Canada's electronic spy agency snooped on travelers who used free airport Wi-Fi—and tracked them long after they left, according to newly released files provided by former NSA contractor Edward Snowden.
And while our northern neighbors squabble over the legality of Communications Security Establishment Canada's data-collection program, it could have bigger ramifications in the U.S. The Snowden document shows the tracking was launched with the help of the National Security Agency, part of a trial run for a new software program. CBC reports the technology has become fully operational since the 2012 test.
Experts say the spying is illegal under Canadian law, which prohibits spy agencies from targeting Canadian citizens—or anyone in Canada—without a warrant. CSEC denied it collected content from people's phones, but defended its tracing of metadata—which can be used to track location and see all incoming and outgoing calls.
After the agency picked up Wi-Fi devices at the as-yet-unidentified Canadian airport, it was able to track them for more than a week as they popped up at other Wi-Fi locations in Canada and at U.S. airports. Canadian cybersecurity expert Ronald Deibert told CBC the agency would have had no trouble identifying individuals based on the metadata it obtained.
The Snowden document indicated the Wi-Fi data was obtained through a "special source"—both the Toronto and Vancouver airports denied providing that information. Airport Wi-Fi provider Boingo also said it was not involved.
Not only was the NSA involved in the Canadian trial run—CSEC called the technology "game-changing"—but experts say the Canadians also planned to share the technology and the intelligence it produced with the U.S., Britain, New Zealand, and Australia. It's unclear if the program has been deployed elsewhere.
Thanks to the TSA, Americans are used to privacy violations when they head to the airport. But it's no sure bet the intrusions have ended once you get through the body scanner.