Edward Snowden blows the whistle again, spilling the details on how Canada’s main electronic surveillance agency is spying on file-sharing activity occurring in over 100 sites, including Kim Dotcom’s now defunct Megaupload in a bid to root out extremists.
If you are among the millions of file-sharers worldwide, your online activities are being closely monitored by prying eyes. Even though transactions take place discreetly from user to user via HTTP, interested parties such as rights holders, anti-piracy outfits and analytics companies are staking out sites like BitTorrent and other P2P networks on a daily basis, checking out your downloaded files and gathering data. This is especially so due to the public nature of these networks.
Who’s behind the spying this time? A spy agency, headed by the Communications Security Establishment (CSE), the Canadian counterpart of the NSA. Under the project code-named LEVITATION, a document obtained by Snowden was divulged to CBC News revealing that in an effort to seek out extremists, the surveillance agency zooms in on up to 15 million downloads which take place between users across the globe.
The 2012 document releases information on CSE actively monitoring 102 file-sharing platforms namely, Rapidshare, SendSpace, and Megaupload which had been shut down a couple of years ago. Since the Canadian government granted CSE with its own special capabilities, the agency does not even need any cooperation from any of the sites in carrying out the exercise.
An analysis of the document by the controversial online publication, The Intercept, explains how the monitoring activities are being carried out.
“A separate secret CSE operation codenamed ATOMIC BANJO obtains the data directly from internet cables that it has tapped into, and the agency then sifts out the unique IP address of each computer that downloaded files from the targeted websites”.
In other words, the United States’ NSA and British intelligence, GCHQ, provides large amounts of data which is then cross-referenced against the IP addresses collected by CSE. Further searches allow CSE to display a list of other sites visited by users of these file-hosting sites.
What’s even more unnerving is that further connections can then be made with Facebook or Google accounts via Google analytics cookies. This way, CES can potentially discover and link this information to names, addresses and other details of our personal lives.
The LEVITATION document specifically states that the system is equipped to track downloads spanning from Europe, the Middle East, North Africa and North America. Not only that, IP addresses belonging to a web server in Montreal showed up in a list of “suspicious downloads” although legally, CSE isn’t allowed to sniff around the dirty laundry of the people of Canada. Needless to say, file-sharing activity carried out by closely-allied countries such as the U.S., UK, Germany and Spain are also being watched intently by the agency.
In an email statement to CBC, CSE spokesman, Andrew McLaughlin said:
“CSE is clearly mandated to collect foreign signals intelligence to protect Canada and Canadians from a variety of threats to our national security, including terrorism”.
Although evidence shows that the Canadian government is only interested in a small amount users involved in file-sharing outside the country’s borders, knowing that more and more countries are joining this movement can be disconcerting. A word to the wise — always be sure to protect yourselves from unwanted attention and use the internet anonymously. It’s your prerogative!