The surveillance debate will take time, fortunately

It’s common for things like policing, surveillance  and spying to be revisited after a major event like the Christchurch mosque attacks. It is impossible to prevent any possible attack, but it is certainly worth looking at what more could be done to minimise the risks bu maximising the chances of identifying potential attackers before they attack.

There are likely to be some changes, but we have to be careful to keep a reasonable balance between protection and persona freedoms.

More surveillance is already happening. RNZ: More NZers under surveillance: Andrew Little authorises spy agencies to do more ‘intrusive’ activities

The country remains on a high threat alert more than a week after the terror attacks in Christchurch.

The actions of the agencies who are meant to protect New Zealand from such atrocities have been under scrutiny since Friday 15 March.

The minister responsible for the two security agencies, Andrew Little told Morning Report he had given authority to spy agencies to do “intrusive” activities under warrant.

“I’ve signed warrants [since the attacks] … I’m not sure I’m at liberty to disclose the number. We typically have between 30 to 40 people under surveillance. That number will be bigger now.”

Referring to the possible ties between a far-right group in Austria and the accused gunman, Little said he suspected it was because “our intelligence agencies are working with intelligence agencies across the world”.

He said work on scanning and building up a profile of right-wing extremism commenced in the middle of last year and was “definitely continuing”.

He also said he didn’t think New Zealand was a soft target in terms of security, but had a “robust system” for assessing “violent extremist risks”.

Asked if the attack was an intelligence failure, he said it was ” too premature to draw that conclusion”.

“The purpose of the Royal Commission of Inquiry is to ascertain whether or not there were failures on the part of our security and intelligence agencies.”

I think that with the attacks fresh on everyone’s minds most people will accept some increases in surveillance – as long as it doesn’t affect them.

Simon Bridges wants more:  GCSB and SIS’s ‘hands tied behind their backs’ – Simon Bridges

New Zealand spy agencies’ balance between privacy and security has tipped too far towards privacy, and should be revisited, National Party leader Simon Bridges says.

Bridges said yesterday New Zealand’s security risk had “changed” and a review of security legislation was needed to make sure people were kept safe.

He said a decision made by the former National government in 2013 to abandon Project Speargun, a more intrusive regime which would have scanned internet traffic coming into New Zealand, should be reconsidered.

“I think we were overcautious in 2013/14,” he told Morning Report today.

“I think the case is what we have right now are security agencies with two hands tied behind their backs.

Sam Sachdeva (Newsroom) suggests caution – Why sweeping surveillance laws aren’t the answer

National leader Simon Bridges is calling for New Zealand’s intelligence agencies to be given greater powers, claiming our spies currently have their hands tied behind their backs. But it’s far from clear that greater surveillance would have stopped the Christchurch attack, and hasty changes could be disastrous.

Bridges has succeeded in distinguishing himself from Ardern, who said New Zealanders did not want the country to be a “surveillance state”.

But on the substance of whether law changes would do much to prevent a similar attack, Bridges’ argument seems decidedly shaky.

It’s far from unusual for countries to tighten their security laws after a terror attack, with France, Belgium and the United Kingdom among nations to have passed more stringent legislation following domestic incidents.

Perhaps most infamously, the United States pushed through the USA PATRIOT Act after the September 11 attacks, granting sweeping powers to a number of government agencies despite objections from civil liberties advocates.

But there’s little evidence to suggest that more sweeping surveillance powers play a significant role in stopping other attacks.

Reinhard Kreissl, the chief executive of the Vienna Centre for Societal Security Research, has argued that better training of, and organisational structures for, law enforcement experts deliver higher returns than expanding the amount of data they gather.

“More data and more surveillance will not help to find the proverbial needle or needles in the haystack,” Kreissl said, a view echoed in a thorough piece on the New Zealand situation by The NZ Herald’s David Fisher.

There have already been questions about whether the NZSIS and GCSB focused too closely on the threat of Muslim extremism, and not enough on the rise of white supremacy and far-right extremists in recent years.

NZSIS boss Rebecca Kitteridge has said the agency increased its efforts to understand the threat posed by the far-right in recent months, but representatives of New Zealand’s Muslim community have said concerns raised much earlier were not taken seriously.

New Zealand’s current target may be white supremacists and the far-right, but there are no guarantees that future administrations or officials will be judicious in how they use any new laws.

A Royal Commission will undoubtedly take some time, but a painstaking examination is more appropriate than a hasty rush to judgment.

Justice Minister Andrew Little has said of surveillance reforms – arguably a far more contested and complex space than the Government’s gun laws – that “the worst time to be considering law changes is in the immediate aftermath of a monstrous event like this”.

It’s a sentiment Bridges may want to think about before he again tries to leap ahead of the pack.

Bridges and National are not in power so there is no risk of them rushing into making draconian and relatively ineffective changes. The Royal Commission will help slow things down and ensure security issues are at least debated and carefully considered. As they should be.

 

Royal Commission of Inquiry into security agencies

Prime Minister Jacinda Ardern has announced a Royal Commission of Inquiry into the country’s security agencies, in response to the Christchurch terror attacks.

RNZ:  Prime Minister Jacinda Ardern announces details of inquiry into security services

Prime Minister Jacinda Ardern has announced details of a Royal Commission of Inquiry into security agencies after the Christchurch mosque attacks.

She said, while New Zealanders and Muslim communities were still grieving, they were also quite rightly asking questions about how the terror attack was able to take place.

The inquiry will look at what could or should have been done to prevent the attack, Ms Ardern said.

It will look at the Government Communications Security Bureau (GSCB), the Security Intelligence Service (SIS), police, Customs, Immigration and any other relevant agencies, Ms Ardern said.

The Government Communications Security Bureau (GSCB) and the Security Intelligence Service (SIS) have been criticised over an apparent lack of monitoring of right-wing extremists.

It may be that there was little or nothing that could have been done to protect against this month’s attacks, but it is good to check out the performance of the security agencies, the GCSB, the SIS and the Police. It should ensure that the chances of a repeat are lessened.

 

GCSB stops Spark from using Huawei for 5G

The GCSB is stopping Spark from using Huawei equipment for their new 5G cellphone network. They won’t give reasons, saying they are classified.

There are concerns that a Chinese owned company be involved in communications infrastructure – but some also have concerns about US technology companies with allegations of CIA back doors.

RNZ: Reasons to block Spark’s 5G rollout ‘classified’

The Minister responsible for the Government Communications Security Bureau (GCSB) said the reasons why a Chinese tech company won’t be involved in the rollout of 5G technology here are classified.

The GCSB has turned down Spark’s proposed use of Huawei equipment in its new network because it would raise significant national security risks.

Andrew Little said he was briefed on the decision on Monday but cannot divulge what the risks might be.

“Spark notified the GCSB two or three months ago, GCSB has carried out an assessment on the technology that Spark proposes to introduce and has assessed that technology as posing a national security risk. That assessment was notified to Spark today.”

“Spark have indicated they will have a close look at the reasons for GCSB’s assessment then if Spark wishes to continue with their proposal they then have the option of working with the GCSB on looking at mitigation of [those risks].”

Mr Little said the 5G technology was more sophisticated than older network technology and was not currently in use in New Zealand.

“The principal difference between 5G technology and the conventional 4G and 3G technology is that the conventional technology has an infrastructure core and then peripheral technology such as cellphone towers and the like and they can, in effect, be kept separate but you cannot do that with 5G technology.”

“Every component of 5G technology, every component of the network is integrated and therefore access to one component can lead to access to the entire network.”

He said the GCSB decision was not a complete deal-breaker for Spark’s rollout of 5G.

“Spark has said they are committed to rolling out 5G by the end of 2020, there’s no reason why they can’t stick to that timetable. They have known that they’d have to go through this process… it’s underway and there’s still work to do.”

US sanctions Russians for cyber attacks

The US has announced sanctions on three Russian individuals and five companies, who have been cited as ‘malicious actors working at the behest of the Russian Federation and its military and intelligence units to increase Russia’s offensive cyber capabilities’ against the US ‘and it’s allies’ – which could include New Zealand.

Reuters: U.S. sanctions Russians over military, intelligence hacking

The U.S. Treasury imposed sanctions on three Russian individuals and five companies on Monday, saying they had worked with Moscow’s military and intelligence services on ways to conduct cyber attacks against the United States and its allies.

“The United States is engaged in an ongoing effort to counter malicious actors working at the behest of the Russian Federation and its military and intelligence units to increase Russia’s offensive cyber capabilities,” Treasury Secretary Steven Mnuchin said in a statement.

“The entities designated today have directly contributed to improving Russia’s cyber and underwater capabilities through their work with the FSB and therefore jeopardize the safety and security of the United States and our allies,” Mnuchin said, using an acronym for Russia’s Federal Security Service.

The Treasury said Russia’s “malign and destabilizing cyber activities” included the NotPetya attack last year, which spread across Europe, Asia and the Americas. The White House in February blamed Russia for the attack, saying it caused billions of dollars in damage and was part of the Kremlin’s effort to destabilize Ukraine.

The Obama administration sanctioned Russia’s FSB in December 2016, citing the Russian government’s aggressive harassment of U.S. officials and cyber operations aimed at the 2016 presidential election.

Washington imposed additional sanctions against the intelligence services in March, when President Donald Trump’s administration slapped sanctions on 19 individuals and five entities.

At the time, the administration publicly blamed Moscow for the first time for a campaign of cyberattacks that targeted the U.S. power grid, including nuclear facilities, and stretched back at least two years. Russia has denied trying to hack into other countries’ infrastructures.

There’s a good chance Russia will retaliate with sanctions of their own.

GCSB (February 2018): New Zealand joins international condemnation of NotPetya cyber-attack

The Director-General of the Government Communications Security Bureau (GCSB) Andrew Hampton has today added New Zealand’s voice to international condemnation of the NotPetya cyber-attack.

NotPetya caused wide spread damage and disruption to computer systems around the world in June 2017.

Mr Hampton says the GCSB’s international partners have today attributed the NotPetya cyber-attack to the Russian Government.

“While NotPetya masqueraded as a criminal ransomware campaign, its real purpose was to damage and disrupt systems,” Mr Hampton said.

“Its primary targets were Ukrainian financial, energy and government sectors. However, NotPetya’s indiscriminate design caused it to spread around the world affecting these sectors world-wide.

“While there were no reports of NotPetya having a direct impact in New Zealand, it caused disruption to some organisations while they updated systems to protect themselves from it.

“This reinforces that New Zealand is not immune from this type of threat. In a globally connected world our relative geographic isolation offers no protection from cyber threats.

“We support the actions of our cyber security partners in calling out this sort of reckless and malicious cyber activity.”

In the 12 months from June 2016 to June 2017 nearly a third (122) of the 396 serious incidents recorded by the GCSB’s National Cyber Security Centre involved indicators that have previously been linked to state-sponsored actors.

I think it’s unlikely New Zealand will join the US with sanctions.

A fan of the Banksy exhibition

Contrasting with ‘The Auckland Banksy exhibition sucks’ is a post by Martyn Bradbury praising the Banksy exhibition.

The Daily Blog: The Liberal Agenda – Banksy Exhibition – 5 stars

By turning up in your thousands you tell Banksy his work matters and you fulfil the spirit of danger his art exists in by scaring the bejesus out of the Government security agencies who will be inevitably monitoring the exhibition.

The ability to criticise freely because of zero consequence is a power beyond branding and that’s why on its first day a staggering 1800 packed the Aotea Centre to get the chance to see his work up close.

To suggest missing this exhibition would be akin to a book burning is not an overstatement in any measure.

So he’s a fan.

By turning up in your thousands you tell Banksy his work matters and you fulfil the spirit of danger his art exists in by scaring the bejesus out of the Government security agencies who will be inevitably monitoring the exhibition.

Let the GCSB and SIS know that are in trouble if the revolution ever erupts.

Bradbury has turned his hope for starting ‘the revolution’ to an exhibition staged by the ex-manager of a street artist.

I doubt that the GCSB or SIS will be at risk of their bejesus scared all that much.

 

Key’s ‘Speargun’ claims questioned

Documents obtained by NZ Herald under the Official Information Act suggest that claims made by Prime Minister John Key about the Speargun surveillance project may not have been accurate.

NZH: John Key, mass surveillance and what really happened when Edward Snowden accused him of spying

Sir John Key’s story of how and why he canned a “mass surveillance” programme are at odds with official papers detailing development of the “Speargun” project.

The issue blew up in the final days of the 2014 election with Key claiming the programme was long-dead and had been replaced by a benign cyber-security system called Cortex.

Key always claimed the Speargun project to tap New Zealand’s internet cable was stopped in March 2013.

But new documents show development of Speargun continued after the time he had said he ordered a halt – apparently because the scheme was “too broad”.

The NZ Herald has found – after three years of refusals and information going missing – that the former Prime Minister’s version of events doesn’t match that of documents created at the time.

The plan to develop Speargun began in April 2012 under the guise of “Initiative 7418” when Cabinet asked the GCSB to develop an advanced cyber protection strategy.

The GCSB has confirmed to the Herald that a warrant was sought and granted for “Phase 1” of Speargun between July 2012 and June 2013.

GCSB director Andrew Hampton said in one response: “This warrant was sought to ensure GCSB would be able to undertake any preliminary work as part of the business case Cabinet asked GCSB to prepare.”

Details released through the OIA show there was a meeting with the GCSB over Speargun in March 2013.

This was the point at which Key claims Speargun was canned with a press release issued between the Snowden claim and election day saying: “March 2013: PM tells GCSB not to bring business case forward. Informs GCSB it is too broad. Budget contingency funding will be rolled over and used for something else in cyber security.”

But new GCSB documents tell a different story, backed up by documents from the Prime Minister’s office.

It is a detailed investigative article by David Fisher, with a number of source documents included.

Dotcom loses bid to access GCSB recordings

Kim Dotcom has failed in a bid through the High Court to get access to recordings made by the GCSB.

NZH: Kim Dotcom kept in the dark about GCSB spying

In a just-released ruling, Justice Murray Gilbert has said the recordings won’t be released.

The GCSB has previously admitted illegally intercepting private communications between Kim and Mona Dotcom, and Bram van der Kolk, as part of the extradition case being built between December 2011 and March 2012.

Then-Prime Minister John Key has apologised for the communications being intercepted.

“The Dotcoms complain that non-disclosure impedes their ability to pursue their claim and breaches their rights under the New Zealand Bill of Rights Act 1990,” the decision said.

“In particular, they submit that the measure of damages to which they are entitled will depend on the extent and nature of the unlawful intrusion into their private lives and the raw communications are needed to establish this.”

The Dotcom team said that any national security issues shouldn’t stop the information being released, because information on the sources and methods of intelligence-gathering were already public knowledge.

But lawyers for the GCSB argued that releasing the material could prejudice the security of New Zealand, and the confidence of other countries in entrusting sensitive information to New Zealand.

A main reason for Justice Gilbert’s decision is a 2013 Court of Appeal verdict that ruled the GCSB didn’t have to release the raw communications. Justice Gilbert said that meant he couldn’t relitigate the issue.

Even if it wasn’t for the Court of Appeal verdict, Justice Gilbert said national security issues outweighed public interest in the raw communications.

Dotcom has indicated he will appeal this decision.

Dotcom has been giving some of our laws a good workout. And his lawyers.

Public bigger spy threat than GCSB

A lot has been said about the risks to the New Zealand public from spying by Government agencies the SIS and the GCSB, with scant evidence of there being any actual risk to most people.

In her latest Herald column Kerry McIvor makes an interesting point, suggesting that  public ‘spies’ are a bigger risk than the GCSB – Forget GCSB, public are the spies.

She refers to the surveillance, photographing and audio recording of Aaron Smith’s toilet liaison by a couple of of ordinary people (we are led to believe, unless the SIS has a Public Morals division that we don’t know about).

Which reinforces my opinion that it’s not the Government and the GCSB we have to worry about spying on us.

Its our fellow citizens and their smartphones. Nobody is safe, as Smith discovered.

I can only imagine the incredulity from the All Blacks team management when they heard of the incident: “He’s done what?!” “He did it where?!” “They recorded it?!”

How Smith thought he could get away with a liaison in a public toilet, at an airport – while people were queued outside the door, for heaven’s sake – is beyond me. That level of idiocy is mind-boggling.

But the woman in the loo wasn’t coerced. She was a willing participant.

That’s an assumption only that’s been made. We have very little evidence provided to us (fortunately).

What we have is the court of public opinion, or rather the court of media sensationalising, driven by scant evidence given to media by a couple of public spies.

This has been just about as bad as the office sex recording in Christchurch where a couple weren’t as private as they thought but a public spy recorded them and then they were harassed to an extreme level by media.

How many innocent people have had their lives trashed by the SIS or the GCSB?

Perhaps it’s not ‘big brother’ we should be worrying about (ok, we should still worry about that a bit) but rather ‘member of public with recording device’ plus ‘media intent on sensation and clicks’ may be our biggest risk.

How long will it be until a member of the public uses a drone to record something that is then used to trash a few people’s lives?

But the biggest spy risk is probably smart phones with dumb users and dumber media.

I’m a GCSB operative

If anyone had any doubts about the credibility of a small group of muppets if this doesn’t convince you of their fantasy laced stupidity then probably nothing will.

On March 21, in amongst the usual string of inane niggles was this tweet:

Any truth to the rumours circulating that you are a GCSB operative?

While that’s more absurd than most accusations it’s as credible as all of them – it’s a joke, but I really think they seriously think that.

Because in their latest post they repeat it:

Yournz blogger Pete George, aka the Beige Badger, suspected GCSB operative; complete clown and manipulative prick. Tends toward a delusional schema, prone to taking on lost causes such as mayoralty’s, teen pregnancy, medicinal gunja and fraudsters, but like most Kiwi Bloggers, only if he thinks there might be something in it for himself.

That’s hilarious, not just for the GCSB suspicions, but this is typical transference from them – a lot of what they accuse others of applies to themselves.

The whole post may be made up drivel. Another accusation about me is certainly fabricated.

In fact, the most recent incident, wherein this myth was dragged out of the closet to be aired, for the purpose of again smearing Cameron Slater, can be found in yet another post that was also, “ostensibly”, penned by blogger Pete George (see: Hager and Whale Hypocrisy).

It was totally written by me.

George posted this piece on the 18th March.

They got that bit right.

What has subsequently become of even more interest is the fact the Pete George has in the past few days edited that post.

Like many things they claim they have made that up. Here’s proof:

PostRevision18March

That last revision time and date is exactly the same as the time and date of the post.

PostRevision18March2

So they not only make up ridiculous accusations, they fabricate ‘evidence’.

Nothing they claim can be taken seriously, they are self deluded nutters. It’s hard to work out what their latest post is actually about apart from a typical scattergun attempt at smearing with nothing new.

I wonder if they understand what the GCSB is.

GCSB contributes to New Zealand’s national security by providing information assurance and cyber security to the New Zealand Government and critical infrastructure organisations, foreign intelligence to government decision-makers, and cooperation and assistance to other New Zealand government agencies.

I’m too busy pointing out their stupidity to be involved in trivial things like that.

And laughing.

Why Bomber’s claims are totally meaningless

In his latest rant against our intelligence agencies Martyn Bradbury has bombed with a mass of misfires.

The headline: Why the ‘protections’ in new spy bill are totally meaningless

There is no new spy bill. And Independent Review has just released a report that makes observations and recommendations.

Let’s get this straight – our intelligence agencies have been caught illegally spying on NZers, were caught helping the PMs Office smear the leader of the Opposition months before the 2011 election with falsified lies, were caught being racist, were caught spying on our trade partners to try and get John Key’s mate a job, were caught out by Edward Snowden telling the NSA that legislation had loopholes to allow mass surveillance, were caught out by Edward Snowden planning to tap the Southern Cross internet cable and were caught possibly aiding the CIA rendition torture program.

Most of those claims are questionable. Some of those issues are still under inquiry so it isn’t know whether anyone has been caught doing what Bradbury asserts.

So how does Key respond to intelligence agencies drunk on their own power?

Bradbury is drunk on hyperbole. The intelligence agencies are being reported on, not requesting changes.

Why he is suggesting even more power.

No he isn’t. He is suggesting a multi-party approach to assessing the recommendations of the independent review and deciding what might be done.

Why the hell would we give the GCSB and SIS more power when they can’t manage the power they currently have?

The report says “It was clear to us from our discussions with GCSB staff and from the GCSB’s own internal policy documents that these restrictions are interpreted and applied conservatively.” Is Bradbury wanting them to apply policies more aggressively?

The reality is that the so called 3 tier system of protections being suggested by the new legislation are utterly meaningless. The loophole built into the suggested legislation allows the spies to disregard all 3 of those tiers IF they believe there is an emergency or risk to life,  they then get 48 hours of warrantless surveillance.

This allows fishing expeditions for the spies.

Again, there is no new legislation. It should not allow fishing expeditions.

We must demand more protections for ourselves from this ever growing ultra secret deep state. A modern day stasi that answers to the NSA doesn’t make our democracy safer, it makes it far more dangerous.

Demanding more protections for ourselves is fine, but protecting ourselves from others requires some secret surveillance powers.

Likening New Zealand to a “modern day stasi ” is just pathetic.

Bradbury has bombed this with his hyperbole – “an extreme exaggeration used to make a point”. The problem is this sort of hyperbole doesn’t make any point other than the lack of credibility of the ranter.