Research Workshop Summary
A Research Workshop of the Big Data Surveillance partnership project funded by the Social Sciences and Humanities Research Council of Canada
Held on October 19-20, 2017 at the University of Ottawa
Key Points:
“Everything has changed”
Big data practices are changing national security intelligence in Canada. With Web 2.0, and increasing visual data, the Canadian Security Establishment (CSE) is “awash in an ocean of data.” CSE is making a wholesale shift to big data, a “New Analytic Model” (NAM), from a targeted, causal logic, to a bulk, correlational logic. How intelligence is derived from the data is unclear.
Read More
Big Data is not a myth
Security at every level from national intelligence agencies to policing are transitioning to increased collection of larger amounts of data and the use of algorithmic analytic tools.
Read More
Resistance
Civil Society groups have played a huge role alongside privacy commissions in framing and advancing the debate even in the climate of secrecy in Canada.
Read More
Regulation, Bill C59 and Beyond
Law is still catching up with the transition from an analogue to digital world; legally it does not translate. We need to understand how to regulate information systems which includes updating legislation. We need to work with computer experts to develop new dynamic systems of regulation.
Read More
A Fundamental Problem
“We are still peering into the dark” and “we don’t know enough” when dealing with Big Data, especially when it comes to national security and intelligence. Secrecy remains the default, even when unnecessary.
Read More
What we need
1. Transparency
2. Democratic legitimacy
3. Accountability
4. Proportionality
5. Protections
Canadians need to know whether their lives and communications are subject to mass surveillance, where and by whom. Active transparency is a start: a recent public opinion survey showed that only 3% of Canadians even knew about CSE. However, transparency is not enough. The onus is on Canadian intelligence services to reassure that they act legally, constitutionally and in the public interest.
Read More
The Canadian Security Establishment (CSE)
CSE has made strides since the 1970s and especially post-9/11, boosted by cell phones, the internet and a shift to anti-terrorism. Staff grew from 600 to 2,200 with a current budget around $600M per annum.
Post 9/11, sharing with Five Eyes moved from “need to know” to “need to share”. The interception network and capabilities also expanded. Based on NSA network mapping in the USA, we can assume that CSE works with telecoms partners, Bell, Rogers, Telus, Shaw, Videotron, Cogeco, and Allstream, and has interception points in all major Canadian cities, meaning that “boomerang routing” where data leaves Canada to go via the USA, is not necessary (although it still occurs in practice). This is “normal data collection” and “routine activity” according to John Foster, CSE chief.
Terrorism is the key target, but cybersecurity is a growing domain. Proposed new powers, in Bill C59:
- Active cyber operations
- A broader cyberdefence role
- Human Intelligence (HUMINT) support to Signals Intelligence (SIGINT)
The Snowden documents revealed CASCADE (including EONBLUE, INDUCTION, THIRD-EYE, CRUCIBLE programs. In 2014, a CBC report showed that CSE was tracking Canadians through airport and other public WIFI. This involved tracking individual user IDs across multiple sites, not just IP addresses, as part of the new impulse to collect all data possible. So new kinds of permissions and protections are required.
New staff has been hired at CSE to deal with social media and big data, plus partnerships bringing in external specialists in advanced analytical research, through the Tutte Institute, focused on data mining. Tutte fellows have access to CSE datasets, receive CSE briefings, and produce knowledge for the agency. It is connected to the University of Calgary, Carleton University, and has partnerships with equivalent centres in the USA and the UK.
This cultural change at CSE means a loss and gain of certain skill sets, but they do not include legal or humanities scholars. CSE is turning to gamification and gaming metaphors, reflecting both industry big data practices and also recruitment and retention issues (for a new generation).
To assess the new role and activities of CSE, we need proof that CSE avoids collecting information on Canadians, and evidence that the systems work, including the idea that evidence can “pop up” out of data. If CSE has a valuable role to play, it needs to operate democratically.
CSIS, Counter-terrorism, Policing
Again, in the Human Intelligence (HUMINT) area, counter-terrorism and security policing, huge changes have occurred since 9/11 especially towards Big Data tools and techniques.
Intelligence-led policing is today’s model, giving way to “predictive policing.” Most forms of smart policing work with large datasets, though not necessarily “big data.” The aim is prediction, through a methodical analytical process, with defendable solutions. Much previous research has claimed that the ability of police services to take advantage of “big data” for engaging in predictive policing is uneven (Bennett Moses and Chan 2016). While there are growing claims – in the media and by police services- about predictive police, to date there are very few empirical studies available. Brayne (2017) provides one of the first analyses of how the LAPD used big data technologies in their surveillance activities, to show how the use of these technologies both amplifies prior surveillant techniques, while also transforming previous activities from reactive to proactive and predictive.
Canadian policing research recognizes how big data initiatives are hampered by a series of technological, occupational and organizational factors, such as: fragmented databases and information silos which require manual data manipulation. Uneven professionalization of crime and intelligence analysis, which has led to a field with varied levels of user competencies and capacities (“well I just hit the button, and it did the analysis for me”). A lack of clear organizational guidelines and policies that govern data and open source analytics. And, an organizational emphasis on tactical (i.e., short term) vs. strategic (long-term) analysis for “theatrical” big scores, rather than careful long-term analytics. Together, these challenges problematize claims concerning the integration of big data in contemporary policing and raise serious socio-political concerns regarding democratic policing.
Success stories in anti-terrorism analytics are all based on attack-prone places like Baghdad or Afghan provinces, that have little to do with the Canadian domestic environment. In Canada attacks are extremely rare and their small numbers are insufficient to create individual or geographical profiles or to identify “pre-terrorist” behaviours which might be useful in prevention. Terrorism in Canada consists in a series of entirely unique cases with no consistency in the motives, methods, organization, networks, group and individual competence or psycho-social profile.
Other problems include
• systemic biases: the massive data being collected is already biased against certain populations that have been under more scrutiny, for a longer time
• the search for “Osama Bin Laden:” much counterterrorism continues to rest on the now outdated “mastermind” model, with central authorities and sizable hierarchical operational networks. Yet most of today’s terrorists are lone wolves or microscopic proximity networks that prepare botched attacks in extremely short periods of time
• False positives: predicting rare events remains difficult, with or without big data. Given a near divine system with 99% predictive accuracy, the remaining 1% mistaken predictions will generate thousands of false leads for police organizations.
Yet belief in big data anti-terrorism persists. Firstly, national security policing or “high policing” is “absorbent,” meaning that it is by nature dependent on continuous and unhindered data gathering; secondly, the digitization of everyday life is accelerating the rate at which new data becomes accessible; thirdly, political and economic factors such as powerful industrial interests are heavily involved in the development and in the marketing of big data analytics in general; finally, police organizations are arguing that data access and data analytics are the only solution to their rapidly evolving “operational environment,” especially with the increasing fear of progressively “going dark,” with the spread of encryption technologies. As the RCMP now former boss, Bob Paulson, had argued, the force needs warrantless access to ISP user data, and will soon be incapable of policing without it.
Information about CSIS is mainly lacking. CSIS does, as suspected, use bulk datasets to detect patterns and to profile. SIRC reports reveal the manipulation of legal norms and regulations allowing CSIS to break the law “legally.” It conducts collection under other names. SIRC found “no evidence that CSIS had appropriately considered the threshold” for legal acceptability, a failure suggesting a “contempt for the legal standard.” SIRC notes that “a clear connection must be established first”, “proportionality” is needed, and that CSIS must “provide objective assessment to intelligence of value.” Yet bulk data collection continues unabated in an unprecedented grey area.
In most areas of security, there is no limit to how much data agencies can accumulate or how long they data are kept. It is also unclear whether analytics can work in the context of peaceful democracy. However, agencies watch other activities – subversion, dissent, and political protest - under the pretext of watching terrorists.
Canada lags others in integration. US-style fusion centres hardly exist and agencies work outside the system, not sharing information between, e.g. CSIS and police. Government tech handling and procurement is seriously incompetent. Within the police, crime and intelligence analysts are divided, frequently failing to communicate with local police, despite stated policy aims. Thus “culture eats policy for lunch.”
Resistance
Civil Society groups have played a significant role in framing and advancing the debate even in the climate of secrecy in Canada. This is especially evident in the anti-Bill C51 campaign which created a public response unlike any before. It was a truly grassroots movement that included many people who had been uninvolved in activism before, who came together through a new kind of connective action that linked online and traditional activist/citizen spaces and activities. The Snowden revelations were also a game changer, generating support, making it more socially acceptable to talk about state surveillance and, creating a bridge from privacy advocacy to other concerns, like democracy, policing, and online free speech.
The tools that activists campaign against mean that government is always one step ahead, but activism matters. It’s an essential way to tell our elected representatives what we as a society will – and will not – accept. However, activist voices are only one part of the equation. Democracy works when government listens. The anti-Bill C-51 campaign is just one episode in an ongoing struggle. Ongoing advocacy work – such as the BCCLA”s 2013 lawsuit against Bill C59, the ICAMS coalition and class actions against invasive technologies – and our individual use of new technical tools such as encryption and Tor are essential points of resistance to ensure that citizen concerns about excessive surveillance remain on the government radar.
Regulation, Bill C59 and Beyond
There are many ways to protect privacy and other rights. Scepticism surrounds existing models of privacy protection from the corporate sector. So-called “Notice privacy policy,” accepted by Canadian courts, does not protect. If people don’t know what is going on, then how can they be protected? It is impossible for people to read privacy policies, understand them and genuinely consent because of overwhelming information surfeits, and information deficits for genuine decisions. Users also want the services, regardless.
Where there are government regulators, these “data protection” or “privacy commissioners” have not yet generally publically engaged with big data, however there appears to be growing awareness of significance of big data among prominent DPAs. Canada is lucky to have a relatively well-informed Privacy Commission at national level, and also engaged (Information and) Privacy Commissioners in several provinces.
Canada has been lucky to have senior Justices such as Noelle and Moseley, a few investigative journalists that do good work in this area, and some parliamentarians, but these are not formal systems of accountability that can be relied on in the long term.
Is it possible to have a system of both access and accountability? Should we think about not just privacy but practical obscurity? How do we restrain authority? How do we assess efficacy and establish tests and thresholds for when something works? Need data ethics, not just privacy. Differential privacy is no longer adequate; we need to respond in a dynamic way.
In terms of formal law, Canada must end the use of secret law: secret law is by definition unaccountable and undemocratic. The requirement to have a warrant in advance of intrusive surveillance is foundational, but is already not being followed in practice. However, such legal principals and economic impacts are not being tied to human rights.
In general, in considering formal law, there are two sets of issues in this area: privacy issues and rule of law issues.
Privacy rights come though the Charter, Section 8, but are qualified expectations. In the right circumstances, the state is free to probe into life of citizens. Only unreasonable search and seizure is prevented and only where there is a reasonable expectation of privacy. One problem is that this does not account for changes in technology, which relate to changed understandings of what a reasonable expectation.
A general rule is you need pre-authorization – usually a judicial warrant for such activities. This however cannot accommodate specificity, incidental collection, where it is not possible to anticipate in advance, and this needs a separate and distinct process of vetting.
The law already has loopholes that allow CSE to impact significantly on Canadian privacy, and there are undoubtedly chilling effects on dissenting views when you have a mass surveillance regime in place. While CSE has been limited in targeting Canadians, CSE’s associations with NSA, GCHQ, and other Five Eyes network members, sharing metadata, etc. means this can be bypassed already. There is a “playbook”, and pressure for CSE to keep up to speed with its international partners.
There are many human rights implications, even with existing exceptions. Even if surveillance is not directed at Canadians, even if we could shield Canadians, that doesn’t make everything OK. There are concerns about the security and stability of the network itself when global infrastructure is not neatly bound to Canadians.
Bill C59 carries out what is a global trend in legitimizing most of what intelligence services were already doing, legally or not.
C59 also adds several additional exceptions that allow CSE to conduct unwarranted surveillance (“lawful access”). The first in 24-1, is to explicitly allow gathering of publicly available information on Canadians, but the language is very permissive and requires no technical assistance or expert information to decision-makers. Secondly, gathering “infrastructure information” (name, address, etc. with no restrictions if related to Canadian infrastructure). This is envisaged as useful for tracking Virtual Personal Networks. Third, “probing” of products, to discover new capabilities, with no obligation for CSE to expose these vulnerabilities for the general security.
C59’s proposed accountability structures (three standing committees, 1 vetting body) are very much dependent on membership – who will on these committees. Commissioner appointment is vital.
C-59:
1. Fixing access to information legislation, some sort of mandatory disclosure to some organization in government, accounting that is going on
2. Defining what a public database is- baseline lack of clarity in public legislation
3. Very vague legislation
4. CSIS has more impact on lives, and yet less is known about it.
5. Metadata definition and protections on metadata are non-existent in C59, except where they breach law.
6. Adding individual words (“only”- allowed to collect Canadian information) would add a lot to C59 but adding “only” won’t do the entire job.
7. It is vital to think about protections for non-Canadians too.
Technical Challenges
The rise of Artificial Intelligence (AI) represents one of the most significant challenges. Even 5 years from now, it will not be humans, but machines programming machines, even in 5 years from now. Suggested solutions have included things like algorithmic transparency. As an analogy to conventional forms of transparency, this sounds like a good idea, however not even computer scientists understand what it might mean in practice. Big Data analytics generally still works on predictable patterns based on past behaviours and / or connections. This means it doesn’t anticipate genuine lone wolf attacks, and there are questions as to whether it ever could. Re-identification is a huge problem. Metadata flows freely between Five Eyes nations (USA, UK, Canada, Australia and New Zealand) and beyond. Partners ask others in the intelligence alliance to do the work that bypasses their own domestic laws and collect, analyse and even re-identify de-identified information.
Steps Forward
Big Data practices are moving beyond dystopian scenarios to genuinely frightening present day issues. Issues around discrimination and effects on vulnerable groups, indigenous, racialized etc. are being ignored and we need to dial back algorithmic surveillance and sorting processes before creating something worse.
Parliamentarians need to understand: they need big data experts to inform them, but not (just) the usual suspects and boosters from industry. They need critical scholars, technology journalists and activists.
Membership of oversight bodies is crucial and needs to be more open.
There is a need to close the gap between civil society and the government. Civil society representation is not taken seriously compared to industry or academics.
There is a declining trust in institutions that we depend upon and the agencies essential to this. The onus is on them to regain public trust by being more opening transparent and accountable.
This is not just about privacy, but justice and human rights to security and democratic participation. We need safeguards against human rights implications beyond bodily harm (moving from habeas corpus to “habeas data”), rights-protective technologies such as anonymity tools and effective encryption. Promoting these in the interest of the public’s security should be seen as part of the job of security intelligence not as a threat to their work.
We recommend a 4-part test of any judicially-sanctioned intrusion or breach of rights covering: necessity; proportionality; minimality; and effectiveness.
We need to address the incentives for secret collaboration, retroactive legalization and so on, in Canada’s international relationships. Controlling surveillance in the big data age is a Human Security issue. Canada created the concept of Human Security. We should reclaim it and promote it in this new context.