Posts Tagged ‘intelligence and security’
Posted on 08:32, March 15th, 2015 by Pablo
In recent days there have been claims that there has been both more and less spying by New Zealand intelligence agencies. Proponents and opponents of the intelligence community have seized on one or the other claim to argue in favour or against NZ’s involvement in the 5 Eyes signals intelligence network and the expansion of powers awarded the NZ intelligence community under amendments to various security Acts during the past few years. Given that there is a forthcoming parliamentary review of the NZ intelligence community, it is worth cutting to the gist of the issue of “balance” between civil liberties and intelligence operations.
Monitoring and intercept technologies available to signals and technical intelligence agencies today are superior to those of ten years ago, especially in the field of telecommunications. This allows signals and technical intelligence agencies to do much more than was possible before, something that legal frameworks governing signals and technical intelligence collection have had difficulty keeping pace with. It would therefore seemingly defy credulity to claim that that spy agencies are doing less spying now than in the past, especially given what is known about the 5 Eyes network from the Snowden documents currently being introduced into the public domain.
But perhaps there is a way to reconcile the opposing claims. Can spy agencies actually be doing less with more?
The assertion that there is less spying by NZ intelligence agencies now than seven years ago can be reconciled with the recently released GCSB annual report stating otherwise by understanding that under the intelligence community’s interpretation, “mass collection” is not equivalent to “mass surveillance.” Although the 5 Eyes and other national signals intelligence agencies use systems like PRISM to grab as much meta-data as possible as it passes through nodal points, that data has to be mined using systems like XKEYSCORE to obtain collectable information. Bulk “hovering” of all telecommunications in specific geographic or subject areas by agencies like the GCSB still has to be searched and analysed for it to become actionable intelligence. That is where the use of key words and phrases comes in, and these are not just of the usual “jihad” or “al-Qaeda” variety (since the bulk of intelligence collection is not focused on terrorism).
Although the GCSB may be doing more bulk collection of electronic data, it claims to be analysing proportionately less of what is collected than during the last year of the Fifth Labour government. So it is doing less with more. But a fundamental problem remains when it comes to intercepting telecommunications in democracies.
That problem is that whether it is analysed or not, mass collection of so-called meta-data of everyone’s personal and professional telecommunications presumably violates the democratic right to privacy as well as the presumption of innocence because it is obtained without there being a particular suspicion or specific reason for its collection (much less a warrant for its collection). Bulk intercepts can then be data-mined after the fact using classified search vehicles in order to build a case against individuals or groups.
That runs against basic tenets of democratic jurisprudence. Moreover, indefinite storing of meta-data that has not been analysed but which could be in the future in the event target (and key word) priorities change is something that is the subject of legal argument at this very moment.
There are therefore fundamental principles of democratic governance at stake in the very collection of meta-data, and these cannot be easily set aside just because the threat of terrorism is used as a justification. The issue is constitutional and needs to be resolved before the issue of “balance” can effectively be addressed.
However, for the sake of argument let’s accept that bulk collection is not mass surveillance and that the former is legal. How does one balance civil liberties and security under such circumstances?
The implementation of balance under such conditions starts at the point where data mining begins. What are the key phrases and words that identify targets for closer scrutiny? What are legitimate targets and what are not? Some search terms may be easy to understand and broadly accepted as necessary filters for the acquisition of more precise information about threats. Others might be more controversial and not widely accepted (say, “opposition leader sex life” or “anti-TPPA protest leaders”).
That is where the issue of effective intelligence oversight comes into play and on that score NZ is sorely wanting. There have been some cosmetic changes in the workings of and a slight extension of the powers of the Inspector General of Intelligence and Security, and the process of issuing domestic security warrants made more robust with the participation of the Commissioner of Security Warrants. Yet any honest assessment of the oversight mechanisms of the NZ intelligence community will show that they are inadequate when it comes to providing effective and transparent proactive as well as retroactive oversight and review of our intelligence community’s activities given the range and scope of the latter.
These mechanisms are fewer and less effective than those of most liberal democracies (including our 5 Eyes partners), which means that NZ’s intelligence partners may well ask it to do things that they cannot do themselves due to the restrictions imposed by their own oversight mechanisms. That possibility should be of concern and needs to be addressed. Relying on the good faith of NZ intelligence agencies involved is not enough, especially given their history of playing loose with the rules when it suits them.
Therein lies the core problem with regard to balancing civil liberties and intelligence operations. If there is effective intelligence oversight before the fact (“proactive” in the sense that oversight mechanisms dictate was is permissible data-mining before it occurs) as well as after the fact (“retroactive” in the sense that oversight mechanisms hold intelligence officials to account for their use of bulk collection and data-mining), then balance can be achieved. However, if such effective oversight is lacking–again, both proactive and retroactive in nature–then the “balance” will be skewed heavily in favour of unaccountable intelligence collection and usage. That is not acceptable in a democracy but is in fact the situation at present in New Zealand.
Then there are the issues of how national security is defined and what role intelligence agencies play in its defense, on whose behalf NZ intelligence agencies engage in espionage, and with who the intelligence obtained by human, signals and technical means is shared. This matters because trying to achieve balance between civil liberties and intelligence operations without addressing the larger context in which the latter occur is much like putting the cart before the horse.
The Snowden revelations have brought to the fore the issue of oversight and accountability on the part of intelligence agencies in democracies. In this analytic brief I outline ideal type principles and practicalities of democratic intelligence oversight. The idea is to offer a conceptual basis for understanding how democratic intelligence oversight should work with an eye to promoting practical reforms to that end.
The merit of a proposition can be judged by the strength of the argument in support or defense of it. In the case of the proposed changes to the GCSB and TICS Acts, the government’s argument has basically reduced to claims that terrorists will strike if the bills do not pass, perhaps even using weapons of mass destruction. More than an argument in favor of the bills, it is a sign of desperation on the part of a government unwilling to level with the public on its real intent.
To begin with, counter-terrorism is a very small part of what intelligence agencies do. Ninety percent of intelligence collection and analysis, to include its sub-set of electronic espionage and counterespionage, is focused on traditional corporate, diplomatic and military intelligence gathering. That is true for the Five Eyes/Echelon signals intelligence network and even more so for countries that are not on the front lines of the so-called War on Terrorism.
Yet countering “terrorism” has become the buzz word used by politicians to justify the expansion of the security apparatus in all its forms, to include the militarization of police functions and extension of powers of search and surveillance. It is the fig leaf that covers a multitude of sins perpetrated by the state in the name of national security.
This is an important point because as nasty as it is, terrorism is not an existential threat to any established state, much less a consolidated democracy. Viewed objectively, it can be properly seen is a crime of violence most often carried out as an irregular warfare tactic for ideological reasons. In the hands of non-state actors it is a weapon of the militarily weak that cannot be used regularly and systematically against a broad array of targets in the face of state enforced counter-measures. Although impossible to eliminate in its entirety, especially in its small cell or lone wolf application, this type of terrorism (i.e. in John Key’s airport bomb hypothetical) is a type of criminal violence best handled by the police using the intelligence made available by human as well as signals and technical intelligence agencies.
That may or may not involve electronic eavesdropping of a targeted sort. What is not needed to counter terrorism is blanket adoption of draconian security laws that restrict individual and collective freedoms, including the right to privacy. Oppressing the majority out of fear of an extremist few is counter-productive for no other reason than doing so plays into the hands of the aggressor.
In any event New Zealand is not on the front line of the War on Terrorism. Its threat environment is different than that of Australia, the UK and the US. It is more akin to (yet less than) that of Canada, and it is telling that Canada has resisted moves to closely align its domestic intelligence gathering powers with that of its Northern Hemisphere partners. The Canadians well understand the hierarchy of threats confronting them, and in light of that have shied away from the type of legislation currently being proposed in New Zealand.
If anything, the Canadian government knows that closer public alignment with the US and UK on security issues invites greater risk of attack from those engaged in armed conflict with them. It also understands that what irregular threats exist for Canada, they are more likely to be internal and related to domestic policy issues than external in origin or manifestation. New Zealand is similar in both regards.
What this means is that the specter of terrorism raised by John Key is a dark chimera that has little connection to New Zealand’s real threats, but which is used to defend the passing of security legislation that is more appropriate for the threat environment in Pakistan or Yemen than that of the South Pacific.
In recent years cyber espionage has become the predominant form of signals intelligence threat, to include that in New Zealand. The focus of attention of Five Eyes and other signals intelligence agencies is increasingly on fiber optic cables, routers, switches and the computers that use them, as opposed to radio and satellite intercepts (even if the latter remains a priority for Echelon). In pursuit of effective counter-measures, the Echelon partners have developed sophisticated labor-savings software such as PRISM and XKeyscore that filter the first cut on zillions of bytes of electronic data (the so-called meta-data), thereby making it easier for human analysts to target specific communications based upon keywords, phrases and usage patterns.
This mass trawling through personal as well as institutional electronic communications is indeed efficient, and not problematic for countries under non-democratic rule, but poses a problem for liberal democracies where the right to privacy and presumption of innocence go hand-in-hand as the bedrocks of citizenship.
Cyber espionage in New Zealand is mostly but not exclusively perpetrated by foreign state and non-state actors seeking to access sensitive corporate, political and security information. This includes back-door access via personal computers and electronic devices into work computers of targeted sectors. Since New Zealand has the most porous internet security of the Five Eyes partners and because its economic and political decison-making elite is relatively small in comparison, it is considered to be the weak link in the network by adversaries and allies alike.
Be it by groups such as Anonymous or by state agencies such as Chinese military intelligence (and there are many others), it is estimated that New Zealand computer networks are probed dozens of times a year (at least as far as what has been publicly admitted by the government). Thus the interest in increasing the GCSB’s cyber-securty function in order to bolster the defensive aspect of local cyber intelligence (targeted hacking of foreign networks being the offensive side).
The hard fact is that cyber espionage and counter-espionage is the newest and increasingly most pervasive form of spying and is here to stay, so New Zealand has to lift its game in that field of play.
This is the real reason why the Bills have been introduced. The trouble is that they contain a very strong offensive aspect to them, in part owing to the blurred nature of cyber espionage that does not conform easily to the foreign versus domestic dichotomy traditionally used to partition internal from foreign intelligence gathering. Threats now are seen as “glocal” or “intermestic,” and thus offensive cyber intelligence operations are run side-by-side with domestic counter-intelligence (defensive) work. That includes meta data mining on home soil, and the sharing of that data with Echelon partners.
Rather than honestly reveal the true reasons why the amendments to the GCSB and TICS Acts are being proposed, the National government has resorted to the old canard about terrorism. It may be doing so because it is undiplomatic to point out that its second largest trade partner has been accused by New Zealand’s strongest security and intelligence partners of being the source of most cyber attacks on their respective and shared computer networks. It may be doing so because it assumes that most people simply do not care about issues of security and intelligence, and it might be right. But whatever its rationale, its proposals are way over the top given the realities of New Zealand’s position in world affairs and its history as a democratic polity.
There is much more that is wrong with the New Zealand intelligence community–the lack of effective and independent oversight, the political manipulation of intelligence flows, the overly broad definition of national security and threats to it being foremost amongst them. It is therefore not surprising that in the very framing of the debate about the GCSB and TICS Bills, the government has resorted to bluster and fear-mongering rather than outline the real thrust of its changes.
That is a pity. Had it done so it might have been able to reach a compromise on cyber security more appropriate for a small liberal democracy on the periphery of the major conflicts of our times. However, as things stand New Zealand is about to be saddled with a cyber-security apparatus apparatus more similar to that of Singapore than those of Belgium, Norway or Uruguay.
That pretty much says it all about how National views the world.
Accusations that the NZDF may have been spying on journalist Jon Stephenson during or after he was in Afghanistan researching what turned into a series of very critical stories about the actuality of SAS operations in support of the elite Afghan counter-terrorism Crisis Response Unit (CRU) have sparked both public outrage and government backlash. Numerous media entities and civil libertarians have protested the alleged spying as an infringement on press freedom, with the story now picked up by the US press because Mr. Stephenson was working for a US based news service when the spying supposedly occurred, and the spying may have been carried out by US agencies.
It is early days yet in the development of the story, but there are numerous angles that if explored could lead to a can of worms being opened on the NZDF and NZ government as well as the US administration. More immediately, if what has been made public so far is accurate then there are some NZ-focused issues to ponder, which can be broadly divided into matters of short and long-term consequence.
The specific accusation is that NZDF obtained meta-data about Mr. Stephenson’s phone records from US intelligence sources while he was in Kabul. This meta-data included the phone numbers of those he contacted or who called him while in theater, which could be “mined” and subject to network analysis in order to create signal maps and flow charts of the patterns of communication between them as well as with Mr. Stephenson (what have been called signals meta-data “trees”).
Implicit in the original story by Nicky Hager is the possibility that the content of Mr. Stephenson’s conversations and possibly his emails were accessed by the NZDF, or at least by foreign partners who then shared that information with the NZDF.
This is the short aspect of the story. Mr. Hager believes that Mr. Stephenson was subject to an NSA signals trolling scheme akin to that done by the PRISM program, and that the NZDF may have requested that Mr. Stephenson be surveilled by the NSA as a result of Stephenson’s investigation but also because the NZDF could not spy on him directly. However, since the SIS and GCSB had officers on the ground in Kabul and shared workspace with NSA and CIA personnel, the possibility was raised that they were somehow involved in the electronic monitoring of Mr. Stephenson, either has initiators or recipients of the NSA meta-data mining of his communications.
This may or may not prove true. The government and NZDF flatly deny that any spying, whether by the NSA, GCSB or NZDF, was done on Mr. Stephenson. Mr. Hager claims to have evidence that NZDF personnel obtained Mr. Stephenson’s telephone meta-data (presumably he has at least been shown that data by the NZDF personnel who are his sources).
One of these versions is apparently false, although there may be a twist to the story that bridges the veracity gap between them.
Since Mr. Stephenson was in a declared conflict zone in which a multinational military coalition was engaged, he was inevitably subject to military intelligence collection. Military organizations and their various service branches maintain human and signals intelligence collection units that focus on tactical aspects of the conflict zone. That would, at a minimum, include canvassing local telephone and email networks for information on potential threats and contextual background. Such collection is designed to facilitate “actionable” intelligence: information that can be used to influence the political environment as well as the kinetic operations that occur within it.
It is possible that Mr. Stephenson’s phone records were collected by an ISAF military signals intelligence unit. It probably was that of a US military unit. That unit may have identified Mr. Stephenson as a New Zealander and passed his information on to one of the intelligence shops located at Bagram Air Force base or elsewhere for sharing with the NZDF as a professional courtesy and a “head’s up” on who Mr. Stephenson was involved with.
If this is true, then Mr. Hager’s NSA/PRISM/GCSB/NZDF spying scenario is wrong. However, the issue does not end there. The big questions are whether the NZDF requested that an allied military signals intelligence unit spy on Mr. Stephenson, or if not, what it did with the information about Mr. Stephenson volunteered to it by its ally.
If the latter is the case, then it is possible that the NZDF took no action because it either considered the information marginal to its intelligence concerns or improper for it to receive and use. That in turn could have led to the destruction of that meta-data after it was received.
On the other hand, if the NZDF requested said information about Mr. Stephenson from a military intelligence partner, that would make any subsequent meta-data record destruction an attempt to eliminate evidence of that request or the use to which the data-mining was put.
It should be noted that such spying in conflict zones is usual and to be expected by anyone operating with them, journalists and non-journalists alike. Moreover, it is perfectly legal as well as reasonable for the NZDF to share information with its military intelligence partners, even if it includes information about unaffiliated NZ citizens operating in conflict zones in which the NZDF is deployed. Thus it would not have been unlawful for the NZDF to obtain Mr. Stephenson’s electronic meta-data whether it initiated its collection or merely received the results.
This extends to its use of the SIS or GCSB to assist in said collection, since the SIS is empowered to spy on NZ citizens and the GCSB was working in a foreign theater in which Mr. Stephenson was working for a “foreign entity” (McClatchy New Service), therefore making him a legitimate target under the 2003 GCSB Act. Whether one or both of these agencies was involved in the spying on Mr. Stephenson, should it have occurred, the eavesdropping could legally be conducted without warrant, again owing to situational circumstance.
However, just because something is legal does not make it right. This is where the long of the story comes into play.
Mr. Hager also revealed the existence of an NZDF operations manual, apparently drafted in 2003 and revised in 2005, that included at least “certain investigative journalists” along with hackers, foreign spy agencies, ideological extremists, disloyal employees, interest groups, and criminal organizations in the category of “subversive” threats (although it remains unclear as to when that particular passage was added to the text and who authored and authorized it). The definition of subversion was stretched to include those whose activities could undermine public morale or confidence in the government and NZDF. This included “political” activities deemed inimical to the NZDF image or reputation.
Whether it was included in the original version or added some time later (perhaps very recently), that definition of subversive threats is astounding. The language used borrows directly from the lexicon of the Pinochet dictatorship and Argentine Junta. It completely ignores the concept of press freedom in a democracy, which is premised on the autonomous separation of the media and the military as institutions. It lumps in so-defined subversive threats with physical threats to operational security in the field. That makes those identified as subversives enemies rather than adversaries, which allows them to be treated accordingly.
The wording of the passage about subversive threats in this manual says more about those who drafted it and the NZDF leadership that allowed it to become doctrine than it does about any real threat posed by journalists to the NZDF or government. Being embarrassed by critical reporting is not akin to being shot at. Even if written in the fevered years immediately after 9/11, the authors of that passage (and presumably others in the manual) display an authoritarian, anti-democratic mindset that is fundamentally inimical to democratic civil-military relations and, for that matter, democratic military professionalism.
Chris Trotter has noted that the NZDF, as a military organization, is authoritarian in nature and thus inherently un-, if not anti-democratic. I respect his view but disagree to an extent. Virtually all social organizations are hierarchical in nature–families, churches, private firms, unions, schools, bureaucracies, political parties and yes, the armed forces, police and intelligence agencies. That makes the egalitarian bases of democratic political society unlike virtually all other forms of social organization.
In other words, we are socialized in a hierarchical world and it is democracy as a political form that is the unnatural outlier.
Even so, although hierarchy can and often does tend towards authoritarianism, in democracies social organizations that are hierarchically constructed bow to the egalitarian meta-logic that posits that in their political interactions they are bound by notions of mutual respect, independence, corporate autonomy and non-interference. That is, they practice at a meta-level what they do not at the macro or micro-levels: in their interactions with each other groups forgo the hierarchical disposition that characterizes their internal governance.
This is important because the NZDF field manual that Mr. Hager exposed and whose existence is now confirmed by the government displays an authoritarian mindset and operational perspective that transcends the necessary hierarchy of NZDF organization. The NZDF is not inherently authoritarian because it is hierarchical in nature, but because, if the spying allegations are correct in light of the manual’s language about threats requiring military countering, its leadership displays an authoritarian disposition when it comes to things it finds objectionable, including pesky reporters (I shall leave aside Mr. Trotter’s remarks about military allegiance to the Queen rather than government or citizenry, although I take his point as to where its loyalty is directed and the impact that has on its transparency and adherence to democratic norms).
In sum: Consider what the manual says with regards to subversive threats in light of the well-publicized NZDF attacks on Mr. Stephenson’s professional and personal integrity that resulted in the defamation trial recently concluded (attacks that could well fit within the “counter-intelligence operations” recommended in the manual). Add in the claims by Mr. Stephenson that a senior military officer uttered death threats against him (the subject of a police complaint in 2011 that was not actioned). Factor in the NZDF admission in the defamation trial that it tracked Mr. Stephenson’s movements along with the possibility that the NZDF did acquire and utilize Mr. Stephenson’s telephone communications records in a capacity other than to detect tactical threats to units in theater. Further include Mr. Hager’s findings in his book Other Peoples Wars, in which the NZDF was seen to disregard government instructions regarding its conduct in foreign theaters and collaborated extensively with US intelligence (both military and civilian) in places like Bamiyan in spite of its repeated denials that it was doing anything other than building schools and roads in that province.
The conclusion? In light of this sequence of events it is very possible that the NZDF has systematically operated in an unprofessional and anti-democratic fashion for at least a decade, and particularly with regard to Mr. Stephenson.
This is a serious matter because it gives the impression that the NZDF has gone rogue (assuming that the governments of the day were, in fact, unaware of the language in the field manual or of the alleged spying). Rectifying this institutional anomaly is important. How to do so is critical.
It is not enough to blame the previous government and retired NZDF commanders for the manual, then excise the offending passage while maintaining that no NZDF records of spying on Mr. Stephenson exist. Instead, the NZDF leadership during this time period needs to be held accountable for allowing anti-democratic attitudes and practices to take root within it and, if need be, action needs to be taken against those who authorized the language of the manual and/or the spying if it happened. Only that way can confidence in NZDF accountability and commitment to democratic principles be restored.
In order for any of this to happen, yet another inquiry needs to be launched. Given the debates about the GCSB and TICS Bills and ongoing concerns about Police and SIS behaviour, that says something about the state of New Zealand’s security community at the moment.
Posted on 15:58, July 25th, 2013 by Pablo
This weekend there will be national protests against the National government bills amending the 2003 GCSB and 2004 TICS Acts. Although the protests have garnered broad support across the political spectrum, they are likely to turn into generic rant fests against capitalism, imperialism, colonialism, and assorted other maladies rooted in the war-mongering Zionist 9/11 insider white corporate propertied Trilateralist patriarchy rather than a focused argument against the extension of the GCSB’s domestic spying powers. That is because the organizers, in Auckland at least, are the usual suspects seen at pretty much every protest, and who have agendas that supersede concerns about espionage.
The dress code will largely be black, with Vendetta masks optional.
In a way it is natural for the so-called rent a mob to take charge of the anti-GCSB protests. After all, they have the organizational capability, collective commitment and personal experience in doing such things, so who can blame them if they attach a few other grievances to the major subject of the protest? Who else can pull together major rallies on short notice, including the logistics of using public spaces, channeling marchers, making banners, supplying audio equipment and providing speakers? Most of those who have comparable skills are not exactly the types who would want to be part of such a “progressive” demonstration, and certainly would not want to be associated with the organizers of these protests (I am thinking of church and conservative groups here).
Having said that, this post is about what is likely to be a very effective National strategy for getting its proposed reforms passed in spite of the groundswell of opposition to them. It works like this:
National introduced reforms that grossly expand the GCSB’s powers of domestic espionage, using changes to the TCIS Act and the need for “infrastructure protection” as part of that new charter. It threw in some very minor cosmetic changes using the Kitteridge Report as a point of reference. It went for the overreach, proposing to allow, with cabinet approval, the GCSB to spy on behalf of agencies that have nothing to do with national security as well as conduct warrantless espionage on foreign entities and persons, to include NZ citizens employed by foreign firms and agencies (be they diplomatic missions, NGOs or private firms). It demands that telcos provide apriori backdoor access to their cable infrastructure for the purposes of both targeted and meta-data mining.
There is much more but this is the gist: it no only retroactively legalizes the illegal spying done on Kim Dotcom. It extends the scope of that type of spying much further. And as before, all of the domestic data collected under the new Acts can and likely will be shared with foreign intelligence partners, particularly those grouped in the 5 Eyes network.
National knew that Labour and the Greens will oppose the Bills for political and principled reasons, respectively, but does not care because it knew that it only had to win over Winston Peters or Peter Dunne to secure passage of the legislation. Since both of these one man shows are political opportunists at best, a few bones thrown their way in exchange for minor concessions was seen to do the trick.
As it turns out, Dunne leapt/caved first. In exchange for more cosmetic changes in oversight and reporting (none of which fundamentally alter the way in which the NZ intelligence community operates or the scope of its operations), the setting of a 2015 date for a general review of the NZ intelligence community and one significant backdown (the removal of cabinet authorization for GCSB assistance to agencies other than the Police, SIS and NZDF, which will now have to be authorized via legislation), Dunne has pledged his vote for the Bills. They can now pass essentially intact.
A brief aside: It would have been worth considering allowing the GCSB to render assistance by charter to agencies such as Customs and Immigration as well as the SIS, Police and Defense because they clearly have a national security role. Moreover, it may not be widely understood but the GCSB offers more than equipment and technicians to its counterparts. It has linguists, interpreters, engineers and other specialists in its ranks who can be of use to domestic security agencies on a case by case basis. The Dunne concessions do not address the how, why and when of any of this.
Getting back to the main theme, National knows that by pushing a maximalist line with regard to the expansion of GCSB powers it could accept something moderately less without discernible harm to its overall intent. Besides Dunne’s and Peters’ venality, it relies on generalized public apathy regarding the issue (although it must have been surprised by the extent of opposition that eventuated, especially from high-profile groups and persons), and it knows that it can dismiss any opposition as naive, politically motivated or both (which John Key has now done, and which this week’s protests will confirm in the minds of those supportive of or undecided about the proposed changes).
National also knows that should there be change of government in 2014, it is unlikely that a Labour/Green coalition will have intelligence community reform as a priority. If its modern history is any indication Labour will be quite comfortable with the amended legislation. Recall that it was under the 5th Labour government that most of the dubious GCSB spying on 88 NZ citizens and residents was done, and Labour will be able to use the revamped GCSB powers for its own purposes should it feel the need to. It is naive to believe that different governments do not have different intelligence priorities, something that is manifest in intelligence agency tasking.
One only needs to think of the role of the SIS in the Zaoui case and the suspected role of both the SIS and GCSB in the Urewera case to understand the concept as well as Labour’s disposition when it comes to such things. With National the shift in intelligence priorities is seen in its focus on commercial relations, to include patent and copyright issues that have little to do with national security but all to do with alliance relationships. Either way, governments call the shots when it come to intelligence priorities.
Labour and the Greens will have reversing other National policy reforms as the first order of business, be it the Holidays Act, aspects of the Employment Relations Act, issues connected with Health, Education, WINZ beneficiaries, public sector employment, economic use of public lands, etc. That list has far more immediate domestic political impact than revisiting the GCSB and TCIS Acts, especially if the expanded powers granted the GCSB are used with a modicum of discretion and selectivity.
Should Labour and the Greens assume government in 2014, they are saddled with running the 2015 general inquiry about the NZ intelligence community. That will take public time and political capital, which leaves less of each for the promotion of other initiatives. This could leave a Labour/Green government spread thin when it comes to imposing legislative and policy agendas, especially when considering that the partner’s priorities do not universally coincide in the first place (less so when other minority parties are involved). That could undermine the stability of the coalition, wreak their overlapped policy platforms, make for internecine conflict and set the stage for a National return to government in 2017.
Barring some unexpected reversal of fortune in the next few weeks, when it comes to domestic espionage and the GCSB’s expanded role in it, what we have here is a done deal. The Bills will pass. There will be more spies amongst us.
National’s short-term political logic looks to have proven correct, so far. Time will tell if its longer-term strategy will pay off as well.
Withdrawal from Echelon: a realistic watershed moment in intelligence reform or Left political posturing?
Posted on 15:34, June 20th, 2013 by Pablo
In light of the attention brought to matters of intelligence collection and analysis in recent months, it is entirely reasonable for the Greens and Labour to demand a fill inquiry into the organization, role and functions of the New Zealand intelligence community, including its responsibilities and obligations in international intelligence networks such as Echelon/5 Eyes and other less publicized arrangements. As the Kitteridge Report noted with regard to the GCSB and what the Zaoui case demonstrated in the case of the SIS, there were or are serious deficiencies in both agencies. These are as much if not more managerial than operational, but the truth is that a review of the entire intelligence community is overdue in light of the changing realities of intelligence gathering in the 21st century.
That is why the National government’s attempt to pass reforms to the 2003 GCSB Act that extend its domestic powers and scope of authority, coupled with the proposed Telecommunications (Interception Capability and Security) Bill that would, among other things, force telecommunications firms to provide backdoor access to their source and encryption codes, needs to be delayed until such time a proper inquiry into the entire espionage complex is undertaken. Without full understanding of areas of strength and weakness in the system, it is impossible to knowledgeably address the proposed reforms in the way signals intelligence is gathered and used in and by New Zealand, much less how it should be balanced against rights to privacy and institutional accountability.
As part of the calls for the inquiry, some on the Left have proposed that a review of New Zealand’s participation in Echelon be undertaken. Some have gone so far to say that it could become another watershed moment such as that surrounding the 1985 non-nuclear declaration. Presumably the watershed would be occasioned by a withdrawal from Echelon.
As much as I think that a review of New Zealand’s role in Echelon is welcome, especially in light of the Kim Dotcom case and recent revelations about mass scale meta-data mining by the US National Security Agency (and the meta-data mining by the GCSB revealed by the Kitteridge Report), I think that it would be absolute folly to withdraw from Echelon. Changes in the terms and conditions of New Zealand’s participation in Echelon may be warranted, but a full withdrawal from the signals intelligence-sharing community composed of the US, UK, Australia, Canada and NZ seems foolish.
I will not reiterate here the early warning, big picture and deep insight benefits that NZ accrues from being an Echelon partner. What I will note is that it has been a partner in Echelon for more than three decades, and as such shares some of the most guarded secrets, both historical and contemporary, of the Anglophone intelligence community. This includes methods, technologies, locations and sources for signals intelligence collection as well as the content of specific subjects of interest.
The Echelon partners will take a very dim view of these secrets suddenly becoming insecure as a result of a NZ withdrawal from Echelon. No matter what assurances may be given or what phased devolution of responsibilities is proposed, they are bound to fret about classified Echelon information falling into hostile hands as a result of that decision. That will likely prompt a full scope defensive counter-response to minimize the possibility of damaging or sensitive material falling into the “wrong” hands.
That response will far outweigh the diplomatic estrangement caused by the non-nuclear declaration (which ultimately amounted to a freeze on bilateral military-to-military contacts but which did not alter intelligence sharing or diplomatic relations in any significant measure). The negative consequences of withdrawal from Echelon will be felt in the intelligence arena, but will also be felt economically, militarily, and most definitely cyber-electronically, and will not just come from the other 5 Eyes partners.
Under a Labour/Green government that decides to withdraw from Echelon, New Zealand might seek to hedge its bets by establishing intelligence sharing ties with the People’s Republic of China or Russia. The first would complement the economic re-orientation towards the PRC in recent years, whereas the latter would cultivate relations with a long-term and now resurgent Western adversary (which is now in the process of re-deploying submarines to the South Pacific for the first time in over 20 years). Either move would show a clear commitment to diplomatic re-alignment away from traditional partners and towards Eurasia, something that would nicely complement the primary geographic focus of NZ’s trade-oriented foreign policy (we should remember that NZ is in the early stages of negotiations with Russia on a “free” trade agreement).
For both Russia and the PRC, gaining access to Echelon data would be invaluable even if the remaining 4 Eyes are forced to completely overhaul their systems in order to limit the damage caused by a NZ “flip.” In fact, the repercussions from such an act might force NZ to seek the security protection of either great power. One assumes that for this to happen the NZ public will be comfortable with the shift in alignment.
It is less probable that other Western nations such as France or Germany would want to jeopardize their relations with the Echelon community by entering into an alternative signals intelligence-sharing arrangement with NZ. Perhaps rising powers such as India, South Africa or Brazil might want to take advantage of the window of opportunity, but that also seems unlikely.
That is why I believe that the speculation about an inquiry into the intelligence community resulting in a “watershed” NZ withdrawal from Echelon is poorly considered. Escaping international commitments of any sort is fraught in many ways, and in order to do so the benefits of reneging must clearly outweigh the costs. The decision must enjoy broad support and be politically sustainable at home as well as abroad.
In that light, the benefits of a withdrawal from Echelon are uncertain and the downside of withdrawing from such a long-term and highly sensitive international security commitment is too great and too obvious for such talk to be anything but ignorant or Labour/Green posturing in the build up to next year’s elections. If that is the case, it undermines the Labour/Green bid to have a full inquiry into NZ intelligence community reform because there will be little support outside of select party factions for a move to withdraw from Echelon, and any reform initiatives that include that possibility will not be taken seriously.
It would therefore seem best for the Greens (in particular) and Labour to stifle such speculation from within their ranks in order for their calls for a full inquiry into the NZ intelligence community be given due consideration. That still leaves much room for review, but has a better chance of garnering broad-based support than by continuing to entertain thoughts about watershed moments.
Now that the Kitteridge and Neazor reports have been tabled, discussion can more fully proceed to the issue of intelligence oversight. The government has proposed bolstering resources for the Inspector General of Intelligence, and adding a Deputy Inspector General to what until now has been a one man shop. That is a step in the right direction, but it falls very short of the mark when it comes to robust, independent intelligence oversight mechanisms. Here I outline one way of achieving them.
Currently the IG is dependent on the NZSIS and GCSB for resources and cooperation and answers to the Prime Minister. That puts him at the interface between politics and operational matters in a chain of responsibility, which reduces his freedom of action.
The IG’s office should be strengthened in terms of staff and moved to become an agency of parliamentary services. It will answer to the Parliamentary Committee on Security and Intelligence, although its staff and funding source will be independent of the Committee. The Committee will have powers of compulsion under oath that allow it to force intelligence managers to release operational details or classified information to it upon request. It would meet at least once a month and receive scheduled classified briefs from the directors of the SIS and GCSB as well as senior managers in the DPMC handling intelligence flows. At any time the Committee would be able to order the appearance in special session of officials from the Police, Customs, Immigration, Treasury and other agencies that employ intelligence collection and analysis services.
All of this would require that the staff of the committee as well as that of the IG have security clearances akin to those of personnel employed by the agencies being overseen. That will require background checks and security vetting of staff. Members of the Committee would be required to sign secrecy oaths under penalty of law.
The transition from the current ineffectual oversight mechanisms to something more effective will take time and money. It will therefore be resisted not only by the agencies being overseen (who naturally will be discomfited by increased scrutiny from agencies unattached to the Prime Minister). It will also be opposed by political sectors focused on cost-cutting, quick results, or maintaining the current system because of the weight of institutional legacies and/or advantages it gives governments when it comes to the interpretation and implementation of intelligence priorities. But it is certainly worth doing.
The time is opportune for change. The sequels to the Dotcom case have exposed serious problems in the political management of intelligence issues as well as deficiencies in the conduct of intelligence operations. The government has proposed significant changes to the 2003 GCSB Act, particularly section 14, that will have the effect of strengthening the GCSB’s powers of internal (domestic) surveillance at the behest of other agencies–foreign and domestic. The justification for this rests on the increasingly transnationalized nature of security threats, whereby the intersection of local and international crime, foreign corporate and political espionage, irregular warfare networks and non-state actors makes much more difficult precise definition of what constitutes a domestic as opposed to foreign intelligence concern. These are grey area phenomena, and the response cannot be given in black and white.
I agree that the security threat environment has changed and is much more “glocal” or “intermestic.” I agree that it requires statutory revision in order to better account for the changing nature of intelligence operations under such conditions. What I am proposing here is a parallel revamp of oversight mechanisms that promote more independence, transparency, accountability and compliance at a time when the scope of intelligence agency authority is being redefined and expanded well beyond traditional espionage operations.
The issue is worth debating and therefore should be the subject of a larger inquiry such as proposed by Labour and the Greens. If nothing else the Kitteridge and Neazor reports can be used as the starting point for a more thorough discussion of the role, functions and purview of NZ intelligence agencies given the changed nature of the threat environment and the equally compelling need to maintain a better measure of democratic accountability than has heretofore been seen.
Johns Key’s answers to the “mystery” of the US Air Force executive jet parked at Wellington during Hobbit mania gives us a good indication of his attitude towards the public and the press. Although the plane was misidentified several times by reporters as a private plane, it is in fact part of a fleet of US Air Force transport aircraft that are used regularly to fly high level politicians and bureaucrats to foreign meetings. The make, model, livery, insignia and identification number would have been readily recognizable to plane spotters, so Mr. Key was correct in saying that there was no secret to its visit. It was how he answered the question of who the visitors on the plane were that gives an indication of his current mindset.
His initial response is that he did not know who was on the plane or the purpose of its visit. He said he may have seen the name of a visitor on a piece of paper but could not recall it. As Minister of Intelligence and Security that would seem to be an odd thing to say, especially since it played (now apparently purposefully) on the “brain fade” impression he developed as a result of his forgetfulness about the Dotcom/GCSB illegal espionage case.
What is puzzling is that he could have said any number of things: that he did not discuss intelligence and security matters in principle; did not discuss “quiet” visits by foreign (US) officials as a matter of policy; did not discuss the visits of foreign intelligence officials; or that he could not confirm or deny the presence of any such on NZ soil. It would be the same if he refused to comment on military matters citing operational security (but where again, he obfuscates and prevaricates rather than just offer a straight answer or refusal to comment). He could have said any of these things and the story would have died.
Under a second day of questioning he admitted that the plane carried a high-ranking US intelligence official to meetings with NZ intelligence officials and that the meetings involved counterparts from other foreign intelligence agencies. He denied these were meetings of the Echelon/5 Eyes partners even while saying that they hold regular meetings in NZ, the latest in July or February (depending on which version of his recollection one chooses to believe).
This comes at a time when the 5 Eyes community have been rocked by a major spy scandal in Canada, where a naval intelligence officer sold highly sensitive tactical and strategic signals intelligence data to the Russians for five years before his arrest in early 2012 (which would require the adoption of a number of sanitizing and preventative counter-measures throughout the network). It comes after the obfuscations and weirdness surrounding the GCSB involvement in the Dotcom case (which may well have started before Dotcom arrived in NZ because the NSA–the lead agency in the Echelon network–was already monitoring Dotcom prior to his arrival and would have likely asked that the GCSB continue the surveillance after he crossed the border). It also comes at a time when Huwaei is under scrutiny by the Echelon partners for its possible involvement in Chinese signals intelligence collection efforts, which are focused on the West in general and 5 Eyes countries in particular.
Under the circumstances a visit by senior 5 Eyes counterparts to discuss matters of common concern would not be unusual or untoward, if nothing else as an information-sharing exercise or so that they could get their ducks in a row on matters of institutional or public interest.
Thus the question begs as to why Mr. Key did not just refuse to comment citing matters of national security but instead opted to play dumb and incompetent, thereby heightening initial interest in the story?
My belief is that he has general contempt for the public’s intelligence on matters of foreign affairs and security, and that he believes the masses are not interested in the subject anyway. But his focused contempt is of the press or at least non-submissive members of it. His brain fade act is more than simply lying. It is the deliberate winding up of the press over matters that, while not inconsequential, are relatively routine or non-controversial but which he can successfully cover up so that press inquires are frustrated needlessly. In other words, he is taking the piss out of the media.
He has similar contempt for those who oppose or question his policies. He recently said that anti-TPP activists should be ignored (even though these include a large number of distinguished subject experts, academicians, politicians and former and current trade specialists). This adds to his list of those that should be ignored, including mining safety experts, environmental scientists, Maori rights activists and asset sales opponents.
The point is that as Minister of Intelligence and Security Mr. Key could respond to questions about intelligence and security in an authoritative manner that does not compromise either while demonstrating his command of the portfolio. That he choose not to do so and instead pleads memory loss and disinterest in these two vital components of national security suggests that he is doing so either because he really is clueless and out of his depth on intelligence and security or, more likely to my mind, he is deliberately doing so just to wind up his “enemies” in the press while dismissing detractors in civil society against a larger backdrop of public disinterest.
He is also being contemptuous of those who serve under him in critical national security roles because his feigned ignorance leaves those leading intelligence and security agencies hanging out to dry in the event that something in their purview but under his ministerial watch goes sour. Truth be told, by the terms of his ministerial portfolio he is briefed regularly and exactly on all matters of intelligence and security. Either that, or the institutional edifice of security in NZ is praetorian, something that I doubt its security partners would accept, much less agree to.
If Mr. Key is not clueless on intelligence and security matters, then the “spy” plane response and his other actions show that along with being contemptuous of those who may seek to hold him to account, he is arrogant, irresponsible, disloyal, mean-spirited and vindictive as well. To which can be added one more trait that has emerged in Mr. Key as of late: callous narcissism.
When asked recently what he was the most sorry for over the last year, he answered that it was the failure to convince the public of the benefits of the mixed ownership model. He was not as sorry about the deaths of five NZDF troops in Afghanistan, or the needless deaths and continuing failure to retrieve the bodies of the Pike River miners, or the ongoing debacle that is the Christchurch reconstruction process, nor about the leaks of private information by government agencies or the unhappy disputes with Maori over treaty settlement issues (in fact, he made no mention of these). Instead, he most laments the failure of a pet economic project to gain public traction in 2012.
That may not be surprising, but it sure is contemptible.
Posted on 09:50, October 10th, 2012 by Pablo
One thing has become clear after the revelations of multiple New Zealand intelligence agency failures, malfeasance and incompetence over the past few years. That is what happens when there is no effective oversight on, or accountability by those agencies. As things stand the Prime Minster is the sole oversight on New Zealand’s intelligence community. The parliamentary intelligence and security committee is a toothless wonder that gets semi-regular general briefings on intelligence matters (at a rate of less than once a month), and the inspector general (IG) of intelligence–the person who is supposed to independently investigate the actions of the intelligence community–is currently a geriatric former judge who has the equivalent of a .5 full time employee and whose office and resources are provided by the agencies he is supposed to independently assess. His predecessor, another retired judge, resigned under a cloud brought about by the Ahmed Zaoui political asylum case, where the Security Intelligence Services (SIS) was shown to have clearly manipulated analysis of intelligence flows derived from foreign partners and the IG demonstrated bias in favor of the SIS version of events prior to releasing his findings.
Add to that the fact that the IG has limited powers of investigation and a parliamentary committee that cannot be told about operational matters and has no powers to subpoena or authority to force testimony under oath, and what you have is a recipe for institutional “stretch:” the tendency of institutions to exceed and play loose with the rules, laws and regulations governing their charter in the absence of effective oversight and accountability. That has become glaring apparent in recent weeks.
The problem is somewhat mitigated when the Prime Minister is a hands-on type of manager who is knowledgeable about intelligence matters, to include methods of collection and analysis. Although it raises the possibility of PM misuse of intelligence flows for political purposes, it does have the merit of forcing intelligence officials to be accountable to someone. However, if the PM is disinterested, ignorant or laissez-faire in managerial approach to intelligence matters, then the possibility of intelligence agency institutional stretch becomes quite real, as we have now seen.
Given the revelations about the GCSB and prior instances of SIS “stretch,” the time is now perfect for a reform of the intelligence oversight apparatus. Although the PM can and should remain as the minister for intelligence and security, the parliamentary committee needs to be granted effective and binding oversight authority that includes powers to investigate operational issues and force intelligence agency officials of all ranks to respond under oath to questions about the how, when and why of specific intelligence matters. Likewise, the Inspector General’s position needs to be expanded into a three person panel that includes a mix of people with experience in handling sensitive information and knowledge of how intelligence collection and analysis works, and who answer to and are resourced by parliament rather than the PM and SIS, respectively.
Unchecked executive oversight of intelligence agencies is prone to what might be called the authoritarian tendency (by which elected executives assume quasi-dictatorial powers of managerial control), and is in fact the mark of many authoritarian regimes. This avoids the system of checks and balances that is not only a hallmark of democratic political systems, but of their institutional component as well. The issue, as the intelligence community well knows, is about triangulation: there needs to be at least three independent (if overlapped) sources of critical institutional scrutiny for information or oversight to be validated (which are manifest in policy or administrative decisions).
That system of institutional checks and balances is what provides oversight and promotes accountability within public bureaucracies as a whole. Such accountability is horizontal–between different public agencies such as the judiciary and security apparatus–as well as vertical (where public agencies answer to political authorities separated into legislative and executive components). The institutionalized oversight aggregate mitigates against public agency stretch and political manipulation.
Having one individual, whatever his or her persuasion with regard to issues of intelligence collection, analysis and political impact (something driven by the political context of the moment, including the relationship between government and opposition and the personal and partisan implications of any given decision regarding security and intelligence) is, in a democracy, antithetical. In mature democracies policy decisions are not individualized; they are institutionalized and subject to effective oversight.
This is simply a matter of democratic good practice. Effective, independent oversight not only keeps intelligence agencies honest and prevents institutional stretch. It reassure the voting public that the larger common interest, rather than narrow political, diplomatic or corporate concerns, are served by the intelligence and security agencies charged with defending the commonweal.
It turns out that the Prime Minister was briefed about the Dotcom surveillance by the GCSB in February 2012, not in September 2012 as Mr. Key has previously asserted. It also turns out that the eavesdropping began before the late 2011 timeframe offered by the government and repeated in Inspector General Paul Neazor’s report on the unlawful nature of the GCSB’s involvement n the Dotcom case. Since 2009, shortly after National assumed government, there have been at least three other cases involving the GCSB that may be of dubious legality. The official story admits that the legal advice given to the Police and the GCSB with regards to Dotcom’s residency status was wrong. Apparently neither the Police or GCSB checked with Immigration, Customs or other agencies about the issue (or if they did, they received either erroneous advice or ignored the correct advice given).
Mr. Key says that the briefing in February 2012 was about the general roles and capabilities of the GCSB, and that Mr. Dotcom’s photo came up as part of a laptop slide show presentation. That is curious. One would assume that Mr. Key would have received such a briefing as part of the transition to and early days of his first government, and that he would consequently have an idea of GCSB functions well before February 2012. It would be astounding if no such briefing took place during his first term as Prime Minister, and it would be only slightly less astounding if he required a remedial or follow-up briefing in February 2012, which just happened to be less than three weeks after the Dotcom raids.
More plausible would be that the briefing in February 2012, as the government returned to business after the summer holidays, was a status report on ongoing GCSB operations. One would presume that the slide show presentation was done to bullet point the main thrust of those operations as well as the targets and methods involved. The Dotcom case would have been one of them.
The question begs as to whether not only is the Prime Minister’s memory faulty, but whether he is competent on matters of security and intelligence. If he needs a remedial general brief about the GCSB role and functions and/or cannot distinguish between an operational status update and a general brief after nearly four years in office, then he clearly is not up to the task of providing effective oversight of the intelligence apparatus. Nor, it would seem, is his cabinet, which presumably would have prepped him on the nature of the visit to the GCSB headquarters in February 2012 and provided him with detailed questions on the operations in question. One of them might have been with regard to Mr. Dotcom’s residency status and the legality of GCSB surveillance in that case.
It would seem that, to paraphrase an observation about Sarah Palin, he has a singular intellectual disinterest in matters of security and intelligence, and that disinterest is shared by his closest advisors. Contrast that with his real interest in tourism (of which he is minister), the foreign film industry (for which his government changed NZ law in order to accommodate the conditions demanded by one foreign investor) and privatization and asset sales schemes of various sorts.
The bottom line is that John Key is to intelligence oversight what the captain of the Costa Concordia is to maritime safety–both asleep or otherwise engaged while in command.
The Dotcom case is the unhappy gift that keeps on giving. The media and the opposition are peeling away the layers of obfuscation that make up the bulk of the government’s version of the story. There is surely more unflattering revelations to come.
Fundamental issues of accountability and oversight have been raised by the Dotcom case, not only with regard to the substance of the charges against him and the way in which the Police, Crown and GCSB conducted themselves, but with regard to the general conduct of New Zealand intelligence agencies (the SIS has had its own share of embarrassments in that respect).
With a parliamentary security and intelligence committee devoid of effective oversight powers, an Inspector General of Intelligence whose independence and authority are tightly circumscribed and a prime minister who is either incompetent or disinterested in security and intelligence matters, or whose managerial style is to allow sensitive government bureaucracies to operate with near total independence wedded to an absence of institutional accountability (which can be vertical or horizontal, with both being needed for effective democratic oversight of intelligence and security agencies), the Dotcom case may only be the tip of the iceberg when it comes to state agencies playing loose with the law.
That matters only because adherence to the rule of law is considered to be one fundamental measure of the quality of democracy. The core of that measure is that the State adhere to the law as much if not more than its citizens. Given the revelations in the Dotcom case, which follow on other instances of intelligence agency malfeasance (e.g. the Zaoui beat-up), New Zealand has found itself sorely wanting.