Forgot your password?
typodupeerror
Privacy Your Rights Online

New Zealand Spy Agency To Vet Network Builds, Provider Staff 92

Posted by Unknown Lamer
from the criminals-in-uniform dept.
Bismillah (993337) writes "The new Telecommunications (Interception Capability and Security) Act of 2013 is in effect in New Zealand and brings in several drastic changes for ISPs, telcos and service providers. One of the country's spy agencies, the GCSB, gets to decide on network equipment procurement and design decisions (PDF), plus operators have to register with the police and obtain security clearance for some staff. Somewhat illogically, the NZ government pushed through the law combining mandated communications interception capabilities for law enforcement, with undefined network security requirements as decided by the GCSB. All network operators are subject to the new law, including local providers as well as the likes of Facebook, Google, Microsoft, who have opposed it, saying the new statutes clash with overseas privacy legislation."
This discussion has been archived. No new comments can be posted.

New Zealand Spy Agency To Vet Network Builds, Provider Staff

Comments Filter:
  • Not Illogical (Score:4, Interesting)

    by EmperorArthur (1113223) on Monday May 12, 2014 @08:56PM (#46986113)

    It's not illogical at all. You just mandate that all traffic goes through a room controlled by the government for "Lawful Intercept." That way you can say that it's done for law enforcement, but the reality is they're emulating the USA and keeping everything while also MITMing anything they feel like.

    • NZ is one of the "Five Eyes" in the ECHELON group, also sometimes referred to as AUSCANNZUKUS for Australia, Canada, New Zealand, UK and US. It's likely that they don't just emulate the USA and keep the info, they most likely turn it right over to the NSA and their counterparts in those countries.
    • Re:Not Illogical (Score:4, Insightful)

      by Jack Griffin (3459907) on Monday May 12, 2014 @09:35PM (#46986369)
      Facebook, Google and Microsoft have opposed it because it the GCSB is getting in on their game. I used to live in NZ. Despite the Kim Dotcom saga, the govt there is still to be less feared than the American Big Data industry. If you ever get the chance to see the locally produced Cops show 'Motorway Patrol', you will see the usual fears of govt and law enforcement don't apply in this place. I believe NZ is currently rated the least corrupt country on Earth.
      • It is not possible to have government without corruption. You must accept one to have the other and vice versa.

        • The isn't black and white, and there'll always be someone trying to rort the system for personal gain. But I much prefer an NZ govt level of corruption than a US one...
      • Re: (Score:2, Insightful)

        by NewtonsLaw (409638)

        I believe NZ is currently rated the least corrupt country on Earth.

        Don't believe it... just understand that in NZ, the authorities are much better at hiding it.

        Corruption, hypocrisy and graft remains rife in this country it's just that we're a nation of 4.4 million sheeple who really don't give a damn.

        The great Kiwi saying "she'll be right" is killing this nation because nobody is prepared to stand up and speak out when they see people in power doing bad things and abusing that power.

        • I can only assume you don't travel much. I lived there for 15 years and I travel a fair bit. I can assure you based on my experience, whatever little drama you think is important is horse piss compared to the shit that is going on everywhere else. NZ might not be perfect, but it's about as fair a place as you get in this world.
    • Re:Not Illogical (Score:5, Interesting)

      by AK Marc (707885) on Tuesday May 13, 2014 @03:55AM (#46987575)

      but the reality is they're emulating the USA and keeping everything while also MITMing anything they feel like.

      The lawful intercept for the fibre connections is MITM-proof. Unless they are going to make Chorus spend billions re-doing the network, the "read only" taps will be useless for MITM attacks.

      When they routed Kim Dotcom's traffic through the government MITM servers just before the raid (illegally at the time) the hit in performance was enough that it was noticeable and traced.

      The government just isn't that smart.

  • by DigMarx (1487459) on Monday May 12, 2014 @08:58PM (#46986129)
    I have permanent residency (and thus voting rights), and I think tha**THE GOVERNMENT OF NEW ZEALAND IS DOING THE RIGHT THING**his is a load o**JOHN KEY IS A GREAT MAN**ollocks.
  • by Kittenman (971447) on Monday May 12, 2014 @09:07PM (#46986183)
    ... why NZ is seen as a hot bed of terrorism, naughtiness and general mayhem. The lead item on the news last night was a political hopeful having to pay back about $350 after claiming on a flight for a friend. Wow. This isn't a country where much happens.
    • Most likely they are getting strong armed by the USA or the EU.

      • Re: (Score:3, Interesting)

        by ASDFnz (472824)

        Most likely they are getting strong armed by the USA or the EU.

        It is the US, ever since 9/11 the US has mandated a pile of legislation changes that their trading partners must make.

        With any luck NZ will make the changes and then never enforce them.

        • by jonwil (467024)

          Whats it going to take to get some politicians elected in a country like New Zealand who will stand up and say NO to the USA (and to the spooks) on issues like warrantless surveillance, spying and all this other crap.

          • They told the US where they could put their nuclear powered and/or armed vessels in 1984 and have stuck to it. That's is NZ's one bout of teenage rebellion. Now they have "grown up."

            • by jonwil (467024)

              The kiwis didn't specifically target the US, they went 100% anti-nuclear because of an act by the French government that (other than the fact that it was carried out by the French government) clearly fits the definition of a terrorist act.

      • The EU is busy with the Ukraine and how to sell Russia as the bad guy, doubt they have their fingers in that, too.

    • by PPH (736903) on Monday May 12, 2014 @10:38PM (#46986681)

      This isn't a country where much happens.

      Are you kidding? There are orcs everywhere!

      Just start referring to the GCSB as the Eye of Sauron and be done with it.

    • by whoever57 (658626)

      ... why NZ is seen as a hot bed of terrorism, naughtiness and general mayhem. The lead item on the news last night was a political hopeful having to pay back about $350 after claiming on a flight for a friend. Wow. This isn't a country where much happens.

      Because it never was about terrorism. It was about controlling the actions of the population. Staying in power. That, and sucking up to the US, since the US pays countries for access to the data.

    • by interkin3tic (1469267) on Tuesday May 13, 2014 @08:49AM (#46988901)
      Why is terrorism seen as such a threat in the US? According to this [nationalgeographic.com], 2600 americans were injured by air fresheners in 1996. Here's a list of injuries and deaths due to terrorism [johnstonsarchive.net]. If 96 was a good indication, it looks like air fresheners are BY FAR the bigger threat.

      Politicians, law enforcement, and media sell fear. That's the real reason why NZ is ramping up anti-terrorism.

      I'd really like to see a law requiring citizens to take a low dose of anti-anxiety medication. Everyone over the age of 16. We'd colonize mars by 2030, cure cancer, solve climate change, prevent overpopulation, and end most violent crime if we would just stop wasting so much fucking time, energy, and tax dollars in stupid illogical fear.

      And yes, I have seen "Serenity" and I'm willing to risk it.
      • by sjames (1099)

        I wonder if part of the post war boom wasn't because the little fears just couldn't compete with the very real fear from combat.

      • by delt0r (999393)

        I'd really like to see a law requiring citizens to take a low dose of anti-anxiety medication...We'd colonize mars by 2030, cure cancer, solve.....

        Warning label reads: May cause apathy, tiredness and reduced creativity.

  • If you have to have software that's designed to meet a required lowness of confidentiality, you'll be the only country writing it. You probably won't trust another tin-pot country's software, and will have to keep doing it all yourself.

    Vendors want to sell software that meets the highest standards, so they can sell it into lots of countries, not write individual specials for every tin-pot dictator on the planet.

    Image how much fun it will be, trying to write your own routers, your own google, your own facebook, etc, etc. All so you can lower the quality.

  • If I were John Key and I had a daughter in a Paris art school I'd want to keep her tits off the screens of millions of voting Kiwi's.

    http://www.dailymail.co.uk/news/article-2401561/Does-know-shes-Daughter-New-Zealand-Prime-Minister-bizarre-erotic-photoshoot-posing-octopus-Big-Macs.html

    • Her tits are covered....

  • All network operators are subject to the new law, including local providers as well as the likes of Facebook, Google, Microsoft, who have opposed it, saying the new statutes clash with overseas privacy legislation.

    They already famously route everything through the United States and its complete lack of privacy laws anyway. What do they care?

    Don't tell me the likes of Facebook, Google and Microsoft are worried about their image as protectors of user privacy...

    • User privacy? Fuck that, they're afraid of a loss of revenue. Why pay them for it when you can get the info yourself?

  • by Frosty Piss (770223) * on Monday May 12, 2014 @10:19PM (#46986591)

    As with the United States and Australia, the people of New Zealand (and other democracies and democratic republics) elect their government and thus have control over their politics.

    One must assume that in all of these places, the majority agree with these policies.

    Shocking? To me, but apparently, I'm not in the majority.

    • As long as corporations decide who we get to vote for, it doesn't matter who you vote for.

    • You are dreaming if you think all these countries are democracies. Without proportional representation you don't deserve to call it democracy. You don't even deserve to call it majoritarianism (which seems to be your bent). In the non-democratic USA, FPP is a disgusting joke. EVEN if there was democracy, you don't put this sort of power into an unaccountable body such as NZ is doing. The cost of liberty is proper analysis of the problem. So back to square one for you.

    • Re:Majority Rules (Score:5, Interesting)

      by mudshark (19714) on Tuesday May 13, 2014 @02:49AM (#46987425)

      You don't know much about NZ government, then. So much for those assumptions of yours.

      The TICS legislation was introduced as an exercise in ass-covering along with another bill which made illegal electronic surveillance performed by the GCSB "lawful" ex post facto. Both bills were overwhelmingly unpopular and submissions from the public and interest groups were practically unanimous against.

      Several opinion polls have indicated that the majority of the NZ population disagree (many vehemently) with their government on these laws, and when they passed it was only with a one-vote majority in the Parliament courtesy of an MP who is the sole representative of his minor party (who himself only got into office because of a pre-election backroom deal with the National party). The best part of all this is that this deciding MP was himself under suspicion of leaking internal documents about illegal conduct by the GCSB, and that his email and that of the journalist he was corresponding with were snooped on in the process.

      For a tiny little island nation we sure do have more than our fair share of idiot politicians and inept law enforcement. Not to mention a system of government whose relationship with democracy grows more tenuous by the year and which resembles a bunch of nice ideas thrown together without any guarantees, such as an immutable and entrenched Bill of Rights. The GCSB and TICS legislation have done considerable harm to the notion of privacy as a basic human right in this country with dragnet surveillance and full feed-through to the NSA of whatever gets picked up.

    • by jonwil (467024)

      The problem even in countries like New Zealand is that the only people who are willing to stand up and say NO to this kind of crap are fringe parties with no real chance of getting any political power.

      Here in Australia the 2 big parties want to change the voting process to make it even harder for the little guys to get into parliament.

      • The problem even in countries like New Zealand is that the only people who are willing to stand up and say NO to this kind of crap are fringe parties with no real chance of getting any political power.

        Here in Australia the 2 big parties want to change the voting process to make it even harder for the little guys to get into parliament.

        Thats nothing, in Mongolia they are trying to make it so that if you don't have seats in parliament you can't run in an election!

    • by X.25 (255792)

      As with the United States and Australia, the people of New Zealand (and other democracies and democratic republics) elect their government and thus have control over their politics.

      One must assume that in all of these places, the majority agree with these policies.

      Shocking? To me, but apparently, I'm not in the majority.

      It is amazing how often idiots push this same line, without realizing a pretty major and catastrphic flaw.

      But carry on, though.

    • by dryeo (100693)

      With more then 2 parties, it is quite possible in a parliamentary system for a party to form the government with a minority of votes. eg Canada where our current government scored 38% of the vote amongst those who bothered to vote.

    • You could certainly argue this where the legislation, as in this case, has passed through a legislature.

      The way this would play out in the UK (and appears to have happened in the US) is that you get invited to a meeting in a government office and some people whose exact role is not clear will explain how important they feel it is for you to co-operate in the interests of national security. They might hint at the unfortunate consequences of being unco-operative or of letting anyone know that the meeting has

  • by Anonymous Coward

    This is setting the precedent for IT workers to need government certification. It's as dangerous to the operators of the internet, as the net non-neutrality is to the routing policies of the internet.

    • There's no obligation for ISP's to have staff go through security clearances - in fact plenty wont pass the requirements (citizenship/residency for >10 years). ISP's can nominate staff to be vetted and those that're vetted, can be given more background as to why some information is being sought or why a particular issue is being flagged.
      Important to note that the GCSB focus here is 'national security' and this isn't quite the same as lawful intercept for other purposes.

      • by BlakJak-ZL1VMF (256320) on Tuesday May 13, 2014 @04:44AM (#46987759) Homepage

        The guidance document as published at http://ncsc.govt.nz/assets/TICSA/NCSC-Guidance-for-Network-Operators.pdf states:

        > To assist the GCSB and network operators to work together on network security risks, network operators
        > may nominate a suitable employee (or employees) to apply for a SECRET level GCSB sponsored security
        > clearance.
        > Network operators may also, upon request, be required to nominate an individual for security clearance
        > (section 75).
        > Having cleared staff within network operators allows the GCSB to share certain information about network
        > security risks that is classified. While these individuals cannot pass classified information to un-cleared
        > colleagues, they will be able to give informed guidance on identifying and addressing network security
        > risks.
        > If a network operator does not have cleared staff, the GCSB will still seek to engage with them, and share
        > what information it can about network security risks.

        The legislation itself states:

        A network operator must, within 10 working days _after being required to do so_ under subsection (2), (3), or (4),—

                (a) nominate a suitable employee to apply for a secret-level government-sponsored security clearance (a clearance); and

                (b) notify the employee of the nomination; and

                (c) give written notice of the name and contact details of that employee to the Registrar.

        - so the vetting obligation isn't an obligation until the Network Operator is 'required'. The rationale for putting staff up for vetting seems sound, but as you can see from the last part of the quote from the guidance, they can still work with service providers that don't have cleared staff.

  • by Opportunist (166417) on Monday May 12, 2014 @10:40PM (#46986689)

    When Jefferson said "Where governments are afraid of the people, there is freedom" he obviously didn't take into account the possibility that governments could preemptively terrorize its people to avoid having to be scared of them.

  • A service provider (also defined in section 3 of the TICSA) is;
    a) means any person who, from within or outside New Zealand, provides or makes available in
    New Zealand a telecommunications service to an end-user (whether or not as part of a business
    undertaking and regardless of the nature of that business undertaking);

    Does this mean they can go after TOR and VPN operators wherever they are?

  • I double checked, the NZ law is actually called the "Telecommunications (Interception Capability and Security) Act of 2013". No bullshit Patriot Act doublespeak. Give credit where credit is due.
  • Just who did the behind this bribe? What a TERRIBLE act! I used to have a lot of respect for NZ, but no longer. Sorry Kiwis, but I won't be visiting your beautiful land any time soon... :-(

What this country needs is a dime that will buy a good five-cent bagel.

Working...