Each year, PEN International prepares a report assessing the state of freedom of expression in the country in which its congress is held. In October 2015, PEN International released a report on free expression in Canada ahead of the 81st congress in Québec City, Québec. Based on this briefing note, PEN Canada presents “Free Expression Matters” a series that breaks down free expression issues in Canada. In this fourth instalment we look at surveillance in the Canadian context and examine how the activities of government agencies can threaten the digital privacy of Canadians.
In 2013, the UN Special Rapporteur on the right to freedom of opinion and expression wrote that interference in individuals’ privacy can limit the “free development and exchange of ideas.” For writers, the major concern is self-censorship. Will we explore controversial ideas online if the government can track our activity? Will we share our opinions in private e-mails if third-parties can access them?
In dealing with government agencies in Canada, the right to privacy is protected by:
Surveillance in Canada has become increasingly commonplace, and recent revelations have shown that Canadians and others have been surveilled under numerous programs with little oversight or transparency.
Metadata is data that describes data. For example, metadata collected from cellphone records could include the length of a call, the number called, and the location of the call – everything but the content of the call itself. Even without direct eavesdropping on conversations (which the CSE is permitted to do on any communication with a foreign contact), metadata can reveal significant amounts of personal information and can be misused by Canadian law enforcement agencies in the absence of judicial oversight.
The government’s metadata surveillance program, though targeted at foreign communications, enables the CSE to capture and analyze metadata from every phone and Internet-based activity undertaken by Canadians. The program was renewed by ministerial directive in 2011, despite concerns raised in 2008 by the CSE Commissioner who stated that: “characteristics of contemporary communications technology mean that the interception of communications by CSEC runs the inherent risk of acquiring the private communications of Canadians.”
In 2014, documents retrieved by US whistleblower Edward Snowden revealed that the CSE used information from free wireless Internet services in major Canadian airports to track wireless devices of passengers for days after they left the terminal. The documents also confirmed the existence of an information-sharing agreement between CSE and the United States’ National Security Agency (NSA) that enables both agencies to circumvent laws that prohibit them from spying on their own citizens by sharing, without warrants, information each has gathered on the other country’s citizens.
In January 2015, documents from the Snowden leak showed CSE monitoring uploads and downloads of millions of Internet users across the globe. Code-named “LEVITATION”, the operation analyzes records of up to 15 million downloads every day. The CSE can search for specific IP addresses (your computer’s unique address) using tools from Britain’s GCHQ, track users’ online activity, and sometimes link the IP address to a specific Facebook or Google profile. Of the 15 million records collected daily, approximately 350 records are deemed “interesting.”
In the CSE’s 2014-15 annual report released in January 2016, Commissioner Jean Pierre Plouffe disclosed that certain types of metadata had not been properly “minimized” –i.e. stripped of Canadian identity information– before being shared with international partners. This was a result of technical deficiencies the CSE discovered 2013 during an internal review, after which the CSE stopped the flow of metadata to international partners. The report also found that the ministerial directive governing CSE’s collection, use, and disclosure of metadata lacks clarity and recommended that the agency seek a new directive. In a statement, Defence Minister Harjit Sajjan stated that although the “privacy impact was low,” the CSE will not resume information sharing until he is satisfied that “effective systems and measures are in place.”
In January 2014, US President Barack Obama publicly announced reforms to the NSA in response to the Snowden revelations. By contrast, the Canadian government made no attempt to increase CSE’s transparency and accountability until recently. The bill C-51 anti-terrorism legislation passed in June 2015 grants the CSE significant new powers, allowing it to access information collected by other government agencies including the Canada Revenue Agency and Health Canada. However, in 2016, in addition to the CSE’s suspension of information sharing with international partners and stated pursuit of more effective systems, Public Safety Minister Ralph Goodale stated that the federal government is in the process of reviewing its security intelligence operations and is committed to introducing new parliamentary oversight of intelligence agencies.