Is your data ending up in NSA’s hands?
by David Christopher
How many websites have you visited today? How many emails have you sent? How many times have you logged onto Facebook? How often have you used services like Slack or Skype?
If you’re anything like me, you probably won’t be able to answer these questions. Even as I write this piece, I have 16 tabs open in my browser, I’m logged into Facebook and my office’s instant messaging service is chirping away.
The Internet has become such an interwoven part of my daily routine that it’s impossible to keep track of how many websites I visit or emails I send. One of the best things about the Internet is that ‘it just works.’ Few of us give any thought to what’s actually happening to our data when we hit ‘send,’ click on a link or tap ‘reply’ to an instant message.
Unfortunately, what’s actually happening to our data on its journey around the Internet has deeply concerning privacy implications. Over the years, spy agencies such as the U.S. National Security Agency (NSA) have built incredibly powerful surveillance systems capable of collecting vast quantities of our private communications data, including emails, video and voice chats, photos, videos, stored data and social networking details, and analyzing it for anything supposedly ‘suspicious.’
Although we like to think of the Internet as a ‘cloud,’ most of it relies on Internet Exchanges – buildings that connect the most important Internet cables together. Although these Internet Exchanges ensure our data reliably makes it from point A to point B, their physical nature makes us far more vulnerable to surveillance.
The NSA has taken advantage of this by installing listening posts, or ‘splitter rooms,’ in key US cities where Internet Exchanges are located. When your data travels through one of these Internet Exchanges, it is almost certainly subject to being intercepted by the NSA and stored at the main NSA Data Center in Utah. Once outside Canada, your data is treated by the NSA as foreign and loses Canadian legal and constitutional protections, representing a major loss of privacy.
Even more worrying is this surveillance is not restricted to when you visit a US website or send an email to someone south of the border. A team of experts at the University of Toronto and York University, led by Professor Andrew Clement, have been researching this extensively as part of the IXmaps project. They’ve concluded that at least 25 percent of domestic Canada-to-Canada data travels via the US where it is subject to NSA surveillance.
This phenomenon is known as “boomerang routing.” For example, an email sent from Vancouver to Toronto may ‘boomerang’ via Chicago. Even an email sent from one part of Vancouver to another may travel via the US, largely as a result of years of monopolistic practices by major Canadian telecoms, poor regulatory oversight and underinvestment in Canada’s Internet infrastructure.
At OpenMedia, we’ve worked with IXmaps researchers on a new educational platform to raise awareness of these issues in a project made possible by the financial support of the Office of the Privacy Commissioner of Canada (www.priv.gc.ca/en/)
Our platform includes an informational video, a series of infographics, a detailed FAQ and some pointers to tools to better safeguard your privacy online. See openmedia.org/en/IXmaps
David Christopher is communications manager for OpenMedia, which works to keep the Internet open, affordable and surveillance-free. openmedia.org