February 25th, 2014 at 9:00 am by David Farrar

Stuff reports:

But for two agencies that prefer not to spill their secrets, the SIS and GCSB have racked up a hefty bill for communications advice.

A hefty bill? How many millions have they spent?

In the 2012/13 year a contractor was paid $10,155 for three months’ work.

$10,155 for three months? That must be the most lowly paid contractor in the history of contracting.

The SIS also spent over $8000 printing three brochures since 2009, including ”A Guide to Weapons of Mass Destruction.”

Around $2,700 per pamphlet. $8,000 over five years. Frugal, not hefty, is the word that comes to mind.

Tags: ,

Bad spies

February 21st, 2014 at 12:55 pm by David Farrar

Stuff reports:

Spy boss Ian Fletcher has apologised to Prime Minister John Key for his agency bungling its report to Parliament on the level of its surveillance.

The Government Communications Security Bureau (GCSB) was forced to release an amendment to its annual report, which saw an increase in the number of interception warrants and access authorisations for the 2012-13 financial year.

A total of 11 interception warrants were in force for that year, up on the original amount which was reported at seven. Five interception warrants were issued, corrected from four.

A total of 26 access authorisations were also in force, compared to the originally-thought 14, and 11 were issued rather than nine.

A spokeswoman for Key said the prime minister was “unhappy” about the error and had received an apology from Fletcher, the GCSB director.

“The prime minister has been advised that the error stems from GCSB mistakenly counting the number of operations rather than the number of warrants on issue.,” the spokeswoman said.

“There was no attempt to deliberately mislead,. Further, he has been advised by the director that steps have been taken to ensure the error cannot happen again.”

It isn’t a huge error in itself. 11 issued instead of nine doesn’t change what we fundamentally know that the level is very low.

However the concern is that the GCSB doesn’t have a rigorous enough focus on checking and verification. Their annual report to Parliament is an important document and what goes into it should be vetted by multiple people. One person misinterpreting what should be reported, should be caught by someone else.

It isn’t good enough. These agencies especially need a very high level of confidence in their ability to understand the law.

What I’m not clear about is whether this error is long-standing or just occurred last year.


Where Key got his info from

February 13th, 2014 at 7:06 pm by David Farrar

I’m enjoying the belief some have expressed that because John Key repeats something (that Winston had visited the Dotcom mansion three times) five days after the Herald printed it, that he must have found this out via the GCSB.

That is completely and totally rubbish.

He got told by Barack Obama over golf, and Obama found out from the NSA satellite permanently focused on following Kim Dotcom about.

That is far far more likely that the possibility that the Prime Minister actually reads the NZ Herald!

Tags: , , ,

Did Clark authorise mass spying on NZers for the US?

December 3rd, 2013 at 6:03 am by David Farrar

NewstalkZB reports:

The Prime Minister is playing down suggestions the public may have been targeted for data collection by domestic spy agencies.

Fresh revelations by former NSA contractor Edward Snowden have shown the Australian Defence Signals Directorate offered in 2008 to share data collected on Australian citizens with its intelligence partners

John Key called GCSB boss Ian Fletcher today to seek assurances that New Zealand had not done the same.

“I wasn’t Prime Minister (at the time), but I rang the head of the agency and said ‘can you confirm for me that New Zealand didn’t collect wholesale metadata about our ordinary New Zealanders.’

“The answer was ‘we didn’t, and because we didn’t we couldn’t have shared it.’”

The Australian offer was made in 2008, when Helen Clark was Prime Minister. So maybe someone should ask Helen Clark on the record if she ever authorised the collection of metadata from NZers, and the sharing of it with other countries.

Maybe the NZ Labour Party can confirm that when they were in Government, this did not happen on their watch.


Changes to TICS Bill

October 15th, 2013 at 10:00 am by David Farrar

Amy Adams has announced:

Communications and Information Technology Minister Amy Adams has today tabled a Supplementary Order Paper to make further improvements to the  Telecommunications (Interception Capability and Security) Bill. …

Clause 39 of the proposed Bill currently allows the responsible Minister to direct that a network operator must not resell an overseas telecommunications service in New Zealand where the interception capability, or lack of interception capability, raises a significant risk to law enforcement or national security.

It is proposed to remove Clause 39 from the Bill altogether, and, instead, matters of non-compliance could be addressed through the compliance framework.

Part 3 of the Bill deals with the partnership approach between the GCSB and network operators to protect network security.

To ensure that this interaction occurs in a timely manner, it is proposed to introduce the ability for the Minister responsible for the GCSB to make regulations that require decisions to be made under specific timeframes, in the event that decisions are not being made in a sufficiently timely way.

It is also proposed to narrow the scope of the matters that must be notified to the GCSB, reducing compliance costs for network operators.

As a last resort, where network operators and the GCSB are unable to agree on how to respond to a network security risk, Clause 54 of the Bill currently provides that the responsible Minister may issue a direction.

Before the GCSB can ask the Minister to make a direction, a further check and balance will be introduced.  The Commissioner of Security Warrants will now be required to carry out an independent review of the material that informed the GCSB’s risk assessment, and report on whether, in their opinion, the risk amounts to a significant risk to national security.

These looks like very welcome changes. The requirement for the Commissioner of Security Warrants (currently former Court of Appeal Judge Sir Bruce Robertson) to do an independent review in the very very unlikely event of the Government believing that what a network operator is planning could threaten national security, is sound.

“Although public input has resulted in significant improvements to the Bill, some of the submissions received did not reflect an accurate understanding of what the Bill does and does not do,” Ms Adams says.

“In particular, I would like to reassure people that this Bill does not change the authority of agencies to intercept telecommunications, it does not change existing privacy protections, and it does not require data to be stored or require stored data to be disclosed. The Bill only relates to real time interception.

This is a key point that many have missed – it is about real-time interception. The major users of this ability are the Police for ongoing criminal investigations.

There’s also a comparison table between the current law (TIC Act) and this proposed law (TICS Bill). I think they show that in some areas the law change actually reduces compliance costs on ISPs. There is no expansion of powers in terms of surveillance. There is an expansion in terms of the GCSB’s role in syber-security where they can (ultimately) ask for a Government order if they believe a proposed action would be a threat to national security.

Ironically that proposed power has its genesis in the opposition scaremongering over Huawei winning some contracts in New Zealand. They kept demanding the Government do something on the basis the Australian Government had excluded them from the NBN build there. The Government doesn’t believe there are any national security issues around Huawei, but it was the scaremongering that highlighted that even if there were, they actually had no power to exclude a company that did have national security issues. So a bit rich for opposition MPs to complain about a clause that their scaremongering created.

There’s still some elements of the bill which I’m not enthusiastic on. I don’t think ISPs (or network operators) should have to register with the GCSB as it sets a bad precedent. As far as I know there’s never been an issue with locating an ISP, and its directors. I’d prefer that clause to be removed. As I said, a precedent of an ISP needing to register with the Government is not healthy – even if well intentioned.

But the SOP by Amy Adams is a significant improvement to the bill, especially having the Commissioner of Security Warrants do an independent assessment if there is ever a stand off between the Government and an ISP over a proposed network build decision.

Also a useful read are these two diagrams showing how the interception and network security processes will work.

Tags: , ,

The Privileges Committee inquiry into the leak inqiuriy

August 23rd, 2013 at 1:00 pm by David Farrar

My interpretation of the two days of hearings into the leak inquiry is that it was basically a SNAFU. By that I mean there was no malicious intent by everyone – just that many parties involved made incorrect assumptions, and/or didn’t check.

I think the first error was not an appreciation that this inquiry was a bit different to other leak inquiries as the major focus was on whether a Minister leaked it, not a government employee (like in the MFAT leak). When you are dealing with employees a leak inquiry is on far more solid ground – the employers have total authorised access to all work data around their employees – their swipe card records, their e-mails, their photocopier logs and the like. But Ministers and MPs are different, as are journalists when it involves their use of parliamentary resources.

So some criticism to DPMC for not seeing (but hindsight is wonderful) that this inquiry is different to others, and having more specific terms of reference and powers about what the inquiry should and should not be able to seek.

Some criticism also to David Henry for not setting clear processes around seeking of data with agency chief executives. It seems the approach as along the lines of let’s ask for everything we can think of, and up to them to say no. Again, no appreciation of the senstivity when dealing with MPs that they are not in the same constitutional position as employees.

And also some criticism for Parliamentary Service for not having clear policies on when data can and can not be released, and who should be consulted or approve any release. Also the fact that data was being exchanged it seems at pretty much a junior staff level. PS should have recognised the sensitivity of such requests and made sure no data was handed over unless it was operating on a clearly understood basis of who should be saying yes to what.

So no malice involved anywhere, just a lack of overall co-ordination both within agencies and between them. I hope Privileges Committee will have some useful recommendations on how to avoid a repeat.

Tags: ,

The GCSB law

August 21st, 2013 at 9:00 am by David Farrar

The GCSB law has completed its committee stage, and will pass its third reading today.

Some people would have you believe that this law is a massive change from the current GCSB law passed by Helen Clark. Well, they are partially right. It is significantly different. I’ve detailed below my analysis of some of the major differences between the 2003 Helen Clark law and the 2013 John Key law.

Helen Clark GCSB law 2003 John Key GCSB law 2013
Inspector-General sole independent oversight two person advisory panel to assist the Inspector-General of Intelligence and Security
Inspector-General has no staff resources Inspector-General has a Deputy
Inspector-General role is essentially reactive Inspector-General to proactively annually review GCSB procedures, policies and compliance and do unscheduled audits
Inspector General not informed when a warrant is put on the register relating to a New Zealander Inspector General is informed when a warrant is put on the register relating to a New Zealander
GCSB can’t intercept the communications of a NZ citizen or permanent resident but can assist “any public authority” on any matter relevant to their functions, and unclear if the former prevents the latter GCSB can’t intercept the communications of a NZ citizen or permanent resident but can assist (only the) Police, Defence Force or SIS even if it involves a NZer.
No reporting of assistance given to other agencies GCSB will be required to report annually on the number of instances when it has provided assistance to the Police, SIS or NZ Defence Force
No reporting on number of warrants and authorisations GCSB will also be required to report annually on the number of warrants and authorisations issued
Intelligence and Security Committee has secret hearings to discuss the financial reviews of the performance of the GCSB and the SIS Intelligence and Security Committee will hold public hearings annually to discuss the financial reviews of the performance of the GCSB and the SIS
ISC does not have to publicly report to Parliament ISC to report annually to Parliament on its activities
No regular reviews of GCSB An independent review of the operations and performance the GCSB and the NZSIS and their governing legislation in 2015, and thereafter every 5-7 years
GCSB has a function to protect any information that any public authority or other entity produces, sends, receives, or holds in any medium GCSB function to protect any communications that any public entity processed, stored, or communicated in or through information infrastructures
No specification of limits of GCSB assistance Specifies that GCSB can assist Police, Defence Force and SIS, but only for lawful activities such as where warrants have been granted
IPCA has no jurisdiction Gives the IPCA and the IGIS jurisdiction to review any assistance given to Police and SIS respectively
No references to according to human rights standards Specifies all functions of GCSB must accord with NZ law, and all human rights standards recognised by NZ law.
No references to not undertaking partisan activity Specifies GCSB can’t be involved in any action that helps or harms a political party
No requirement to brief the Leader of the Opposition GCSB Director required to brief Leader of Opposition regularly on major activities of GCSB
Requires GCSB to destroy any records not relating to GCSB objectives or functions Required GCSB to not retain any information on NZers collected incidentally as part of foreign intelligence operations unless relates to serious crime, loss of life or national security threats
No special protection for legally privileged communications Legally privileged communications explicitly exempted from scope of an interception warrant
No requirement to have a policy on personal information retention and use GCSB required to work with Privacy Commission to have a policy on personal information retention and use


No restrictions in GCSB Act on retaining personal information GCSB can only retain personal information for a lawful purpose, and can’t keep longer than required for any lawful purpose

This is not a complete analysis. I was hoping the Government may have such a document themselves, but it seems they don’t. So I put it together last night by comparing the 2003 Act and the latest SOP from the Government. I am sure I have missed out a couple of things, and over-simplified in a couple.

The point is to point out that the 2013 law is including a huge number of protections that the 2003 law is silent or, or missing. Those demanding the law not pass would have you implicitly think the status quo is superior. They are quite wrong, and mischievously so. Recall the current law does not ban the GCSB from assisting the Police and SIS. It has merely been said by lawyers to be unclear, and in fact the Inspector-General has said the assistance has been legal.

I think the Government has bent over backwards to put protections into the law, partly as a result of their coalition partners. Have a read of the existing law, and decide for yourself.

So my question to all the people demanding National MPs cross the floor and vote against the bill, is where were you in 2003? Where were the protests against the 2003 law? Where were the demands Labour MPs in 2003 voted down Helen Clark’s law?

Also I ask how many media stories have focused on an actual side by side analysis of the old and laws, detailing all the changes? Or have they just live-streamed protest meetings?

Now this is not to say I think the law being passed today is perfect. If I was Prime Minister I’d actually make the GCSB responsible for interceptions only, and give their cybersecurity role to another agency such as DIA. It would probably mean some loss of expertise, but it would reassure people that when GCSB are assisting agencies with cybersecurity they are not accessing personal communications. Worth remembering though that it is the 2003 law again which gave the GCSB this role. The 2013 law just clarifies the powers that can be used in that role.

I also think the focus on the GCSB law has been mis-placed. Far more focus should be on the companion TICS bill which I do have greater concerns about – such as requiring approval of network architecture, ISPs having to register with GCSB and the like. My hope is the select committee make some changes to that bill, which is due to be reported back on 20 September.


GCSB Protest Meeting

August 20th, 2013 at 11:00 am by David Farrar

The Herald reports:

Auckland’s Town Hall filled with hundreds of supporters to hear legal experts and Opposition politicians speak out against the GCSB bill tonight.

The Government Communications Security Bill is expected to pass its committee stages and third reading this week with a one-vote majority.

Speakers took to the stage for seven minutes at a time to explain why they believed the Bill was flawed and unnecessary.

“Well this is what democracy looks like”, MC Martyn `Bomber’ Bradbury told a Town Hall at full capacity.

“Tonight we hear the other side of the argument.”

It’s impressive to fill the town hall up. I was in Auckland yesterday and saw posters all around town for it.

I wouldn’t say that people haven’t heard the other side of the argument though. I’d say most people have only heard the “other” (anti) side of the argument. Interesting that TVNZ did a live stream of the meeting. Would they also live stream a protest meeting against say a carbon tax?

Orcon founder Seeby (EDS: correct) Woodhouse said the National Party mistook George Orwell’s dystopian novel 1984 as a guide book.

While New Zealand was rated as the “free-est country in the world” that would change if the GCSB bill passed, he said.

“We must lead the world … we must do it again.”

With respect to Seeby, I doubt our rating will change at all.

The remainder of the committee stage will be debated this afternoon and evening, and I expect the third reading will occur tomorrow.

Also of relevance is:

Prime Minister John Key said last night that Opposition members of the Intelligence and Security Committee would be able to find out how many times the GCSB spy agency had received warrants to intercept the content of communications under its cyber security function.

Mr Key said that under changes to the bill, every year the number of warrants issued in categories would be declared to the Intelligence and Security Committee, which included the leader of the Opposition, David Shearer, and his nominee, Greens co-leader Russel Norman.

“At that committee, somebody would be able to ask the very obvious question – ‘when it comes to cyber security, have any warrants been issued that sought to look at content for New Zealanders?”‘ he said.

What I’d find useful is someone doing a side by side comparison of what would the law be if the bill did not pass, and did pass. People may be surprised by what such a comparison would show.


Key on Campbell Live on GCSB

August 15th, 2013 at 12:00 pm by David Farrar

Campbell Live have been running a week long jihad against the GCSB Bill. I’m actually fine with that. Media are allowed to take stands on issues, and I prefer media to be upfront about their leanings, than pretend they are neutral when they are not. It is no secret that John Campbell’s politics, and the show, lean far to the left of Labour.

As I said that’s fine, just as NBR leans to the right.

But considering Campbell Live is clearly crusading against the bill, it is was quite remarkable that the PM agreed to go on the show. But he did so last night, you can watch the video at this link.

I thought the PM did an excellent job of calmly explaining the bill, to fairly frenzied questions or statements from John Campbell. The PM is much better when he is the “explainer-in-chief” than when he is swiping at people who disagree on the bill.

As for John, I leave the commentary to his biggest fan:

Again, I recommend people take the time to watch the video. Here’s Wallace Chapman on it:

I agree with Wallace that the PM was superb. Cool, calm, collected, factual and reassuring.

If I was in the Labour Party, I’d be getting quite worried about next year’s election debates.

Tags: , ,

The Campbell Live GCSB poll

August 12th, 2013 at 9:00 am by David Farrar

Campbell Live is trying to run what they call the biggest opinion poll in NZ history.

That neutral observer on such issues, is promoting it of course:

However expert pollster Grumpollie points out that the so called poll is meaningless in terms of accuracy:

Here’s a really important point for anyone wanting to judge the accuracy of this poll –big numbers do not provide representative data!

Here’s why…

This poll commits the ultimate sin of survey research – it uses a self-selecting sample.

People choose to take part based on the topic. This means that the poll only represents the New Zealanders who feel strongly enough about the GCSB bill to take part in the poll.

He points out that having a self-selecting sample, rather than a random sample, makes a huge difference. For example all the polls on same sex marriage with random samples showed a majority or plurality in favour. But the Campbell Live text in poll found only 22% in favour and 78% against. A result that has no scientific usefulness. Note that particular poll also had a huge number of responses. What counts is whether the sample is random – now how many people take part.

But the problems are even worse than that for the Campbell Live so called poll. Thomas Lumley at Stats Chat points out that to vote through their website you need to give Campbell Live your name, e-mail address and postal address. He points out:

Wouldn’t you expect that people unhappy with the prospect of increased (legal) surveillance of New Zealanders might be less willing to give all their personal details with their vote?

But you can understand why a Mediaworks show goes with an unscientific poll than a scientific poll. A scientific poll actually costs money to do. But those who use the text option for their bogus polls end up paying money to Mediaworks, so Mediaworks makes money out of the bogus poll.

Tags: , ,


August 7th, 2013 at 10:00 am by David Farrar

Stuff reports:

A group protesting at the Government Communications Security Bureau bill have taken their fight to the Wellington home of United Future MP Peter Dunne, prompting him to call them “irresponsible scum”.

Eight protesters were outside his home in Khandallah yesterday afternoon, calling on him to cross the floor and vote against the bill.

Mr Dunne, who was not home at the time of the protest, said the “hardcore group” were at his house with a loudhailer on Sunday, past 11pm on Monday night, and also yesterday morning at 7am.

MPs have electorate office swhere people can protest. To target someone’s home, and at 11 pm at night, is a very unclassy look. In fact, pretty scummy.

Protester Ariana Paretutanganui-Tamati said they were at Mr Dunne’s home “to give him a taste of what it feels like to have your privacy intruded on”.

I think Peter already has a fair idea!

Ariana Paretutanganui-Tamati is a Mana Party activist. She doesn’t seem to play well with others, as you can read on this blog post. She’s so disruptive the other protesters think John Key has paid her to infiltrate and disrupt them :-)


Tags: , ,

Dunne sums ups Labour’s logic

August 4th, 2013 at 12:00 pm by David Farrar

Stuff reports:

Peter Dunne should withdraw his support for the prime minister’s controversial GCSB Bill in the wake of the widening spy scandal, Labour leader David Shearer says. …

“I find it extraordinary that he would still support the bill given the Government has actually gone behind his back and tried to access his emails.

Actually the Government is on record as saying the e-mails should not be released without Dunne’s permission.

But Dunne is sticking to his guns, yesterday saying the two issues were unrelated and he will vote for the bill.

“Saying that the GCSB Bill should not be passed because of this is like saying that because some people jaywalk, we shouldn’t build more motorways.”

That appears to be exactly the Labour (and Green) view on transport!

Tags: ,

Clark on GCSB

August 4th, 2013 at 4:59 am by David Farrar

Stuff reports:

Former Prime Minister Helen Clark has confirmed the GCSB executed intercept warrants for the SIS during her Government but spying on New Zealanders “wasn’t their remit”.

Clark, speaking in advance of the release of her new book At The UN, about her first four-year term as Administrator of the United Nations Development Programme, said she was always “loyally and diligently” served by the intelligence services.

Clark said the Government Communications and Security Bureau acted within the law “as it was understood to be” and this included executing warrants for the Security Intelligence Service.

“I can assure you that I was always advised that what was being signed was legal.”

Yet Labour and Greens are opposed to the GCSB doing what it did under Helen Clark – assist the dSIS. The problem is the law passed by Clark does not make it clear if the clause saying it will not monitor NZers over-rides the clause saying it can assist other agencies such as the SIS.

She rejected that the Government Security Communications Bureau routinely spied on New Zealanders as that was “not part of their remit”.

And still will not be, despite the hysteria. In fact the bill will provide greater transparency than in the past over what work the GCSB does do.

Her book, At The UN, is a collection of speeches Clark has given in her first four-year term at the UN.

Am sure it will be a best seller. Sadly not yet available on Amazon.

Tags: ,

When is a repeal not a repeal?

July 27th, 2013 at 11:00 am by David Farrar

Stuff reports:

Labour says it will repeal the controversial GCSB law if it wins the next election.

Sounds like a clear policy. If you read that, you would think that means they will return the law to its current state.

A Labour spokesman confirmed this afternoon the party would commission a review of the legislation and implement any changes that came out of that although the new law would remain in place until that process was completed.

So they’ll keep it for a bit, and then are they going to repeal it?

Well read this Herald story:

“We would have an independent review and legislation would come out of the review. The current legislation would need to be repealed, modified or whatever.”

So in fact Labour are not promising any sort of repeal. They are saying we will review the law after the election and maybe make some amendments to it then. They can’t details what actual changes they want.

Tags: ,

GCSB views

July 26th, 2013 at 1:00 pm by David Farrar

The Press editorial:

Contrary to the assertions of opposition parties, the changes Prime Minister John Key has made to the Government Communications Security Bureau bill are not merely cosmetic.

Among other things, the changes will require the GCSB to make an annual report on the number of warrants and access authorisations it gets and pro-actively tell the inspector-general of intelligence, whose post has itself been beefed up, whenever it has acquired a warrant to spy on a New Zealand citizen or resident.

In addition, while rejecting the opposition call for an inquiry now into the GCSB, the bill will require a review of its operations, and those of the Security Intelligence Service, the domestic spy agency, a couple of years from now and thereafter every five to seven years.

The GCSB will also have to make an annual report on the number of times it has been called on to help the police, the SIS and other agencies use its specialised surveillance equipment.

If any expansion is required of the agencies that can call on the assistance of the GCSB, new legislation will be needed rather than, as had been proposed, merely executive action. The Prime Minister has also promised to make it clear that the collection of metadata – information about the time and location of a call rather than its content – will be treated as communication and require a search warrant.

All these changes make substantial modifications to the bill as it was first presented to Parliament. While they have not been enough to persuade opposition parties to support the bill, they are sufficient to satisfy Peter Dunne, formerly a strong critic of the bill, which means it will pass.

I agree that the changes are not inconsequential. I note that Labour seem unable to articulate what actual changes to the bill would make it acceptable to them. I think they just hope this will be finally be the silver bullet that gets them out of the poll doldrums. Bit sadly for them, people are more interested in policies on jobs, hospitals and schools than this.

Pete George points out the recent protest action against the bill was organised by Mana’s Martyn Bradbury and Greens’ Max Coyle. I think it is safe to conclude both fall into the camp of would never ever support something done by this Government. The meeting they organised was interesting though:

Labour MP David Cunliffe sat in the front row last night. His party leader, David Shearer, watched unnoticed from the rear of the hall with Labour’s finance spokesman, David Parker.

However the Herald disagrees with The Press and wants more changes. However they also say the changes are substantial:

The Government Communications Security Bureau and Related Legislation Amendment Bill will be an improved piece of legislation when it is amended by Parliament. The changes go much further than the “cosmetic” tag attached by the Greens. Two stand out. The first dictates that the country’s foreign intelligence agency will be the subject of an independent review in 2015 and an automatic review every five to seven years after that. A five-year review echoes the situation in Australia. It also goes quite some way towards satisfying the call by Labour and the Greens for an independent inquiry into the country’s security services, even if they wanted this to precede the passage of the legislation.

The second important alteration states that if a government wants to expand the domestic agencies which the GCSB will be able to help beyond the police, the Security Intelligence Service and the Defence Force, it will have to get the support of Parliament for another amendment bill, rather than Cabinet simply ticking it off via regulation. That negates the possibility of the likes of Customs, the Immigration Department or Inland Revenue using the GCSB’s sophisticated cybersecurity equipment without a considered debate on the ramifications. 

I think that last change was very important.

According to the Prime Minister, the bill represents “a balancing act between national security and doing our best to keep New Zealanders safe, and the privacy of New Zealanders”. Considerable reservations voiced earlier this month by the Privacy Commissioner, the Human Rights Commissioner and the Law Society confirmed the first draft fell far short of this objective. The changes in the bill as reported back yesterday and those achieved by Mr Dunne improve that situation somewhat. It is a real shame, however, that they do not go further. The public deserves stronger reassurance.

In another story the Herald notes a further change:

The activities that the GCSB undertake in assisting the police will be subject to review by the Independent Police Complaints Authority under changes to the GCSB bill, which was reported back to Parliament this afternoon by the Intelligence and Security Committee.

It is one of the few changes to the bill in the committee’s report that has not been previously announced.

A further useful addition.

Tags: , , ,

GCSB Changes

July 23rd, 2013 at 7:00 am by David Farrar

John Key has announced the following changes to the GCSB Bill after negotiations with John Banks and Peter Dunne:

  • A set of guiding principles will be added, in line with requests from Mr Banks and Mr Dunne.
  • The Inspector General will be supported by a two-person advisory panel.
  • The removal of the proposed Order in Council mechanism which would have allowed other agencies to be added to the list of agencies able to request assistance from the GCSB. Any additions beyond the Police, NZSIS and NZ Defence Force will now be required to be made by a specific amendment to the legislation.
  • To ensure effective oversight in the issuing of a warrant, the Bill will be amended so the Inspector General is informed when a warrant is put on the register relating to a New Zealander.
  • The GCSB will be required to report annually on the total number of instances where it has provided assistance to the Police, NZSIS or NZ Defence Force.
  • The GCSB will also be required to report annually on the number of warrants and authorisations issued.
  • The Intelligence and Security Committee will hold public hearings annually to discuss the financial reviews of the performance of the GCSB and the NZSIS.
  • There will be an independent review of the operations and performance of the GCSB and NZSIS and their governing legislation in 2015, and thereafter every 5-7 years.
  • Mr Dunne will have a role in the Government’s upcoming work to address the Law Commission’s 2010 report Invasion of Privacy: Penalties and Remedies. This work will include a review of the definition of ‘private communication’, which was highlighted as an issue by submitters on the GCSB legislation.

These are good changes. I had talked on TV about one area of concern being the proposed ability for the Govt to add other agencies onto the list of agencies the GCSB can assist with interceptions. Having Parliament, not the Government, make any changes is desirable.

Despite these significant changes, Labour appears to still be voting with the Greens against the bill. Ironic as it was a Labour Government that caused this problem with their 2003 law change.

Dunne and Banks have shown how you can have a constructive role in improving legislation.

Also the Herald reports:

Mr Key said today that he did not believe that the GCSB had engaged in the mass collection of metadata and he confirmed that it should be treated the same as communication and any collection of it would require a warrant. He planned to make a clear statement about it in the bill’s second reading.

Also welcome.


Tags: , , ,

Young on Key and GCSB

July 20th, 2013 at 9:00 am by David Farrar

Audrey Young writes:

 Labour made the GCSB story about John Key, not Kim Dotcom, or the agency itself. And with a few victories against him, such as fingering him for shoulder-tapping an old school mate for the GCSB directorship, it could not bring itself to support Key’s bill.

Key has not been given credit for much in the process. But he clearly had concerns about the GCSB before the unlawful spying on Dotcom.

It had been run by a tight club within the defence and intelligence community and established some disturbing work habits, as the Kitteridge report exposed.

The notion that everything was hunky dory back in the days of former Chief of Defence Force Sir Bruce Ferguson is myth. Most of the legally dubious spying on New Zealanders went on under his, and Labour’s, watch.

Of the 88 cases, only four were warranted, according to the agency itself.

Ian Fletcher’s appointment should, at the very least, be seen as an attempt to break the stranglehold of the old boys’ defence network on the agency and letting some civilian light into it.

Rebecca Kitteridge’s appointment said a lot too. As Cabinet secretary she is not the minute-taker but the guardian of proper process, ensuring that things are done by the rules and the law.

It is clear from her report that the GCSB was not following the law on the issue of collecting metadata on New Zealanders and the Inspector-General of Intelligence and Security thought it was.

Key is cleaning up a mess entirely uncreated by him. The only area of real criticism is not being more forthright over his ringing Ian Fletcher to let him know about the job. Labour created the mess with their 2003 law change and seem to be refusing to play a constructive role in fixing it. In fact they have said a public inquiry should review if we even stay in the Five Eyes network with Australia, Canada, UK and US – possibly the stupidest of all their policies.

There are three things he could do in the coming week that would make the bill more acceptable than it is now, to the public and other parties.

First, he could write two reviews into the bill, one to begin in 18 months, straight after the next election, and one every five years after that, as the Australians do.

It’s effectively what Labour is promising.

Several weeks ago Key said he would promise a review only if it would get Labour on board.

He should do it to get the public on board, whether or not Labour agrees.

Secondly, he should go back to the Kitteridge report for a lead on how to beef up oversight. The report cited this quote from the 1999 Inspector-General as evidence of how woeful oversight had been: “The fact that there are very few complaints and little need for any inquiry … of the GCSB indicates … that the performance of their activities does not impinge adversely on New Zealand citizens”. …

Thirdly Key, as Prime Minister and the minister responsible for the GCSB, needs to make a clear statement on metadata (information about communications).

Specifically, he needs to say what the GCSB has done in the past and what constraints it will operate under in the future. He should admit that the agency has previously, on many occasions, collected metadata on New Zealanders unlawfully – believing it was doing so lawfully.

He should reassure New Zealanders, if he can do so truthfully, that there has been no mass collection of metadata passed on to intelligence partners overseas and there won’t be in the future.

He should assure the public that any collection of metadata of New Zealanders in the future, like other communications, will have to be by warrant.

The first two seem sensible. The third could be more challenging. People use the term metadata in different ways.

Tags: , ,

GCSB details

July 11th, 2013 at 9:00 am by David Farrar

I’ve been at NetHui for the last three days, enjoying many discussion ranging from online harmful communications to the future of video on demand. One of the highlights was a panel on state surveillance and it included the former GCSB Director, Sir Bruce Ferguson. Sir Bruce gave more details about how the GCSB had operated than I had previously heard in public.

Tracy Watkins reports:

Sir Bruce Ferguson, former boss of the secretive Government Communications Security Bureau, said he was told years ago the best way to find out what was going on in Wellington was to join the Koru Club, then spend a couple of hours there on a Thursday or Friday night.

Heh, so true.

In a surprisingly candid speech to the internet forum NetHui in Wellington yesterday, Sir Bruce also lifted the lid on how the GCSB believed it could get away with spying on New Zealanders for so many years, despite legislation specifically banning it from doing so.

He confirmed that about 50 of the 88 cases identified in an inquiry earlier this year as potentially breaking the law against spying on New Zealanders had happened under his watch.

“I received a warrant signed and duly checked by the inspector of warrants and the head of either the police or Security Intelligence Service and the boss [the prime minister]. It comes to me and it asks specifically for help from the GCSB to spy on a specific target . . . they have to convince me in that warrant the reason why they’re doing that and that means they have to show they have reason to believe that person is acting against the security of the state.

“They then have to ask by name for the people in GCSB who may be able to help them – the specific specialist by name. I then sign a warrant or agreement in that warrant to second those individuals. I second them to the asking authority, be it the SIS or the police. So I’ve now seconded them, as far as I was aware, to that organisation.

“They go across there, they do what is required by the SIS or the police and they finally finish the task and come back. At no stage . . . was I ever aware or made aware of the outcome. That wasn’t my business.”

I regard this as a pretty significant revelation, for two reasons. The first is that most of the cases we have heard about do not seem to involve the GCSB itself intercepting communications. It involves a GCSB employee effectively being seconded to another agency to assist them.

The second interesting thing is that the GCSB doesn’t retain any data from those cases. The staffer helps the other agency do their job, but doesn’t report back – so hence there are no GCSB files with data from NZers. They remain with the SIS or Police.

Tags: ,

PM v Dotcom

July 4th, 2013 at 1:00 pm by David Farrar

Like many I watched the ISC hearings over the TV live-streams. Dotcom really made a speech more than a submission. New Zealand must be the only country in the world where a convicted criminal who is the subject of an extradition warrant to the US gets to debate security issues with the country’s Prime Minister for 25 minutes.

At least it was a step up from yesterday when the PM had to endure Penny Bright demanding that he hand over details of all his bank accounts to her!

The Herald reports:

Prime Minister John Key last night described former Megaupload tycoon Kim Dotcom as a “conspiracy theorist” after the internet mogul again claimed that the Prime Minister knew about him before his Coatesville mansion was raided in January 2012.

Mr Dotcom called the GCSB bill that Mr Key is promoting “morally indefensible” and said that, in reality, NZ’s foreign spy agency was a subsidiary of the National Security Agency (NSA) in the United States.

Mr Dotcom told TV3 last night that he would produce evidence during his extradition hearing to the US that Mr Key had lied about not knowing of him before the raid.

That hearing could be next year.

Earlier, Mr Key told reporters that Mr Dotcom “is a well-known conspiracy theorist. He has never ever found a piece of evidence to support that.”

Dotcom has been claiming for almost a year to have this evidence. If he had it, I have no doubt that he would have released it by now. There is no court rule that prevents him.

Near the end of the 20-minute session, Mr Shearer asked Mr Dotcom if he thought Mr Key had known about Mr Dotcom before the raids.

Mr Key said he hadn’t. “You know I know,” Mr Dotcom said.

“I know you don’t know actually, but that’s fine,” Mr Key said.

“Why are you turning red, Prime Minister?” Mr Dotcom asked.

“I’m not. Why are you sweating?”

“I’m hot.”

That was comic.

There were some useful submissions that day from other submitters on important issues. KDC’s submission was not one of them.

Tags: , ,

Russel calls for a leak inquiry and then denounces it for being effective

July 1st, 2013 at 3:00 pm by David Farrar

When the Kitteridge report was first leaked, Green co-leader Russel Norman was outraged by the leak. He suspected it was a deliberate leak by the PMs Office or similar, and demanded the Govt take action.

On 9 April he said:

Dr Russel Norman: In light of the fact that the cover note on the report says that the appendices are legally privileged and highly classified, does he believe that the leaking of the full Kitteridge report is a serious offence? 

So he is calling it a serious offence, if the full report was leaked.

Dr Russel Norman: If it does turn out that the full report has been leaked by someone in his Government, what consequences should face the person who leaked this information, which the Government Communications Security Bureau describes as legally privileged and highly classified? What consequences should that person face? 

And he calls for serious consequences.

Dr Russel Norman: Given that so far the only member of his Government who, he has told us, has had access to this report is the office of the Prime Minister, did he or a member of his staff leak the report?

Which was a stupid allegation to make, as the leaking of it undermined the PM’s trip to China.

Dr Russel Norman: If he does not know who leaked the report, will he launch an inquiry to get to the bottom of it, given his previous support for an inquiry into a leak at the Ministry of Foreign Affairs and Trade over documents that were probably quite considerably less sensitive?

So he explicitly called for a leak inquiry. He said the leak may be a serious offence, and called for serious consequences.

But now today, he has changed tune and decided that the leak inquiry was draconian, and went too far.

The Prime Minister’s inquiry into the leaking of the Kitteridge report appears to have acted beyond the law by accessing Peter Dunne’s email account log without his permission, and the Green Party has lodged a complaint with the Ombudsmen on this issue, Green Party Co-leader Dr Russel Norman said today.

Norman seems to be arguing that the Henry inquiry should have merely asked every Minister if they leaked the report, and when they said “no, it wasn’t me”, should have left it there.

If the Henry inquiry had done that, Norman would no doubt have been calling it a cover up.




Tags: , , ,

What if the GCSB bill doesn’t pass?

June 25th, 2013 at 9:00 am by David Farrar

Tracy Watkins at Stuff reports:

The surveillance capabilities of police, the Security Intelligence Service and Defence Force will be beefed up if controversial spy legislation falls over, Prime Minister John Key says.

This is what some people overlook. Those agencies all have legal authority to intercept communications if they get (for Police and SIS anyway) a warrant for it.

What is being proposed is that the GCSB can continue to do the actual interception on their behalf as they have the expertise. If the bill fails, it won’t mean a single less domestic interception. It will just mean interception infrastructure will be duplicated and exist in multiple agencies, rather than one.

That’s not to say there are not some changes that can be made to the bill.


Opposition parties may look silly over Police complaints

June 9th, 2013 at 2:00 pm by David Farrar

Labour, Greens and NZ First are all somewhat hysterically saying that the report leaked (presumably) by Peter Dunne is a criminal matter, and have all rushed off to the Police to try and get him investigated.

I’ll come back to the hypocrisy of opposition parties demanding a Police investigation into a leak, but let us first deal with two recent leaks. The first is the Kitteridge report.

This was a report that was due to be released to the public. The leak changed the timing of that (and was politically very very unhelpful to the Government), but again it was a report written for public release and its classification was sensitive. What is a sensitive classification. There are six types of classifications in two categories. The two categories are:

  • National security classifications where compromise would damage NZ’s security, defence or international relations
  • Policy and privacy classifications where compromise would damage government functions or be detrimental to an individual

There are four national security classifications, They are:

  1. Top secret
  2. Secret
  3. Confidential
  4. Restricted

The Kitteridge report had NO national security classification.

The two policy and privacy classifications  are sensitive and in-confidence, and it was classified sensitive.

While the report was about the GCSB, it doesn’t mean the report was classified for national security reasons. In fact the report was due to be released publicly anyway. This makes the leaking of it a government issue, not a criminal issue. Don’t get me wrong – the leak was appalling, and a resignation is the appropriate  outcome. But talking of Police complaints is hysteria.

Now let us compare this leak to the leak of a Cabinet paper on MFAt restructuring. Unlike the Kitteridge report, the Cabinet paper was not a paper about to be released to the public. Cabinet papers are for Cabinet, and that paper was leaked even before it got to Cabinet (off memory). That leak is clearly just as “bad” a leak as the Kitteridge report, and arguably worse.

Yet in this case Labour have spent months arguing the leak should not be pursued, and that a leak inquiry is a waste of money. Flagrant hypocrisy. And I hope one day, we will be publicly able to publish why Labour is so frightened about the leaker’s identity being revealed, and any links back to them.

Several on the left are critical of opposition parties demanding a criminal investigation into a leak. No Right Turn blogs:

Firstly, the idea that this leak breached the Crimes Act is utterly ridiculous. Both the offences of espionage (which peters accused Dunne of in Parliament on Thursday) and wrongful communication of official information require that the information in question “be likely to prejudice seriously the security or defence of New Zealand”. John Key was quite clear in his press conference that that was not the case, and there is no possible way in which the leak of material exposing GCSB wrongdoing could be seen in that light. So, the idea that an offence has been commited is pure bullshit, and the Greens should not be trading in it. …

A party like the Greens, committed to democracy and freedom, should be encouraging such leaks, not calling for them to be punished – especially given the shit we’re learning about what the GCSB’s foreign masters have been getting up to.

Russel Norman has sought to justify his position on the grounds that such leaks undermine the idea of Parliamentary oversight of intelligence agencies. Firstly, this wasn’t an ISC document, so that’s just a non-sequitur. But more importantly, Parliament pays the bills, so it has an absolute right to scrutinise what is done with our money, no matter how secret and sensitive. And I regard it as not just a right, but a duty of politicians on the ISC to inform the public of wrongdoing. If Norman seriously believes what he’s said, then he is not doing his job properly, and should resign immediately so that his place can be taken by someone less credulous and authoritarian.

The authoritarian Dr Norman!

NBR also reports:

Labour and the Greens are illiberal in pushing for a police inquiry into the Peter Dunne affair, and have revealed themselves as anti leaks to the media, says Bryce Edwards.

“It’s incredibly surprising to see Labour and the Greens have called on the police to intervene over the leak of the GCSB,” the Otago University lecturer and commentator tells NBR Online.

“There’s always problems when the police get involved in the political and media realm. It can have a very chilling affect on politics and journalism,” Dr Edwards says.

And the next time there is a leak to say an opposition MP, how could Labour or Greens complain if there is a criminal Police investigation into it? They are so kneejerk desperate to get a media headline that day, they rarely think about the consistency of their long-term position.

Generally those that regard themselves as politically liberal will not want the police involved unless utterly necessary, says the Politics Daily compiler.

“Therefore the threshold for calling the cops into Parliament and newsrooms should be very high. It’s hard to see that this threshold has been reached in this case,” Dr Edwards says.

“Normally those that call the police in on their political opponents are from an authoritarian political philosophy. By contrast, liberals generally regard those that leak government department reports as heroic whistleblowers that are enabling the freedom of information and the right of the public to know what those in authority are doing.”

The Greens, Labour and New Zealand First have now shown that they stand opposed to leaks to the media, says the lecturer.

That’s the second commentator to use the term authoritarian. And I am unsure of the media will like the opposition (presumably) demanding that a reporter’s phone records, e-mails and other communications be seized because she received a leak.

Dr Norman says a key issue is whether the appendix to the inquiry was leaked. Unlike the body of the report, which was always scheduled to be shared with the public, the appendix is secret – and breaching it could constitute a breach of the Crimes Act.

Peter Dunne did not have the appendix. No information from the appendix has been published, so nice try inventing a make believe crime.

Labour leader David Shearer has called on police to seize Mr Dunne’s emails. His deputy, Grant Robertson, says Mr Dunne should be compelled to give evidence under oath. 

On that basis, they must also be demanding that Phil Goff have his emails seized by the Police and Goff should be compelled to give evidence under oath.

Tags: , , , , , , ,

Dunne resigns as a Minister

June 7th, 2013 at 3:23 pm by David Farrar

BREAKING: Peter Dunne has resigned as a Minister of the Crown. Press conference at 1530 from PM and Dunne at 1600. He is remaining an MP and still voting for the Government.

On this occasion, it seems like Peters was on the money. Have to credit he got this one right.

There were 86 e-mails between Dunne and the Fairfax reporter, Andrea Vance, who had the story. He was only willing to release 44 of them, so hence he resigned.

Key says Henry unable to rule out Dunne leaked the report.

Dunne offered resignation, which was accepted by Key.

Tags: ,

The GCSB leak inquiry

May 31st, 2013 at 9:00 am by David Farrar

Tracy Watkins reports:

NZ First leader Winston Peters is demanding the release of phone records to pinpoint the source of the leak in the Government Communications Security Bureau inquiry.

Mr Peters has used parliamentary privilege to accuse UnitedFuture leader Peter Dunne of leaking a report by Cabinet Secretary Rebecca Kitteridge into potentially illegal spying by the GCSB.

Mr Dunne has categorically denied the allegation but has confirmed he has been spoken to more than once by inquiry head David Henry.

Other ministers who received the report have said they were not interviewed by Mr Henry.

In Parliament yesterday, Mr Peters questioned Mr Henry’s failure to take evidence under oath, or keep an electronic record of witnesses’ answers to questions.

He also questioned the failure to examine phone records of “particular ministers”.

“All the evidence is in those phone records, and your minister is gone,” Mr Peters told Deputy Prime Minister Bill English.

Mr English said later it was entirely up to Mr Henry whether to seek phone records.

I should make it clear that I would be absolutely amazed if Peter Dunne leaked the GCSB report. It would be remarkably out of character.

But it would be good to find out who did leak it. And I would expect an inquiry to look at phone records. They won’t prove or disprove anything, but they could help with the inquiry.

Tags: , ,

A cowardly smear

May 29th, 2013 at 3:23 pm by David Farrar

Stuff reports:

Prime Minister John Key is standing by United Future leader Peter Dunne and says he accepts the revenue minister’s word that he did not leak a report into the Government Communications Security Bureau.

NZ First leader Winston Peters today used parliamentary privilege to accuse Dunne of leaking the report by cabinet secretary Rebecca Kitteridge to Fairfax Media.

The report revealed that more than 80 New Zealand citizens may have been illegally spied on by the bureau.

An investigation was under way by former top public servant David Henry to try and find the source of the leak.

Speaking of Dunne today, Key said: “He’s given an absolute categoric assurance he didn’t do this; I accept him at his word.

“I’ve worked with him for a long period of time and the entire time I’ve worked with him I’ve found him to be extremely trustworthy.”

Peter Dunne would be the near the bottom of any list as a potential leaker.

But let’s be clear. Winston Peters is not just asking if Dunne is the leaker, but has asserted it:

After having attempts to question Dunne repeatedly thwarted, with committee chairman Todd McClay ruling that the questions were beyond the scope of the hearing, Peters directly accused Dunne of leaking the report.

“My assertion is you did leak the report,” Peters said.

This is a cowardly and defamatory smear. It is especially cowardly because Peters has a long record of suing people for defamation (and threatening numerous more that he will do so) yet he cowers under parliamentary privilege to defame Dunne.

The media should ask two questions of Peters, and keep asking them:

  • Do you have a shred of proof for your assertion?
  • Will you repeat your allegation outside of Parliament?

Peters has a long long history of just making shit up. Recall the fleet of limos he claimed WINZ had? A fiction, with no proof. But this is worse. He is defaming an individual, not an organisation.

He does it because he knows the media will report it, and his strategy is to stay in the headlines. He doesn’t care if 90% of NZ hates him, because all he is targeting is the 10% who may vote for him.

Recall that Peters lied several dozen times in 2008 with his claim he had no knowledge of Owen’s Glenn’s donation to his lawyer to cover his legal fees. there was overwhelming proof that he in fact brokered the donation, yet he lied to the media, the public and the Privileges Committee time and time again about it.

So why do the media give his assertions the time of day? Wouldn’t it be great, if they just said that we won’t report what you claim, unless you provide proof to back it up? You have lost the privilege to be trusted, because you lied day and night to us for four months.

Tags: , , , , ,