Story image

GCSB welcomes Inspector-General's report on intelligence warrants

17 Dec 2018

The Government Communications Security Bureau (GCSB) has welcomed the Inspector-General of Intelligence and Security’s report on how the NZ Security Intelligence Service and the GCSB use warrants to authorise information gathering activity.

The report states that an intelligence warrant can be issued in a range of situations. Activities can include surveillance, private communications interception, searches of physical places and things, seizure of communications, information and things, amongst other purposes

GCSB director-general Andrew Hampton says the GCSB has an important role in intelligence gathering that keeps New Zealanders safe, informs the government’s strategic decisions, and contributes to a stable and secure region.

The Inspector-General, Cheryl Gwyn, states that the GCSB has ‘legally compliant systems and processes’ and conducted itself appropriately. 

However there’s still work to be done around the interpretation of ‘Type 1’ and ‘Type 2’ warrants, because the GCSB and Inspector-General see things differently.

A Type 1 intelligence warrant can be issued to carry out ‘an otherwise unlawful activity for the purpose of collecting information’ about New Zealand citizens or permanent residents. Type 1 warrants are issued by the Minister Responsible for the GCSB and a Commissioner of Intelligence Warrants (a retired High Court Judge).

A Type 2 intelligence warrant authorises an otherwise unlawful activity for the purpose of collecting information about people who are not New Zealand citizens or permanent residents. Type 2 warrants are issued by the Minister responsible for the GCSB alone.

According to the Inspector-General’s report, 40 warrants have been issued this year. The NZSIS has been issued 12 Type 1 Warrants, 6 Type 2 warrants, and 3 ‘Practice’ warrants.

The GCSB has been issued 10 Type 1 Warrants, and 9 Type 2 Warrants.

No warrant applications were declined.

“Both the GCSB and the Inspector-General are still working to interpret, apply and implement the Intelligence and Security Act,” says Hampton. “Interpreting and applying any new piece of legislation is a complex process that must be carefully thought through.”

The Inspector-General also states in the report that both the GCSB and NZSIS don’t provide enough information when they apply for renewed warrants “on the value of previous agency activities against the targets”. 

“Both agencies have responded by accepting the concern, and undertaking to address this more comprehensively. In several cases since they have done so, yet there remains scope for them to be more consistent,” the report says.

Hampton says that when the law isn’t clear-cut, the GCSB relies on Crown Law for a definitive view, as all government departments must do.

“We have sought advice from Crown Law on this issue and will share it with the Inspector-General once it is ready,” comments Hampton.

“As the report notes, fully implementing the Intelligence and Security Act and developing the supporting policies, procedures, training and legal interpretations has been a significant effort,” he says.

“This work has had an impact on how quickly we have responded to the Inspector-General’s queries, but is now largely complete,” Hampton concludes.

Survey: IT pros nostalgic over on-prem data centre visibility
There are significant security and monitoring challenges faced by IT staff responsible for managing public and private cloud deployments.
61% of CIOs believe employees leak data maliciously
Egress conducted a survey to examine the root causes of employee-driven data breaches, their frequency, and impact.
Opinion: BYOD can be secure with the right measures
Companies that embrace BYOD are giving employees more freedom to work remotely, resulting in increased productivity, cost savings, and talent retention.
Sonatype and HackerOne partner on open source vulnerability reporting
Without a standard for responsible disclosure, even those who want to disclose vulnerabilities responsibly can get frustrated with the process.
OutSystems and Boncode team up for better code analysis
The Boncode and OutSystems alliance aims to help organisations to build fast and feel comfortable that the work they're delivering is at peak quality levels.
Nuance biometrics fight back against fraud
Nuance Communications has crunched the numbers and discovered that it has prevented more than US$1 billion worth of fraud from being passed on to users of its Nuance Security Suite.
SIS announces a partnership with Platform 4
“We are looking forward to a strong future in the New Zealand security industry with this global giant as our strategic partner."
Attacks targeting Cisco Webex extension explode in popularity - WatchGuard
WatchGuard's Internet Security Report for Q4 2018 also finds growing use of a new sextortion phishing malware customised to individual victims.