Well, the guy who said this was full of crap:
David Skillicorn, a
professor in the School of Computing at Queen’s University, says this is one
piece of the data-sharing relationship "that has always been carefully
constructed."
"The Americans will not use Canadians to collect data on U.S. persons, nor will any of the other Five Eyes countries," Skillicorn says.
"In fact, in practice, it’s as if the five countries’ citizens were one large, collective group, and their mutual communications are not intercepted by any in the Five Eyes community."
"The Americans will not use Canadians to collect data on U.S. persons, nor will any of the other Five Eyes countries," Skillicorn says.
"In fact, in practice, it’s as if the five countries’ citizens were one large, collective group, and their mutual communications are not intercepted by any in the Five Eyes community."
Actual situation, as per the Guardian today, the NSA honored its no-spy-on-five-eye pledge in the breach:
Britain and the US are the main two partners in the 'Five-Eyes' intelligence-sharing alliance, which also includes Australia, New Zealand and Canada. Until now, it had been generally understood that the citizens of each country were protected from surveillance by any of the others.
But the Snowden material reveals that:
• In 2007, the rules were changed to allow the NSA to analyse and retain any British citizens' mobile phone and fax numbers, emails and IP addresses swept up by its dragnet. Previously, this data had been stripped out of NSA databases – "minimized", in intelligence agency parlance – under rules agreed between the two countries.
• These communications were "incidentally collected" by the NSA, meaning the individuals were not the initial targets of surveillance operations and therefore were not suspected of wrongdoing.
• The NSA has been using the UK data to conduct so-called "pattern of life" or "contact-chaining" analyses, under which the agency can look up to three "hops" away from a target of interest – examining the communications of a friend of a friend of a friend. Guardian analysis suggests three hops for a typical Facebook user could pull the data of more than 5 million people into the dragnet.
• A separate draft memo, marked top-secret and dated from 2005, reveals a proposed NSA procedure for spying on the citizens of the UK and other Five-Eyes nations, even where the partner government has explicitly denied the US permission to do so. The memo makes clear that partner countries must not be informed about this surveillance, or even the procedure itself.
When intelligence community apologists get wrongfooted by
these kinds of revelations, one is inclined to wonder: is the so-called security
insider who is allaying (and in some cases ridiculing) the public’s anxieties over government
surveillance practices a clueless dupe or a duplicitous shill?
Inquiring minds want to know.
The most recent revelation is tantalizing as it relates to
my own personal hobbyhorse, as discussed in a previous post with the theme Blame Canada: did the NSA diddle with
traffic patterns through its corporate buddies on the North American backbone
and route US persons’ data to Five Eyes partners—like maybe Canada--for
storage, collection, and processing, and thereby receive its tittle-tattle on
interesting Americans second hand via a foreign intelligence agency, thereby
not violating the letter of the U.S. law prohibiting these kinds of
interception without a warrant?
With this background, the most interesting element for me
was one that the Guardian didn’t even bother to report on. It only appears in the Guardian’s reproduction
of the 2007 memo (click on the image at the head of the article for the full
text) authorizing collection of UK persons’ info. The memo baldly stated that “unmasked” UK
data—if I understand it correctly, this simply means in this case “metadata
that has been revealed as relating to a UK person” is not only fair game for review by NSA analysts; it may also be dumped into a
database for access by GCHQ:
“[US Analysts] Are not required to forward unmasked UK
contact identifiers to GCHQ unless specifically requested by GCHQ. GCHQ should receive all unmasked UK contact
identifiers via established or mutually agreed forwarding means or the contact
identifiers should be available in the GCHQ-accessible five-eyes [deleted]
database, the [deleted] access to [deleted], or other GCHQ-accessible metadata
stores.”
Hmmm. Certainly
sounds like the NSA was not only collecting UK data; it was making it available
to GCHQ. If that was the case, one would
assume it worked the other way around as well.
There’s probably more onion to be peeled. Maybe a couple more layers down we’ll find
out if we can really {drumroll} “blame
Canada.”
If this scenario is determined, I reserve the right to name the illicit, escalating signint exchange with our neighbor in the Great White North "snowballing". In honor of Kevin Smith, of course.
No comments:
Post a Comment