Do you know where your information goes? Risks of being under surveillance without permission ...

From theOttawaCitizen.com

Do you know where your data have been?

 BY MARITA MOLL, OTTAWA CITIZEN SEPTEMBER 26, 2013

 Op-Ed: Do you know where your data have been? 

Deputy Director of the National Security Agency (NSA) John Inglis (R) testifies before the House Judiciary Committee on Capitol Hill in Washington, DC, July 17, 2013, during a full committee hearing and oversight of the use of Foreign Intelligence Surveillance Act (FISA) by the administration of US President Barack Obama. AFP PHOTO/JIM WATSONJIM WATSON/AFP/Getty Images

Photograph by: JIM WATSON , AFP/Getty Images

So you go home, turn to your computer loaded with anti-virus, anti-spying and anti-malware programs, to talk to your brother in Boston via the secured Internet connection in your house. Bingo! Everything you just did is now part of the U.S. National Security Agency's massive database and all that data can be mined with the same easy steps you used to find the online recipe for last night's eggplant parmigiana.

But what if you were just sending some messages to your friends in other parts of Canada or even in your own province? Surely that's not a problem - unless it is.

Most of us know that Air Canada sometimes flies through U.S. airspace to move passengers from one Canadian location to another. By the same token, you should be concerned about where your data has been en route to its destination. According to researchers with the University of Toronto IXmaps project, which has been studying Internet routing practices, one in four messages travel through U.S. data space on their way to and fro across the country. They call it "boomerang routing."

Keeping communications and transport traffic in Canada is an old battle. In The National Dream, Pierre Berton described the planning of the Canadian Pacific Railway, complete with the highly imaginative, sometimes illegal and often scandalous activities of politicians, scoundrels, fortune-seekers and middlemen attempting to influence the railway's route. But Sir John A. Macdonald's determination to keep that route entirely in Canada eventually prevailed. The routing of Internet traffic has, so far, escaped such scrutiny. But, thanks to the Snowden revelations of NSA dragnet style data capture, Canadians are starting to realize that this also requires our attention and for the same reasons - national sovereignty and security.

According to information on the IXmaps.ca site, Canadian Internet traffic is often routed through the U.S. "due to current technical, economic and policy choices made principally by private corporations." So, depending on the carrier, a message originating in Toronto can go to New York and then to Montreal on its way to Health Canada in Ottawa. Another message, originating in Abbotsford B.C., will end up at Lakehead University only after passing through San Jose, San Francisco, Kansas City and Chicago. In this transparent transaction space, is easy to forget that Internet traffic, just like highway traffic, falls under U.S. law when it passes through U.S. territory. That leads us to the problem of surveillance - problematic enough when conducted your own government, let alone a foreign, albeit allied, power.

One project underway to redress this situation involves expanding the number of Internet Exchange Points (IXPs) in Canada. These switching stations, usually shared among a consortia of providers, act like large data intersections. Canada currently has four such stations: in Ottawa, Toronto, Vancouver and, just recently, Montreal. This is three to 30 times fewer than other similarly developed nations, according to an independent research report on Canadian Internet traffic exchange commissioned by the Canadian Internet Registration Authority (CIRA).

In contrast, there are 85 IXPs in the U.S., 11 in Australia and five in New Zealand. Canada, says the report, is in the "laggard" category with respect to the provision of domestic IXPs. The report also notes that more domestic routing would increase efficiency and help reduce prices, an item high on the wish list of Canadians. CIRA, the organization that manages the .ca domain names on behalf of Canadians, is currently facilitating the development of more exchanges, particularly in Manitoba and Alberta.

But the existence of more exchange points, while essential, will not change the practices of service providers who do not always cooperate in such projects. Despite the recent full page newspaper ads by large Canadian providers posing as nationalists fighting a possible invasion by U.S. telecom giant Verizon, it is not unusual for them to send Canadian traffic south of the border even if its final destination is actually across the street. Bell Canada, says the CIRA report, does not participate in current Canadian IXP sites, "preferring to force its Canadian counterparts to meet it in Seattle, New York, or San Jose." It will clearly take pressure on providers to change some current routing practices. Canadian routing for domestic traffic is a small, but important part of a national digital strategy - something this government has been promising for years and seems no closer to delivering.

The Internet is a part of the infrastructure of modern life. In its design, it needs to respect the rights of citizens including the right not to be spied upon by foreign countries while engaging in communications inside our borders. Sir John A. Macdonald must be looking on in dismay.

Marita Moll is the co-editor of The Internet Tree; The State of Telecom Policy in Canada 3.0 (2011) and Connecting Canadians; Investigations in Community Infomatics (2012). She is an active member of CIRA and has a website on telecom issues at maritamoll.ca.