An excellent report

have to say I am incredibly impressed with the report done by Cabinet Secretary Rebecca Kitteridge into the GCSB.

All too often reports of this nature can avoid being too specific and just talk in generalities about the need for more work in this area or that area.

Kitteridge has outlined in detail the long-standing problems at GCSB, including organisational and cultural – plus of course the lack of legal rigour in some of their work.

She's also provided 80 specific recommendations that are basically a reorganisation blueprint.

It really is worth taking the time to read the full report.

The issue that much focus has been on is that the GCSB may have been in breach of the GCSB Act when it assisted the SIS with intercepting communications of NZers. The practice was

Firstly, it was long-standing practice – going back to before the enactment of the GCSB Act in 2003 – for GCSB to provide assistance (i.e. its specialist capabilities) to the NZSIS on the basis of NZSIS warrants. The clear understanding within GCSB was that in such cases section 14 did not apply because GCSB was acting as the agent of the requesting agency and was therefore operating under the legal authority of the warrants. If the NZSIS, with the authority of an intelligence warrant, requested GCSB to provide assistance in cases involving New Zealand citizens or permanent residents, GCSB provided that assistance.

This has been the case for probably several decades. The issue is the GCSB Act passed in 2003 may have made such assistance illegal. It is basically a matter of whether they are operating under the GCSB Act when assisting the SIS.

The consequence of these developments is that the lawfulness of some of GCSB's past assistance to domestic agencies is now called into question. In relation to NZSIS, the relevant period is between 1 April 2003, when the GCSB Act came into force, and 26 September 2012, when such assistance ceased. During that period GCSB provided 55 instances of assistance to NZSIS, which potentially involved 85 New Zealand citizens or permanent residents

Now it is important to note that the SIS were legally entitled to intercept their communications. The Commissioner of Security Warrants (a former High Court Judge) and the PM must both authorise such a warrant, based on genuine security concerns.

The issue is whether the GCSB were legally able able to assist the SIS with their interception, and if not, should they be able to?

I would suggest that there is little common sense in saying the GCSB should not be allowed to assist the SIS. If you do that, you probably require the SIS to duplicate the quite costly infrastructure of the GCSB for what is just half a dozen cases a year.

But such assistance must be beyond legal doubt. Hence why a law change is going to happen. I don't think there was any intention that the 2003 Act would prevent the GCSB from assisting the SIS. The last thing you want is silos in the intelligence community – that was a key lesson the US learnt post 9/11.

The PM has said that none of the 88 people *may* have had the GCSB illegally intercept their communications were arrested on the basis of the info obtained. If they had been, I'd expect court action.

Some are saying that the 88 people should get an apology and/or compensation. I'd need a lot of convincing that that is a good idea. Here's why.

  1. Their communications were legally able to be intercepted due to security concerns – just by the SIS, rather than the GCSB. It is not a case of the interception being unjustified – just that the wrong agency may have done it.
  2. If the 88 people were told that they had been under surveillance, it could endanger many ongoing security operations. Some of them may have links to terrorism even. Remember these were all people who had a legal interception warrant approved by the Commissioner of Security Warrants.
  3. Was there any significant harm done to them as individuals that the wrong agency did the interception? There is certainly harm to NZ as a whole that the GCSB may have broken the law, but I don't see great harm to any individual involved.

The above in no way reduces the unacceptability of the GCSB not ensuring they were acting in a beyond doubt legally complaint manner. Kitteridge explains some of the background:

For a number of years there has been only one source of legal advice at GCSB, which was the DDME, a second tier manager. …

As at the time this review commenced, in addition to legal advice, the DDME had responsibility for governance and performance, strategy and , risk management, the Liaison Officers, the Compliance Advisor, strategic relationships, the Chief Financial Officer, knowledge services, the registry, the Chief Information Officer, technology infrastructure, security (physical, personnel, and IT) and mission capability (IT) development. Until fairly recently he also had responsibility for HR, finance and logistics, procurement and property services.

Doesn't leave much!

The DDME had too many hats. His multiple roles meant that there was insufficient internal debate and challenge. He was solely responsible for policy and legislative development, providing drafting instructions, interpreting the resulting law and overseeing its implementation and operation. These were conflicting roles. It is essential in an organisation that exercises intrusive powers of the state that there be robust challenge and the ability for contesting views to be expressed and explored. As the chief architect of the legislation he spoke confidently and authoritatively about the legislation and staff were not in a position to challenge that. …

The DDME's seniority, as a Deputy Director, contributed to reluctance on the part of staff to question his judgement. Staff were unanimous in stating to me that the DDME's view was seen as completely authoritative.

Useful to also pick up a conclusion, especially as some MPs say we don't need a GCSB.

My belief in the importance of the work carried out by the men and women at GCSB has only increased as this review has proceeded. The world is becoming more complex, and physical borders are less relevant. The nature of the threats to security is shifting so rapidly that keeping up with them is a challenge – let alone getting ahead.

 

Comments (17)

Login to comment or vote

Add a Comment