The matter of mining metadata
At what point does my search for Malcolm Tucker quotes become a matter of national interest?
Article: Farron Ager – Op-ed Editor
In a recently breaking story, American spy contractor turned whistle-blower Edward Snowden revealed that the Communications Security Establishment of Canada (CSEC) used information from the free Internet service at a major Canadian airport to track the wireless devices of airline passengers, even for days after they left the terminal.
At this point, CSEC is doing massive damage control, saying that what was actually going on understanding airport Wi-Fi systems. The agency claims that they were collecting metadata, instead of the actual content of the messages. John Forster, chief of CSEC is going all out in attempt to stopple this leak. He has also gone on record saying that the data wasn’t collected in real-time nor was the collection an actual operation (i.e. actually tracking a person in real time). To top it all off, Forster even goes so far as to say that “[data collection] also helps us to make sure that we are not targeting Canadian private communications.”
Basically, what CSEC is saying is that it wasn’t their intention to collect metadata of Canadians in the airport for the purposes of spying, but rather to “build an analytical model of typical patterns of network activity around a public access mode.” They were trying to find a way to determine communication patterns in places as public as an airport. I would assume then that this model would then be used in the future against foreign ne’er-do-wells.
But let’s consider what metadata is. CSEC is forbidden by law to target the private communications of Canadians without a judicial warrant. That part is cut and dried. However, metadata works slightly differently in that it’s information about information and, therefore, is actually not considered private information. And yet, you can still find out a lot of things through metadata. Going down the list, with metadata, I can find out your location and telephone numbers of phone calls you make and receive, when you made those calls, as well as information about things you send, say an mp3 or jpeg from your phone.
With metadata, I can easily find out that you sent a file roughly the size of photograph to your ex at three in the morning on a Saturday while you were at a bar, only after calling no less than nine times before and five times after. Your ex answered once and then proceeded to not answer the following thirteen calls afterwards. It was only after listening to Your Cheatin’ Heart by Hank Williams six times that you visited a dating website for eighteen and a half minutes. I might not know what you actually said or what you texted, but I’ve got a pretty good idea.
The one point I do need to iterate though is that, regarding this particular issue, CSEC has not broken the law. I wouldn’t even say they were bending the rules. The problem lies in the rules themselves. Even though metadata will not betray you and reveal your message about how much you hate your boss, any person with enough metadata can draw the lines for themselves and come to that conclusion. It is at this point we have a fissure between the Canadian government and its citizens. Is there reasonable amount of information, meta or not, that we should expect to be monitored?
While I wouldn’t say now is the time to start sharpening your knives and Google searching yourself, I think that Canadian citizens should, at the very least, become aware of what their privacy currently entails.