Canada Cuts 5 Eye Intelligence Sharing

Graphic: PBS

Canada’s CBC TV network recently reported that the country is slamming on the brakes when it comes to sharing some communications intelligence with key allies, including the US, out of fear that Canadian personal information is not properly protected.

“Defense Minister Harjit Sajjan says the sharing won’t resume until he is satisfied that the proper protections are in place,” CBC reported.

Earlier, the watchdog tasked with keeping tabs on the Ottawa-based Communications Security Establishment (CSE), Jean-Pierre Plouffe, called out the electronic spying agency for risking Canadian privacy in his annual report.

Plouffe wrote that the surveillance agency broke privacy laws when it shared Canadian data with its allies without properly protecting it first. Consequently, he concluded, it should precisely explain how Canadian citizens’ metadata — information about who a communication is to and from, the subject line of an email, and so on — can and can’t be used.

“Minimization is the process by which Canadian identity information contained in metadata is rendered unidentifiable prior to being shared,” Plouffe wrote in his report. “The fact that CSE did not properly minimize Canadian identity information contained in certain metadata prior to being shared was contrary to the ministerial directive, and to CSE’s operational policy.”

Defense Minister Sajjan said in a statement that the data sharing in question was the result of “unintentional” errors and didn’t allow for specific Canadian individuals to be identified.

The concern for Canadian metadata began shortly after disclosures made by NSA whistleblower Edward Snowden in 2013.

Plouffe’s predecessor told then-Defense Minister Rob Nicholson that the other countries in a secretive surveillance pact called the Five Eyes Alliance, the US, Canada, the UK, New Zealand, and Australia, might not be sheltering Canadians’ telephone data the way they should.

The CSE has admitted since the Snowden revelations that it sometimes sweeps up domestic data when keeping track of foreign intelligence communications. When any of that information is shared abroad, “these activities may directly affect the security of a Canadian person,” the previous watchdog, Robert Decary, wrote at the time.

Canada’s decision to temporarily stop sharing information comes at a time when the US is scrambling to come up with a new data-sharing arrangement with the European Union before a January 31 deadline. Europe’s top court decided in October that European privacy isn’t sufficiently respected by the American government or its spying agencies.

The Intercept:

 

« Reduce Risk With Threat Intelligence
US Military Are Doubling Down On Robot Wars »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Ionic Security

Ionic Security

Ionic provide a high-assurance data protection and control platform built on strong encryption, fine-grain control and contextual analytics.

techUK

techUK

techUK represents companies operating in the tech sector in the UK. Focus areas cover all aspects of ICT including cyber security.

NSHC

NSHC

NSHC is a provider of mobile security solutions, cyber security consulting and training, and offensive research.

LMG Security

LMG Security

LMG Security is a cybersecurity consulting, research and training firm.

AppTec

AppTec

AppTec is a leading software vendor in the field of Unified Endpoint Management and Mobile Security.

GuardianKey

GuardianKey

GuardianKey is a solution to protect systems against authentication attacks.

Sponge

Sponge

Sponge is a world-renowned digital learning provider on a mission to make learning unforgettable.

Jandnet Recruitment

Jandnet Recruitment

Jandnet Recruitment is a small specialist company working in the IT sector. We recruit across all IT disciplines including cyber security and digital identity.

Quintillion Consulting

Quintillion Consulting

Quintillion Consulting is a strategic risk based consulting firm. We help companies safeguard the core business and IT capabilities that deliver competitive advantage.

Uptycs

Uptycs

Uptycs combines the open source universal agent, osquery, with a scalable security analytics platform for fleet visibility, intrusion detection, vulnerability monitoring and compliance.

Glocomp Systems

Glocomp Systems

Glocomp Systems is one of Malaysia’s premier ICT infrastructure distributor offering a comprehensive portfolio of solutions including cybersecurity and privacy.

Anvilogic

Anvilogic

Anvilogic provides a unifying experience for security professionals aimed at providing improved visibility, enrichment, and context across hundreds of alerting datasets and security tools.

Dawgen Global

Dawgen Global

Dawgen Global is an integrated multidisciplinary professional service firm in the Caribbean Region providing a range of services including Risk Management and Information Systems Assurance.

Positiwise Software Pvt Ltd

Positiwise Software Pvt Ltd

Positiwise Software offers end-to-end software development solutions to accelerate the digital growth of businesses.

Wired Assurance

Wired Assurance

Wired Assurance is a testing and assurance company, specialized in software applications and blockchain smart contracts.

Phone Monitoring Service

Phone Monitoring Service

Phone Monitoring Service provides cyber security services, ethical hacking services, social media hacking services in the USA, Canada, Europe.