NEB seeks contractor to monitor 'vast amounts' of online chatter for potential security threats
Robson Fletcher | CBC News | Posted: June 21, 2018 6:48 PM | Last Updated: June 21, 2018
Pipeline regulator aims to 'proactively ... protect its personnel, critical assets, information and services'
The federal regulator responsible for pipelines is seeking an outside company to monitor online chatter en masse and aggregate the data in an effort to detect security risks ahead of time.
The National Energy Board has issued a request for information (RFI) from companies qualified to provide "real-time capability to algorithmically process vast amounts of traditional media, open source and public social media data."
It is asking applicants to provide a "short demo session" of their security threat monitoring services in early July.
"This RFI is part of our processes to ensure we are getting the services we require to proactively manage security threats, risks and incidents to help protect its personnel, critical assets, information and services," NEB communications officer Karen Ryhorchuk said in an email.
"It is not specific to any project, application or issue."
'Why all of a sudden?'
But with the NEB's recent involvement in several controversial decisions regarding the Trans Mountain pipeline, digital security expert Tom Keenan believes the timing of the request may be related to anticipated security concerns in the near future.
"You'd have to be living under a rock not to know that pipelines are controversial, that there have been threats to construction of pipelines," he said. "And that may have accelerated the timing."
The RFI says the threat monitoring services are required under a broader federal directive on security management, but that directive was issued in 2009 and was supposed to have been implemented by 2012.
"The directive that they cite is Government of Canada policy, but it has been around for a while," Keenan said. "So, why all of a sudden? Probably because somebody figured that there's going to be a potential problem, so let's head it off."
Ryhorchuk said the NEB "does contract security services regularly" but won't publicly discuss the details of its security measures.
The request for monitoring service does get into specifics, however.
It says the NEB requires a contractor that cannot just gather large volumes of data but also analyze the information and provide "plain language" briefings.
The briefings are to include "relevant socio and geo-political context" and "considerations of trends and likelihood of similar incidents and activities."
Privacy laws
The request says the information must relate to four sectors of interest — energy, the environment, government and infrastructure — and the data must be available "24/7 via desktop and mobile application."
"Provider must have thorough understanding of Canadian geography, levels of government, jurisdictions, and regional political differences," the request for information says.
The service would only gather "open source information whenever permissible under privacy laws," according to the request.
Keenan said there's nothing preventing the government regulator from gathering tweets, Facebook posts, comments on news stories and other types of information that are publicly available online but he would like to see the NEB set out a clear policy on how it will store, retain and share the information.
- MORE ALBERTA NEWS | Calgary judge awards Dow Chemical $1.06B US in dispute with Nova Chemicals
- MORE ALBERTA NEWS | Albertans turn increasingly to self-employment in recession's wake
- Read more articles by CBC Calgary, like us on Facebook for updates and subscribe to our CBC Calgary newsletter for the day's news at a glance.