Full text of the Tech Liberty submission to the Law & Order Select Committee concerning the Telecommunications (Interception Capability & Security) Bill.
In general we support the ability of the government to have interception capabilities on telecommunications where possible, when those interception capabilities have suitable oversight and control. We have made some technical suggestions on how Part 2 - Interception Duties could be improved and clarified:
- Publish a list of service providers with interception responsibilities.
- Remove the ability for the Minister to ban the resale of overseas services.
- Clarify the duty to decrypt to indicate that it does not require network providers to supply deliberately weakened encryption with government backdoors.
We reject the idea that the GCSB should have oversight and control of communications networks in New Zealand. No need for this has been established and the use of an agency whose main focus is spying on external organisations is inappropriate and open to abuse. We therefore recommend the removal of Part 3 - Network Security in its entirety, possibly to be replaced by the establishment of a coordinating and consultative, not controlling, network security body.
Finally, we find the idea of evidence being presented in court that cannot be seen by the defendant and their lawyer to be extremely offensive to the right to a fair trial as promised by section 25 of the Bill of Rights Act. We therefore recommend the removal of Subpart 8 - Protecting Classified Information (sections 96-98). If this is retained we recommend that the appointment of a special advocate as in 97(3)(c) should be mandatory rather than optional.
Part 2 - Interception capability duties
As a civil liberties group we naturally prize freedom from unreasonable search & seizure and we also believe that freedom of expression works best without government monitoring of communications. However we also recognise that society has an interest in the detection of crime and the apprehension of criminals, and that the lawful interception of communications is a valuable tool to achieve this.
We believe that one of the best ways to manage the tension between these two is through clear law, independent oversight and as much transparency as possible. In particular we believe that citizens of a democracy have the right to have a clear understanding of how and when they could be lawfully surveilled.
Interception for service providers (sections 35-38)
We support the ability to be able to treat a service provider as a network provider for the purpose of lawful interception.
However, we also believe that in the interests of transparency that a list of service providers with this status should be published. As well as protecting the rights of people to know when they could be surveilled, this will also allow for independent monitoring of how far this law is being extended through the inclusion of service providers.
- That a list of service providers with this status be assembled and made public.
Ministerial power to ban resold overseas services (section 39)
Section 39 states that the Minister may require a resold foreign telecommunications service be discontinued in New Zealand if it poses a significant security risk to national security.
There are many international internet services that will not provide the New Zealand government with lawful intercept capabilities. These services are important to New Zealanders full participation in the global internet and we do not believe that these limits can or should be imposed.
- Remove section 39 in its entirety.
Encryption - section 10(4)
Section 10(4) requires network operators to decrypt a telecommunication if the network operator has provided that encryption. We see some ambiguity in this clause that we believe needs to be clarified.
It is entirely possible for a network provider to make encryption available to the users of the service that the network provider could not decrypt because the users have chosen the encryption keys. (A good analogy would be if someone supplied you with a combination lock that allowed you to choose your own combination.)
In this case, the clause could be interpreted to mean that the network provider would have to provide an alternate method to break the encryption (open the lock). In technical terms this would be called a “backdoor” as it allows another way to access the data.
We suggest that this would likely be impossible to implement when network providers are reliant on a wide range of equipment and systems, many of which do not provide backdoors. Furthermore, providing backdoors will also open up communications to interception from other possibly hostile parties and would weaken the security of New Zealand communication networks.
- Clarify section 10(4) to make it clear that network providers only have to decrypt communications if they are responsible for all elements of the encryption including the provision of the encryption keys.
Part 3 - Network security
We oppose the idea of giving a government agency control over of New Zealand’s communications networks. The bill is very clear that all major (and many minor) decisions concerning the design, implementation and operation of these networks must be referred to the GCSB for approval.
We find this to be a gross imposition on the freedom of these companies to develop their businesses in their own way. It will introduce a layer of unnecessary bureaucracy and slow down development of services. It will lead to network operators making “safe” choices that they know will be accepted by the GCSB rather than making the best decisions.
The arguments for why this control would be needed have not been established or proven.
The current TICA and this TICS Bill already ensure that New Zealand’s telecommunication systems will provide for lawful intercept and therefore there is no need for the GCSB to have this oversight for that purpose.
This proposal is particularly egregious in that the proposed agency with this wide-ranging power would be the GCSB which, until the new GCSB Bill is passed, has only been legally authorised with spying on foreigners and protecting government networks and therefore could not be expected to have the skills or resources to do this work.
Furthermore because the GCSB’s primary mission is still intelligence gathering, the assumption would always be that the GCSB would be using these powers to spy rather than protect.
We therefore recommend that Part 3 - Network Security of the bill be dropped in entirety. The government may wish to consider establishing a separate network security agency with a network security coordinating role to operate in a consultatative and advisory manner.
- Remove Part 3 and any other related sections (e.g. 72-76) from the bill.
Part 4 - Miscellaneous provisions
Protecting classified information (sections 96-98)
This sub-part provides for secret evidence to be presented in court in the absence of the defendant and their lawyer.
As a matter of civil liberties and the right to due process enshrined in the Bill of Rights Act, we reject the ability of the government to use secret evidence. Secret evidence that cannot be challenged or responded to is a gross offense to the idea of a fair trial. These provisions should be removed from the bill.
If this is to be retained, we would expect that the appointment of a special advocate as mentioned in 97(3)(c) would be the barest minimum required to provide any semblance of fairness. This appointment should be mandatory and not at the discretion of the court.
- Remove sections 96-98 of the bill.
- If these sections are to be retained, change section 97(3)(c) so that the appointment of a special advocate is mandatory and not optional.