Posts Tagged ‘GCSB’

Something Fundamentally Wrong.

datePosted on 14:36, March 18th, 2016 by Pablo

In last Monday’s press briefing, the Prime Minister took my name in vain. Responding to questions from a reporter I had talked to, he said that my concerns about the apparent illegality of undercover intelligence operations were “fundamentally wrong.” Instead, he said that although intelligence agencies could not break laws (tell that to Kim Dotcom), they might require “different laws.”

I beg to differ.

Before delving deeper, let’s address the PM’s remark about the need for “different laws” governing undercover intelligence operations. What does he mean by “different?” Is he proposing that there be one set of laws for regular citizens and another set of laws governing undercover intelligence work? How does that sit with the “equal rights under the law” premise that is at the heart of democratic jurisprudence? And if there is no provision for “different laws” governing undercover intelligence operations today, then what is there in extant law that makes otherwise illegal acts legal? How often and under what circumstances are these illegal-but-legal acts allowed and are they only allowed or legal under warrant? Something tells me that the answers to the last two questions are “frequently and routine” and “no” respectively.

The question about undercover intelligence operations was raised because during the course of conversations with a couple of reporters about the Intelligence Review in general, I pointed out that the most interesting items were buried at the back of the report. Reporters tend to read the executive summaries of official government documents but seldom have the time or inclination to read through 179 pages of dense prose and legal jargon.

But since I have the time and inclination, I did. Plus, in my former life as a US government official I actually helped draft such reports so know that the best way of reading them is from back to front. That way one can get to the meat of the report, often found in annexes, before wading through the fluff.

I should point out that my overall take on the report is this: given who was on the Review committee, the report was inevitably going to have a bias towards institutional continuity and incrementalism with regard to reforms. That is indeed what happened. The report reflects as much if not more of the spy agencies’ concerns than it does that of external parties or stakeholders like the civil society organisations and individuals that were consulted by the Committee. The result is bound to be disappointing to those who wanted a major overhaul of the intelligence community or wanted parts of it disbanded altogether, such as the Greens, but to my mind it is a small but acceptable step towards greater transparency and accountability in the NZ intelligence community and its main collection agencies, the GCSB and SIS.

Even so, there are several problematic areas in the report that are worth considering, and here I will focus on the undercover operations that the PM thinks I have interpreted so fundamentally wrong. Rather than present my views without context, here are (cut and pasted) the recommendations regarding undercover operations as listed in the Report:

163 Annex C: Full list of recommendations (abridged).

Cover for operations and employees

78.The legislation should explicitly provide for the Agencies to obtain, create and use any identification information necessary for the purpose of maintaining the secret nature of their authorised activities. This should include the ability to create cover for anyone authorised to undertake activity for the Agencies.

79. “Identity information” should include anything that could be used to establish identity – such as credit cards and shell companies in additional to traditional forms of identification (such as passports and driver licences).

80. The Agencies should also have the ability to obtain, create and use identification information necessary to keep the identity of their employees confidential.

81. The use of these powers should be covered by a tier 3 authorisation (policy statement) to ensure they are exercised only where necessary and proportionate.

82. There should be corresponding immunities from civil and criminal liability for reasonable acts done in good faith to create or maintain cover as part of an authorised operation or to keep the fact of a person’s employment with the NZSIS or GCSB secret.

Immunities.

83. These powers and immunities should be incorporated through general provisions in the legislation governing the Agencies, rather than by inserting specific exceptions in other legislation as is currently the case.

84. The same immunities should apply to both agencies, in line with our recommendations that the Agencies share functions and an authorisation regime.

85. Immunities should also apply to anyone required to assist the Agencies, such as telecommunications companies, or to human sources or agents acting at the Agencies’ request or direction.

86. The legislation should provide that no person should be subject to criminal liability for acts carried out in good faith and in a reasonable manner that are necessary to give effect to a tier 1 or tier 2 authorisation.

87. Employees of the Agencies should also have immunity from criminal liability for acts carried out in good faith, in a reasonable manner and in accordance with the purposes of the Act to obtain a tier 1 or tier 2 authorisation.

88. The immunities for employees of the Agencies should also extend to any relevant minor offences or infringements that may need to be committed in the course of investigations carried out under a tier 3 authorisation (such as breaches of road user rules).

89. Employees of the Agencies and any person acting at the request or direction of the Agencies should be protected from civil liability for acts or omissions in good faith in the pursuance or intended pursuance of the Agencies’ duties, functions or powers. This is the same protection as is provided to public sector employees under the State Sector Act 1988.

90. Where the GCSB or NZSIS is assisting another agency to perform its functions, any immunities that apply to the agency being assisted should also apply to the GCSB and/or NZSIS.

 

Readers can form their own conclusions about what these recommendations imply. But here are some thoughts. It appears that undercover operations conducted by the SIS (and to a lesser extent the GCSB) do not have specific legal cover as things currently stand. There are no provisions in the SIS or GCSB Acts that explicitly refer to a legal framework under which otherwise criminal acts undertaken by undercover intelligence agents may occur. That means, in effect, that until now undercover intelligence operations are essentially illegal except for the fact that they are conducted by agents of the State at its behest under exceptions to existing legislation (outside of the GCSB and SIS Acts or even the State Sector Act). But even then there is apparently nothing in the law that explicitly authorises undercover intelligence operations that otherwise would be criminal acts (say, burglary, forgery or credit fraud). Yet the recommendations speak directly to such acts so clearly they have been happening.

The problem is not just that SIS agents have no specific legal cover for what they do covertly, something that individually places them at considerable risk in the event that they are caught or detected. There also are no specific provisions on what they cannot do. Where is the line drawn as to what is permissible when acting as an undercover agent of the State. Murder? Arson? Extortion? Blackmail? Kidnapping? Credit card fraud? Money laundering? Burglary? Home invasions? Tail-gating? (I include this because recommendation 88 specifically mentions breaches of road user rules). If an agent is recklessly tail-gating a surveillance target and wrecks while doing so, killing or injuring passerby, is that agent immune from prosecution or liability because s/he was in the service of the State?

These questions are not frivolous. From my personal experience, I know that among other things covert or undercover agents are taught how to pick locks and conduct “traceless” break-ins and burglaries (they are even provided with the tools to do so). Cyber-hacking to install malware or to steal sensitive information is a stock in trade of signals intelligence agencies. Clandestine surveillance of all sorts is the bread and butter of most human intelligence agencies. The CIA has its own lethal drone program and paramilitary branch, as do several other spy agencies. The Mossad is, among many other things, a brutally efficient assassination machine. So where does one draw the line when it comes to otherwise criminal acts carried out by intelligence agents of the NZ state?

The recommendations repeatedly speak about acting in “good faith.” But how is “good faith” defined? The SIS agents who broke into activist Aziz Chowdry’s home in 1996 were probably acting in “good faith” when they committed what otherwise would be a crime, but how is it that stealing documents from activists is justified on national security grounds? Moreover, the person who caught the SIS agents in the act of breaking and entering, David Small, had his home raided, ostensibly to search for bomb-making materials, by the Police a week later, after making the initial complaint (he was able to record the SIS get away car’s registration plate number, which was traced back to an SIS front company). How was the raid on Dr. Small done in “good faith” and at whose behest? The government was eventually forced to settle with Mr. Chowdry for a six figure amount and, worse yet, forced to apologise to him for the break in (you can read a summary of the case here).

Dr. Small also received compensation for “unreasonable search.” If we accept that an apology implies recognition of wrong doing and that “unreasonable searches” may be part of the SIS repertoire, then how and where does “good faith” come into the picture? Add to that events such as SIS break-ins at Auckland University in the late 1990s (if I am not mistaken Jane Kelsey’s office was a target), and one gets the idea that the SIS engages in otherwise illegal acts not so much for national security reasons but because it simply can under a de facto “good faith” immunity clause. So the effect of the current recommendations would be to codify what is already informal usage and practice.

The issue of “good faith” extends beyond New Zealand’s borders. Inspector General of Intelligence and Security Cheryl Gwyn is currently investigating whether the SIS was complicit in the CIA extraordinary rendition and black site program. For those unaware of these, the program involved kidnapping or detaining suspected Islamic extremists and “rendering” them to clandestine detention centres in a number of countries (Poland, Thailand and Egypt, among others). There they were subject to euphemistically labeled “enhanced” interrogation techniques (some of which are more properly classified as torture). Although some of those “rendered” by this program turned up in Guantanamo Bay or in prisons operated by US allies, many others have never been seen again. All of this was conducted off the books and outside of legal guarantees or protections for the detainees.

Assuming that Ms. Gwyn does find that in fact the SIS knew about or was complicit in the extraordinary rendition/black site program in contravention of NZ commitments to international conventions against torture and arbitrary detention, can the SIS turn around and claim that it was doing so in “good faith?” Is “good faith” nothing more than a get out of jail card for the intelligence services?

The bottom line is two-fold. First, undercover intelligence operations to date have been conducted under very porous and somewhat dubious legal cover that allows a multitude of operational sins to occur under what seems to be a wink and nod agreement with other agencies such as the police and Crown.

Secondly, the recommendations in the report about legal cover for undercover intelligence operations are very vague and broad, which allows the possibility for agents to go “rogue” so long as they can claim that they are acting in “good faith.” Neither is acceptable in a liberal democracy.

I agree that a comprehensive legal framework is needed governing the circumstances and permissible activities conducted during undercover intelligence operations. But this framework has to specify as much what is not permissible as what is, and has to ensure clear lines of responsibility as well as authorisation before and during the conduct of said operations. Otherwise we run the risk of allowing State-sanctioned criminal enterprise to masquerade as intelligence gathering.

Questions of the day.

datePosted on 13:46, March 10th, 2016 by Pablo

It seems that a fair share of people are concerned about the Intelligence Review Committee’s recommendation that the GCSB be allowed to spy on the private communications of NZ citizens and residents, most often with a warrant adhering to a three tiered process that requires the signature of the Attorney General and Judicial Commissioner for the most intrusive searches of private individual’s communications and, under highly exceptional circumstances (involving the combination of imminent threat and the need for immediate real time information), accessing private individual’s communications without a warrant.

This essentially codifies what is already being done in practice under the GCSB’s “assist” role whereby it can offer its technological capabilities under warrant to other government agencies when asked and can engage in warrantless spying on NZ citizens and residents if they reside abroad or work for or are associated with foreign-based entities like NGO’s, IO’s embassies, corporations, charities and CSO’s. Remember: this is targeted eavesdropping and signals intercepts, not mass (meta-) data collection or mass surveillance. The argument goes, and I tend to agree in part with it, that the NZ threat environment has become increasingly “glocal” or “intermestic,” meaning that the boundaries between global or international affairs and domestic and local concerns are increasingly blurred thanks to advances in telecommunications, transportation and economic transaction. Hence the need for targeted GCSB involvement in matters of domestic espionage when warranted.

In any event my first question is this: why, if people are concerned about the publicly-debated legal extension of the GCSB’s de facto “assist” role, are they not concerned about the use of military assets (specifically, the deployment of light armoured vehicles, a helicopter and troops) to assist the police in the Kawerau police shooting and siege? After all, the use in a police operation of combat designed equipment and soldiers trained and equipped  for external combat would seem to be stretching the proper, legally defined role of the NZDF even if we consider its civil defense responsibilities (which, if I am not mistaken, would only apply to armed intervention in instances of civil war or insurrectionist  (read: Maori) upheaval). Should there not be a clear separation of NZDF missions and police matters delineated in law? Pardon my ignorance, but is there? Is there a legally outlined “assist” role for the NZDF in armed confrontations like this latest incident and the Napier siege of a few years ago? Or is the operational relationship between the NZDF and Police more ad hoc, informal and circumstantial in nature?

Then there is the suggestion by Michael Cullen that future Intelligence Reviews could consider merging the GCSB and SIS. This would be akin to merging the NZDF and NZ Police. So my next question is: would we ever consider merging the NZDF and Police? If not, why would we consider merging a signals intelligence collection agency with a human intelligence collection agency?

There is more to ask. Most of what the GCSB does is foreign intelligence collection on behalf of the 5 eyes network. The domestic side of its targeted spying is relatively small in comparison and again, done in service of or in concert with domestic agencies such as the SIS and Police, most often under warrant or given the exceptions listed above. Otherwise and for all intents and purposes, the GCSB is a branch of the 5 Eyes on NZ soil, not a fully independent or autonomous NZ spy agency. Think of the amount of money that the GCSB receives from 5 Eyes, amounts that are believed to be well in excess of its NZ government-provided budgetary allocations (the exact figures are classified so are what is known as “black” allocations under he “reciprocity agreement” that binds the GCSB to the rest of the 5 Eyes partners). Think of the highly sensitive technologies it employs. When the GCSB was first established, was the equipment and personnel used completely Kiwi in nature? Is the equipment used today completely Kiwi in nature and are the people manning the listening posts at Waihopai and Tangimoana today all NZ citizens?

Given the network resources at its disposal, were the GCSB to merge with the SIS it is possible that the latter would be subject to institutional “capture” by the former. That would mean that the intelligence priorities and requirements of 5 Eyes could come to dominate the human intelligence priorities of the SIS. I am not sure that is a good thing. And if we consider that the separation of powers concept that is at the core of democratic practice should institutionally extend beyond the tripartite structure at the apex of the state apparatus (executive, legislature, judiciary), then centralising the most intrusive spying powers of the state in one agency answerable almost exclusively to the executive branch seems to be antithetical to that premise.

It could  be the case that the possibility of a merger is being floated so that the SIS and GCSB can concentrate on external espionage and counter-espionage, with the domestic intelligence function reverting wholly to the police (who already have their own intelligence units). But even then the GCSB will continue to have a role in domestic signals collection, so the result of the merger would mainly impact the focus and organisation of the SIS.

I was fortunate to have a private audience with the Review Committee. From what I have read in the report so far, much of what I recommended was ignored. Even so, I do believe that the committee tried to balance civil liberties with security requirements and take what is a hodgepodge of disparate intelligence legislation and craft a uniform legal framework in which the iNZ intelligence community can conduct its operations. Heck, they even have recommendations about the legal cover given to undercover agents, both in terms of the process of assuming false identities as well as in terms of their immunity from liability when discharging their undercover tasks (apparently no such legal cover exists at the moment or is patchy at best).

Although I was disappointed that much of what I recommended to the committee did not appear in the final report, I am satisfied that their recommendations are a step forward in terms of transparency, accountability and oversight. I realise that this sentiment is not shared by many observers (for example, Nicky Hager was scathing in his appraisal of the report), but to them the questions I posed above are worth considering. To wit: If you are comfortable with the military getting involved in domestic law enforcement in exceptional (yet apparently regular) circumstances, then what is the problem with the GCSB getting more publicly involved in domestic espionage in similar circumstances?

There is much more to discuss about the Report and I may well do so as I wade through it. For the moment, here is a good critical appraisal worth reading.

 

Some questions about the Stephenson case.

datePosted on 13:53, October 3rd, 2015 by Pablo

Although it has been shamefully underreported by major media outlets in NZ, war correspondent Jon Stephenson has won his defamation case against the NZDF by forcing a settlement that involves significant compensation and an admission by the military that its defamatory statements about Mr. Stephenson were indeed untrue. It remains to be seen if the Prime Minister will do the same, since he opined at the time the controversy erupted over Mr. Stephenson’s internationally recognised article “Eyes Wide Shut” in Metro Magazine (May 2011) that Mr. Stephenson was, to paraphrase closely, “unstable” as well as “unreliable.” That has been proven to be false and Mr. Key knew at the time he uttered his comments that they were untrue. Let us be clear: Mr. Stephenson may be driven, but unlike his main accusers when it comes to reporting on the NZDF he is by no means unreliable or a liar.

I wrote the following as a comment over at The Standard but feel that it is worth sharing here:

“I suspect that we have only seen the tip of the iceberg when it comes to the unethical behaviour of the NZDF and political leadership in this affair. Remember that there is a MoD involved and the respective ministers then and now (Coleman and Brownlee). There are more officers involved than retired generals Rhys Jones and Mateparae, some who currently hold senior positions within the NZDF. There is the behaviour of Crown Law to consider. There is the slander on Jon’s character uttered by the PM.

I can only hope that the terms of the settlement do not prevent Jon from publishing more details of his case, including the way in which the legal process unfolded, the obstacles to discovery encountered, and the extra-curriculars surrounding them.

Whatever happens, for once in a long time one of the genuine good guys won. Were it that other members of the press corps (Nicky Hager excepted) had the integrity and courage exhibited by Jon both in the field as well as on the home front.

Kia kaha Jon!”

Beyond what I have written above, there are some other questions that arise from this saga.

For example, in 2013 Nicky Hager revealed that the NZDF electronically spied on Mr. Stephenson in 2012 using NSA, GCSB and SIS assets while he was in Afghanistan. At the same time an internal Defense manual was leaked to the media that identified “certain investigative journalists” as hostile subversion threats requiring counteraction because they might obtain politically sensitive information (one does not have to have much imagination in order to figure out who they are referring to). In parallel, reports emerged that NZDF officials were sharing their views of Mr. Stephenson with Afghan counterparts, referring to him in the same derogatory terms and implying that his work was traitorous or treasonous.

Taken together, both the spying on Mr. Stephenson and the characterisation of him passed on to NZDF Afghan allies can be seen as a means of counteracting his reporting. But if so, what national security threat did he really pose? Is politically sensitive information necessarily a threat to national security or is merely a threat to the political actors being reported on? Is intimidation part of what the NZDF considers to be proper counteraction when it comes to journalists plying their trade in a war zone? And since any counteraction or counter-intelligence operations had to be cleared and authorised by the NZDF and political leadership, were both of the types used against Mr. Stephenson authorised by then NZDF Chief Lieutenant General Richard Rhys Jones and/or Mr. Key? They deny doing so but if that is true, who did and how was it passed down the chain of command to the field commanders in Afghanistan (because, at a minimum, the order to “counter” Mr. Stephenson could be construed as illegal and therefore challengeable–but it never was).

Leaving aside the legitimate role of independent journalism in a democracy in holding policy makers–including military leaders–to account, what does it say about the NZDF that it sees such work as subversive? More alarmingly, if the reports are true, what exactly did the NZDF leadership hope to accomplish by telling Afghans, while Mr. Stephenson was in Afghanistan, that he was a threat to them?

Then there is the issue of the lie. General Rhys Jones claimed that, contrary to what was written in his story, Mr. Stephenson never visited the base in which the Crisis Response Unit (to which NZ SAS were attached) was located and did not talk to its commander. That was a direct challenge to Mr. Stephenson’s journalistic integrity. Mr. Stephenson sued for defamation and during the first trial (which bizarrely ended in a hung jury) the NZDF and Rhys Jones himself admitted that Mr. Stephenson’s version was true.

So why didn’t the trial stop right there? The moment the truth of Mr. Stephenson’s story was admitted by Rhys Jones, it was supposed to be game, set and match to the journalist. But instead the Crown spent hundreds of thousands of taxpayer dollars continuing to litigate in that trial and then the follow-up court process that was ended by the recently announced settlement. Why so?

The answer to the last questions seems to be that, like in the Zaoui and Urewera 18 case, the Crown prefers to bleed its adversaries emotionally and financially even when it knows that it can not win. This death by a thousand cuts approach, courtesy of the taxpayers largesse, is as unethical as it is cynical and undermines the belief that justice in New Zealand is blind and universal.

There are many other questions that need to be answered about the treatment of Mr. Stephenson. Is it true that media outlets were pressured to not accept his work on penalty of getting the cold shoulder from the government? Did NZDF officials physically threaten Mr. Stephenson in New Zealand? Did the intelligence services spy on Mr. Stephenson above and beyond what was reported by Mr. Hager, both at home and abroad, and are they doing so now, and on what grounds if so? Did NZDF and/or MoD and/or PMDC and/or Crown Law officials conspire, either solely or together,  to cover up, obstruct, alter, destroy or otherwise impede the release of evidence to Mr. Stephenson’s lawyers at any point in the legal proceedings?

My sincere hope is that the settlement agreed to by Mr. Stephenson and NZDF does not preclude the former from writing about his experiences with the NZDF, both in Afghanistan and during the trials. Hopefully he will be able to answer some of the questions I have posed above. I say this because something stinks about the way this affair has been handled at the highest levels of government, which is not only a stain on the individuals involved but a direct affront to basic tenets of liberal democracy.

Suggestions for the Intelligence Review Committee.

datePosted on 14:40, August 27th, 2015 by Pablo

Readers will know that I expressed my unhappiness with the composition of the Intelligence Review committee and my belief that, save some cosmetic changes, a whitewash of the NZ intelligence community (NZIC) could be in the offing. Although I spoke with several people who were making public submissions to the committee (the deadline for which has passed), I decided not to waste my time given the press of other business and likely futility of doing so.

To my surprise, a month or so ago I was invited to speak privately with the committee, which for those who do not know consists of Sir Michael Cullen and Dame Patsy Reddy. The terms of reference for the committee are quite narrow on the face of it but I took the view that they can be interpreted more broadly in the context of the Review. The two major terms of reference focus on whether the legislative frameworks governing the New Zealand Intelligence Committee (NZIC, and GCSB and NZSIS in particular) “are well placed to protect New Zealand’s current future national security, while protecting individual rights; (and)..whether the current oversight arrangements provide sufficient safeguards at an operational, judicial and political level to ensure that the GCSB and NZSIS act lawfully and maintain public confidence.”

More specific matters subject to the Review include whether the 2014 Foreign Fighters Act should be extended or modified before its March 31 2017 expiry date; and whether the definition of ‘private communication’ in the GCSB legislation is satisfactory.

I decided that I would accept the opportunity to speak with Sir Michael and Dame Patsy in spite of my reservations about the Review process. Without going into the details of the meeting, here is some of what I outlined to them.

I started off by noting that much of the commentary about the NZIC was mistaken in its classification of the GCSB as the “foreign” spy agency and the NZSIS as the “domestic” spy agency. I pointed out that the proper classification was that the GCSB is the signals and technical intelligence agency (SIGINT and TECHINT in the parlance) and that the NZIS is the human intelligence agency (HUMINT). Both have domestic as well as foreign espionage roles, although these needed to be explicitly detailed in law and circumscribed as much as possible when it came to the domestic side of the fence.

I continued by stating that the Countering Foreign Terrorist Fighters Act needs to be abolished. People who commit violent crimes abroad, particularly war crimes and crimes against humanity, can be detained and/or charged under criminal law and extradited to face justice in the jurisdictions in which the crimes were committed. If that is not possible they can be tried by the International Court of Justice in The Hague. This is true whether they are identified as individuals or as members of a group that commits atrocities. So long as there is evidence of involvement in criminal acts, there currently are means of ensuring they face justice without politicising the cause.

I said no to the idea of revoking their passports to prevent their return and noted that the presumption of innocence should apply to returning fighters who are not implicated in atrocities even if they were involved in foreign conflicts. I also noted that according to Western intelligence estimates, less than 50 percent of those who travel to fight with ISIS return alive, and of those the vast majority are too traumatised to consider committing acts of violence on home soil.

We had a lengthy discussion on what constitutes a “private communication.” The 2014 GCSB Act states that it  anything a person could reasonably expect to be public in nature, say a Twitter or Facebook posting or even email on providers such as Google or Yahoo that data mine their clients information for advertising purposes (all of which is voluntarily agreed to by clients under the terms of service, which is what they are required to tick off on before setting up an account). I feel that definition is too vague, broad and permissive when it comes to GCSB powers of electronic surveillance. My bottom line is that a private electronic communication is akin to a dinner table conversation: that which a person has a reasonable expectation will not be repeated or listened to by people outside of the immediate context in which it was made.  I noted that personal data mining for advertising purposes was a bit different than the State doing so for security purposes–especially when it does so without consent (since I doubt many people ticked a box allowing the GCSB or other intelligence agencies to monitor their private communications).

If the authorities cannot read our snail mail letters without a warrant or consent, I do not believe that they can read our electronic mail without such either. That still leaves the issue of meta-data and bulk collection, but as I have written before, I do not believe that the latter is equivalent to mass surveillance for technical as well as legal reasons.

With regard to legislation, I suggested that the Search and Surveillance Act needs to be narrowed because it has been expanded too much as a result of post 9/11 hysteria. I also suggested that the GCSB Act be reviewed and narrowed with regards to its powers of domestic espionage. Although I have no real problem with its “Assistance” role when it comes to aiding the NZSIS or Police on home soil, and fully understand that the Act needed to be upgraded to cope with cyber espionage, crime and warfare, I believe that its powers of warrantless surveillance on NZ soil are too broad and intrusive. Narrowing the GCSB Act would still allow the GCSB to engage in defensive measures and counter-espionage with or without the help of its sister agencies, but it would prevent it from conducting offensive operations against NZ domestic targets without a warrant.

Most of what I had to say about legislation consisted of a proposal that the NZSIS Act be amended so that it is stripped of its domestic espionage and security vetting functions. Those should be moved to the NZ Police (who need to be resourced accordingly), since the Police already do much domestic spying and background checks. Perhaps even an FBI or MI5-type civilian domestic espionage agency could be created that answers directly to Crown Law if not the Attorney General (fully understanding the political nature of the latter). The reason for this proposal is that as things stand the NZSIS does foreign human intelligence gathering, domestic human intelligence gathering, counter-espionage and security vetting. An agency of 300 people (counting clerical staff) might be able to do one, perhaps two of these tasks adequately, but it simply cannot do all four anywhere close to efficiently or effectively. Since the type of signal and technical intelligence collected by the GCSB and its foreign partners can only paint part of any given intelligence picture, it behooves the NZSIS to complement that with an autonomous human intelligence capability that focuses on areas of foreign policy priority or concern. It is important to know about the context–as in culture, mores, norms, personalities, interests and attendant modes of behaviour–in which signals and technical intelligence is obtained, and that should be done independently by NZ in areas of priority interest (say, the South Pacific).

In terms of oversight I noted the gross inadequacy of the current “arrangements.” I suggested that there  needs to be better parliamentary and judicial oversight of the NZIC, and that this has to be proactive as well as retroactive in nature. If I was running the show I would leave the Inspector General of Intelligence and Security (IG) as the in-house executive branch oversight mechanism, perhaps by re-locating the IG office to Crown Law jurisdiction and out of the immediate control (via resourcing) of the NZIC and Prime Minister’s office (DPMC). I also have little issue with the current state of the Commissioner of Warrants and Minister of Intelligence and Security signing off on warrants.

Yet I spent considerable time explaining how important a division of powers is when it comes to intelligence oversight in order to avoid bureaucratic “capture” by the NZIC. I proposed that a dedicated parliamentary committee on Intelligence and Security be created, as an agency of parliament with its own permanent staff, that would have proactive and retroactive powers of compulsion under oath. This agency would serve as the non-partisan, apolitical support base for the Select Committee on Intelligence and Security comprised of politicians, and that the Select Committee include members from all parties that receive over 5 percent in the previous election distributed proportionally, with the PM serving as the tie-breaking vote.

Both the Select Committee and permanent staff would have the ability to investigate operational matters and scrutinise classified material rather than rely on unclassified summaries provided by the Directors of the GCSB, NZSIS and other intelligence shops like the NAB. This would require them to sign secrecy oaths but so be it–if they want to sit at the table that is the price the politicians will have to pay (the permanent staff of the committee will of course have been security vetted in order to receive clearance to handle classified material). I fully realise that all of this will cost money and encounter bureaucratic and political resistance, but I think it is very important to undertake these reforms in order to prevent the type of NZIC excesses that have brought us to the current moment.

In order to resolve disagreements  and arbitrate disputes between the NZIC, the IG and parliamentary committee on matters of lawful and unlawful NZIC activities, I suggested that an intelligence tribunal or juridical review panel be formed using High Court justices, QCs or other distinguished jurists. This would serve as the court of last recourse and final appeal on all matters pertaining to the legality of NZIC operations.

Finally, I reiterated my belief that Edward Snowden provided NZ with the opportunity to re-negotiate some of the terms of agreement with its 5 Eyes partners. These will not disrupt the core of the agreement, much less result in NZ’s exit from 5 Eyes. But it could allow NZ to withdraw from conducting front-line offensive intelligence operations against states that have great leverage on it, be it in trade or other areas vital to NZ’s well-being. Thus, for example, NZ could ask to not take the lead in spying on the Chinese in the South Pacific simply because if that were to be made public the Chinese would have to respond even if just to save face (and I believe that the need to respond involves a heck of a lot more than matters of national pride or “honour”). The PRC cannot retaliate to any punishing extent against the other 5 Eye partners given the strategic leverage these have relative to it. But little ‘ole NZ is very vulnerable on that score and could be an easy whipping boy for the Chinese should they want to get the message out that impudent small nations mess with it at their peril.

This re-negotiation does not preclude from NZ doing defensive spying and counter-espionage against any state or non-state actor. But it keeps NZ out of the line of fire of aggrieved large powers should the nature and extent of 5 Eyes espionage continue to be publicly exposed thanks to the Snowden material.

The response of the committee was polite but succinct: the last suggestion was beyond their terms of reference.

 

The hall echoed with the sound of apathy.

datePosted on 16:50, August 7th, 2015 by Pablo

I attended the Auckland public meeting on the Intelligence Review organised by the NZ Council on Civil Liberties and a coalition of activist groups under the “Get Smart” banner. The idea was to encourage the public to join in submitting a “People’s Review” of the NZ intelligence community that would go beyond the rather narrow terms of reference of the formal Review undertaken by Michael Cullen and Patsy Reddy. The meeting was held in a inner suburb library hall at 6:30 on a Thursday night. It had the makings of a stirring call to popular participation and civic action.

Counting myself, a total of ten people showed up to listen to the speakers and debate issues relevant to the Review. The speakers spoke about the evils and sins of the CIA, GCSB and SIS at home and abroad, about the dangers of recent expansions of spy agencies powers and related legislation such as the hastily passed foreign fighters bill, and about the patently bogus questions asked on the public submission forms for the Review (such as asking if people felt that the government should protect them from terrorism). But truth be told, the empty hall echoed with the sound of apathy. Not so much from those of us who attended and spoke, but from those who did not.

In any event it was a pretty dreary and dispiriting affair. Nowhere to be seen were those who championed Kim Dotcom’s “Moment of Truth” or the voluminous clouds of conspiracy-mongering that went with it.  From what I could tell, there was no one from UNITE, MANA, Internet Party, GPJA or any other activist group other than the Communist League. The usual assortment of Left pundits and party progressives, from the bombastic to the erudite, were nowhere to be seen. It was so bad, even Penny Bright did not show up.

I was told that meetings in Christchurch and Wellington were better attended, but from the looks of the Auckland gathering the issue of how, why and when the NZ intelligence community does what it does is no longer of import to local chattering classes, much less the fair minded among them.

I sure hope that I am wrong. I suggested at the meeting that a two pronged approach to the Review needed to be undertaken. On the one hand, the broad questioning of the intelligence community outlined in the terms of the People’s Review is necessary for framing the larger counter-narrative to the official lines spun upon us about the value and benefits of NZ’s intelligence operations. On the other hand, detailed, sophisticated and technical submissions sharply focused on the terms of reference are needed to prevent Cullen and Reddy from claiming that no practicable or actionable information was obtained from the submissions. I offered some thoughts on the need for better intelligence oversight mechanisms and how they could pave the way for further reforms of the intelligence community and legal frameworks governing it.

My comments were preceded by those of a fellow who spoke of spying on Maori at TVNZ. I was followed by a fellow from the Communist League. At that point it was time to take my 18 year old cousin in law back to dinner because even his eyes were rolling in the back of his head.

If this meeting is symptomatic of the state of the NZ Left, then it is well and truly  screwed. Or perhaps it is just a Jafa thing.

Considering the Implausible.

datePosted on 18:24, July 2nd, 2015 by Pablo

From time to time I am invited to give public presentations on subjects within my areas of interest. Depending on the topic I sometimes offer ideas for the audience to consider. At a think tank gathering last year I offered the suggestion that parliament should consider the proposition that New Zealand be the first country to publicly and formally renounce the use of lethal drones at home and abroad. I pointed out that although security conservatives and military commanders would oppose the move because it limited NZDF (and perhaps in the future NZ Police) tactical options, it was worth debating on moral and legal as well as practical grounds given New Zealand’s unique political culture and international standing. Since 90 percent of what military drones do is non-lethal and the NZDF does not have a lethal drone capability as of yet, it seems worth a try.

That proposition went nowhere. Some left leaning commentators supported the motion (most notably No Right Turn and one of the authors at The Standard). But no a single political party, to include the Greens, Mana and the Internet Party, adopted it as a policy proposition and it was never brought up in parliament.

This year I was at another event that featured academicians, students, policy practitioners, journalists and diplomats (foreign and Kiwi) discussing New Zealand’s past, present and future foreign policy. I was matched with a representative of the New Zealand intelligence community and a security academic on a panel that addressed intelligence issues, specifically, New Zealand’s intelligence role in foreign policy.

As part of the discussion I suggested that Edward Snowden had done us a favour by exposing the extent to which NZ is a fully integrated member of the 5 Eyes signals intelligence network. The reason is that with the revelations that have come from the documents that he passed on to journalists, New Zealand has an opportunity to re-negotiate some of the terms of its participation in 5 Eyes. I noted that withdrawal from 5 Eyes was not an option–I said that it was like trying to leave the mafia. But the specific terms of what the GCSB does for 5 Eyes could be discussed given that New Zealand is by far the most vulnerable of the 5 Eyes partners to retaliation from the countries that it targets as part of the division of labour within Echelon. I specifically  mentioned that NZ might broach the subject of reducing its role in spying on China given how trade dependent NZ is on the Asian giant.

A couple of journalists in the room ran stories on the suggestion and the PM was asked about it at his weekly press conference. He rejected it out of hand and said that NZ would not modify its intelligence operations because of trade considerations because what it did in was in the national interest.

The Snowden documents suggest otherwise, but that argument can be left for another moment.

Let me explain why NZ has an opportunity to re-negotiate the terms of its agreement with the Anglophone powers even though it cannot withdraw from 5 Eyes entirely.

If NZ were to withdraw from 5 Eyes it would lose the substantial benefits, unique to a small country, that it accrues from being in an alliance with four bigger partners with global reach. The flow of intelligence within 5 Eyes is very much reciprocal but what NZ receives is far more than what it delivers to the network. It is tasked with using shared technological means located on or operated from NZ soil (including its diplomatic missions) to target  specific entities of common interest to the larger partners, and in exchange it receives global as well as more NZ-specific intelligence from those partners.

That is just one reason why withdrawal is unlikely. But think of the consequences if NZ unilaterally decided to opt out of Echelon. It is in possession of some of the most advanced signals interception technologies on the planet. The GCSB knows the processes, procedures, means, methods and protocols of the entire network. Fear that this knowledge and technologies (say, for example, X-Keyscore and Prism) could fall into hostile hands will inevitably prompt a negative response from NZ’s erstwhile intelligence allies, and that response will not be confined to the field of intelligence (I am aware of reports that some of the technologies and methods mentioned in the Snowden documents have been decrypted by Russian and Chinese intelligence but am not sure as to what extent this may have occurred).

Were NZ to try and establish an alternative signals intelligence network with other powers, the remaining 5 Eyes countries would likely move beyond defensive measures and into the field of offensive intelligence operations against NZ. In other words, the exit costs will be too high given the uncertain benefits received in the event of withdrawal.

That being said, the GCSB is integral to 5 Eyes operations. The partners cannot afford to alienate NZ on issues that are critical to NZ but marginal or less costly to them. Although they never thought that their operations would be exposed in the measure that they have, the 5 Eyes partners are now acutely aware, thanks to Snowden, that they rise and fall together when it comes to exposing how they go about signals intelligence acquisition and who they target. They can therefore ill afford to call NZ’s bluff on a matter that is of critical importance to the latter.

I would argue that bilateral trade with China is one such matter. Even if they have a pretty good idea of what the GCSB does for Echelon, public revelation of NZ having a lead role in spying on the Chinese at home and abroad will force the PRC to retaliate in some fashion, even if just to save face as an emerging great power with super power pretensions. It must show that it should not be disrespected and meddled in by small states no matter who those states are allied with. The means by which it can reach out and touch NZ in a bad way are myriad and not confined to diplomatic or economic relations.

The only reason that it would not do so is if it has counter-intelligence access to GCSB operations and wants to keep those “backdoor” channels open in spite of the publication of specifics about NZ espionage against it.

If NZ were to say to its partners that given its vulnerability to Chinese utu the GCSB would prefer not to take a major role in spying on the PRC, it is possible that the other partners will listen and consider the request. The GCSB can still spy on South Pacific, Latin American and other nations that do not have much leverage over it, as well as the UN, various NGOs and private firms as it is doing now. But it would give a pass to spying, at least in a major way outside of NZ territory, on the Chinese.

In my view, such a position would not prevent the GCSB (and SIS) from conducting counter-intelligence operations against Chinese espionage at home and abroad. Even if they know about these defensive measures the Chinese will likely not make an issue of them given that they instigated the back and forth. Where I would draw the line is on offensive operations against Chinese targets, especially when at the behest of the larger partners.

I am not surprised that John Key has no interest in this proposition. To do so requires political courage and a commitment to putting NZ national interests first. Neither is in his repertoire. Plus, even if he were to think about the dilemma posed by NZ’s increasingly counter-poised trade and security interests, any renegotiation along the lines I have posed would be done quietly and not publicly announced, much less at a press Q&A. But I doubt the latter is the case.

In any event, this is a potential moment of opportunity to redefine the terms and conditions of NZ’s involvement in 5 Eyes, however implausible that may seem at first glance. There is a supposed review of the NZ intelligence community now underway that could serve as a sounding board for opinions on the suggestion, and I am happy to add my two cents to the discussion should that be deemed worthwhile.

Cyberwar comes to New Zealand.

datePosted on 12:23, June 10th, 2015 by Pablo

News that Chinese hackers obtained personal details of 4 million US federal employees dating to 1985, following on the heels of similar attacks on the customer records of private insurance companies and retirement funds as well as the internal email networks of the US State Department and White House, demonstrate that a guerrilla cyber-war is underway. Although it will not replace traditional warfare any time soon, this is the new face of war for several reasons.

First, it does not involve physical conflict using kinetic weapons, which removes direct bloodletting from the equation. Second, it can target critical infrastructure (power grids, water supplies) as well as the command, control, communications, computing and intelligence (C4I) capabilities of adversaries. Third, it can be masked so that perpetrators can claim a measure of plausible deniability or at least intellectual distance from the action. Fourth, it can be used for tactical and strategic purposes and the pursuit of short or long-term objectives.

Much like military drones, cyberwar is here to stay.

The war is not one sided: Russian hackers have penetrated Pentagon email networks and the 5 Eyes signals intelligence alliance has dedicated hacking cells working 24/7 on targets of opportunity. Many other nations also indulge in the practice as far as their technological capabilities allow them. To these can be added a host of non-state actors—Wikileaks, Anonymous, ISIS, among others—who have also developed the capability to engage in electronic espionage, sabotage, data capture and theft.

With the most recent revelations about the hacks on the US Office of Personnel Management (OPM) archival records (which include personal details of active and retired federal employees as well as identities of those who have had or hold security clearances, perhaps including myself given my prior employment by the Department of Defense) an evolution in cyber warfare is now evident.

Previously, most state-sanctioned cyber attacks were so-called “front door” attacks on government or corporate mainframes, servers and networks. The interest was in surreptitiously obtaining sensitive data or installing surveillance devices in order to engage in ongoing monitoring of targeted entities. “Back door” probes and attacks were the province of non-state actors, especially criminal organisations, seeking to obtain private information of individuals and groups for fraudulent use. However, the recent attacks have been of the “back door” variety yet purportedly state sanctioned, and the Snowden leaks have revealed that 5 Eyes targets the personal communications of government officials, diplomats, military officials and corporate managers as a matter of course.

The move to state-sponsored “back door” hacks is ominous. Accessing data about current and retired government employees can be used to blackmail those suffering personal liabilities (debt, infidelity) in order to obtain sensitive information about government processes, procedures, protocols and policy. It can target active and former intelligence and military officials and others with access to classified information. It can target former public officials that have moved to the private sector, particularly in fields of strategic or commercial importance. Likewise, obtaining sensitive personal data of employees working in private firms opens the door to similar exploitation for illicit commercial gain.

Advances in consumer telecommunications have made cyber hacking easier. Smart phones and their applications are considered to be the most vulnerable to hacking. Because many people store an enormous amount of personal data on these devices, and because they often mix work and personal business on them, they represent an enticing entry point when targeted. Yet even knowing this millions of consumers continue to pack their lives into electronic devices, treating them more as secure bank vaults rather than as windows on their deepest secrets. Not surprisingly, both state and non-state actors have embarked on concerted efforts to penetrate mobile networks and hand-held devices. Encryption, while a useful defense against less capable hackers, only slows down but does not stop the probes of technologically sophisticated hackers such as those in the employ of a number of states.

The bottom line is this: the smaller the telecommunications market, the easier it is for cyber hackers to successfully place backdoor “bugs” into the network and targets within it, especially if government and corporate resources are directed towards defending against “front door” attacks. On the bright side, it is easier to defend against attacks in a smaller market if governments, firms, service providers and consumers work to provide a common defense against both “front door” and “back door” hacking.

The implications for New Zealand are significant.

In this new battleground physical distance cannot insulate New Zealand from foreign attack because cyber-war knows no territorial boundaries. New Zealand provides an inviting target because not only is an integral and active member of Western espionage networks, it also has proprietary technologies and intellectual property in strategic sectors of its trade-dependent economy (including niche defense-related firms) that are of interest to others. Because New Zealand’s corporate, academic and public service elites are relatively small and the overlap between them quite extensive, hacks on their personal data are a valuable tool of those who wish to use them for untoward purposes.

New Zealand public agencies and private firms have been relatively slow to react to the threat of cyber warfare. The data they hold on their employees, managers, policy elites and general population is an inviting “back door” for determined hackers seeking to exploit vulnerabilities in New Zealand’s cyber networks. Since many Kiwis are lax about separating their work and private electronic correspondence and records, the potential to access sensitive personal information is high.

New Zealand has been the subject of numerous “front door” cyber attacks and probes on public and private agencies, including an attack by Chinese-based hackers on the NIWA supercomputer carried out in concert with a similar attack by the same source on the supercomputer run by the US National Oceanographic and Atmospheric Administration (NIWA’s US counterpart). New Zealanders have been the targets of numerous “back door” intrusions such as phishing and other scams perpetrated by fraudsters and conmen. Yet successive governments have been slow to recognize the new threat advancing towards it in the cyber-sphere, only recently creating dedicated cyber security cells within the intelligence community and just last year amending the GCSB Act to address vulnerabilities in domestic internet security. But it still may not be enough.

Until New Zealand resolves the problem of institutional lag (that is, the time gap between the emergence of a technologically-driven threat and an institutional response on the part of those agencies responsible for defending against it), there is reason to be concerned for the security of private data stored in it. After all, in the age of cyberwar there is no such thing as a benign strategic environment.

Crowdsourcing opportunity: The 5th Eye.

datePosted on 14:13, June 4th, 2015 by Pablo

I had the opportunity some time go to be interviewed by the one of the director/producers of the documentary “Operation 8” for a forthcoming film about the GCSB and its role in the 5 Eyes signal intelligence network. These good people are part of the grassroots network that attempts to keep those in power accountable to the folk they supposedly serve, and while I may not agree with them on a number of issues I have no doubts about their sincerity, commitment and interest in the common good.

In order to finish the new documentary, titled “The 5th Eye,”  there is a crowdsourcing effort underway that is well worth supporting. The details are here. Besides information about donating, there is a short video trailer included on the page as well as updates and other valuable information. By all means check it out and help this film on its way to fruition.

If you support truly independent film-making in Aotearoa, this is an excellent opportunity to not only talk the talk, but to walk the walk.

Spy Fatigue.

datePosted on 11:20, April 9th, 2015 by Pablo

The slow drip feed of classified NSA material taken by Edward Snowden and published by journalists Glen Greenwald, Nicky Hager, David Fisher and others in outlets such as The Intercept and New Zealand Herald caused a stir when first published. Revelations of mass surveillance and bulk collection of telephone and email data of ordinary citizens in the 5 Eyes democracies and detailed accounts of how the NSA and its companion signals intelligence agencies in Australia, Canada, New Zealand and the UK spy on friend and foe alike, including trade partners and the personal telephones of the German prime minister and Indonesian president, caused both popular and diplomatic uproars. In New Zealand the outrage was accentuated by revelations about the illegal GCSB spying on Kim Dotcom and the government’s extension of its spying powers even after it was found to have operated outside its legal charter in other instances as well.

But now it seems that public interest in the issue has faded rather than grown. Revelations that the GCSB spies on Pacific island states such as Fiji, Samoa and Tonga as well as Pacific French territories, followed by news that it spied on candidates for the World Trade Organisation presidency on behalf of Trade Minister Tim Groser (himself a candidate), has been met not with street demonstrations and popular protests but by a collective yawn by the public at large.

Why is this so?

It appears that the New Zealand public is weary of the death by a thousand cuts approach used by Mr. Hager and his investigative colleagues. Beyond the usual array of diversions presented by popular culture and media, the reason for this disinterest seems to lie in the fact that the information released to date is seen as trivial, uncontroversial and tediously never-ending. Take for example the reaction to the news that the UK spied on Argentina after the Falklands/Malvinas War and carried on until 2011. Numerous pundits asked whether that is surprising. What is the UK expected to do when Argentina remains hostile to it and has never renounced its territorial claims over the islands? Similarly, others have pointed out that since New Zealand is utterly trade dependent, why not try to advance Mr. Groser’s candidacy for the WTO job using surreptitious as well as diplomatic means? Likewise, is it news that Australia and New Zealand spy on small Pacific neighbours who depend on them for a significant amount of foreign aid and are being courted by the Chinese? Why not given the levels of corruption and intrigue present in the region?

This does not mean that there are no constitutional, diplomatic, security and trade concerns raised by the Snowden leaks coming into the public domain. My belief is that there is much to be alarmed about in the Snowden files and they should serve as a catalyst or window of opportunity for a thorough review of the NZ intelligence community and perhaps even a renegotiation of the terms and conditions of its participation in Anglophone intelligence networks.

But the way in which it has been presented to New Zealand audiences has induced fatigue rather than fervour. Add to that the government’s strategy of obfuscation, denial and attacking the motives, ethics and character of the journalistic messengers, and the result is a jaded public with little interest in spies or what they do and whom they do it to. Cast against a backdrop in which personal data and private information is already bulk accessed by private firms and a host of social media platforms with profit-maximising in mind, the general attitude seems to be one of unconcern about what the guardians of the public interest are doing in that regard. In such a climate the old Nazi refrain “you have nothing to fear if you have nothing to hide” resonates quite well.

Unless Mr. Greenwald, Mr. Hager and their colleagues have bombshells that they have yet to drop, it appears that like Mr. Dotcom’s much-hyped “Moment of Truth” last year, their efforts have fizzled rather than fired. For the sake of their credibility as well as the public good, it is time for them to stand up and deliver something of significance that transcends the Wellington beltway or if not, to walk away.

Should Mr. Hager and company opt to deliver a bombshell, they need to consider one more thing: what good purpose is served by revealing the foreign espionage activities of New Zealand and its closest intelligence partners? Even if it uncovers myriad spying efforts that have nothing to do with national security (and terrorism, that old canard), will it advance the cause of transparency and selectivity in intelligence operations and make some governments more responsive to public concerns about privacy? Will it curtail spying by the 5 Eyes partners or any other nation? Will it encourage whistleblowing on illegal government surveillance? Will it advance New Zealand’s interests in the world or force a reconsideration of its relationship with its security partners?

Or will it simply damage New Zealand’s reputation and relations with the countries that have been spied on?  Given that New Zealand is the most vulnerable of the 5 Eyes partners and is, indeed, almost totally trade dependent, the negative consequences of any potential backlash or retaliation by aggrieved states could be significant.

That is why the issue is important. The thrust of the most recent revelations have moved beyond domestic mass surveillance and into the realm of traditional inter-state espionage, which is not confined to the activities of the 5 Eyes partners and is an integral, if unspoken necessary evil of international relations. Given that the focus of the Snowden material is solely on 5 Eyes spying and not on its counterespionage efforts or the intelligence operations of other states, could it not seem to the general public to be a bit one-sided and deliberately injurious to continue to unveil only what NZ and its partners undertake by way of signals intelligence collection (as some in government and supportive of it have insinuated)?

In the end, will ongoing revelations about New Zealand foreign espionage serve the public interest and common good? Or will it have the opposite effect?

And will average Kiwis care either way?

 

A short version of this essay appeared in the New Zealand Herald, April 10, 2015.

In recent days there have been claims that there has been both more and less spying by New Zealand intelligence agencies. Proponents and opponents of the intelligence community have seized on one or the other claim to argue in favour or against NZ’s involvement in the 5 Eyes signals intelligence network and the expansion of powers awarded the NZ intelligence community under amendments to various security Acts during the past few years. Given that there is a forthcoming parliamentary review of the NZ intelligence community, it is worth cutting to the gist of the issue of “balance” between civil liberties and intelligence operations.

Monitoring and intercept technologies available to signals and technical intelligence agencies today are superior to those of ten years ago, especially in the field of telecommunications. This allows signals and technical intelligence agencies to do much more than was possible before, something that legal frameworks governing signals and technical intelligence collection have had difficulty keeping pace with. It would therefore seemingly defy credulity to claim that that spy agencies are doing less spying now than in the past, especially given what is known about the 5 Eyes network from the Snowden documents currently being introduced into the public domain.

But perhaps there is a way to reconcile the opposing claims. Can spy agencies actually be doing less with more?

The assertion that there is less spying by NZ intelligence agencies now than seven years ago can be reconciled with the recently released GCSB annual report stating otherwise by understanding that under the intelligence community’s interpretation, “mass collection” is not equivalent to “mass surveillance.” Although the 5 Eyes and other national signals intelligence agencies use systems like PRISM to grab as much meta-data as possible as it passes through nodal points, that data has to be mined using systems like XKEYSCORE to obtain collectable information. Bulk “hovering” of all telecommunications in specific geographic or subject areas by agencies like the GCSB still has to be searched and analysed for it to become actionable intelligence. That is where the use of key words and phrases comes in, and these are not just of the usual “jihad” or “al-Qaeda” variety (since the bulk of intelligence collection is not focused on terrorism).

Although the GCSB may be doing more bulk collection of electronic data, it claims to be analysing proportionately less of what is collected than during the last year of the Fifth Labour government. So it is doing less with more. But a fundamental problem remains when it comes to intercepting telecommunications in democracies.

That problem is that whether it is analysed or not, mass collection of so-called meta-data of everyone’s personal and professional telecommunications presumably violates the democratic right to privacy as well as the presumption of innocence because it is obtained without there being a particular suspicion or specific reason for its collection (much less a warrant for its collection). Bulk intercepts can then be data-mined after the fact using classified search vehicles in order to build a case against individuals or groups.

That runs against basic tenets of democratic jurisprudence. Moreover, indefinite storing of meta-data that has not been analysed but which could be in the future in the event target (and key word) priorities change is something that is the subject of legal argument at this very moment.

There are therefore fundamental principles of democratic governance at stake in the very collection of meta-data, and these cannot be easily set aside just because the threat of terrorism is used as a justification. The issue is constitutional and needs to be resolved before the issue of “balance” can effectively be addressed.

However, for the sake of argument let’s accept that bulk collection is not mass surveillance and that the former is legal. How does one balance civil liberties and security under such circumstances?

The implementation of balance under such conditions starts at the point where data mining begins. What are the key phrases and words that identify targets for closer scrutiny? What are legitimate targets and what are not? Some search terms may be easy to understand and broadly accepted as necessary filters for the acquisition of more precise information about threats. Others might be more controversial and not widely accepted (say, “opposition leader sex life” or “anti-TPPA protest leaders”).

That is where the issue of effective intelligence oversight comes into play and on that score NZ is sorely wanting. There have been some cosmetic changes in the workings of and a slight extension of the powers of the Inspector General of Intelligence and Security, and the process of issuing domestic security warrants made more robust with the participation of the Commissioner of Security Warrants. Yet any honest assessment of the oversight mechanisms of the NZ intelligence community will show that they are inadequate when it comes to providing effective and transparent proactive as well as retroactive oversight and review of our intelligence community’s activities given the range and scope of the latter.

These mechanisms are fewer and less effective than those of most liberal democracies (including our 5 Eyes partners), which means that NZ’s intelligence partners may well ask it to do things that they cannot do themselves due to the restrictions imposed by their own oversight mechanisms. That possibility should be of concern and needs to be addressed. Relying on the good faith of NZ intelligence agencies involved is not enough, especially given their history of playing loose with the rules when it suits them.

Therein lies the core problem with regard to balancing civil liberties and intelligence operations. If there is effective intelligence oversight before the fact (“proactive” in the sense that oversight mechanisms dictate was is permissible data-mining before it occurs) as well as after the fact (“retroactive” in the sense that oversight mechanisms hold intelligence officials to account for their use of bulk collection and data-mining), then balance can be achieved. However, if such effective oversight is lacking–again, both proactive and retroactive in nature–then the “balance” will be skewed heavily in favour of unaccountable intelligence collection and usage. That is not acceptable in a democracy but is in fact the situation at present in New Zealand.

Then there are the issues of how national security is defined and what role intelligence agencies play in its defense, on whose behalf NZ intelligence agencies engage in espionage, and with who the intelligence obtained by human, signals and technical means is shared. This matters because trying to achieve balance between civil liberties and intelligence operations without addressing the larger context in which the latter occur is much like putting the cart before the horse.

1234Next