Posted on 2-3-2003

Interception By State
Keith Locke, NZ Green Party MP

The Government has introduced new legislation requiring telecommunications
companies to help the police and security agencies snoop on emails and
listen in on mobile phone calls.

The Telecommunications (Interception Capability) Bill, will mean telephone
and internet service providers will be legally obliged to ensure their
systems are capable of isolating and intercepting suspect emails and mobile
calls. The companies will have a "duty to assist" the police, the Security
Intelligence Service (SIS) and the Government Communications Security
Bureau if they have a warrant to intercept calls or emails.

Green MP Keith Locke has serious concerns that the new legislation will
impact on people's right to privacy. The proposed new law along with the
other bill www.greens.org.nz/campaigns/sis/crimes.htm amending the Crimes
Act to allow police to hack into computers and intercept emails gives
security agencies a dangerously high level of power to intrude into the
lives of New Zealanders.

Status: Passed first reading in Parliament and sent to Select Committee.

The Greens will be opposing this bill. The debate has been interesting, and
I (Keith Locke) appreciate the caution of some of the speakers, like Peter
Dunne, about the civil liberties implications of this bill. It is a
companion bill to the section in the Crimes Amendment Bill (No 6) that
gives the Security Intelligence Service and Government Communications
Security Bureau the power to intercept emails. This Telecommunications
(Interception Capability) Bill implements the Crimes Amendment Bill (No 6),
requiring telecommunications network operators to have all their systems
intercept capable.

The Government at that time, and today, has made no case as to why we need
to give law enforcement agencies the power at this time, or how many extra
criminals they may catch through these new powers.

It has been obvious to the Greens through this whole debate, and through
the debate on the Crimes Amendment Bill, that it is not being driven by any
objectively based demand, argued by any politician, police, or intelligence
agency representative. What came out, I think, in Rick Barker's
introduction, is that it is driven by what agencies in other countries are
telling us they are doing, and what they would like us to do.

No one is denying we may catch a few more criminals through these powers,
but there is a huge downside for us. The big downside has two aspects. One
is our privacy, and the other is how these powers could be misused by
agencies of the Government.

The powers are particularly dangerous for the intelligence agencies,
because they have so little accountability to the public or Parliament.

One person who submitted to the Law and Order Select Committee opposing the
granting of these powers was anti-free trade activist Aziz Choudry, who had
to go to Court to win a case and get compensation for the SIS unjustly
raiding his place.

What is particularly dangerous about the interception of electronic
messages is that it can be done on a vast scale, because of the
sophistication of computer systems. Telephone intercepts were always
constrained by the time and human power required to operate them. Because
of the ease of interception it will be tempting for intelligence agencies
to abuse their powers and intercept the communications of people like Aziz
Choudry, that is, political dissenters. Once these interception systems are
put in place, as this bill provides for, they will evolve to become even
more draconian.

We have seen signs of that in Europe recently. David Blunkett, the British
Home Secretary wanted Internet Service Providers (ISP) to be required to
keep subscribers' emails records for long periods, so that law enforcement
agencies could check back on who they had had email correspondence with.
Three weeks ago, a combination of the British communications industry, the
official privacy watchdog, and Members of Parliament defeated David
Blunkett on this measure, but the idea of keeping people's back emails is
still very much alive on the European continent.

There are also problems with using email intercepts in evidence, in that
emails can be much more easily doctored, in an untraceable way and we heard
evidence of that at the select committee - certainly when compared with
paper documents or voice intercepts.

One ISP manager, Robert Hunt of Plain Communications told a Christchurch
meeting in March 2001 that he was worried that email electronic evidence
can be juxtaposed to make a case. He explained:

I have had the experience of having a search warrant served on me to
require my company to hand over material that was stored on our mail server
namely the residual contents of a user's mailbox. I then saw that material
put forward in a curious array of bits to try to construct a case of guilt
against a man the jury later found innocent. It took technical evidence
before the court that unsupportable assumptions were being made
technically, before the jury could presumably see the falsity in the aura
of guilt created by placing parts of emails in unfortunate juxtaposition.
We worry about the way in which decisions will end up being made by
security establishments when they pick out suspicious elements in material
from the correspondence of the surfing activity of someone deemed by them
to be subversive.

The problem with intelligence services is twofold: They have their own
agendas, and they operate in secret so that we do not always know exactly
what their agenda is and how they are twisting evidence from intercepts to
make their case.

We've seen George W Bush and his mates using supposed intercept information
to undermine the inspectors in Iraq, and try to establish a link between
Saddam Hussein and al-Qaeda. Now we have on our statute books the Terrorism
Suppression Act, where someone can be designated a terrorist on the basis
of classified information, perhaps from electronic intercepts, which the
accused person is never allowed to see at any subsequent stage in court
appeals. Even if the classified `intercept' information was accurate, it
could be there through no fault of the person concerned.

Even if the information the intelligence services possess about the person
they are targeting is correct, do we really want a situation where people
in general become scared about what websites they are visiting, or who they
email, in case the intelligence services are watching?

If police are really worried about someone they already have the power to
search that person's home and look at his or her computer. Is that not
enough?

The irony of the whole thing is that any real criminal with half a brain
will not get caught by law enforcement interception systems. They can very
easily use cyber cafés, open proxy servers, get free unlimited free web
email accounts, like Hotmail and get away scot-free. They will never be
intercepted by any surveillance system.

Another likely extension to the electronic surveillance system, once it is
entrenched, through this bill, in Internet Service Providers, is to move
beyond targeting particular individuals to a key word trawling system. This
is the system the Government Communications Security Bureau already uses
through its Waihopai satellite communications interception station, which
is part of the Echelon network, run by the US National Security Agency. It
is also what the FBI in Americas Carnivore email interception system does
in that country.

These systems are hugely intrusive into the lives of us all, because any of
us can accidentally use a `key word' or key name being trawled for and get
caught up in the net, without even knowing it. Sometimes we do find out.
This is what happened to a Wellington woman who submitted to the Law and
Order Committee. She had emailed a friend in the United States that she
could not watch the American Presidential elections on television because
she was going to a funeral. And because the email had the words President
Elections and Funeral in it, it was intercepted by the Carnivore system
and her friend was visited by the FBI and told about that email.

We live in a world where there are too many moves and the American
Government is egging us on, down the road to a surveillance society, and we
should not go further down that road without good reason and without good
controls. It is a problem with any bureaucracy. We have found in the past
that some police have been charged with wrongly using information obtained,
and that will happen more if there is this email interception. The SIS has
been shown to have acted illegitimately on occasion, and in this case the
ISPs will also be in the system too, and perhaps use the information
wrongly, even though under the bill they are supposed to be confidential.

It is good that there is a warrant system in the bill, but, as we found on
the Law and Order Committee, there are problems with this warrant system.
There is no proper audit system for the warrants and there is no system for
telling people subsequently that they have had their emails intercepted,
and there is no proper system, particularly for the SIS, to destroy the
evidence that has been collected on people when it is no longer required.

There should be an amendment to the privacy principle of the Privacy Act so
that the Security Intelligence Service is not exempt under the Privacy Act,
so that they then have to remove information once it is no longer necessary.

There are a lot of problems in controlling agencies doing electronic
interceptions. Why not rely on traditional policing, which is the most
valid and the least restrictive of our civil liberties.

See also: www.greens.org.nz/campaigns/sis/telecoms.htm and
www.greens.org.nz/searchdocs/speech6056.html