‘Serious concerns’ over proposed Canadian snooping legislation – report
Canadian researchers have raised serious concerns after studying proposed legislation that will extend the powers of the country’s clandestine Communications Security Establishment.
The authority, known also as the ‘CSE’ or simply ‘The Establishment’, is Canada’s national signals intelligence and cybersecurity agency. The proposed new legislation - Bill C-59 - seeks to significantly expand its powers.
However, researchers from the University of Toronto’s Citizen Lab have taken umbrage with this, claiming in a report released Monday that the CSE will be limited “only by their imagination” when devising cyberattacks and espionage campaigns.
Researchers pointed to a plethora of issues with the innocuously titled Bill C-59, among them that the CSE will be able to launch cyberattacks and select its targets without any “meaningful oversight.”
There are “longstanding problems with the CSE’s foreign intelligence operations, which are predicated on ambiguous and secretive legal interpretations that legitimize bulk collection and mass surveillance activities,” according to the Citizen Lab.
The report goes on to state that the absence of meaningful safeguards has the potential for the CSE’s actions to “seriously threaten secure communications tools, public safety, and global security.” The agency’s acquisition of malware, spyware and hacking tools “may legitimize a market predicated on undermining and subverting, rather than strengthening, the security of the global information infrastructure,” it adds.
If passed, Bill C-59 will for the first time grant the CSE the power to conduct cyberattacks against foreign states and people, but researchers are also concerned that the agency’s newfound mandate will see it turn on Canadians themselves.
“Extraordinary exceptions to the CSE’s general rule against ‘directing’ activities at Canadians and persons in Canada significantly expand the CSE’s ability to use its expansive powers domestically,” the report states.
#Germany's cyber security agency seeks power to ‘hack back’ in case of attack https://t.co/44ZEFnGmOspic.twitter.com/YjpqHA88Rg
— RT (@RT_com) November 22, 2017
Perhaps most alarmingly the team also claims that in its current form the bill appears to include a loophole which would allow The Establishment to cause death or bodily harm, and to interfere with the “course of justice or democracy.”
The controversial bill is still before the House of Commons’ National Security Committee, and its review will recommence early next year.
