O (No) Canada!: Free Airport Wi-Fi Hacked for Mass Surveillance

A passenger checks his cellphone while boarding a flight in Boston in October. The U.S. Federal Aviation Administration issued new guidelines under which passengers will be able to use electronic devices from the time they board to the time they leave the plane, which will also help electronic spies to keep tabs on them. (Associated Press)

O (No) Canada!: Free Airport Wi-Fi Hacked for Mass Surveillance

Program allowed surveillance agency to bulk collect metadata from all passengers passing through terminals

Canada's most secretive intelligence agency, the Communications Security Establishment Canada (CSEC), used the free wi-fi networks provided at one of the nation's largest airports to obtain the metadata contained in the electronic devices of passengers passing through the terminals which then allowed the agency to "track" the devices going forward.

Those are the explosive revelations that Canadian citizens woke to on Friday, with a new report by CBC News--based on documents leaked to journalists by NSA whistleblower Edward Snowden--showing that the program by the CSEC, which is charged with foreign intelligence and barred from spying on Canadian citizens, was being used to bulk collect the personal digital information of all people using the open and public network.

Described as a "test run," the program was not known to airport officials questioned by the CBC, though the details of the technology were shared with other intelligence agencies from the so-called Five Eyes countries, which includes the U.S., New Zealand, the U.K., and Australia.

CBC reports:

The latest Snowden document indicates the spy service was provided with information captured from unsuspecting travellers' wireless devices by the airport's free Wi-Fi system over a two-week period.

Experts say that probably included many Canadians whose smartphone and laptop signals were intercepted without their knowledge as they passed through the terminal.

The document shows the federal intelligence agency was then able to track the travellers for a week or more as they -- and their wireless devices -- showed up in other Wi-Fi "hot spots" in cities across Canada and even at U.S. airports.

That included people visiting other airports, hotels, coffee shops and restaurants, libraries, ground transportation hubs, and any number of places among the literally thousands with public wireless internet access.

The document shows CSEC had so much data it could even track the travellers back in time through the days leading up to their arrival at the airport, these experts say.

Ann Cavoukian, Ontario's privacy commissioner, responded to the news by telling the CBC she was "blown away" and that it was "unbelievable" the CSEC would perform that kind of surveillance on its own citizens.

"This resembles the activities of a totalitarian state, not a free and open society," she said.

Both legal and technical experts in Canada also expressed shock at the revelations.

"Here we clearly have an agency of the state collecting in an indiscriminate and bulk fashion all of Canadian communications and the oversight mechanism is flimsy at best," said Ronald Deibert, one of Canada's foremost authorities on cyber-security.

He called the program almost certainly "illegal" and said the surprising power of the surveillance program and lack of oversight made it "ripe for potential abuse."

And Cavoukian added: ""This trust-me model that the government is advancing and CSEC is advancing - 'Oh just trust us, we're doing the right thing, don't worry' -- yes, worry! We have very good reason to worry."

______________________________________________

Our work is licensed under Creative Commons (CC BY-NC-ND 3.0). Feel free to republish and share widely.