RCMP have been using spyware for at least 10 years, but Pegasus hasn't

RCMP has been using spyware for at least 10 years, but Pegasus has not

The Privacy Commissioner of Canada wants impact assessments to be mandatory when the Privacy Act is modernized.

The Royal Canadian Mounted Police (RCMP) has been using spyware for at least 10 years, but Pegasus has not.

The RCMP can confirm that it has never purchased or used Pegasus software or any other NSO product, Commissioner Brenda Lucki wrote in a letter dated Friday and made public Monday by the Standing Committee on the Access to Information, Privacy and Ethics of the House of Commons.

In response to a committee motion, the commissioner says similar technology, which the police force describes as in-vehicle investigative tools, has been used in 32 investigations since 2017 and targeted 49 devices.

Their use is always targeted, limited in time, and never used to carry out unjustified or mass surveillance, she insists.

These are investigations into terrorism, major drug trafficking, murders and breach of trust, one of which involved the activities of a police officer, Sgt. Dave Cobey of the RCMP during an appearance before this same committee on Monday afternoon.

In response to questions from Bloc Québécois MP René Villemure, he confirmed that the RCMP is able to install spyware on a cell phone without the knowledge of its user, to pick up or listen communication on the device, to capture or view with the cameras, to consult photos and text messages.

The use of this type of technology dates back to before 2012, said Assistant Commissioner Mark Flynn, at his side.

As encryption began to be used by targets we had judicial authorization to intercept and were unable to hear audio, hear phone calls, or see messages they were sending, that's when we developed the tool and technique to intercept those communications,” he said.

Pegasus spyware can be installed on a device remotely without the targeted person having to click on a link or download any software. It allows you to collect a lot of data, including contacts and messages, in addition to activating the camera or the microphone.

The company that makes Pegasus has been in trouble since it was revealed that its software has been used to spy on human rights activists, among other things , journalists and politicians in many countries.

In November 2021, the United States added its manufacturer to its list of prohibited entities. And Canada may well do the same, with Public Safety Minister Marco Mendicino responding during his appearance earlier this afternoon that yes, he would be willing to ban Pegasus in Canada.

The committee's summer meeting was organized after the RCMP acknowledged the use of means to secretly obtain data from a cell phone or a computer.

< p class="e-p">In response to a written question tabled in the Commons last June, the RCMP defended itself by saying that it had obtained warrants to use these tools to obtain text messages and emails or to remotely turn on cameras and microphones.

Mr. Mendicino argued that clearances are granted by a superior court judge after careful consideration and that authorities must demonstrate that they cannot otherwise obtain the information.

It's not an easy thing to get, he said. There are many steps to follow. You need a request that is submitted to a judge of the Superior Court. This judge must examine the facts in very meticulous detail that will offer evidence or information about a very specific offense that is being violated.

Furthermore, the technique can only be used in a limited number of very serious offenses listed in Part 6 of the Criminal Code.

Philippe Dufresne, who testified earlier in the day, called on elected officials to make it mandatory to prepare privacy impact assessments when the Privacy Act is modernized.


“To generate trust, it would be better, far better than life impact assessment privacy is done upstream, that my office is consulted and that it can somehow be communicated to Canadians. »

— Philippe Dufresne, Privacy Commissioner of Canada

At this time, the Privacy Act does not compel the RCMP or any government institution to carry out for Privacy Impact Assessment Commissioner, Dufresne noted. However, Treasury Board makes them mandatory by policy.

The Office of the Privacy Commissioner of Canada was not informed or consulted about the software before or since its implementation, Dufresne said Monday. In fact, his office learned of its use in late June when the media broke the news.

RCMP says it has begun preparing an assessment impact in 2021, but the commissioner indicates that he has still not seen the color of it.

We see situations like this where this is done very late, after some time of using the tool. So we're not in a position where we can investigate or prevent. We are in reactive mode, lamented Mr. Dufresne.

The committee has scheduled meetings for Monday and Tuesday. Among the witnesses who will appear before the committee are the current and former Privacy Commissioners of Canada and RCMP officers who oversaw the use of this spyware.< /p>

Leave a Reply

Your email address will not be published.

Previous post Arrest of a Senegalese diplomat: she owed more than $45,000 to her landlord
Next post Taiwan conducts artillery exercises in case of Chinese invasion