The latest disclosure by former American spy contractor Edward Snowden, published this week by the Guardian newspaper, suggests Ottawa-based Communications Security Establishment Canada helped its British and U.S. counterparts with the project.
One goal, according to the Guardian, was to take advantage of "leaky" smartphone applications, such as "Angry Birds" — a game in which feathered creatures attack tiny pigs — that transmit users' private information into cyberspace.
The data from iPhone and Android apps include everything from phone model and screen size to personal details such as age, gender and even sexual orientation, the newspaper reported.
Accompanying the article was a leaked 2010 presentation slide prepared by Britain's Government Communications Headquarters, known as GCHQ, saying targeted exploitation of Android-type phones was carried out in "collaboration with CSEC."
The Guardian also noted GCHQ's "targeted tools" against individual smartphones — in keeping with the playful theme — were named after characters in the TV series "The Smurfs." For instance, an ability to make the phone's microphone 'hot' — to listen in to conversations — was dubbed "Nosey Smurf" and a means of surreptitiously activating a phone that is apparently turned off was branded "Dreamy Smurf."
Lauri Sullivan, a CSEC spokeswoman, was tight-lipped about the allegation of smartphone tapping.
"As you might expect, CSE cannot comment on its operations, methods or capabilities, nor those of its allies."
The Guardian article quoted a spokeswoman for the National Security Agency, CSEC's American ally, as saying phone interception techniques are used only against "valid foreign intelligence targets" — not everyday mobile customers.
CSEC monitors the foreign computer, satellite, radio and telephone traffic of people, states, organizations and terrorist groups for information of intelligence interest to Canada.
Its role has come under intense scrutiny due to leaks by Snowden, who once worked for the NSA.
Material disclosed by the whistleblower last year indicated that Canada helped the United States and Britain spy on participants at the London G20 summit in 2009. Other documents from Snowden's cache suggested CSEC once monitored Brazil's department of mines and energy.
The latest revelation came as the federal privacy watchdog released a report calling on CSEC to tell Canadians more about what it's doing.
The eavesdropping agency — which employs about 2,000 people and has a budget of more than $400 million — should table an annual public report in Parliament describing its ongoing activities, said interim privacy commissioner Chantal Bernier.
Bernier also recommended Tuesday that CSEC disclose annual statistics on cases in which it assists other federal agencies with requests for interception, which can include monitoring of Canadians.
The recommendations are among several intended to bolster protection of privacy rights in national security efforts.
"In our view, the current Canadian system of intelligence oversight would operate better if fine-tuned to new operational realities," says Bernier's special report.
The traditional divide between foreign and domestic threats has eroded in the digital era, it says.
Moreover, telecommunications companies have been drawn into the web of intelligence-gathering on behalf of Canadian spy services, the report notes, creating a need for proper privacy protection.
"While secrecy may be an inherent aspect of many intelligence activities, so is accountability," the report says.
"National security claims do not reduce accountability obligations and security bodies must account to Canadians for what they do with personal information."
Sullivan said the federal government will review the privacy commissioner's recommendations. "CSE is taking steps to better inform Canadians about our activities, including publishing new fact sheets on our website," she added.
The commissioner's report also calls for:
— Strengthening the powers of the federal bodies that review national security operations;
— Modernization of the Privacy Act — passed three decades ago — to allow the privacy commissioner to co-operate with other oversight bodies on national security issues;
— A public status report on the recommendations of the Air India bombing inquiry as well as those of the policy review stemming from the overseas torture of Maher Arar.
Also on HuffPost