However, a thorn has appeared in the almighty global spying system's side — and it's one of their own. Canada has dropped out of sharing its top secret spy data with the other Five Eyes members — including the US — after senior government officials revealed that the NSA had access to information containing Canadians' personal details.
Five Eyes: it was fun while it lasted! https://t.co/3xUTtRFN9H
— John Schindler (@20committee) January 28, 2016
Canada's decision to back out was made after the discovery that the Communications Security Establishment (CSE) — the NSA's Canadian doppelganger — hadn't done a very good job at protecting Canadian citizens' metadata, before sending it to its friends. Metadata is the information that describes other data — be it an email address or telephone number — but does not contain the content of that email or a recording of that phone call.
The Snowden leaks also made it clear that the Five Eyes collaboration allows countries to avoid certain restrictions on domestic surveillance by delegating to other "friendly" electronic spy outfits. Snowden also exposed the fact that the CSE shares certain tactics with the NSA — yet spying on the public remains illegal in Canada.
Surprisingly enough, the discovery of CSE's wrongdoings was made by its own commissioner, Jean Pierre Plouffe, and disclosed in his annual report, tabled in Canada's House of Commons Thursday.
"The fact that CSE did not properly minimize Canadian identity information contained in certain metadata prior to being shared was contrary to the ministerial directive, and to CSE's operational policy," Plouffe said.
Plouffe's report also mentions that the ministerial directives fail to explain the key aspects of how CSE collects, uses and shares metadata. Basically, there is no guidance on how Canada's intelligence agency should go about handling its metadata activities.
Canada's Defense Minister Harjit Sajjan, in a statement, reassured the public that the "metadata in question… did not contain names or enough information on its own to identify individuals."
Canada halts sharing #intelligence after #privacy breach – @HarjitSajjan https://t.co/bjD2rsi2tM pic.twitter.com/ZJ97qczsaH
— Sputnik (@SputnikInt) January 29, 2016
Sajjan also told the media that the sharing wouldn't be resumed until proper protections were in place.
"We want to make sure that software updates actually do what they're supposed to do. And that's why we have stopped that portion of metadata sharing. It's very important that…we do protect the privacy of Canadians.
"CSE will not resume sharing this information with our partners until I am fully satisfied the effective systems and measures are in place," said Sajjan.
However, the Five Eyes coalition reacted in a rather surprising way when it learnt of Canada's decision to halt information sharing until further notice. According to Sajjan, its allies were not at all upset about losing one of its "eyes".
"Our allies are actually very supportive of the work that CSE does on a daily basis. They also value the same type of protection as we do, and that's why this agreement, this very important agreement within our Five Eyes community is in place."
However, they may also want to take a note from Canada's book. It is encouraging to see the CSE acknowledge its own mistake and halt all operations for the sake of their citizens' privacy. Yet, it remains unclear how much information on its own citizens the Canadian government has gathered and sent to what will for now be known as the "Four Eyes".