The Telecommunications (Interception Capability and Security) Bill passed its first reading in parliament yesterday and will now proceed to the select committee stage.
The Bill will replace the current Telecommunications (Interception Capability) Act 2004, following a review that started in 2011.
ICT Minister Amy Adams says there are two parts to the Bill.
“The first part relates to obligations for telecommunications companies, and is focused on modernising the existing interception capability regime.
“The intent of the legislation is to update existing obligations on the telecommunications industry to make the obligations more proportionate, flexible, and certain. It will also improve the existing administration and enforcement processes in order to lift compliance levels,” Adams says.
“The changes will not in any way alter the authority of police or intelligence and security agencies to intercept telecommunications, or reduce the checks and balances on how these agencies can access and use private communications information. These matters are dealt with under separate legislation.
“The second aspect of the Bill introduces a formal and transparent network security regime. New Zealand does not presently have any formal scheme to effectively manage and address potential national security risks associated with the design, build and operation of the telecommunications infrastructure.
“The proposed changes will mean network operators will be obliged to engage with the government through the Government Communications Security Bureau on network security, where it might affect New Zealand’s national security and economic well-being."
Adams says the bill will now proceed to the select committee process she is “open to considering any reasonable suggestions made during the select committee process that will help to ensure a robust and durable telecommunications security regime.”
TUANZ raises concerns
Telecommunications Users Association (TUANZ) CEO Paul Brislen has signalled his organisation’s concerns about the new legislation in a blog post:
“Does this mean the GCSB will be directing the telcos in their network rollouts? Does it mean certain vendors will be unable to provide gear for certain parts of the network? Does it mean those telcos that already use a certain provider (I'm thinking here specifically of Huawei but it could be anyone) be excluded from certain key government contracts?
“This rings alarm bells for me because any government involvement beyond wanting to simply use the networks is fraught. These are commercial entities that already face challenging economic times and adding in yet another layer of complexity is far from ideal.”
Brislen also looks at the second half of the bill covering interception.
“Here I must confess to some moral ambiguity. On the one hand, government-led security services have no business demanding we hand over anything that may incriminate us. If the police (or SIS or GCSB) want to prove I'm breaking the law then it's up to them to prove it. I should not, as an individual, be required to help. I'm innocent until proven guilty - that is, unless I own a computer and then I'm required by law to help the police find evidence to convict me,” Brislen writes.
“Think I'm making that up? It's part of the Crimes Act, introduced post 9/11 to help police get round the tricky business of people using this newfangled 'encryption' stuff to hide their crooked business dealings.
“For me, this is taken to a whole new level by the requirement on telcos that their networks be made 'able to be intercepted'. Now my telco is required to help the police prove I'm a criminal. This upsets me greatly, not because I am a criminal but because I shouldn't have to prove that I'm not.
“Having said that, I know the police have solved some fairly major crimes by having access to telco records and I know that the creation of the internet has been one of the biggest boons in policing of those responsible for child pornography. The internet is a giant copying machine and anyone sharing objectionable material leaves a trail a mile wide.”
Read the TUANZ post here.
Tech Liberty questions Bill’s scope
Thomas Beagle, in a post on the Tech Liberty site, points out that the Bill is “a major expansion of government power over the internet and other communications networks in New Zealand.”
“One must ask where the justification for this expansion of power is coming from. Has New Zealand already been materially affected by attacks on our communications infrastructure? It seems clear that while the GCSB may not be that competent at exercising the powers they already have, they have done a fine job of convincing the government that they can handle a lot more,” Beagle writes.
“There are many other parts of concern and there will need to be more analysis of the interception capabilities in conjunction with the new GCSB bill [the Government Communications Security Bureau and Related Legislation Amendment Bill, which also passed its first reading in parliament yesterday]. One that does stick out as particularly offensive to civil liberties are the provisions for convicting people based on secret evidence. How can you defend yourself fairly when you can't even find out the evidence presented against you?”
Read the Tech Liberty post here.