Trusted
2degrees
TheUngeek: These people moaning about lack of over sight etc. Can you point out the sections and phrases of the bill you are worried about?
In fact that goes for anyone against it. Please post up the words that have you upset
Righto; I don't have time to do a blow by blow analysis, but from the GCSB bill:
The Minister may grant the proposed interception warrant or access authorisation if satisfied that—
“(a)the proposed interception or access is for the purpose of performing a function of the Bureau under sections 8A or 8B
In this case The Minister is the Prime Minister. So in other words, the PM may grant a warrant; it doesn't need to be a judge.
“8A Information assurance and cybersecurity
This function of the Bureau is—
“(a)to co-operate with, and provide advice and assistance to, any public authority whether in New Zealand or overseas, or to any other entity authorised by the Minister, on any matters relating to the protection, security, and integrity of—
“(i)communications, including those that are processed, stored, or communicated in or through information infrastructures; and
“(ii)information infrastructures of importance to the Government of New Zealand; and
The information can be handed over to any government agency the PM feels like giving it to.
“(b)without limiting paragraph (a), to do everything that is necessary or desirable to protect the security and integrity of the communications and information infrastructures
And anything that the Bureau or the PM says is necessary 'for security' is fair game (and nobody else knows what they're doing, so they can't disagree).
“25When incidentally obtained intelligence may be retained and communicated to other persons
“(1)Despite section 23, the Director may—
“(a)retain incidentally obtained intelligence that comes into the possession of the Bureau for 1 or more of the purposes specified in subsection (2); and
“(b)communicate that intelligence to the persons specified in subsection (3).
If they're trawling everything then they're not targeting New Zealanders; anything that they then do intercept is incidental and may be held onto and passed on to other agencies if they're interested.
And the interception bill:
47 Network operator must notify Director
(1)A network operator must notify the Director of any proposed decision, course of action, or change made by or on behalf of the network operator regarding—
(a)the procurement of any equipment, system, or service that falls within an area of specified security interest; or
(b)any change to any equipment, system, or service that falls within an area of specified security interest; or
(c)any change to the ownership, control, oversight, or supervision of any equipment, system, or service that falls within an area of specified security interest.
Given that virtually everything a telco does has a security implication -- after all, we carry people's private conversations -- this gives the GCSB the right to veto all major and most minor design decisions, right up to 'we don't like vendor H so you can't use them any more.'
But for completeness:
46 Areas of specified security interest
(1)In this section and section 47, an area of specified security interest, in relation to a network operator, includes—
(a)network operations centres:
(b)lawful interception equipment or operations:
(c)any part of a public telecommunications network that manages or stores—
(i)aggregated customer information, including authentication credentials; or
(ii)administrative (privileged user) authentication credentials:
(d)any place in a network where data aggregates in large volumes, being either data in transit or stored data:
(e)any area prescribed under subsection (2).
(2)The Governor-General may, by Order in Council, on the recommendation of the Minister, prescribe additional areas of specified security interest.
So, as I said, it's basically everything, plus the PM may add stuff at any time whenever he wants to.
He can also add any new kind of service, or class of service, at any time:
20 Regulations
(1)The Governor-General may, by Order in Council, on the recommendation of the Minister, make regulations—
(a)requiring all or part of a specified class of network or service to which section 13 applies to comply with sections 9 and 10:
Overall, these two bills hand an enormous amount of power directly into the hands of the Prime Minister, exercisable at his or her discretion simply by invoking 'security'. In some cases another Minister or the Commissioner must also jointly issue the order, but those posts are appointed by the Prime Minister and therefore pose no serious limitations on the PM. Certainly our current one is not above publicly threatening to defund the Human Rights Commission because they have the audacity to do their job and call him out. I don't imagine a minister or intelligence commissioner who got their job directly from the PM will do that.
Retired Mod
Administrator
ID Verified
