Canada Cuts 5 Eye Intelligence Sharing

Graphic: PBS

Canada’s CBC TV network recently reported that the country is slamming on the brakes when it comes to sharing some communications intelligence with key allies, including the US, out of fear that Canadian personal information is not properly protected.

“Defense Minister Harjit Sajjan says the sharing won’t resume until he is satisfied that the proper protections are in place,” CBC reported.

Earlier, the watchdog tasked with keeping tabs on the Ottawa-based Communications Security Establishment (CSE), Jean-Pierre Plouffe, called out the electronic spying agency for risking Canadian privacy in his annual report.

Plouffe wrote that the surveillance agency broke privacy laws when it shared Canadian data with its allies without properly protecting it first. Consequently, he concluded, it should precisely explain how Canadian citizens’ metadata — information about who a communication is to and from, the subject line of an email, and so on — can and can’t be used.

“Minimization is the process by which Canadian identity information contained in metadata is rendered unidentifiable prior to being shared,” Plouffe wrote in his report. “The fact that CSE did not properly minimize Canadian identity information contained in certain metadata prior to being shared was contrary to the ministerial directive, and to CSE’s operational policy.”

Defense Minister Sajjan said in a statement that the data sharing in question was the result of “unintentional” errors and didn’t allow for specific Canadian individuals to be identified.

The concern for Canadian metadata began shortly after disclosures made by NSA whistleblower Edward Snowden in 2013.

Plouffe’s predecessor told then-Defense Minister Rob Nicholson that the other countries in a secretive surveillance pact called the Five Eyes Alliance, the US, Canada, the UK, New Zealand, and Australia, might not be sheltering Canadians’ telephone data the way they should.

The CSE has admitted since the Snowden revelations that it sometimes sweeps up domestic data when keeping track of foreign intelligence communications. When any of that information is shared abroad, “these activities may directly affect the security of a Canadian person,” the previous watchdog, Robert Decary, wrote at the time.

Canada’s decision to temporarily stop sharing information comes at a time when the US is scrambling to come up with a new data-sharing arrangement with the European Union before a January 31 deadline. Europe’s top court decided in October that European privacy isn’t sufficiently respected by the American government or its spying agencies.

The Intercept:

 

« Reduce Risk With Threat Intelligence
US Military Are Doubling Down On Robot Wars »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ReadWrite

ReadWrite

ReadWrite is a leading media platform dedicated to IoT and the Connected World.

Swedish Civil Contingencies Agency (MSB)

Swedish Civil Contingencies Agency (MSB)

MSB's Information Assurance Department is responsible for supporting and coordinating work relating to Sweden's national societal information security.

AlAnsari Technical Solutions (ATS)

AlAnsari Technical Solutions (ATS)

ATS is a Kuwait based company specialised in delivering hardware/software, Virtualisation, IP Telephony / Unified Communication, Networking and professional IT services and solutions.

Cybertonica

Cybertonica

Cybertonica is a FinTech company which detects and prevents fraudulent transactions and reduces risk for financial services organisations.

Invensity

Invensity

INVENSITY is an interdisciplinary technology and innovation consulting company. Centres of excellence include Cyber Security and Data Privacy.

Navaio IT Security

Navaio IT Security

Navaio helps clients with IT Security related challenges with a primary focus on Identity and Access Management, Data Governance, User Awareness and Cyber Resilience Services.

In-Sec-M

In-Sec-M

In-Sec-M is a non-profit organization that brings together companies, learning and research institutions, and government actors to increase competitiveness of the Canadian cybersecurity industry.

Logit.io

Logit.io

Logit.io is a log analysis & management platform that provides a scalable solution for hosting the open-source tools Elasticsearch, Logstash, and Kibana.

Innefu Labs

Innefu Labs

Innefu is an Information Security R&D startup, providing cutting edge Information Security & Data Analytics solutions.

TheHive Project

TheHive Project

TheHive Project is a Scalable, Open Source and Free Security Incident Response Platform for SOC, CSIRT and CERT teams.

inWebo

inWebo

inWebo is the specialist in multi-factor strong authentication (MFA). We guarantee the security of data and identities in a digital world with increasingly important economic and political stakes.

Waterleaf International

Waterleaf International

Waterleaf provide advanced network and cybersecurity solutions - informed by data sciences. Transforming Connectivity, Security and Information for Municipalities, Government & Enterprise.

Orca Fraud

Orca Fraud

Orca is an AI-driven fraud orchestration platform. We empower fraud fighters to outpace fraud using our custom ML models.

Grey Market Labs

Grey Market Labs

Grey Market Labs is a special place. It is a data privacy and security skunkworks.

REAL Security

REAL Security

REAL Security is a market leader across the Adriatic region in value-added distribution in the field of IT Security & virtualisation.

Attaxion

Attaxion

Attaxion is an External Attack Surface Management (EASM) Platform. We offer attack surface management solutions with #1 asset coverage and laser-focused, actionable intelligence.