Story image

GCSB welcomes Inspector-General's report on intelligence warrants

17 Dec 18

The Government Communications Security Bureau (GCSB) has welcomed the Inspector-General of Intelligence and Security’s report on how the NZ Security Intelligence Service and the GCSB use warrants to authorise information gathering activity.

The report states that an intelligence warrant can be issued in a range of situations. Activities can include surveillance, private communications interception, searches of physical places and things, seizure of communications, information and things, amongst other purposes

GCSB director-general Andrew Hampton says the GCSB has an important role in intelligence gathering that keeps New Zealanders safe, informs the government’s strategic decisions, and contributes to a stable and secure region.

The Inspector-General, Cheryl Gwyn, states that the GCSB has ‘legally compliant systems and processes’ and conducted itself appropriately. 

However there’s still work to be done around the interpretation of ‘Type 1’ and ‘Type 2’ warrants, because the GCSB and Inspector-General see things differently.

A Type 1 intelligence warrant can be issued to carry out ‘an otherwise unlawful activity for the purpose of collecting information’ about New Zealand citizens or permanent residents. Type 1 warrants are issued by the Minister Responsible for the GCSB and a Commissioner of Intelligence Warrants (a retired High Court Judge).

A Type 2 intelligence warrant authorises an otherwise unlawful activity for the purpose of collecting information about people who are not New Zealand citizens or permanent residents. Type 2 warrants are issued by the Minister responsible for the GCSB alone.

According to the Inspector-General’s report, 40 warrants have been issued this year. The NZSIS has been issued 12 Type 1 Warrants, 6 Type 2 warrants, and 3 ‘Practice’ warrants.

The GCSB has been issued 10 Type 1 Warrants, and 9 Type 2 Warrants.

No warrant applications were declined.

“Both the GCSB and the Inspector-General are still working to interpret, apply and implement the Intelligence and Security Act,” says Hampton. “Interpreting and applying any new piece of legislation is a complex process that must be carefully thought through.”

The Inspector-General also states in the report that both the GCSB and NZSIS don’t provide enough information when they apply for renewed warrants “on the value of previous agency activities against the targets”. 

“Both agencies have responded by accepting the concern, and undertaking to address this more comprehensively. In several cases since they have done so, yet there remains scope for them to be more consistent,” the report says.

Hampton says that when the law isn’t clear-cut, the GCSB relies on Crown Law for a definitive view, as all government departments must do.

“We have sought advice from Crown Law on this issue and will share it with the Inspector-General once it is ready,” comments Hampton.

“As the report notes, fully implementing the Intelligence and Security Act and developing the supporting policies, procedures, training and legal interpretations has been a significant effort,” he says.

“This work has had an impact on how quickly we have responded to the Inspector-General’s queries, but is now largely complete,” Hampton concludes.

Hillstone CTO's 2019 security predictions
Hillstone Networks CTO Tim Liu shares what key developments could be expected in the areas of security compliance, cloud, security, AI and IoT.
Can it be trusted? Huawei’s founder speaks out
Ren Zhengfei spoke candidly in a recent media roundtable about security, 5G, his daughter’s detainment, the USA, and the West’s perception of Huawei.
Oracle Java Card update boosts security for IoT devices
"Java Card 3.1 is very significant to the Internet of Things, bringing interoperability, security and flexibility to a fast-growing market currently lacking high-security and flexible edge security solutions."
Updated: Chch crypto-exchange Cryptopia suffers breach
Cryptopia has reportedly experienced a security breach that has taken the entire platform offline – and resulted in ‘significant losses’.
Sophos hires ex-McAfee SVP Gavin Struther
After 16 years as the APAC senior vice president and president for McAfee, Struthers is now heading the APJ arm of Sophos.
Security platform provider Deep Instinct expands local presence
The company has made two A/NZ specific leadership hires and formed several partnerships with organisations in the region.
Half of companies unable to detect IoT device breaches
A Gemalto study also shows that the of blockchain technology to help secure IoT data, services and devices has doubled in a year.
Stepping up to sell security services in A/NZ
WatchGuard Technologies A/NZ regional director gives his top tips on how to make a move into the increasingly lucrative cybersecurity services market.