The Communications Security Establishment of Canada (CSEC), the Canadian version of the NSA tasked with spying on foreigners, has been revealed by Snowden to be busy spying on Canadians too. But what has CSEC been doing?

A redacted version of the PowerPoint presentation that CSEC delivered can be found here. It's difficult to tell what CSEC is doing because the PowerPoint is at a fairly level. This blog post has my initial speculations.

The main technique they seem to be describing is gathering IP records ("metadata"), obtaining the geographic information for the access points (like this tool illustrates) and the time then using this information to identify people. The key to this technique is that there's some other piece of information (e.g. phone calls) to correlate against and then try to match up the likely Internet user that goes with the caller.

CSEC's technique is interesting but I suspect it doesn't work very well in the real world. Their example of a kidnapper making a series of ransom calls from a certain location seems pretty contrived and if this technique ever became popular it would be easy to evade. The criminals on the Wire were far more sophisticated than CSEC's hypothetical ransom caller.