Canada Cuts 5 Eye Intelligence Sharing

Graphic: PBS

Canada’s CBC TV network recently reported that the country is slamming on the brakes when it comes to sharing some communications intelligence with key allies, including the US, out of fear that Canadian personal information is not properly protected.

“Defense Minister Harjit Sajjan says the sharing won’t resume until he is satisfied that the proper protections are in place,” CBC reported.

Earlier, the watchdog tasked with keeping tabs on the Ottawa-based Communications Security Establishment (CSE), Jean-Pierre Plouffe, called out the electronic spying agency for risking Canadian privacy in his annual report.

Plouffe wrote that the surveillance agency broke privacy laws when it shared Canadian data with its allies without properly protecting it first. Consequently, he concluded, it should precisely explain how Canadian citizens’ metadata — information about who a communication is to and from, the subject line of an email, and so on — can and can’t be used.

“Minimization is the process by which Canadian identity information contained in metadata is rendered unidentifiable prior to being shared,” Plouffe wrote in his report. “The fact that CSE did not properly minimize Canadian identity information contained in certain metadata prior to being shared was contrary to the ministerial directive, and to CSE’s operational policy.”

Defense Minister Sajjan said in a statement that the data sharing in question was the result of “unintentional” errors and didn’t allow for specific Canadian individuals to be identified.

The concern for Canadian metadata began shortly after disclosures made by NSA whistleblower Edward Snowden in 2013.

Plouffe’s predecessor told then-Defense Minister Rob Nicholson that the other countries in a secretive surveillance pact called the Five Eyes Alliance, the US, Canada, the UK, New Zealand, and Australia, might not be sheltering Canadians’ telephone data the way they should.

The CSE has admitted since the Snowden revelations that it sometimes sweeps up domestic data when keeping track of foreign intelligence communications. When any of that information is shared abroad, “these activities may directly affect the security of a Canadian person,” the previous watchdog, Robert Decary, wrote at the time.

Canada’s decision to temporarily stop sharing information comes at a time when the US is scrambling to come up with a new data-sharing arrangement with the European Union before a January 31 deadline. Europe’s top court decided in October that European privacy isn’t sufficiently respected by the American government or its spying agencies.

The Intercept:

 

« Reduce Risk With Threat Intelligence
US Military Are Doubling Down On Robot Wars »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Reed Smith LLP

Reed Smith LLP

Reed Smith LLP is an international law firm with offices in the USA, Europe, Middle East and Asia. Practice areas include Information Technology, Privacy & Data Security.

Acuity Risk Management

Acuity Risk Management

Acuity Risk Management helps businesses worldwide effectively manage, prioritize and report on their risks to inform strategic and tactical decision-making and build long-term resilience.

SBS CyberSecurity

SBS CyberSecurity

SBS CyberSecurity is a premier cybersecurity consulting and audit firm.

Shinobi Cyber

Shinobi Cyber

Shinobi Defense System is an integrated security system that absolutely secures information with smart, automatic encryption and protects your endpoints by stopping any unauthorized actions.

Secude

Secude

SECUDE is an established global security solutions provider offering innovative data protection for SAP users.

CTERA Networks

CTERA Networks

CTERA provides cloud storage solutions that enable service providers and enterprises to launch managed storage, backup, file sharing and mobile collaboration services using a single platform.

Balbix

Balbix

Balbix BreachControl™ is the industry’s first system to leverage specialized AI to provide comprehensive and continuous predictive assessment of breach risk.

Paladin Capital Group

Paladin Capital Group

Paladin is a leading global investor that supports and grows the world’s most innovative cyber companies.

TrustMAPP

TrustMAPP

TrustMAPP automates cybersecurity & privacy assessments, with universal workflow, allowing teams to generate analytics and recommendations to align priorities for improvement.

Stratum Security

Stratum Security

Stratum Security is an information security consulting company that focuses on providing clear and concise risk guidance to its clients through high quality assessment services.

Iron Bow Technologies

Iron Bow Technologies

Iron Bow Technologies is a leading IT solution provider dedicated to successfully transforming technology investments into business capabilities for government, commercial and healthcare clients.

Camel Secure

Camel Secure

Camel Secure is a company specialized in the development of products for information security and technology risk management.

Alias

Alias

Alias (formerly Alias Forensics) provide penetration testing, vulnerability assessments, incident response and security consulting services.

Radius Technologies

Radius Technologies

Radius Technologies is trusted by progressive SMEs to deliver world-class cloud, IT solutions, IT and data security, and telecoms systems.

Beaming

Beaming

Beaming is an established Internet Service Provider for businesses across the UK. We deliver reliable voice, data and managed services, including cybersecurity.

ClearSale (CLSA3)

ClearSale (CLSA3)

Clearsale’s innovative fraud solutions combine advanced technology with a passionate team of seasoned experts that understand every client’s unique needs.