Canada Cuts 5 Eye Intelligence Sharing

Graphic: PBS

Canada’s CBC TV network recently reported that the country is slamming on the brakes when it comes to sharing some communications intelligence with key allies, including the US, out of fear that Canadian personal information is not properly protected.

“Defense Minister Harjit Sajjan says the sharing won’t resume until he is satisfied that the proper protections are in place,” CBC reported.

Earlier, the watchdog tasked with keeping tabs on the Ottawa-based Communications Security Establishment (CSE), Jean-Pierre Plouffe, called out the electronic spying agency for risking Canadian privacy in his annual report.

Plouffe wrote that the surveillance agency broke privacy laws when it shared Canadian data with its allies without properly protecting it first. Consequently, he concluded, it should precisely explain how Canadian citizens’ metadata — information about who a communication is to and from, the subject line of an email, and so on — can and can’t be used.

“Minimization is the process by which Canadian identity information contained in metadata is rendered unidentifiable prior to being shared,” Plouffe wrote in his report. “The fact that CSE did not properly minimize Canadian identity information contained in certain metadata prior to being shared was contrary to the ministerial directive, and to CSE’s operational policy.”

Defense Minister Sajjan said in a statement that the data sharing in question was the result of “unintentional” errors and didn’t allow for specific Canadian individuals to be identified.

The concern for Canadian metadata began shortly after disclosures made by NSA whistleblower Edward Snowden in 2013.

Plouffe’s predecessor told then-Defense Minister Rob Nicholson that the other countries in a secretive surveillance pact called the Five Eyes Alliance, the US, Canada, the UK, New Zealand, and Australia, might not be sheltering Canadians’ telephone data the way they should.

The CSE has admitted since the Snowden revelations that it sometimes sweeps up domestic data when keeping track of foreign intelligence communications. When any of that information is shared abroad, “these activities may directly affect the security of a Canadian person,” the previous watchdog, Robert Decary, wrote at the time.

Canada’s decision to temporarily stop sharing information comes at a time when the US is scrambling to come up with a new data-sharing arrangement with the European Union before a January 31 deadline. Europe’s top court decided in October that European privacy isn’t sufficiently respected by the American government or its spying agencies.

The Intercept:

 

« Reduce Risk With Threat Intelligence
US Military Are Doubling Down On Robot Wars »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Organization for Security and Co-operation in Europe (OSCE)

Organization for Security and Co-operation in Europe (OSCE)

OSCE is the world's largest security-oriented intergovernmental organization. Areas of activity include Cyber/ICT security.

Materna Virtual Solution

Materna Virtual Solution

Materna Virtual Solution security solutions enable user-friendly, secure mobile working environments.

Silicom Denmark

Silicom Denmark

Silicom Denmark is a premier developer and supplier of FPGA-based interface cards for cyber-security, telecommss, financial trading and other sectors.

Kroll

Kroll

Kroll provides clients a way to build, protect and maximize value through our differentiated financial and risk advisory and intelligence.

Prevalent

Prevalent

Prevalent takes the pain out of third-party risk management. Companies use our services to eliminate the security and compliance exposures that come from working with vendors and suppliers.

Silverfort

Silverfort

Silverfort introduces the first security platform enabling adaptive authentication and identity theft prevention for sensitive user, device and resource throughout the entire organization.

CyberGuarded

CyberGuarded

CyberGuarded are an accredited vendor independent information security testing and auditing company.

SteelCloud

SteelCloud

SteelCloud has spent the last decade inventing technology to automate policy compliance, configuration control, and Cloud security.

CyberArts

CyberArts

CyberArts is founded on the belief that every single organization deserves and requires the creme de la creme when there is a need for Cyber services.

Stage2Data

Stage2Data

Stage2Data is one of Canada’s most trusted cloud solution providers offering hosted Backup and Disaster Recovery Services.

Cyber Lockout

Cyber Lockout

Comprehensive ransomware insurance and preventative cybersecurity technology solution, working together to help protect businesses 24/7/365.

GrayMatter

GrayMatter

GrayMatter provides Advanced Industrial Analytics, OT Cybersecurity, Digital Transformation and Automation & Control services to clients across the U.S. and Canada.

AdvIntel

AdvIntel

AdvIntel is a next-generation threat prevention and loss prevention company launched by a team of certified investigators, reverse engineers, and security experts.

Computacenter

Computacenter

Computacenter is a leading independent technology partner, trusted by large corporate and public sector organisations. We help our customers to source, transform and manage their IT infrastructure.

SecureChain AI

SecureChain AI

SecureChain are combining blockchain and AI technology to create a smarter blockchain platform especially in terms of security.

Francisco Partners

Francisco Partners

Francisco Partners provide capital, expertise, and support for growth-aspiring technology companies.