rcmp – Techdirt (original) (raw)

RCMP All Pissed Off A Private Business Told It To Get A Warrant If It Wanted A Copy Of Parking Lot Camera Footage

from the lol-omg-cry-more dept

Say what you will about the general politeness of Canadians and the genteel nature of their secondhand Britishness, but never forget their cops can be just as petty and vindictive as our cops.

Law enforcement entities everywhere have a massive sense of entitlement. Officers and officials tend to think that people should comply with whatever they say, never question any assertions they make, and give them whatever they ask for without providing the proper paperwork.

The fact is that people aren’t obliged to give cops things they’re only supposed to be able to obtain with warrants. Voluntary consent eliminates this obligation, and that’s fine as long as it’s actual informed consent.

But cops tend to get all shitty when they’re unable to obtain stuff without warrants. Rejected requests for consent are often treated as inherently suspicious. Reluctance to cooperate (without the existence of court orders compelling more) is viewed as obstruction and, sometimes, results in criminal charges (or at least an arrest) even when the person being badgered by cops is completely in the right.

This report of a Canadian bar’s refusal to voluntarily relinquish its parking lot recordings contains plenty of statements from the Royal Canadian Mounted Police and others in the law enforcement field. And every single statement makes it clear Canadian law enforcement believes they’re owed whatever evidence might be available and should never be inconvenienced (even momentarily) by demands officers go get a warrant they could easily obtain within minutes.

A shooting happened outside of the Cactus Club Cafe and the RCMP asked anyone in the area to come forward with any recordings they might have of the area the shooting took place in. The RCMP approached the club and was told it needed to obtain a warrant if it wanted copies of the club’s parking lot footage.

As the owners of the restaurant chain pointed out in its statement to Canada’s Global News, this is standard operating procedure for the company.

“The process of requesting a production order before releasing surveillance footage is a standard practice put in place across all of our locations. This protects privacy and ensures we’re following the law.”

Which is, of course, the way it should be. The company should comply with court orders but it should not feel obligated to hand over footage obtained by its cameras without one.

Everyone else — including the national association representing bars and restaurants — appears to feel the Cactus Club is in the wrong.

“The general protocol is for people to give up, not just restaurants, but people to give up video to help and assist the police in a manner that’s fairly quick,” said president and CEO Ian Tostenson.

Totenson heads up British Columbia’s Restaurant and Food Service Association. But rather than advocate for the rights of the private companies he represents, he has chosen to present the Cactus Club as some sort of scofflaw, even if all it did was ask to see a warrant before handing over recordings that can only be obtained with a warrant or consent.

That demand for the proper paperwork was apparently a first for the RCMP, which seemingly feels it shouldn’t need to seek warrants when there’s [checks article again] suspected criminal activity occurring. Here’s just one of the statements made by British Columbia’s “visibly upset” public safety minister.

“It’s the first time it’s crossed my desk that there has been a refusal to initially comply with police request for video,” Mike Farnworth told Global News in an interview Tuesday.

Well, that’s a shame. Too many private entities are being far too compliant. There’s no legal obligation to consent to warrantless searches of any private property, including recordings created with privately-owned cameras. Just because most people turn over footage voluntarily doesn’t make the Cactus Club wrong. It just means most people don’t care about their rights, much less the precedent they’re inadvertently setting — the sort of low bar that ensures law enforcement officers will be easily offended (and pettily vindictive) the moment anyone provides the least bit of (explicitly legal!) resistance.

And it’s not just the RCMP. It’s also the mayor of Coquitlam, where this particular club is located.

“For a local business to insist that the RCMP get a warrant for information that they might have that could lead to an arrest is outrageous…”

It definitely is not “outrageous.” It’s exactly within their well-established rights. The RCMP has an obligation to obtain consent or a warrant. It failed to get consent. It did, as the article notes, secure a warrant and the footage investigators were seeking. Everything worked out. And one would logically assume it didn’t take much to secure the warrant, considering the strong likelihood the restaurant’s cameras captured footage of the shooting.

So, why all the shouting? Well, it appears that everyone from the RCMP official to the mayor to the head of a private retail association believes cops should never have to get a warrant when investigating crimes. Holy shit, what a statement to make, even implicitly.

And somehow, it gets even worse. The club’s decision to exercise its rights has been met with explicit retaliation by the BC government. Here’s more from the BC public safety minister, who apparently sees nothing wrong with punishing a company for asking to see a warrant:

In the most recent case, Farnworth said the province has since amended the terms and conditions of the Barnet Highway Cactus Club’s liquor licence.

“They must have video surveillance and they must provide it to the police or a liquor inspector upon request,” said the public safety minister.

A warrant is a “request,” you fool. And yet, this entity has decided to “amend” a liquor license of this one club to force it to comply with warrantless demands for private camera footage — something that clearly falls outside of its legal obligations. But now, it’s the law of land — a law that now explicitly singles out a single business with a compelled compliance mandate.

Hopefully, the Cactus Club will sue. This is clearly retaliatory. It’s now subject to mandates that don’t apply to other liquor license holders in British Columbia… just the one that did nothing more than ask the RCMP to respect its rights as a private business.

Filed Under: canada, privacy, rcmp, surveillance, warrant
Companies: cactus club

Canada’s Federal Police Have Been Using Powerful Malware To Snoop On People’s Communications

from the oh,-Canada-smdh dept

The Royal Canadian Mounted Police (RCMP) — Canada’s federal Dudley Do-Whatevers — is again belatedly admitting it has access to powerful surveillance tech its supposed oversight seems unaware the RCMP possessed.

This is par for the RCMP course. The agency tends to admit it has surveillance tech only after extended deployment periods. And, like its American counterpart (the FBI), it would rather undercut its own directives (make arrests, engage in prosecutions) than allow criminal defendants to examine the (often cutting edge) evidence used against them. This includes allowing known organized crime figures to walk away from criminal charges — something that seems incredibly counterproductive. This practice of dropping criminal prosecutions extends to cases where it just seems a bit too inconvenient to obtain a warrant.

These disclosures by the RCMP — often in response to oversight inquiries — tend to come months or years after the fact. And that is the case here, as reported by Maura Forrest for Politico. Time passes, the RCMP deploys new surveillance tech, and very eventually the public learns about it.

In a “remarkable” disclosure, Canada’s national police force has described for the first time how it uses spyware to infiltrate mobile devices and collect data, including by remotely turning on the camera and microphone of a suspect’s phone or laptop.

The Royal Canadian Mounted Police says it only uses such tools in the most serious cases, when less intrusive techniques are unsuccessful. But until now, the force has not been open about its ability to employ malware to hack phones and other devices, despite using the tools for several years. Between 2018 and 2020, the RCMP said it deployed this technology in 10 investigations.

“For the first time…” something that follows four years of deployment, only three of which are detailed in this “disclosure.” Sure, the fact that it has been limited to only ten cases in the three years suggests cautious use of powerful phone spyware, but the fact that this has never been discussed in court makes it clear defendants aren’t being told how they’ve been tracked down or rung up. And it strongly suggests the RCMP is engaged in parallel construction to launder the source of its evidence to prevent open discussion in court and limit the number of cases it would rather toss than engage in honest representations of its evidence-gathering methods.

The disclosure is further limited by the RCMP’s refusal to discuss which vendors it’s buying exploits from. There are only a handful of companies selling exploits that can compromise nearly any phone and every single one of those is currently in deep shit. Some are just facing unending negative news cycles. Some are facing sanctions. A few are facing both.

No law enforcement agency would be in any hurry to publicly announce it’s gotten in bed with shady malware merchants. But the only thing that comes from unnecessary opacity is less trust from the public and increased suspicion the government is doing things with the public’s money that the public would not approve of.

What the RCMP is using sounds suspiciously like Israeli malware manufacturer NSO Group’s flagship product: Pegasus. In most cases, it’s a zero-click exploit that cracks phones completely open and allows lawn enforcement offices (or batshit ex-husbands) to be a silent partner in all communications, including phone calls.

The team, which exists to intercept communication that can’t be obtained using traditional wiretaps, uses “on-device investigative tools.” The RCMP defines those as computer programs “installed on a targeted computing device that enables the collection of electronic evidence” — spyware, in other words.

The RCMP can use spyware to collect a broad range of data, including text messages, email, photos, videos, audio files, calendar entries and financial records. The police can also gather “audio recordings of private communications and other sounds within range of the targeted device” and “photographic images of persons, places and activities viewable by the camera(s) built into the targeted device,” the document says.

The RCMP offers several reasons for using malware over normal intercept methods. First off, regular wiretaps are no longer as effective as they used to be. Communications are rarely handled through landlines or regular cell tower-supported calls. Interception alternatives are necessary.

The RCMP also blames device and messaging encryption, which makes interception impossible. That’s an extremely narrow and short-sighted view of the problem facing law enforcement, but it’s a common complaint from federal agencies. (Not so much from local law enforcement, which suggests the problem is being overstated at the federal level to push for encryption bans/backdoor legislation.)

The RCMP also stresses that this is completely lawful, and approved by Canadian judges. And, while it’s true judges may have signed off on wiretap applications, it’s highly unlikely they were informed of the malware’s capabilities, which go far beyond intercepting communications. The sort of “on-device investigative tools” the RCMP appears to be using are also capable of activating mics and cameras, as well as providing officers and investigators with access to the entire contents of the target device — something that goes far beyond simply intercepting relevant communications.

And the RCMP appears to know what’s its doing isn’t exactly whatever the Canadian slang equivalent of “kosher” is. It began deploying this malware from its Covert Access and Intercept Team (CAIT) in 2018. It did not consult the federal privacy commissioner before forming this team in 2016 and, three years after CAIT’s first malware deployment, it is only now getting around to drafting the mandated privacy impact assessment that’s supposed to be handed over prior to engaging in new privacy-threatening activities.

For now, all we have is a vague admission the RCMP is deploying powerful malware provided by third party vendors. And we have the implicit admission the RCMP cares more about advancing its aims in ten cases that following the law, informing its oversight of its activities, or being honest with judges about the capabilities of its interception exploits. Hopefully, more details will arrive sooner than later.

Filed Under: canada, malware, rcmp, spyware, surveillance

Prosecutors Drop Criminal Charges Against Fake Terrorist Who Duped Canadian Gov't, NYT Podcasters

from the borat-without-the-punchlines dept

For a couple of years, a prominent terrorist remained untouched by Canadian law enforcement. Abu Huzayfah claimed to have traveled to Syria in 2014 to join the Islamic State. A series of Instagram posts detailed his violent acts, as did a prominent New York Times Peabody Award-winning podcast, “Caliphate.”

But Abu Huzayfah, ISIS killer, never existed, something the Royal Canadian Mounted Police verified a year before the podcast began. Despite that, Ontario resident Shehroze Chaudhry — who fabricated tales of ISIS terrorist acts — remained a concern for law enforcement and Canadian government officials, who believed his alter ego was not only real, but roaming the streets of Toronto.

All of this coalesced into Chaudhry’s arrest for the crime of pretending to be a terrorist. Chaudry was charged with violating the “terrorism hoax” law, which is a real thing, even though it’s rarely used. Government prosecutors indicated they intended to argue Chaudhry’s online fakery caused real world damage, including the waste of law enforcement resources and the unquantifiable public fear that Ontario housed a dangerous terrorist.

Chaudry was facing a possible sentence of five years in prison, which seems harsh for online bullshit, but is far, far less than charges of actual terrorism would bring. But it appears everything has settled down a bit and the hoaxer won’t be going to jail for abusing the credulity of others, a list that includes Canadian government officials and New York Times podcasters.

A Canadian man admitted in court on Friday that he made up tales about serving as an Islamic State fighter and executioner in Syria. In exchange, Canadian authorities dropped criminal charges against him of perpetrating a hoax involving the threat of terrorism.

This is pretty much where this was always going to end up. Chaudhry’s acts were stupid, not criminal. That others were taken in by his tales shouldn’t raise it from “potentially embarrassing” to “federally criminal.” And given the fact that the RCMP had already interviewed him and decided not to pursue him as a terrorism suspect nearly a year before he became the central figure in a New York Times podcast indicates the government knew his online persona was a hoax for years before suddenly deciding it should be treated as a criminal act.

Chaudhry is now (mostly) free. He’s no longer facing criminal charges but he will be treated like a criminal for at least the next couple of years.

Under the terms of the peace bond, which is reserved for people who the authorities fear may commit terrorist acts, Mr. Chaudhry must remain in Ontario for the next year and live with his parents. He is prohibited from owning any weapons, must continue to receive counseling and is required to report any changes in his virtual or physical addresses to the police.

Fool us once, shame on us. Fool us for multiple episodes, well… that’s on you, buddy. This has wrapped up one of the weirder tales of the War on Terror, a complete reversal of the expectations here in the US, where it’s the feds who are the fake terrorists.

Filed Under: abu huzayfah, canada, fake terrorist, isis, rcmp, shehroze chaudhry, terrorism, terrorism hoax

Canadian Privacy Commissioner Says RCMP Broke The Law By Doing Business With Clearview

from the nice-work,-law-enforcers dept

Since its unceremonious exposure by the New York Times, internet-scraping facial recognition tech company Clearview has been the subject of nothing but negative press, lawsuits, and law enforcement denials of its self-proclaimed crime fighting abilities. Apparently to the surprise of Clearview, few people were receptive to the idea of having their personal info scraped from the web by the company and served up to law enforcement officers, private companies security personnel, and any billionaire wondering about what to throw their money at.

The dubious legality of its efforts has seen Clearview exit certain markets in the United States. It has also exited an entire nation, pulling the plug in Canada while under investigation by the country’s Privacy Commissioner.

Earlier this year, the Privacy Commissioner released part of its report, finding that Clearview’s offering was mass surveillance that was illegal under federal and provincial laws. The second half of its investigation deals with the Royal Canadian Mounted Police and its use of Clearview during investigations. The Commissioner’s conclusion? The RCMP also broke the law.

[O]ur most recent investigation has concluded that the RCMP contravened the federal public sector law, the Privacy Act, when it collected information from Clearview. In our view, a government institution simply cannot collect personal information from a third party agent if that third party’s collection was unlawful in the first place.

According to the Privacy Commissioner, RCMP violated the Privacy Act by using Clearview to search for information about citizens. It doesn’t matter that the database used to perform these searches was owned and maintained by a private company. If Clearview violated Canadian laws collecting and providing access to this data, the RCMP similarly broke the law when it accessed it.

The Commissioner notes the RCMP still does not believe it did anything wrong.

The RCMP is no longer using Clearview AI as the company ceased to offer its services in Canada in July 2020 in the wake of our then ongoing investigation. However, we remain concerned that the RCMP did not agree with our conclusion that it contravened the Privacy Act. The RCMP argued section 4 of the Privacy Act does not expressly impose a duty to confirm the legal basis for the collection of personal information by its private sector partners. Requiring the RCMP to ensure a third party’s legal compliance with PIPEDA would create an unreasonable obligation on the RCMP, the RCMP maintained.

That’s a pretty interesting counterpoint by the RCMP. It basically argues it should be able to do business with outside vendors that break the law. Despite its spicy take on the legalities of paying third parties to break the law for it, the RCMP has agreed to revamp its policies and procedures to provide more control and direct oversight of tech use by its investigators and officers.

But if the RCMP was so sure it was in the right, one has to wonder why it attempted to downplay its use of Clearview to mislead the Commission’s investigators.

We were also concerned that the RCMP at first erroneously told our office it was not using Clearview AI. When it later acknowledged its use, it said publicly it had only used the company’s technology in a limited way, primarily for identifying, locating and rescuing children who have been, or are, victims of online sexual abuse.

However, our investigation found the RCMP did not satisfactorily account for the vast majority of the searches it made.

These don’t appear to be the actions of an agency that firmly believes it’s in the clear, legally speaking. The most generous take is that the RCMP wasn’t tracking use of Clearview by its employees, which is its own problem and one hopefully addressed by the recommendations of the Commission. But more realistically it suggests the RCMP knew it probably shouldn’t be using the highly questionable facial recognition product and tried to cover up how often it had actually been used.

Most damning of all is the undeniable fact that the RCMP continued to use Clearview while it was under investigation by the government. It only stopped because Clearview decided to exit the Canadian market rather than risk any additional scrutiny of its software and site scraping efforts.

Filed Under: canada, facial recognition, privacy, rcmp
Companies: clearview

'You Have Zero Privacy' Say RCMP Social Media Surveillance Documents Before Going On To Demonstrate Why

from the big-hatted-parent-lurking-over-every-social-media-user-shoulder dept

The Royal Canadian Mounted Police have eyes everywhere. That’s according to documents obtained via public records requests by The Tyee, which published selections from the 3,000 pages it has spent more than a year suing to obtain.

The RCMP has made news previously for doing things like sidestepping warrant requirements for obtaining user data from ISPs and dropping criminal cases rather than discuss its not-so-secret Stingray devices in court. It’s making headlines again, but not the sort it wants. A presentation contained in the document stash provides more details on “Project Wide Awake” — an advanced social media monitoring program first uncovered by The Tyee more than a year ago.

The program is named after a project named in an X-Men comic book. The fact that the RCMP chose this name for its social media monitoring program is more than a little chilling.

Because mutants were beginning to pop up all over the world, some members of the administration decided that America should start enlisting the aid of friendly mutants into the ranks of government agencies (under careful control, of course) for America’s protection. Other members of the administration felt that the mutants should be rounded up and used as a resource, but their methods denied mutants even their most basic civil rights. Still other bureaucrats believe that all mutants should be destroyed. Project: Wideawake has evolved more towards the second way of thinking (mutants as a resource) under the direction of [National Security advisors] Petrie and Gyrich.

Fun stuff. And the fun doesn’t stop there. One slide from the presentation dourly (and accurately, it appears!) notes:

You have zero privacy anyway. Get over it.

This sardonic statement was presumably inserted in the Wide Awake presentation to make Mounties less concerned about possible civil liberties violations. If no one has any privacy, nothing the program consumes could possibly violate something that — according to this presentation — no longer exists.

But some expectations of privacy are still being violated, it would appear. Here’s just a partial list of the program’s feature:

The documents reveal the RCMP:

The first bullet point is a matter of concern. Going sole-source shuts down the bidding process, which means the public isn’t notified of RCMP acquisitions and projects. It also limits the amount of oversight RCMP will be subjected to by keeping some legislators out of the loop as well. And the best way to keep people out of the loop and the RCMP free from pesky oversight is to claim everything is too sensitive to be handled normally.

In February 2019, as the force sought to secretly obtain Babel X or a tool much like it, an officer argued to Public Services and Procurement Canada that “if released into the public domain” knowledge such software was being used by the RCMP could “jeopardize border integrity” and “criminal and national security investigations,” and “provide avenues for adversaries to attempt to defeat these capabilities,” the newly released documents show.

The commissioner of federal policing went even further than this jumble of words, requesting a “national security exception” for surveillance tech/software purchases by the RCMP.

Babel X is a powerful social media monitoring tool that can instantly translate over 200 languages and provides a plethora of filtering tools (including geofences) to allow law enforcement to hone in on anything (or anyone) they feel might be suspicious. More worryingly, the software can also filter for certain number sequences, allowing users to track uses of social security, drivers license, or credit card numbers. Its produced by the same company that sells cell location data harvested from phone apps to a number of US government agencies and military contractors.

The RCMP’s spokespeople (as well as some of the documents obtained by The Tyee) claim these surveillance techniques are aimed only at “open source” targets. This use of the term implies everything obtained is surface-level, pulled from public accounts and public posts. But the specifics tell a different story. As listed above, part of the RCMP’s toolset allows investigators to access the contents of “Friends” lists that have been set to private — not exactly “open source.” The same goes for its dark web crawlers. People use the dark web specifically to avoid surveillance. This upends that expectation, but the RCMP continues to insist it’s just obtaining what anyone could obtain by surfing the open web.

But the tools also make engaging in covert surveillance easier. Investigators can go undercover, using accounts with zero links to the RCMP, to access conversations and communications that are anything but “open source.” Again, this isn’t a new technique, but software like this allows intrusive surveillance to scale.

The Tyee is still wading through its stash of documents so this first report doesn’t do much more than scratch the surface. But the secrecy surrounding social media surveillance programs is getting subjected to a little sunshine.

Filed Under: canada, privacy, rcmp, surveillance

Canadian Man Arrested For Not Being A Terrorist

from the fake-it-til-you-make-it dept

Here in the United States, we’re used to the FBI radicalizing terrorists in order to arrest terrorists. If you don’t have any aspiring terrorist friends, the FBI can set you up with some. Don’t have a plan to do some terror stuff? No problem, the FBI has all kinds of ideas. Low on cash and unable to pick up your own terrorist supplies? Petty cash has you covered, my man. Just looking for a little acceptance? The FBI can fill that void in your life, just before it arrests you and takes that life away.

A string of open net goals by the FBI’s counterterrorism division has left us a bit jaded. We need something new to shake things up a bit. Fortunately, the Royal Canadian Mounted Police have stepped up to provide a new twist: arresting and charging someone for [checks news report] not being a terrorist.

A Canadian whose widely-publicized account of conducting executions for ISIS fueled public outrage and debate in the House of Commons has been charged with allegedly making it up.

Shehroze Chaudhry, 25, who has portrayed himself as a former ISIS member living freely in Canada, was charged with faking his involvement in the terrorist group.

Not only is it a crime to be a terrorist in Canada, it’s also a crime to not be one — not if you portray yourself as a terrorist. After invoking all sorts of small-t terror with his pretending to be Jihadist Public Enemy No. 1, Chaudhry found himself arrested on the more seldom-used charge of “terrorism hoax.”

The RCMP apparently doesn’t take kindly to being duped, although it seems any investigation would have discovered Chaudry’s lack of terrorism and allowed the agency to drop him as a suspect and quit wasting tax dollars on him. There’s a hint of bitterness in this statement:

“Hoaxes can generate fear within our communities and create the illusion there is a potential threat to Canadians, while we have determined otherwise,” said stated Superintendent Christopher deGale, who heads the Toronto INSET.

“As a result, the RCMP takes these allegations very seriously, particularly when individuals, by their actions, cause the police to enter into investigations in which human and financial resources are invested and diverted from other ongoing priorities.”

I understand things like hoax bomb threats and hoax 911 calls can be taxing on a system that often portrays itself as overstretched. But Chaudry’s faux terrorism was apparently limited to shitposting on a number of social media accounts, talking a good terrorist game while never actually being involved with any terrorism group.

The hoax charge hasn’t been used often, but it appears prosecutors think this time it will stick. After all, not many faux terrorists end up the subject of multiple news reports and podcasts reaching large audiences.

[T]he Crown may intend to argue that, because the hoax was so widespread and was featured on a popular podcast, it created fear that Canadian ISIS members were “returning and running around,” and that police were powerless to stop them.

Implicit in that argument is that Chaudry is being punished for making law enforcement look inept. Moving forward with a prosecution on these charges, however, won’t make them look any less inept. In fact, it will compound the perceived ineptness. First, the RCMP can’t take down real terrorists. Second, the RCMP has to resort to arresting fake terrorists. Adding these two negatives together won’t make them a positive.

But it could be an easy win for the Crown. The best defense against charges of fake terrorism is evidence you’re a real terrorist. Either way, Chaudry is probably screwed. But fake terrorism is only five years in prison. Actual terrorism usual nets a person a whole lot more time behind bars. The best choice may be to agree to be the guy who didn’t actually do anything.

Filed Under: canada, hoax, isis, rcmp, shehroze chaudhry, terrorism, terrorism hoax

Canadian Law Enforcement Admit — And Then Deny — They Own A Stingray Device

from the stingr-eh? dept

Stingrays are now as common as cockroaches in the United States, but we haven’t heard much about their use by Canadian law enforcement. A denial or a confirmation would be nice, but not strictly necessary. It’s safe to assume anything US cops can get, Canadian law enforcement can obtain as well.

Earlier this month, Vice’s Motherboard revealed the first confirmation of Stingray use by a local law enforcement agency. (The Royal Canadian Mounted Police have owned and operated Stingray devices for most of the last ten years.)

According to the BC Civil Liberties Association, which posted a blog announcing the news on Monday, the Vancouver police used an IMSI catcher once, nearly a decade ago, and without a warrant.

“We sent a letter asking the Vancouver police if they’d ever used one of the RCMP’s IMSI catchers, and if they would again,” said Micheal Vonn, policy director for the BCCLA. “The answer to both questions was yes.”

So just once? A decade ago? The Vancouver PD sounds about as credible as a presidential candidate being questioned about past drug use. Still, the Vancouver PD insists it has no files on Stingray use, despite admitting to using a Stingray.

However, the Vancouver PD sounds way more credible than the Edmonton Police, which can’t even get its spokespeople on the same page. On August 11, the Edmonton Police told Motherboard this:

On Thursday afternoon, Edmonton police spokesperson Anna Batchelor sent me an email saying, “I’m able to confirm the Edmonton Police Service owns a Stingray device and has used the device in the past during investigations.”

This was another first. Vancouver law enforcement — according to what had been told to Motherboard — didn’t own the Stingray it used. It borrowed the device from the RCMP and was instructed on how to use it by a Mountie tech.

Several hours later, the Edmonton PD wasn’t so sure it owned and/or deployed an IMSI catcher.

On Friday, I received a call from Superintendent Terry Rocchio of the Edmonton police, who delivered a frantic and conflicting message: the Edmonton police do not own a Stingray, he said, and Batchelor’s confirmation was the result of internal miscommunications. He was very sorry for the misinformation, he said.

Combined with the previous statement, it appears as though Edmonton PD superintendent Terry Rocchio is apologizing for his own words, which certainly gives the appearance of being misinformation. Further statements released by the Edmonton PD claim the department does not own a Stingray but, again, this is at odds with the unexpectedly straightforward statement given to Motherboard in response to its original query.

Now, it could be that Edmonton law enforcement did the same thing Vancouver’s did and borrowed it from the nearest RCMP bug shop. Or it could be that this is just the Canadian version of playing along with non-disclosure agreements. Most agencies contacted by Motherboard refused to comment. Others refused to confirm or deny. And the one agency that DID say it had a Stingray now says it doesn’t.

Given the opacity surrounding local law enforcement use/ownership of these devices, it’s probably safe to say they’ve been deployed without warrants and hidden from judges, defendants, and — quite possibly — local legislators. Months or years from now, Motherboard may have a more complete answer, but for now, this appears to be Canadian law enforcement scrambling to stave off some inevitable discoveries.

Filed Under: canada, edmonton police, imsi catcher, rcmp, stingray, vancouver police

Canadian Judge Tosses Case After Finding Law Enforcement Entrapped Supposed Terrorists

from the but-for-the-grace-of-untargeted,-overbudgeted-law-enforcement-agencies-go-we dept

It’s not just FBI agents playing with Home-Grown Terrorist™ Erector Sets. It’s also Canada’s top law enforcement agency, the Royal Canadian Mounted Police. When there apparently aren’t enough actual terrorists to be found, agencies like these need to front the $40 at Wal-Mart for terrorist supplies, or dupe someone with an IQ of 51 into becoming the latest Indictment Du Jour.

Despite this, courts have largely gone along with the charade. It’s almost impossible for someone to successfully raise an entrapment defense, whether it’s a group of senior citizens who’ve been molded by undercover agents into an ad hoc terror unit or a bunch of easily-impressed thugs being hounded into stealing nonexistent drugs from fake stash houses.

Up in Canada, though, the law enforcement game may be played by the same rules, but one court isn’t willing to encourage the RCMP’s Build-a-Terrorist shenanigans.

A British Columbia couple convicted of terrorism charges have had their verdicts tossed out in a scathing court decision that flays the RCMP for its “egregious” conduct in manipulating naive suspects into carrying out a police-manufactured crime.

[…]

B.C. Supreme Court Justice Catherine Bruce said the Mounties used trickery, deceit and veiled threats to engineer the terrorist acts for which Nuttall and Korody were arrested on Canada Day three years ago.

The RCMP, like its US equivalent, only seeks the best of the best when attempting to turn citizens into terrorists. In this case, the RCMP found two easy marks — both heavily dependent on welfare checks and methadone — and convinced them they were going to be involved in a revolutionary pressure cooker bombing at some point in the future.

Judge Bruce noted that the two suspects contributed almost nothing to the RCMP’s plan. In fact, the judge stated that without the RCMP’s incredible amount of assistance, any plans to bomb anything likely would never have materialized. The indicted pair weren’t exactly self-starters, and the RCMP’s undercover agent basically had to act like a maniacal cult leader to get them to do anything at all.

She also condemned the behaviour of the primary undercover officer who, at the direction of the operation’s overseers, discouraged Nuttall and Korody from seeking outside spiritual guidance and convinced them he was a member of a powerful international terrorist group that would likely kill them if they failed to follow through.

“He was their leader and they were his disciples,” said Bruce, who stayed the proceedings, which threw out the convictions and allowed the couple to walk free after more than three years behind bars.

The government is appealing the decision and still firmly believes that the only party that did anything wrong here were the methadone users who hardly did anything. And for their minimal contributions to the RCMP’s master plan, the Crown is hoping to get a second chance at putting these two away for the rest of their lives.

Judge Bruce’s statement when tossing the charges should be repeated on this side of the border, where the FBI seems to expend a majority of its anti-terrorism time and energy pushing reluctant, inept, mostly-incapable people into becoming the bumbling, sacrificial figureheads of ISIS: West.

“The world has enough terrorists. We do not need the police to create more.”

There appears to be no shortage of legitimate (so to speak…) criminal activity for law enforcement to pursue and investigate. And yet, given the choice, they’d rather craft both criminals and criminal activity from the ground up, scoring easy goals against unguarded nets — making the world a little less safe while ensuring their budgets are never endangered.

Filed Under: canada, entrapment, own plot, rcmp, terrorism

BlackBerry Offers Glomar, 'Bad Guys Got Caught,' In Non-Comment On Canadian Law Enforcement's Full Access To Encrypted Messages

from the 'in-conclusion,-Blackberry-is-a-land-of-contrasts' dept

BlackBerry has finally responded to Motherboard’s story on the Royal Canadian Mounted Police’s apparent full access to encrypted communications — something that hinted the RCMP may have been given BlackBerry messaging’s “Golden Key.” Sort of. It’s mostly an indirect Glomar followed by a statement that confirms something people already know.

BlackBerry still has not commented directly to Motherboard or VICE News on the specifics of the investigation, but CEO John Chen published a blog post on Monday addressing the report in broad strokes… very broad strokes.

[…]

“Regarding BlackBerry’s assistance,” Chen wrote instead, “I can reaffirm that we stood by our lawful access principles. Furthermore, at no point was BlackBerry’s BES server involved.”

BES is BlackBerry Enterprise Server — the only option available where customers can lock BlackBerry out of access to communications. With BES, encryption keys are set by users, which means BlackBerry can no longer decrypt messages using its global PIN encryption key. Notably, this option is only available to corporate or government customers. Everyone else gets vanilla encryption, which can be decrypted by BlackBerry for law enforcement. Or, as appears to be the case in Canada, the key can be handed out to law enforcement agencies, allowing them to decrypt at will… because there’s only one encryption key for all non-BES users.

According to BlackBerry CEO John Chen, the ends justify the means he pointedly won’t be discussing in detail.

We have long been clear in our stance that tech companies as good corporate citizens should comply with reasonable lawful access requests.

[…]

This very belief was put to the test in an old case that recently resurfaced in the news, which speculated on and challenged BlackBerry’s corporate and ethical principles. In the end, the case resulted in a major criminal organization being dismantled.

BlackBerry continues to play both sides of the equation, providing “regular” users with less secure communications while claiming to be the “gold standard” in encrypted communications — a privilege it only extends to some of its customers, unlike Apple or Google, which provide encryption to all of their customers.

The company has nothing to offer customers in the way of assurances, but it does seem to be going out of its way to soothe the nerves of law enforcement officials frustrated by smartphone encryption. It may make a big deal about its fight against Pakistan and its demands for access (Chen highlights this in his blog post), but it seems less than likely to go to bat for a majority of its users when faced with overreach by more “acceptable” governments.

Filed Under: backdoor, blackberry, canada, encryption, glomar, john chen, key, rcmp
Companies: blackberry

Canadian Law Enforcement Can Intercept, Decrypt Blackberry Messages

from the so-much-for-the-one-thing-Blackberry-used-to-have-going-for-it... dept

Blackberry’s CEO, John Chen, didn’t care for the fact that Apple was “locking” law enforcement out of its devices by providing customers with default encryption. As he saw it, Apple was placing profits ahead of Mom, Apple pie and American-made motorcars.

For years, government officials have pleaded to the technology industry for help yet have been met with disdain. In fact, one of the world’s most powerful tech companies recently refused a lawful access request in an investigation of a known drug dealer because doing so would “substantially tarnish the brand” of the company. We are indeed in a dark place when companies put their reputations above the greater good.

Chen refused to “extend privacy to criminals.” How he had any way of knowing who was or wasn’t a criminal at the point of sale was not detailed in his rant.

Then news surfaced that Dutch law enforcement could bypass Blackberry encryption with seeming impunity. At that point, Blackberry became defensive about its new stature as the least secure smartphone option. It claimed in a blog post that its stock phones were not open books for the world’s law enforcement agencies. Despite promising earlier that the company would not aid criminals in keeping their secrets from law enforcement, Blackberry heatedly claimed its devices were secure as ever — even in the hands of criminals.

[T]here are no backdoors in any BlackBerry devices, and BlackBerry does not store and therefore cannot share BlackBerry device passwords with law enforcement or anyone else.

Ah, but there is a backdoor. A big one. And it’s on the opposite side of the “house.” Motherboard is reporting that the Royal Canadian Mounted Police are able to access unencrypted communications thanks to the Blackberry’s built-in “feature.”

Imagine for a moment that everybody’s front door has the same key. Now imagine that the police have a copy of that key, and can saunter into your living room to poke around your belongings while you’re out, and without your knowledge.

By way of metaphor, this is exactly how the Royal Canadian Mounted Police, Canada’s federal police force, intercepted and decrypted “over one million” BlackBerry messages during an investigation into a mafia slaying, called “Project Clemenza,” that ran between 2010 and 2012.

Citizen Lab privacy expert Christopher Parsons backs up Motherboard’s analogy. [emphasis in the original]

In addition to routing and compressing data traffic, RIM’s service offerings also include a measure of security in excess of the practices adopted by their competitors. BBM, as an example, is encrypted. However, it is encrypted using a global key. RIM has written that,

“The BlackBerry device scrambles PIN messages using the PIN encryption key. By default, each BlackBerry device uses a global PIN encryption key, which allows the BlackBerry device to decrypt every PIN message that the BlackBerry device receives.”

This means that RIM can decrypt consumers’ messages that are encrypted with the global key. Consumer devices include all RIM offerings that are not integrated with a BlackBerry Enterprise Server (BES). The BES lets administrators change the encryption key, which prevents RIM from using the global decryption key to get at the plaintext of BES-secured communication.

Blackberry may be technically correct when it asserts it has no access to user passwords. But that hardly matters when it holds the key that can decrypt any BBM communications that pass through its service (with the exception of administrator-level business accounts). This single key’s access to unencrypted communications is likely what allowed (and possibly still allows) the RCMP to obtain plaintext messages.

According to the documents obtained by Motherboard, the RCMP appears to be using some sort of Stingray-but-for-BBM technology to intercept and decrypt messages.

[The RCMP maintains a server in Ottawa that “simulates a mobile device that receives a message intended for [the rightful recipient].” In an affidavit, RCMP sergeant Patrick Boismenu states that the server “performs the decryption of the message using the appropriate decryption key.” The RCMP calls this the “BlackBerry interception and processing system.”

By inserting itself into the middle of communications, the RCMP can intercept the messages. Access to the Golden Key ensures they can be read. The conclusion reached by both the defense team and the judge presiding over the case? The RCMP has Blackberry’s global encryption key.

The defence in the case surmised that the RCMP must have used the “correct global encryption key,” since any attempt to apply a key other than BlackBerry’s own global encryption key would have resulted in a garbled mess. According to the judge, “all parties”—including the Crown—agree that “the RCMP would have had the correct global key when it decrypted messages during its investigation.”

Unfortunately, there aren’t many more details. Many of the documents related to this case remain under seal and the RCMP certainly isn’t going to discuss its interception/decryption secrets if it doesn’t have to. It could very well be that it demanded (and obtained) the key from Blackberry, much in the way the FBI demanded Lavabit’s SSL key. If so, Blackberry was far more cooperative than Lavabit, which chose to shut down the service rather than allow the government to have total access. (And it has been hinted by the DOJ that this sort of request may be headed Apple’s way if it continues to fight its All Writs orders.)

Somewhat ironically, the RCMP acknowledged in court that outing a cellphone provider as Junior G-Men would probably tarnish Blackberry’s reputation — basically the same thing Blackberry CEO John Chen claimed was the height of Apple impudence

RCMP inspector Mark Flynn testified in a heavily redacted transcript that BlackBerry “facilitated the interception process,” however, Flynn also stated that facilitation could mean mere information sharing or a physical action to aid interception.

Flynn further testified that revealing the key would jeopardize the RCMP’s working relationship with BlackBerry, and harm BlackBerry itself, since “it is not a good marketing thing to say we work with the police.”

The question now is whether the RCMP still has this level of access. To cut off the RCMP, Blackberry would have needed to alter the global decryption key — something that would have required “a massive update… on [a] per-handset basis,” according to Citizen Lab’s Christopher Parsons. And if Canada’s law enforcement has it (or had it), odds are law enforcement agencies in other countries had similar access. Investigators may not be keen to expose techniques in court or in released documents, but they’re usually pretty good about sharing this info with like-minded law enforcement agencies.

Filed Under: blackberry, canada, encryption, interception, law enforcement, master key, rcmp
Companies: blackberry