RCMP briefed MPs on cellphone spyware risks, foreign interference

Click to play video: 'RCMP used spyware capable of controlling cellphones'
RCMP used spyware capable of controlling cellphones
WATCH: The RCMP has revealed its once-secret spyware allowed investigators to listen to or even take control of Canadians' mobile phones. – Aug 8, 2022

Canada’s national police force has briefed MPs about the risk that foreign states are using sophisticated spyware to intercept their electronic communications, Global News has learned.

It’s not clear which states are believed to be spying on Canadian politicians, but the RCMP’s top national security official, Mark Flynn, told the House of Commons Ethics committee Monday that it’s likely they’re being targeted.

Asked what actions the Mounties are taking to protect politicians from electronic eavesdropping, the RCMP said that “on an ad hoc basis in the past” the force has briefed parliamentarians “regarding the vulnerabilities of wireless technologies and smart devices.”

“The RCMP is (also) aware that the House of Commons staff brief members of Parliament on the threat posed by foreign surveillance tools that may be deployed on mobile devices and provides them tools to aid in their security,” the force said in response to Global News’ questions.

Story continues below advertisement

The RCMP did not respond to questions about whether the force has found spyware on parliamentarians’ devices, or what actions the police are taking to ensure Canadian politicians’ communications are secure.

“Although the RCMP will not speak to specific operational matters or specific victims (or affiliations), the RCMP is involved in and has been involved in investigations of foreign espionage and foreign interference,” the force said in a statement.

“These investigations are multifaceted and could (and) would include investigations of foreign surveillance efforts of various types.”

The RCMP is under scrutiny for their own use of spyware technology that can covertly intercept encrypted communications, remotely turn on devices’ microphones or cameras, and collect other types of sensitive information without their targets’ knowledge.

The force insists that all uses of their spyware capabilities – used 49 times in 32 cases since 2017 – were approved by a judge, and that their deployment of “on-device investigative tools” or ODITs are used only in cases of serious criminality. According to data turned over to the ethics committee, eight cases involved terrorism, six were related to trafficking, and five were murder investigations.

While the RCMP said all were approved by a judge, it’s not clear how many – if any – requests for the invasive surveillance techniques were not approved.

Story continues below advertisement
Click to play video: 'RCMP go through rigorous judicial process for spyware tech, Mendicino tells ethics committee'
RCMP go through rigorous judicial process for spyware tech, Mendicino tells ethics committee

In his testimony Monday, Flynn told MPs that the RCMP has used tools to circumvent encryption – which millions of Canadians depend on every day to protect their text messages, financial transactions and web traffic – as far back as 2002.

In a statement to Global News, Canada’s electronic spy agency – the Communications Security Establishment – confirmed that they have developed “capabilities” for the RCMP for “use in their lawful operations.”

“Under the CSE Act, CSE is prohibited from targeting Canadians or anyone in Canada as part of its intelligence activities,” the agency wrote.

“The CSE Act also authorizes CSE to provide technical and operational assistance to federal law enforcement and security agencies, such as the RCMP, to help carry out their lawful mandates. This assistance has included the development of capabilities for use in their lawful operations.”

Story continues below advertisement

The Canadian Security Intelligence Service, or CSIS, declined to say if they had deployed spyware in the course of their investigations.

“However, while undertaking investigations into threats to Canada’s national security, CSIS employs a variety of investigative techniques, some of which require judicial authorization from a Federal Court judge,” the agency wrote.

The Canadian Armed Forces, which has a large intelligence wing, declined to comment on their capabilities but noted they do “not have a mandate” to collect intelligence on Canadians.

In a statement, the Liberal Party said they will not comment on specific security precautions but that they “take these considerations very seriously.”

“The highest levels of security are implemented for all data, communications, and records, and we continually update our processes and review international best practices (including from the Communications Security Establishment) to further enhance the Liberal Party’s strong information security measures,” wrote Parker Lund, the party’s director of communications.

In response to questions from Global News, Conservative Party Executive Director Wayne Benson said the party was not aware of any briefings about the issue from law enforcement.

Sponsored content