Canadian spy agency used free airport WiFi to track travelers
Posted on 31 January 2014.
A new report based on documents provided by NSA whistleblower Edward Snowden will make Canadians question whether the country's electronic spy agency does, as it claims, work inside the limits set by the law.

A 27-page-long PowerPoint presentation dated May 2012 and stamped with the Communications Security Establishment Canada (CSEC) logo details how the agency collected information (metadata identifying wireless devices, their location, calls made) from the free WiFi services offered on major Canadian airports, in order to track the devices' users for days after they left the airport and connected to free WiFi hot spots throughout Canada.

As the system has no way of knowing whether a device's owner is Canadian or not, it stands to reason that among the data collected by the agency is also data that can be used to identify Canadian citizens and discover their movements.

Ronald Deibert, head of the Citizen Lab at the University of Toronto which focuses its research on global security and human rights, said that he believes the practice is almost certainly illegal.

The CSEC stated that it is "mandated to collect foreign signals intelligence to protect Canada and Canadians" and has, therefore, legal authority to collect and analyze metadata.

"It is really unbelievable that CSEC would engage in that kind of surveillance of Canadians. Of us," commented Ann Cavoukian, Ontario's privacy commissioner. "This resembles the activities of a totalitarian state, not a free and open society."

It is unknown how the agency actually got the wireless data, reports the Canadian Broadcasting Corporation (CBC).

The document says that the data was provided voluntarily by a "special source", but the Toronto and Vancouver airport authorities, which operate their airports' WiFi service, denied providing the data to any Canadian intelligence agency, and so did Boingo, a US-based company that operates such services in other airports in Canada.

The document also indicates that the collected information is to be shared with the other members of the Five Eyes intelligence network: the US, the UK, Australia and New Zealand.


How security pros deal with cybercrime extortion

1 in 3 security professionals recommend negotiating with cybercriminals for the return of stolen data or the restoration of encrypted files. 86% of security professionals believed their peers at other organizations have brokered deals with cybercriminals.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Wed, Apr 1st