WASHINGTON—Think there’s a Canadian border between you and the U.S. government when it comes to online surveillance?

Think again, Canada. All your digital fingerprints are every bit as exposed to the watchful eyes of Big American Brother as those of our stateside neighbours — and even more vulnerable, according to one of Canada’s leading cyber-researchers.

At least 90 per cent of Canada’s digital activity, from Facebook to Foursquare to basic email and beyond, is routed through exchange points in the United States, says Ronald Deibert, director of University of Toronto’s Citizen Lab.

The borderless nature of North America’s online architecture means the vast majority of Canadian metadata is filtered into the same U.S. National Security Agency surveillance systems exposed in blockbuster stories this week by The Guardian and The Washington Post.

“There is no border. The way telecommunication traffic is routed in North America, the fact of the matter is about 90 per cent of Canadian traffic — no one really knows the exact number — is routed through the United States,” Deibert told the Toronto Star.

“Internet exchange points are critical — this is where traffic is passed between companies — and we have only two Internet exchange points in Canada . . . As a consequence, even an email sent within the city of Toronto most likely would transit to Chicago before being routed back to Toronto.”

Along the way, your Canadian data is subsumed through “filters and checkpoints, shared with third parties, with law enforcement and of course intelligence agencies that operate in the shadows,” he said.

Those filters include the NSA’s previously undisclosed PRISM program, which operates with direct access to the systems of Google, Facebook, Apple and other U.S. Internet giants, according to top-secret documents obtained and published by The Guardian.

The major companies named in the document all denied or downplayed involvement in PRISM, saying customer data is not provided to the U.S. government without legally binding court orders.

President Barack Obama also moved to tamp down public concerns, calling the uproar “hype” and stressing that the surveillance programs do not target U.S. citizens. Obama acknowledged “modest encroachment’s on privacy” but added, “You can’t have 100 per cent security and then have 100 per cent privacy.”

But Obama’s assurances do not extend to Canadians, Deibert said, because they simply hold the wrong passports.

“Let’s not forget, Canadians are ‘foreign citizens’ by the American definition. So we’re fair game when it comes to eavesdropping, should they want to do so,” he said.

Deibert, also director of the Canada Centre for Global Security Studies, lays his concerns bare in his new book Black Code: Inside the Battle for Cyberspace. And for all his criticisms of the secretive American National Security Agency, he is even more concerned about its counterpart in Ottawa, the rapidly expanding Communications Security Establishment Canada (CSEC).

Formerly a branch of Canada’s Department of Defence, CSEC now stands as its own federal agency, replete with a new $900-million headquarters under construction next door to CSIS, Canada’s intelligence agency.

“Oversight of CSEC is really thin, compared to even the oversight that takes place at the (U.S.) National Security Agency,” Deibert said. “There’s one retired judge with staff that issue an annual review — and in all the years they’ve been doing reviews, they’ve never once found a single problem with CSEC.”

But the NSA and CSEC have a “long-standing historical relationship,” said Deibert, and operate today as “essentially twinned agencies.”

The two agencies belong to what is widely known in national security circles as the “Five Eyes” — the U.S., U.K., Australia, New Zealand and Canada — all of which, said Deibert, function in “conjunction and co-ordination with the National Security Agency.”

Some speculate that Five Eyes was created with the very purpose of evading domestic laws that prohibit the agencies from collecting communications on their own citizens.

That tight relationship was recently strained with the case of Canadian naval intelligence officer Sub-Lt. Jeffrey Delisle, who was convicted last year of selling Canadian intelligence secrets to Russia.

the Toronto Star contacted CSEC for comment Friday about its own metadata collection program, but received a boilerplate statement stressing that the agency is “prohibited by law from directing its activities at Canadians anywhere in the world or at any person in Canada” and “operates within all Canadian laws.”

“The Communications Security Establishment Canada (CSEC) cannot comment on its methods, operations and capabilities. To do so would undermine CSEC’s ability to carry out its mandate. It would also be inappropriate to comment on the activities or capabilities of our allies,” the statement said.

But Deibert argues that is simply not good enough, in light of this week’s revelations. “Canadians should know that we live in a borderless environment when it comes to North America,” he said.

The latest news about the NSA, Deibert says, will ultimately shine a much more intense light on how the Canadian agency interacts with Canada’s major service provides, from RIM to Rogers to Bell and beyond.

Loading... Loading... Loading... Loading... Loading... Loading...

“The budget for CSEC has doubled since 9/11. And this has come at a time when the Canadian government is cutting back agencies,” he said.

“The key thing here is, Canadians should demand greater accountability. To be absolutely clear, we need defence and intelligence agencies . . . It’s not a question of that. It’s a question of basic checks and balances in a liberal democracy. It’s a question of preventing the abuse and concentration of power.

“And we’re losing sight of that in the headlong rush to secure cyberspace.”

Read more about: