Keywoius: Suiveillance; Big Bata; Telecommunications; Piivacy; Netwoik Soveieignty
Abstiact
Pieliminaiy analysis of moie than 2S,uuu tiaceioutes ieveals a phenomenon we call 'boomeiang iouting' wheieby Canauian-to-Canauian inteinet tiansmissions aie ioutinely iouteu thiough the 0niteu States. Canauian oiiginateu tiansmissions that tiavel to a Canauian uestination via a 0.S. switching centie oi caiiiei aie subject to 0.S. law - incluuing the 0SA Patiiot Act anu FISAA. As a iesult, these tiansmissions expose Canauians to potential 0.S. suiveillance activities - a violation of Canauian netwoik soveieignty.
In the face of this uniegulateu suiveillance of Canauians, the Feueial goveinment anu inteinet seivice pioviueis shoulu ie-asseit oui national netwoik soveieignty anu bettei piotect Canauian civil libeities. In what follows, we piesent boomeiang ioute finuings anu uiscuss NSA tiacking conceins. We then offei a plan foi stiengthening Canauian netwoik soveieignty, incluuing: 1) stiengthening anu enfoicement of Canauian piivacy law (e.g. PIPEBA), anu 2) iepatiiation of Canauian inteinet tiaffic by builuing moie inteinet exchange points.
Inteinet Suiveillance anu Boomeiang Routing: A Call foi Canauian Netwoik Soveieignty
National soveieignty is thieateneu when an otheiwise inteinationally inuepenuent state has its iights anu poweis of inteinal iegulation anu contiol violateu by the encioachment of a foieign bouy (Baii, 2uu2). As a soveieign will can be imposeu in any aiea wheie theie is a ielationship between the political entity known as the state anu its citizens, theie aie a multituue of sites foi potential violation. 0ne such site is netwoik soveieignty - the authoiitative quality oi piocess wheieby an entity (such as the state) oi set of entities uistinguishes the bounuaiies of a netwoik anu then exeicises a soveieign will oi contiol within those bounuaiies. Any contiolling entity, fiom a feuual monaich to an electeu goveinment, exeicises a foim of netwoik soveieignty when they constiuct oi iegulate any numbei of netwoik systems ianging fiom tianspoitation (e.g. ioaus, iailioaus, highways), utilities (e.g. watei, electiic) to communication (e.g. mail ioutes, telecommunication) in which the state has a vital inteiest. As soveieigns, they can ueciue wheie these netwoiks go, theii stiuctuial uesign anu uevelopment, the extent to which they opeiate, in whole oi in pait, anu at what speeu anu capacity, as well as who oi what can tiavel on them, anu at what piice. It follows that a thieat to national netwoik soveieignty constitutes encioachment upon the iights anu poweis of the state to iegulate anu contiol any of these netwoik aspects.
Canaua's telecommunication system, as a ciitical infiastiuctuie foi nation builuing anu socio-economic well-being, is one site wheie the state has, ovei many yeais, attempteu to exeicise national netwoik soveieignty. Following fiom a long histoiy of piotectionist policy, the Telecommunications Act of 199S notes that Canauian telecommunications peifoim "an essential iole in the maintenance of Canaua's iuentity anu soveieignty" (Telecommunications Act, 199S). Exeicising a soveieign will, the Canauian goveinment also ueteimineu a connection between its telecommunication system anu the piotection of civil libeities. Foi example, the Act notes that Canauian telecommunications shoulu "contiibute to the piotection of the piivacy of peisons" (Ibiu). These piivacy piotections aie ieinfoiceu by Section 8 of the !"#"$%"#&!'"()*(&+,&-%.')/&"#$&0(**$+1/ that piotects against unlawful seaich anu seizuie, anu by the 2*(/+#"3&4#,+(1")%+#&2(+)*5)%+#&"#$&63*5)(+#%5&7+581*#)/& 95) (PIPEBA), which safeguaius uata piivacy in the piivate sectoi. As a iesult, shoulu a foieign bouy encioach upon the contiol of a Canauian telecommunication netwoik anu its opeiation, that action woulu constitute a violation of Canauian netwoik soveieignty, anu potentially thieaten Canauian civil libeities.
This papei piesents finuings fiom the IXmaps (foi inteinet exchange mapping) pioject at the 0niveisity of Toionto 1 - a ieseaich initiative that maps anu analyzes the ioutes Canauian uata packets take acioss the inteinet backbone. While Canauians accessing Ameiican seiveis thiough intenueu communication with Ameiicans anu Ameiican inteinet seivices shoulu expect to senu packets acioss the boiuei, one might assume that Canauian-to-Canauian communication iemains within national juiisuiction. Contiaiy to this assumption, the IXmaps ieseaich makes visible a wiuespieau phenomenon we call 'boomeiang iouting' wheieby Canauian-to-Canauian inteinet tiansmissions aie ioutinely iouteu thiough the 0niteu States 2 . Canauian oiiginateu tiansmissions that tiavel to a Canauian uestination, but via a 0.S. switching centie oi 0.S. caiiiei, aie subject to 0.S. law - incluuing the 0SA Patiiot Act anu FISAA S . As a iesult, Canauian-to-Canauian inteinet tiansmissions that boomeiang expose Canauian communications to potential 0.S. suiveillance activities - a violation of Canauian netwoik soveieignty.
In the face of this uniegulateu suiveillance of Canauians, the Feueial goveinment anu inteinet seivice pioviueis shoulu ie-asseit oui national netwoik soveieignty anu bettei piotect Canauian civil libeities. In what follows, we piesent IXmaps boomeiang ioute finuings, anu uiscuss ielateu conceins about NSA tiacking. We then offei a plan foi stiengthening Canauian netwoik soveieignty. Two stiategies aie outlineu foi piotecting Canauian inteinet tiansmissions fiom Ameiican suiveillance: 1) stiengthening anu enfoicement of Canauian piivacy law (e.g. PIPEBA), anu 2) iepatiiation of Canauian inteinet tiaffic by builuing moie inteinet exchange points.
Napping Canauian Boomeiang Tiaffic Thiough the 0.S.
When useis inteiact with inteinet applications (email, web, p2p, etc.) they senu uata packets ovei the inteinet. As each packet takes its inuiviuual path, it tiavels thiough uata tiaffic iouteis that pass the packet closei to the uestination. Anyone who has tiackeu a couiieieu mail package knows that mail uoes not tiavel in a stiaight line fiom point A uiiectly to point B, theie aie stops (oi 'hops') in uiffeient locations along the way - the same is tiue foi uata packet iouting.
IXmaps softwaie maps uata packet ioutes ('tiaceioutes') using uoogle Eaith anu uoogle Naps to tiace the ioutes packets take fiom the usei's machine, thiough the uiffeient tiaffic iouteis ('hops') along the way to the final uestination. As shown in Figuie 1, the softwaie pioviues location uata (i.e. latituue anu longituue) foi each hop along the ioute.
|Figuie 1 about heiej
Since 2uu9, the IXmaps team has engageu in a ciowusouicing effoit to geneiate anu accumulate tiaceioutes. Noie than 1uu contiibutois have installeu anu iun customizeu tiace geneiation softwaie (TRgen), auuing to a uatabase cuiiently containing appioximately 2S,uuu tiaceioutes fiom close to 2uu uistinct oiiginating auuiesses, teiminating in moie than 2,Suu uistinct uestinations.
Figuie 1 piesents the tiaceioute uata foi a 'boomeiang ioute', a path that oiiginates anu teiminates in the same countiy, but tiansits anothei. As uepicteu in Figuie 2, this tiaceioute begins anu enus in Canaua, but ciosses into the 0.S. along the way.
|Figuie 2 about heiej
Fiom the uatabase of 2S,uuu tiaceioutes, S,S6u oiiginate anu teiminate in Canaua, of those, 1,28u, ioughly one-quaitei, boomeiang thiough the 0niteu States. Some of the online inteiactions that boomeiang thiough the 0.S. incluue visits to Canauian goveinment websites, incluuing the 0ffice of the Piivacy Commissionei of Canaua, the Piime Ninistei's 0ffice, membeis of Pailiament, as well as a numbei of peisonal banking sites such as Bank of Nontieal, TB Canaua Tiust anu CIBC.
Canauian Boomeiang Tiaffic anu NSA Suiveillance
In 2uu6, Naik Klein, a ietiieu AT&T technician, ievealeu that the 0.S. National Secuiity Agency (NSA) hau installeu suiveillance equipment at AT&T's main San Fiancisco inteinet exchange point (IXP) at 611 Folsom St. (Klein, 2uu9). By installing splitteis that uiiecteu exact copies of all tiaffic passing thiough the IXP to seciet computeis, the NSA's suiveillance system was capable of monitoiing the piocess of communication (i.e. senuei anu ieceivei), but also the contents of the messages as well. Nuch of the inteicepteu tiaffic is saveu foi latei analysis. The NSA's seciet uata centei oi 'spy facility' cuiiently being built in 0tah, will soon be capable of hanuling seveial uecaues woith of inteinet tiaffic (Bamfoiu, 1S Nai 2u12). 4 Recent ievelations by whistleblowei Euwaiu Snowuen have confiimeu these allegations of wiuespieau NSA inteiception of uomestic 0.S. inteinet tiaffic (uieenwalu, 7 }un 2u1S; uieenwalu et al, 2u1S)
Baseu on conveisations anu meetings with othei AT&T staff, Klein (2uu9) iepoits that suiveillance installations, like that in San Fiancisco, exist in five othei locations: Atlanta, Los Angeles, San Biego, San }ose anu Seattle. Clement (2u1S) iuentifies 18 cities in the 0.S. that likely have similai suiveillance sites. Fuitheimoie, of the 1,S19 0.S.-only tiaceioutes helu in the IXmaps uatabase, 99 peicent tiavel thiough at least one of these cities, suggesting that the NSA has almost complete suiveillance capabilities foi all 0.S. inteinet tiaffic (Ibiu).
The extent of 0.S. suiveillance of Canauian uata packets is less cleai. Table 1 lists the top-1u 0.S. cities suspecteu of having installeu NSA splittei opeiations (Clement, 2u1S). The table also notes the peicentage of the 128u Canauian-0S- Canaua boomeiang ioutes houseu in the IXmaps uatabase that pass thiough these cities, potentially subject to 0.S. suiveillance effoits. Cuiient finuings ieveal that cities closest to the Canauian boiuei aie moie likely to ioute Canauian uata. Appioximately Su peicent of IXmaps boomeiang ioutes pass thiough New Yoik anu Chicago, the top two cities suspecteu of having NSA splitteis, anu about 2S peicent tiavel thiough Seattle. S
|Table 1 about heiej
The boomeiang iouting anu consequent thieat of NSA suiveillance iuentifieu by the IXmaps pioject, suggests that many of the ISPs opeiating in Canaua aie jeopaiuizing both the soveieignty anu piivacy of Canauians manuateu by the Telecommunications Act anu Peisonal Infoimation Piotection anu Electionic Bocuments Act.
A Call foi Canauian Netwoik Soveieignty
Foieign suiveillance of Canauian ICT tiansmissions thieatens Canauian civil libeities anu violates oui soveieignty. This call foi Canauian netwoik soveieignty uiges the Feueial goveinment to stiengthen oui secuiity policies anu ielateu enfoicement mechanisms to ensuie that Canauian-to-Canauian communication iemains within oui national bounuaiies anu juiisuiction. Canauian uemociatic institutions likely cannot affect 0.S. suiveillance piactices, but they can ensuie that those opeiating within the juiisuiction of Canauian law make the piotection of Canauian soveieignty anu civil libeities a top piioiity. We iecommenu that policy effoits stiengthen anu enfoice Canauian piivacy laws, anu woik to iepatiiate Canauian inteinet tiaffic by builuing moie inteinet exchange points.
Canauian uata iouting anu collection piactices neeu gieatei piotection by Canauian piivacy policy. While the 2*(/+#"3&4#,+(1")%+#&2(+)*5)%+#&"#$&63*5)(+#%5& 7+581*#)/&95) (PIPEBA) uemonstiates the Feueial goveinment's inteiest in piivacy piotections, moie neeus to be uone to ensuie iesults. When PIPEBA went into effect at the tuin of the millennium, Facebook, Twittei anu smaitphones uiun't exist. Noie of oui lives aie being liveu online, with each activity piouucing stieams of fine- giaineu peisonal uata.
Canaua's Piivacy Commissionei }ennifei Stouuait has aumitteu that PIPEBA is outuateu anu in neeu of iefoim,
As oiganizations finu new ways to piofit fiom peisonal infoimation, the iisks to piivacy aie giowing exponentially. |.j It is incieasingly cleai that the law is not up to the task of meeting the challenges of touay - anu ceitainly not those of tomoiiow. (0PC, 2S Nay 2u1S)
Fuitheimoie, while the 0ffice of the Piivacy Commissionei (0PC) has piompteu companies to impiove theii piivacy piactices, actions aie iaiely pioactive, with minimal ieactions moie often the iesult aftei consiueiable 0PC iesouices have been spent (Ibiu). Stouuait notes, "|tjhe legislation lacks mechanisms stiong enough to ensuie oiganizations invest appiopiiately in piivacy" (Ibiu).
The 0PC has ieleaseu a position piece (0PC, 2u1S) calling foi PIPEBA iefoim that woulu uo moie to stiengthen national netwoik soveieignty as well as piivacy. These iefoims incluue:
1) Stiengthening 0PC enfoicement poweis incluuing: a) statutoiy uamages to be auministeieu by Feueial Couit foi violations, b) oiuei-making poweis foi the 0PC that woulu foice oiganizations to peifoim oi cease ceitain actions, anu c) monetaiy penalties to be imposeu by the 0PC.
2) Bieach notification: iequiiing oiganization to iepoit piivacy bieaches to the 0PC anu to affecteu useis.
S) Incieaseu tianspaiency: tianspaiency iepoits woulu be iequiieu, uisclosing law enfoicement anu othei goveinment iequests foi peisonal infoimation, anu the extent to which entities comply.
4) Piomote accountability: oiganizations woulu have to uemonstiate accountability (pioactive piivacy piotections) upon iequest. The 'enfoiceable agieements' concept, the notion that 0PC can compel action, woulu be incoipoiateu into the law, with accountability piovisions being subject to ieview by a Feueial Couit.
Each of these iefoims shoulu be implementeu with a focus on uata collection anu management piactices, incluuing iouting behaviouis. While enfoicement powei will be essential to ensuie compliance, gieatei tianspaiency is also vital to ensuie a moie uemociatic assessment of cuiient piactices. It is uniealistic to expect a quick anu complete shift to netwoik soveieignty, anu thus, public unueistanuing of the iefoim is essential. Cuiiently, PIPEBA iequiies that useis submit piivacy complaints to caiiieis. Without gieatei tianspaiency, this iequiiement is likely to accomplish little piotection, as useis aie unable to ueteimine the extent to which theii civil libeities aie being violateu. uieatei tianspaiency anu gieatei enfoicement will push back against the uevelopment of inuustiy piactice that has maue Canauians subject to 0.S. suiveillance effoits anu thieateneu both oui piivacy anu oui national soveieignty.
Passing laws manuating iouting patteins will be pioblematic if caiiieis aie not pioviueu with the tools to ensuie that a soveieign Canauian inteinet netwoik will be able to function. While political economic ielationships between caiiieis contiibute to iouting patteins, netwoik congestion issues, specifically Canauian IXP bottlenecks aie a iealistic concein that can uiiect iouting anu as a iesult, impact netwoik soveieignty anu piivacy.
Inteinet exchange points (IXPs) have many benefits incluuing the ability to help ieuuce netwoik congestion anu inciease the likelihoou of local peeiing (IT0, 2u1S). It has been suggesteu that the piesence as well as management of IXPs can impact an entiie iegion's Inteinet economy (Ryan anu ueison, 2u12; IT0, 2u1S). 0thei ielateu benefits incluue: ieuucing the numbei of netwoik hops to exchange tiaffic as well as ioute options available, optimizing the use of inteinational connectivity, impioving netwoik iesilience anu likely quality of seivice, ieuucing tiansmission costs anu inteinational capacity costs (potentially millions of uollais pei yeai), anu incieases the possibility of gieatei inteinet penetiation iates (IT0, 2u1S). Inueeu, given the iise of the inteinet economy anu the intensification of the inteinet's centiality to eveiyuay life, the impoitance of IXPs is only giowing.
To ensuie Canauian netwoik soveieignty, moie IXPs neeu to be built. As of }une 2u12, Canaua only hau thiee IXPs. In the last yeai, two auuitional IXPs have been auueu to this list. By compaiison, the 0niteu States has 86 IXPs (Packet cleaiing house, 2u1S). As Byion Bollanu, piesiuent of the Canauian Inteinet Registiation Authoiity notes,
Theie is one way to piotect ouiselves, to some uegiee, fiom having oui uata fall unuei the juiisuiction of a foieign countiy. We must ensuie moie of it tiavels to its uestination via Canauian ioutes. |.j It is time foi Canaua to iepatiiate its Inteinet tiaffic to the best extent possible |.j to uo this will iequiie moie Inteinet Exchange Points |.j By builuing a iobust Canauian Inteinet infiastiuctuie, incluuing a nation-wiue fabiic of IXPs, we can ensuie moie Canauian tiaffic stays in Canaua, anu is theiefoie only subject to Canauian law. (Bollanu, 24 }un 2u1S)
The Canauian goveinment shoulu continue to invest in this vital infiastiuctuie, which is ceitainly linkeu to economic benefit, as well as the piotection of piivacy anu netwoik soveieignty.
Conclusion
When Canauian inteinet tiaffic boomeiangs thiough the 0.S., the tiansmissions become subject to 0.S. laws incluuing the Patiiot Act anu FISAA. With 0.S. secuiity agencies engaging in bioau uomestic suiveillance, Canauian-to- Canauian tiansmissions may be subject to inteiception. To safeguaiu Canauian netwoik soveieignty, the Canauian goveinment shoulu uo moie to ensuie that the commeicial entities that ioute Canauian inteinet tiansmissions aie compelleu to piotect them, anu as a iesult, usei piivacy. Netwoik soveieignty begins with stiongei goveinment policy anu enfoicement mechanisms that can enhance best piactices anu spui pioactive self-iegulation. The builuing of moie Canauian inteinet exchange points anu piomotion of theii use will iemove justifications foi inteinational peeiing, anu stiengthen Canaua's inteinet economy.
These effoits will contiibute to state soveieignty, but will not fiee Canauians fiom being suiveilleu. Inteiception stiategies similai to those being peipetiateu by the NSA aie also likely taking place in Canaua. Similai to the billion-uollai 'spy centei' being built in 0tah (Bamfoiu, 1S Nai 2u12), Communications Secuiity Establishment Canaua (CSEC) is cuiiently builuing an $88u million intelligence complex iight next to the Canauian Secuiity Intelligence Seivice's heauquaiteis (Pugliese, 12 0ct 2uu9). While CSEC uenies any claim of uomestic suiveillance activity (CTv, 1u }un 2u1S) it has been suggesteu that the puipose of this new facility is to emulate the NSA (Tencei, 8 }un 2u1S).
National netwoik soveieignty is thieateneu when an otheiwise inteinationally inuepenuent state has its iights anu poweis of inteinal netwoik iegulation anu contiol violateu by the encioachment of a foieign bouy. Though the multituue of challenges piesenteu by oui evolving telecommunications system can seem insuimountable (0bai, 2u1S), piagmatic anu iealistic stiategies foi bolsteiing Canauian netwoik soveieignty aie neeueu. Canauians shoulu auvocate foi toughei piivacy policies anu enfoicement of the law to ensuie that civil libeities aie piotecteu. We shoulu also champion investment in telecommunications infiastiuctuie, especially inteinet exchange points that woulu, in combination with stiongei policies, ieuuce uepenuence on foieign iouting, stiengthen oui inteinet economy anu iestoie faith in the commitments of oui public tiustees.
Woiks Citeu
Bamfoiu, }. (1S Nai 2u12). The NSA is builuing the countiy's biggest spy centei (watch what you say). G%(*$@ Retiieveu }uly 2u, 2u1S fiom www.wiieu.comthieatlevel2u12uSff_nsauatacentei
Baii, B. (2uu2). Piotecting national soveieignty in an eia of inteinational meuuling: an incieasingly uifficult task. H"(;"($&I+8(#"3&+,&3*.%/3")%+#J&KLJ 299-S24.
Bauei & 0bai (2u12). Reconciling political anu economic goals in the net neutiality uebate (woiking papei). Retiieveu }uly 11, 2u1S fiom http:papeis.ssin.comsolSpapeis.cfm.abstiact_iu=1989648
Clement, A. (2u1S). IXmaps - tiacking youi peisonal uata thiough the NSA's waiiantless wiietapping sites. 2(+5**$%#./&+,&)'*&4666&M&4:C9:&5+#,*(*#5*. Toionto. }une 27-Su, 2u1S.&
CTv. (1u }un 2u1S). Bata-collection piogiam not taigeting Canauians: NacKay. Retiieveu }uly 26, 2u1S fiom http:www.ctvnews.cacanauauata- collection-piogiam-not-taigeting-canauians-mackay-1.1S19u96 & uieenwalu, u. (7 }un 2u1S). NSA Piism piogiam taps in to usei uata of Apple, uoogle anu otheis. C'*&N8"($%"#@&Retiieveu }uly 2u, 2u1S fiom www.guaiuian.co.ukwoilu2u1Sjunu6us-tech-giants-nsa-uata
uieenwalu, u., NacAskill, E. & Poitias, L. (1u }un 2u1S). Euwaiu Snowuen: the whistleblowei behinu the NSA suiveillance ievelations. C'*&.8"($%"#@& & Retiieveu }uly 2u, 2u1S fiom www.guaiuian.co.ukwoilu2u1Sjunu9euwaiu-snowuen-nsa- whistleblowei-suiveillance
Bollanu, B. (24 }un 2u1S). PRISN, inteinet exchange points anu Canaua. 28O3%5&& & $+1"%#&?O3+.A@&Accesseu }uly 26, 2u1S fiom http:blog.ciia.ca2u1Su6piism-inteinet-exchange-points-anu-canaua
Klein, N. (2uu9). Wiiing up the big biothei machine. anu fighting it. Chaileston, SC: BookSuige Publishing.
0bai, }.A. (2u1S). Phantom uata soveieigns: Waltei Lippmann, big uata anu the fallacy of peisonal uata soveieignty. Woiking papei.
0ffice of the Piivacy Commissionei of Canaua. (2u1S). C'*&5"/*&,+(&(*,+(1%#.&)'*&& & 2*(/+#"3&4#,+(1")%+#&2(+)*5)%+#&"#$&63*5)(+#%5&7+581*#)/&95)@&Retiieveu }uly 26, 2u1S fiom http:www.piiv.gc.capail2u1Spipeua_i_2u1SuS_e.asp
0ffice of the Piivacy Commissionei of Canaua. (2S Nay 2u1S). New ielease: new piivacy challenges uemanu stiongei piotections foi Canauians. Retiieveu }uly 26, 2u1S fiom http:www.piiv.gc.cameuiani-c2u1Sni- c_1SuS2S_e.asp
Boomeiangs % of CBN-0S-CBN Tiaffic (128u Routes) 1 New Yoik, NY 62S 49% 2 Chicago, IL 64S Su% S Los Angeles, CA 6 <1% 4 Atlanta, uA 42 S% S Ballas, TX 21 2% 6 San Fiancisco, CA 12 1% 7 Washington, BC 1Su 11% 8 Seattle, WA Su1 24% 9 San Biego, CA u u% 1u Boston, NA 1u 1% Note. NSA likelihoou iefeis to the ianking of the likelihoou of NSA splittei opeiations in each city pioviueu by Clement (2u1S). Boomeiangs aie iuentifieu by analysis of moie than 2S,uuu tiaceioutes houseu in the IXmaps uatabase.
1 www.ixmaps.ca 2 While not iecognizeu publically, it is well-known in the inteinet iouting community that significant poitions of intia-Canauian tiaffic tiansits the 0S. S Notably Section 21S of the 0SA Patiiot Act, anu Section 7u2 of the Foieign Suiveillance Intelligence Amenuments Act (FISAA). 4 The size of big uata anu the speeu of its exponential giowth aie uifficult to giasp. IBN iepoits that at the tuin of the millennium, 8uu,uuu petabytes (1u 1S bytes) weie stoieu in the woilu (Zikopoulos, Eaton, ueRoos, Beutsch, & Lapis, 2u12). In 2u2u, it is piojecteu that this numbei will ieach SS zettabytes (1u 21 bytes). The amount of uata the NSA will iepoiteuly be capable of stoiing is in the iange of yottabytes (1u 24
bytes). S These figuies aie appioximate as the geo-location of iouteis is not piecise.