Quantcast

Canadian Spy Agency Tracked your Smartphone Data via Airport Wi-Fi [Report]

More information has surfaced from documents leaked by whistleblower Edward Snowden which affects Canadians.

Just days after allegations Canadian spy agency Communications Security Establishment Canada (CSEC) helped US and British intelligence track user data via apps such as Angry BirdsCBC News reports the latest leaked info says the covert agency tracked user data from travellers at airports in Canada via free Wi-Fi over a two-week period:

The latest Snowden document indicates the spy service was provided with information captured from unsuspecting travellers’ wireless devices by the airport’s free Wi-Fi system over a two-week period.

Experts say that probably included many Canadians whose smartphone and laptop signals were intercepted without their knowledge as they passed through the terminal.

The document shows the federal intelligence agency was then able to track the travellers for a week or more as they — and their wireless devices — showed up in other Wi-Fi “hot spots” in cities across Canada and even at U.S. airports.

The leaked document, a 27-page CSEC Powerpoint presentation detailing its airport tracking operation, revealed the tracking operation was a trial test of a new software program CSEC was creating with help from its American counterpart, the National Security Agency (NSA).

The software was deemed by CSEC as “game-changing” due to its new technology and specifically mentions it could be used to infiltrate “any target that makes occasional forays into other cities/regions.”

Sources told CBC News these powerful technologies since tested on Canadians back in 2012 are now fully operational.

CSEC told CBC News in a written statement they are “mandated to collect foreign signals intelligence to protect Canada and Canadians. And in order to fulfill that key foreign intelligence role for the country, CSEC is legally authorized to collect and analyze metadata.” The organization emphasized “No Canadian communications were (or are) targeted, collected or used.”

CSEC said “no Canadian or foreign travellers’ movements were ‘tracked,’” but omitted an explanation why tracked was put in quotation marks.

Ontario’s privacy commissioner Ann Cavoukian said she was “blown away” after hearing the revelations:

“It is really unbelievable that CSEC would engage in that kind of surveillance of Canadians. Of us.

“I mean that could have been me at the airport walking around… This resembles the activities of a totalitarian state, not a free and open society.”

A spokesperson for the Vancouver Airport Authority, which manages its own free Wi-Fi network, denied it had provided passenger info to CSEC or any other intelligence agency.

Pearson International Airport in Toronto, which has its wireless network managed by US-based Boingo, told the CBC News “To the best of our knowledge, [Boingo] has not provided any information about any of our users to the Canadian government, law enforcement or intelligence agencies.”

Despite the massive U.S. NSA metadata collection leaked by Snowden, it appears Canadians could also have been tracked without our knowing by Federal agencies; Cavoukian mentions Canadians should demand answers from the Federal Government in regards to the allegations.

Founder and Editor-in-Chief of iPhoneinCanada.ca. Follow me on Twitter, and @iPhoneinCanada, and on Google+.

  • It’s Pete

    Let them track my data, got noting to hide. In an airport, I’ll gladly give up my privacy to help make sure my plane doesn’t explode while I’m in it. Besides, has anyone ever tried airport wifi, slow as sh@t anyway.

  • crosseyed_mofo

    oh no they saw how much i spent on donuts in tapped out :(

  • http://www.iphoneincanada.ca/ Gary

    Busted!

  • http://www.iphoneincanada.ca/ Gary

    True. Purposely slow speeds to make you stay connected longer! #conspiracy

  • Al

    “… tracked user data…”
    That’s a little misleading. They tracked user location.

    The so-called “experts” claimed that that included numbers of people you may have communicated with, but that was just as vague as their speculative assumptions of what metadata actually meant and what else they “assumed” might potentially be collected.

    Having said that, I don’t like that they can track us, for no other reason than it’s creepy. But the reality is, none of us are that important. Seriously, does everyone think there is some government spy watching them? “Ok… I got John Smith in the West end of the terminal… Uh-oh… He’s now going to a Starbucks. Stay alert everyone!”

    The bad guys will find out about this and just turn off their phones at airports. It just seems a bit silly.

  • iFone

    You took the words from my mouth.

  • http://www.iphoneincanada.ca/ Gary

    Your location is considered part of your data, no? If you’re using compromised Wi-Fi, any website or transmission will be out in the open.

  • http://www.ryantoyota.com/ Ryan

    I wouldn’t personally consider my location part of my data. I would consider my data to be private information I have stored on my phone. I’m sure my location is already being tracked at airports via security cameras, so for them to all of a sudden be able to confirm it by detecting my phone on their network, I don’t see how that’s a big deal. What would be a big deal is if they were reading my emails, scanning my contacts or somehow embedding code into my device that sends information back to them at that time or at a later date. That’s what I would tend to consider “tracking user data” but I can see how it could be interpreted either way.

  • Al

    “Your data” implies the information stored on your phone.

    Your location is not part of “your” data. It could be considered a piece of data for someone who is using your location to create a dataset of information on your locations. But that is “their data” that they have created based on where you are.

  • reformcanada

    The problem is that now we live in a society where people are willing to sacrifice their liberties for a false sense of security. To those that try to downplay this and resort to how businesses collect data on customers, that is true, but the customer CHOSE to give up that information.