Canadian spy agency used free airport WiFi to track travelers
Posted on 31 January 2014.
A new report based on documents provided by NSA whistleblower Edward Snowden will make Canadians question whether the country's electronic spy agency does, as it claims, work inside the limits set by the law.

A 27-page-long PowerPoint presentation dated May 2012 and stamped with the Communications Security Establishment Canada (CSEC) logo details how the agency collected information (metadata identifying wireless devices, their location, calls made) from the free WiFi services offered on major Canadian airports, in order to track the devices' users for days after they left the airport and connected to free WiFi hot spots throughout Canada.

As the system has no way of knowing whether a device's owner is Canadian or not, it stands to reason that among the data collected by the agency is also data that can be used to identify Canadian citizens and discover their movements.

Ronald Deibert, head of the Citizen Lab at the University of Toronto which focuses its research on global security and human rights, said that he believes the practice is almost certainly illegal.

The CSEC stated that it is "mandated to collect foreign signals intelligence to protect Canada and Canadians" and has, therefore, legal authority to collect and analyze metadata.

"It is really unbelievable that CSEC would engage in that kind of surveillance of Canadians. Of us," commented Ann Cavoukian, Ontario's privacy commissioner. "This resembles the activities of a totalitarian state, not a free and open society."

It is unknown how the agency actually got the wireless data, reports the Canadian Broadcasting Corporation (CBC).

The document says that the data was provided voluntarily by a "special source", but the Toronto and Vancouver airport authorities, which operate their airports' WiFi service, denied providing the data to any Canadian intelligence agency, and so did Boingo, a US-based company that operates such services in other airports in Canada.

The document also indicates that the collected information is to be shared with the other members of the Five Eyes intelligence network: the US, the UK, Australia and New Zealand.


Banks and IT security: The elements of success

Nathan Horn-Mitchem, VP, Information Security Officer at Provident Bank, talks about delivering and maintaining IT security for 80 branches of the bank.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Mar 27th