Tech Liberty NZ Defending civil liberties in the digital age

Will the GCSB ban Apple from New Zealand?

Posted on June 17, 2013

Apple recently released a statement about their cooperation with law enforcement. It includes:

For example, conversations which take place over iMessage and FaceTime are protected by end-to-end encryption so no one but the sender and receiver can see or read them. Apple cannot decrypt that data.

[Update: see this discussion about whether this is entirely true.]

Does this mean that Apple will not be complying with New Zealand law?

Interception capable

The TICS bill makes it mandatory for network providers to be intercept capable. This means that they must provide surveillance agencies (Police, SIS or GCSB) communications related data when given a valid warrant or access authorisation. However, Apple is not a network provider.

However, there is also provision to give service providers (anyone who provides a telecommunications service) the same interception responsibilities as network providers. Any surveillance agency can apply to the Minister if they believe that "lack of interception capability on the telecommunications service offered by that provider adversely affects national security or law enforcement". i.e. if they believe someone could be organising crimes over iMessage.

Assuming that Apple are telling the truth and do not have the keys (as would be done in a well-designed system) they would not be able to provide intercepted information when presented with a warrant. This would be in breach of the TICS law and they would be liable for a fine of $500,000 and $50,000 per day.

Resold telecommunications services

Section 39 of the TICS Bill can also be used to forbid the resale of a foreign telecommunications service in New Zealand if it doesn't provide lawful intercept for New Zealand surveillance agencies.

Vodafone and Telecom both resell the iPhone in New Zealand and the iPhone obviously includes foreign telecommunications services that cannot be intercepted. Will a surveillance agency apply to the Minister to stop them?

Conclusion

Will the GCSB allow Apple to continue selling their iMessage and Facetime equipped devices in New Zealand without legal intercept facilities?

Or will the government decide that taking on Apple and their loyal customers is a bad idea and allow Apple to keep selling to New Zealanders?

And if Apple can keep selling theirs, wouldn't it be unfair to pick on smaller and less powerful overseas operators and ban their products? It wouldn't matter anyway because criminals would obviously gravitate towards the unspyable Apple products.

Most importantly - do we want a government spy bureau deciding what services and equipment can and cannot be made available to New Zealanders? Do the proposals in the TICS bill make sense? At Tech Liberty we believe the answer is no.

Posted by Thomas Beagle

Comments (6) Trackbacks (0)
  1. I suppose it also depends on whether it’s deemed intercept capable to prevent access to iMessage.

    While it would obviously be observable by the targets, simply dropping all iMessage packets would send the messages out through sms which isn’t encrypted at all.

    Either way the futility of this is evident given:

    * WhatsApp
    * WeChat
    * KaKaoTalk
    * Line
    * XMPP with OTR encryption…

    Unless the goal of our intelligence community is only to intercept the communications of the Keystone Cops of the terrorism world, this doesn’t seem likely to achieve much.

    • The treachery of these pepole is breathtaking.So Hagar the Horrible inspired it all.I wonder how he feels today.Probably quite proud of the fact.But if these loonies had their way, I’m not sure who we would fall prey to.Would it be the Chinese Commies or the Muzzies!But yes, as Fairfacts noted.If there is no terror threat , as these despicable pepole believe, then why attack the base when there is no terror threat.But if there is a terror threat, which these pepole also seem to believe, as they say the base puts NZ at risk, then shouldn’t they accept they are nothing but fifth columnists doing the work of militant islam.The conundrum of the peacenicks position needs t be answered. The media needs to quiz them on this. So which is it guys? Cat got your tongue Nicky?!

  2. Passed on without comment:

    “In reading over this, however, a number of people quickly called bullshit. While Apple boasts of “end-to-end encryption” it’s pretty clear that Apple itself holds the key — because if you boot up a brand new iOS device, you automatically get access to your old messages. That means that (a) Apple is storing those messages in the cloud and (b) it can decrypt them if it needs to.”

    From http://www.techdirt.com/articles/20130405/01485922590/dea-accused-leaking-misleading-info-falsely-implying-that-it-cant-read-apple-imessages.shtml?_format=full?_format=full

  3. It is questionable whether they can be held accountable. The messages are not incapable of being intercepted – they are just encrypted when intercepted. Once intercepted it is up to the authorities to decipher them.

    • That’s not what the TICS bill says.

      It says that providers must decrypt when they have provided the encryption. No one is quite sure what what means when the provider doesn’t also have the keys.

      Secondly (and the whole point of this article) was to point out that if interception of the message is not possible, the GCSB (or other surveillance agencies) can apply to have the resale of that messaging system forbidden in NZ.

  4. Because the encryption is end to end – the encryption takes part on the consumers premises. The communication that is being transmitted over the network is “encrypted communication” prior to being sent over the network and “decrypted once it has left the network”. The interception only covers the network in the control of the network operator – not consumer premises. Therefore as long as the transmission of the encrypted data can be intercepted the network operator has fulfilled its duty under the act.


Trackbacks are disabled.