ruled over by a regime of lies, deceit and false information in almost every ministry one has to ask, “Why and What for?” — and what is more, Harper doesn’t care.

  8. People simply don’t understand what metadata is. It’s completely lawful to collect it, and frankly the government would be negligent if it weren’t. It’s like asking a cop on the street to intentionally ignore any suspicious behaviour they see. Anybody who thinks global telecommunications are going to go completely un-monitored is living in a dream world. International postal mail has always been closely monitored, why wouldn’t electronic communications be subject to the same checks?

    • That’s right, what the hell does it mean? And why can’t the government find a spokesperson (hint: Rob Nicholson wouldn’t make it through the first round of interviews) who is competent to explain it, with examples of what they mean?

      The real problem isn’t that we don’t understand, the problem is that CSEC and the government didn’t say that in the first place and instead insisted they don’t do any surveillance of Canadians’ communications ever. They were basically lying by omission and now they expect us to trust it’s all fine because it’s only metadata.

      • Do you really expect CSEC to document and explain every bit of data that they do or don’t grab? Why don’t we just write a book detailing to bad guys exactly how to avoid any of our surveillance tactics? Or if you ban the use of metadata, law enforcement’s ability to investigate crimes after the fact is badly undermined.

        Let’s say a terrorist uses a cell phone as a trigger to detonate a bomb somewhere. Without metadata, it becomes impossible for the RCMP to find out what number last called the trigger device.

        I suspect that none of this is really new law either. I think that there’s just more metadata attached to communications now than ever before, which is why some people like the CBC are fear-mongering. God knows they also love it when they can create a parallel narrative to an American story, because it makes their jobs that much easier.

        • No I expect the Minister to explain, but he obviously can’t without resorting to tortuous twists and references to what someone else said one other time. I also expect that people we pay to be governed by competent oversight and to be told the truth.

Your email address will not be published. Required fields are marked *