A leaked document indicating that Canadian government hackers use data stolen by foreign agencies, such as those run by the Chinese government, prompted significant criticism. The document is a memo circulated among the Five Eyes, a network of English-speaking intelligence agencies. Though the document does not name the hackers whose data were stolen, it made it clear that they had ties to the Chinese government, and were spying on human rights defenders and Uyghur activists in the country.
Citizen Lab Director Ron Deibert said that the leak “may explain why we received a cold shoulder around our work in Ottawa.” Citizen Lab has emphasized to the Canadian government the need to do more to protect dissidents that are the subject of espionage worldwide.
Other targets named in the document are members of the Indian navy, as well as Central Asian Diplomats. Deibert added that this tendency to “ride shotgun” on foreign spying makes criticisms of Chinese spying practices, such as those made by the Canadian government, ring hollow. He explained that the government could have notified the victims of the spying campaigns in order to bring them to an end, but instead stayed silent and mined the information. In light of this memo leak and other events, Deibert concluded that civil society is at increasing risk of becoming collateral damage in cyberespionage campaigns between states.
Read the full article here.
Ron Deibert also weighed in on the release of a report by the Office of the Privacy Commissioner of Canada, entitled “Privacy and Cyber Security – Emphasizing privacy protection in cyber security activities.” The report outlines challenges with data protection, including the growing sophistication of cybercrimes, and increased complexity associated with providing cyberspace security. A significant portion of the report is devoted to domestic and foreign policy on cybersecurity. Deibert argued that public safety concerns have overshadowed privacy issues, a process which he calls the “securitization” of cyberspace.
The danger he says, is in the discourse becoming solely focused on national security and disregarding all other concerns in the process. To avoid this, he proposes a stewardship model in which all stakeholders are involved in determining the evolution of cyberspace, rather than the model that cyberspace belongs to governments or security agencies, which will mould it how they wish as a result.
Read the full report and the recommendations it offers, here.