Gordon Campbell on the GCSB’s enhanced role
Gordon Campbell on the GCSB’s enhanced role
by Gordon Campbell
Remember when the creeping power of Big Government was being manifested only in …the energy efficiency regulations for household appliances? Back in 2008, that seemed scary enough for the likes of David Farrar to sound the alarm in these aghast terms:
“First they came for our light bulbs, and then they came for our showers!! Is there no limit to the nanny state?" Well no, there doesn’t seem to be a limit, as it turns out. Because National – apparently, with the help of New Zealand First – is about to make it legal for the Government Communications Security Bureau to spy on New Zealanders. For reasons that they’d prefer to keep to themselves, thanks. Fine by the centre-right. This time it's their Big Brother.
Dress this up as you will, this enhanced GCSB role is a major extension of the surveillance powers of the state, and it is being directed at New Zealand citizens. At yesterday’s post-Cabinet press conference, Prime Minister John Key did his best to make it all seem like tidy housework rather than a radical renovation of the premises. In Key’s view, the GCSB had always thought it could provide “agency support” to the Police and to the SIS, and so this proposed change will merely “clarify” a piece of legislation that allegedly was never “fit for purpose.”
Which is true only if you consider that all along, the purpose was to spy on New Zealanders. The alternative view was that the purpose of the previous legislation was to draw a clear line of difference – that the GCSB was there to protect New Zealand from the hostile actions of foreigners, and the SIS was to look after domestic security. Yesterday, Key tried to justify the de facto merger of the two agencies (on operational matters involving cyber-technology) with a few flimsy explanations. One was economics. Namely, the cost of the SIS duplicating the technical expertise of the GCSB. The oversight mechanisms, Key promised, would also be strengthened. And thirdly, there had been a significant increase, he added, in the number of cyber- attacks being launched against government and business in New Zealand this year.
On that last point, Key could hardly have been more opaque. No, he wouldn’t confirm whether China had been the source of any of those attacks. When I asked whether he could indicate what proportion of this year’s attacks came from offshore as opposed to domestic sources, he replied that he didn’t have that information at hand. Which seems incredible, given that he is the relevant Minister on security matters. (Can he really not know, even approximately, whether most of these cyber attacks are being launched externally or internally?) As things stand, the public is being asked to endorse a move to lay themselves open to being covertly spied upon by the GCSB – but without being told whether the alleged threats that justify such actions originate from a hostile foreign power, or from some goofy kid down the road trying to harass a local corporate with a Denial-of-Service attack.
While D-O-S attacks can be annoying and disruptive, they don’t require or justify expanding the surveillance and intrusion powers of the state. Hopefully at select committee, some light can be thrown on the ratio of foreign to domestic sources of cyber attacks in New Zealand, and the ratio of those aimed at government agencies as opposed to those at private sector firms seeking to raid each other’s trade secrets. On that score, it would be useful to know how the GCSB/SIS propose to distinguish between genuine cyber-attacks on corporates, as opposed to the bogus ones that enable one corporate to deploy the security services in order to harass a rival. Get involved in economic/industrial espionage, and those kinds of thorny operational questions arise. At crunch, does the state have any valid role at all (in being the detection-arm-for-hire) when it comes to cyber raids between corporate rivals ? Do we have any reliable guarantee that those corporates will always be paying for their own cyber security measures in future – rather than calling in the GCSB on the taxpayer’s tab?
Finally, there is the little matter of the allegedly ‘strengthened’ oversight mechanisms. Obviously, once you increase the powers of the GCSB powers there is a parallel need for expanding the oversight on how those powers are being exercised. Yet evidently, this aspect remains a work in progress, even though the relevant Bill is being introduced this week to Parliament, to be debated under urgency. Yesterday, Key indicated he was still talking with Winston Peters about whether to incorporate Peters’ idea of a ‘panel’ of three to enhance the current role of the Inspector-General of Security and Intelligence. Peters has outlined other conditions of his support here.
In practice, this still looks like merely a slightly expanded version of the current inadequate system, with the addition of a couple of similar people - e.g. a deputy Inspector-General, with at least one of the three being a retired judge. (When Peters says there should be an ‘expert judge’ on the panel, it's unclear what kind of ‘expert” he is talking about. In security/intelligence matters? Privacy law? Human rights law? Or is being a judge of any sort ‘expert’ enough for him?)
Without more detail, the reassurances on offer aren’t very re-assuring at all. Instead of the current farcical arrangement of a retired judge working part-time, we are being promised a couple more bodies of similar type and vintage to share the workload. That’s hardly enough. Crucially, no structural change is being envisaged in the oversight mechanisms – only a beefing up of the existing, readily captured post. Supposedly, the I-G’s office will be given more resources. Really? Will that entail in-house research and investigative staff to engage in corroborating and cross-checking Crown Law advice, and what the security services are up to? Or, as always, will this toothless watchdog be utterly dependent for research, expertise and resources on the very agencies it is supposed to be monitoring?
It is enough to makes anyone feel nostalgic for the days when Big Brother was interested only in whether our light bulbs were working efficiently. Now, we have to worry about whether they’re also a means of surveillance.