Dear Mr Key
This letter is partly in response to the findings of the Kitteridge report about the GCSB and their failures to follow the law, but is also mindful of the recent PRISM revelations about the actions of the NSA in the USA, as well as the mass spying revealed to have been carried out by the GCHQ in the United Kingdom. As disturbing as these revelations have been, we cannot help but be shocked that this surveillance was done in secret without the knowledge of the citizens of each country.
We assert that, as citizens of a democratic society, we have the right to know the methods that government agencies use to watch us. Without this knowledge we cannot assert our rights to put appropriate limits on their use.
We are writing to you as you are the Minister responsible for both the SIS and the GCSB, but we are asking for information about spying and surveillance by all parts of government. We ask that you answer the following questions:
- Are any agencies building up databases of metadata (information about information – e.g. call data) about New Zealanders who are not targets of an active investigation?
- Does any agency have access to the central nodes of New Zealand’s phone or data telecommunications networks to collect communications or metadata?
- Is any agency tapping into the Southern Cross cable to collect communications or metadata?
- Is any agency intercepting satellite transmissions to collect communications or metadata?
- Does any surveillance agency have access to the information stored in large corporate databases (e.g. banks, Trademe, power companies) except through the use of an approved warrant targeted at an individual or specific group?
- Does any surveillance agency have access to the information stored in large government databases such as those held by Customs, WINZ, Corrections or any other government entity except through the use of an approved warrant targeted at an individual or specific group?
- Does any agency accept mass data, either metadata or communications, from overseas agencies about New Zealanders who not the targets of an active investigation?
- Does any agency accept intelligence from overseas agencies or allies that have been derived from their spying on New Zealanders communications?
- What is the government doing to protect NZ communications from spying by the UK and USA?
- Are there any other forms of surveillance or spying that would not have been included in the answers to the earlier questions?
- Finally, does any agency have any plans (especially in light of the TICS and GCSB Bills) to implement any systems which would change the substance of your answers?
Yours,
Tech Liberty
Mr Key’s Response
July 17th
Dear Mr Beagle
I am writing on behalf of the Prime Minister and Minister of Tourism, Rt Hon John Key, thank you for your email of 27 June 2013 concerning the Government Communications Security Bureau (GCSB). I regret the delay in acknowledging your email.
I note that you made a submission to the Select Committee and your views will be taken into account.
Regards,
B Smith
Manager, Correspondence and Records
Office of the Prime Minister
Our response
We did respond and ask them to answer the questions but we have received no further correspondence.
Great letter and important questions. I look forward to a) a reply, and b) reading same here.
This letter is a great start and is asking the right questios but I am still worried about the moderate public outcry that the proposed law changes and the PRISM revelations have spawned in this country. What can we do to build up political pressure to demand that our rights to privacy will be respected in the future? We need people to stand up against what looks to me the beginnings of a totalitarian global dictatorship…
In regard to question 2) it has been in the public domain for quite some time, that all the ISPs and Telcos in NZ were required by law in the most recently changed search and surveillance bills of around 3 years ago to install “interception black boxes” at their own expense. In short, many complained that they could not afford them and so Judith Collins arranged for $18 Million to be distributed amongst them for this purpose. These custom built devices tap the fibre backbone feeds at the ISP and can intercept many (but not all types) of encrypted traffic via the ‘Man in the Middle’ technique of certificate substitution. So yes, peoples email.webmail,internet banking,voip (possibly excluding skype),instant messaging is easy to look at undetected…
PS – There is (or was) hints in the “NZNOG” newsgroup confirming this a couple of years ago, by network engineers at various companies.
Thanks for a very good blog, and great insights over the years.