In North America, the Canadians have long had to play country mouse to the flashier city mouse of the U.S. It's the latter that gets all the attention, while the former sits quietly in a corner.

But recent stories have shown just how big a player the Canadians are becoming—at least in the surveillance realm.

On Monday, a new report was released, based on leaked documents from Edward Snowden, showing that Canadian intelligence agencies—part of the Five Eyes spying conglomerate that includes the US, the UK, Australia and New Zealand—partnered with UK spies to siphon sensitive data from thousands of smartphones by sniffing traffic between applications on the phones and the servers owned by the companies that made the applications. The so-called Badass program is designed to sniff the normal unencrypted communication traffic of certain smartphone apps to glean location information, the unique identifier of the phone and other data that can help spies learn the identity of phone users, among other things. It can also be used to uncover vulnerabilities in a phone to help spies hack it.

Now today, another report by The Intercept, based on Snowden documents, indicates that Canada's Communications Security Establishment spy agency has also been spying on the download streams from popular content-sharing sites for video, photos and music. According to the program, dubbed Levitation, the spies have tapped internet cables to filter and analyzes up to 15 million downloads daily in several countries across Europe, the Middle East, North Africa, and North America.

The program is aimed at identifying individuals or groups who are uploading and downloading content potentially related to terrorism—for example, tutorial videos about making bombs—but in casting a wide net on all content, the spies would also be able to monitor the sharing activity of millions of other users not connected to any terrorist activity.

According to a 2012 PowerPoint presentation, the Communications Security Establishment agency finds about 350 “interesting” downloads each month, a minute fraction (less than 0.0001 percent) of the massive amount of data collected. The agency stores details about downloads and uploads for more than 100 popular file-sharing sites such as RapidShare, SendSpace, and the former MegaUpload of Kim Dotcom.

The spy agency siphons the data directly from tapped internet cables and identifies the unique IP address for each computer that downloads files from the sites. Analysts can then use the IP addresses to search through other surveillance databases—including ones shared with other spy agencies like the NSA—to find matching information and expand their knowledge of the computer/person behind the download, such as other sites they visited. This can also help identify social networking accounts belonging to the person, like Facebook, LinkedIn and Twitter accounts as well as email accounts.

Presumably in both spy operations—the mobile phone and file-sharing operations—the agency's activity is thwarted by traffic that is encrypted. Of course, not all applications or file-sharing sites encrypt the traffic between users and their servers.

The leaked documents cite only two cases where the content-sharing operation uncovered relevant terrorist-related content: a hostage video that was uncovered in connection to a previously unknown target, and an uploaded document that contained the hostage strategy of a terrorist organization. The Intercept reports that the hostage who appears in the cited video was ultimately killed.