For decades, the United States, United Kingdom, Canada, Australia and New Zealand have cooperated in an intelligence sharing agreement informally known as the five eyes. We know that at least some of the intelligence shared is mass surveillance data of the countries’ own citizens. However, it appears Canada is going to temporarily cease sharing some data with its allies until measures are in place to protect the identity of Canadian citizens.
The issue concerns the sharing of metadata of communications such as phone calls and emails, which includes things like the time and date a message was sent or who the sender or receiver of the message is, but excluding the actual content of the message. The reason for no longer sharing the data is because the Communications Security Establishment(CSE), Canada’s signal intelligence agency, was not properly minimizing the data. CSE commissioner Jean Pierre Plouffe describes the process of minimization in his annual report, “Minimization is the process by which Canadian identity information contained in metadata is rendered unidentifiable prior to being shared.”
Plouffe’s report also claims the CSE discovered this issue on its own with no external intervention, “While I was conducting this current comprehensive review, CSE discovered on its own that certain metadata was not being minimized properly.” He goes on to state that the problem with minimization of the data was contrary to official policy, “The fact that CSE did not properly minimize Canadian identity information contained in certain metadata prior to being shared was contrary to the ministerial directive, and to CSE’s operational policy.”
Defence Minister Harjit Sajjan stated that the sharing of data will not resume until he is confident that sufficient protections are in place. Concerning the data that was already shared he stated that the metadata, “did not contain names or enough information on its own to identify individuals,” and went on to say, “taken together with CSE’s suite of privacy protection measures, the privacy impact was low.” He also expressed confidence in the CSE, “I am reassured that the commissioner’s findings confirm the metadata errors that CSE identified were unintentional, and am satisfied with CSE’s proactive measures, including suspending the sharing of this information with its partners and informing the Minister of Defence.”
Sajjan did not state exactly what metadata had been shared. He also stated there was no way to review the data to determine how many were affected without violating privacy laws. Making an appearance alongside Sajjan, Public Safety Minister Ralph Goodale stated that the government is reviewing its intelligence operations and is committed to introducing more parliamentary oversight of intelligence agencies.
Can the Canadian government be trusted to protect the privacy of its citizens? Leave your comments below.