The GCSB revelations

Written By: - Date published: 10:37 am, March 24th, 2024 - 24 comments
Categories: Abuse of power, International, john key, national, Politics, same old national, Spying, The Standard, us politics - Tags:

Anyone else feel their jaw move rapidly to the floor as news of the GCSB’s problems emerged this week?

The Standard has spent a lot of time over the years talking about the GCSB. Check out these posts to get a flavour of what we have covered. So the problem was not unexpected. But the desire to say told you so is fuckin so strong.

Here is RNZ’s analysis of what happened:

A foreign agency ran a spy operation out of New Zealand’s Government Communications Security Bureau for years without ministers knowing.

The Inspector General of Intelligence and Security has revealed this in an investigation out on Thursday.

It has found the GCSB knew when it agreed to host the signals intelligence system it could be used to support “military operations by foreign partners”.

“The capability clearly had the potential to be used, in conjunction with other intelligence sources, to support military action against targets,” the report by IGIS Brendan Horsley said.

The system operated from 2013 until 2020, when it was stopped by an equipment failure.

But government ministers were not told despite the agency knowing how sensitive it was.

The current GCSB senior leadership and legal team “apparently knew nothing of the system”.

“It was ‘rediscovered’ at a senior level following concerns being raised in 2020 about another partner system hosted by GCSB.”.

The system was of no benefit to the GCSB, which did not know what the outcome of the spying was, the inquiry said.

This raises so many questions …

Let me see if I am understanding this. A foreign agency put in some equipment and collected some or all of the information that the GCSB was collecting and it was then transmitted to a foreign agency, presumably a member of the Five Eyes Network. The information that the GCSB insisted was protected by all sorts of measures that clearly did not work?

The first question is which nation. The answer is probably the United States of America. No other answer makes any sense. I cannot imagine Canada for instance wanting to hoover up our data.

In the past Mike Smith in particular has been a keen watcher of what the GCSB has been up to. And blogger No Right Turn has taken an active interest in what has happened.

In my review of old posts I found this quote from Whistleblower Edward Snowden from 2014:

Once the NSA has successfully subverted or helped repeal legal restrictions against unconstitutional mass surveillance in partner states, it encourages partners to perform “access operations.” Access operations are efforts to gain access to the bulk communications of all major telecommunications providers in their jurisdictions, normally beginning with those that handle the greatest volume of communications. Sometimes the NSA provides consultation, technology, or even the physical hardware itself for partners to “ingest” these massive amounts of data in a manner that allows processing, and it does not take long to access everything.

Remember the insanity of the 2014 election and Bomber Bradbury’s Auckland Town Hall meeting and the claim of a smoking gun to prove that Key knew about Kim Dotcom before Dotcom’s home was raised.  This was the red herring of red herrings.

But some of what was said appears to be true.  For instance:

[Journalist Glenn] Greenwald said he knew for certain that the New Zealand government engaged in “extraordinary amounts of analysis of metadata”.  Meaning who is talking to who, for how long, where they are when they speak, on a massive indiscriminate scale not just internationally but of New Zealanders as well.”

New Zealand spent an “extraordinary amount of resource” for a country its size on electronic surveillance and “every single thing that the NSA does…involves NZ directly. They are full fledged allies of this effort.”

And of course there was the effort of John Key’s Government to set up a system allowing for our mass surveillance. Although he denied it repeatedly I would be surprised if it did not happen. And it looks like a piece of equipment may have sent at least some of the results overseas.

As I said again in 2014:

John Key during the weekend came out swinging and said that although a “business case” had been prepared by the GCSB for the mass surveillance of New Zealanders he had, after quite some time, put a hold on it.  The phrase “business case” is interesting.  Putting a monetary value on the violation of our rights of privacy shows how dollar centric this Government is.

Andrea Vance has set out a helpful timeline.  In November 2011 two New Zealand corporations were subject to a cyber attack.  Rumours are that one of them was Fonterra and that the attacks originated from China.  The response of the Government was to contemplate the mass surveillance of New Zealanders.  But you have to wonder why.  As said by Danyl McLaughlan “[h]arvesting meta-data about phone calls or web traffic of New Zealand citizens does absolutely nothing to stop Chinese hackers targeting Fonterra or MFAT. It’s a bit like your local police officer saying ‘I think someone is trying to break into your house so I’m gonna drill peepholes in the walls of your bathroom and bedroom’.”  The phrase “never let a good crisis pass you by” springs to mind.

Key says that he put a stop to it.  But here is the jaw dropping feature about the work.  It was started in early 2012 and Key only told the GCSB to put a hold on it in March 2013.  According to his version it is clear he changed his mind presumably only after the controversies surrounding the GCSB came to light.

Key has promised to declassify and release GCSB documents that he says will back him up.  It makes you wonder why the documents were classified in the first place as well as why they should be declassified for political purposes.  And why at the time we were not told about this most intrusive of projects.

And there was at the time this admission by John Key that he could not rule out US spy agency NSA having New Zealanders’ electronic communications under surveillance, even if the GCSB doesn’t.

There was also confirmation that New Zealand was hoovering up data from our Pacific neighbours and sending it on to the United States. Perhaps this was the job of the equipment. From my post in 2015:

The Herald this morning has reported on the latest analysis of New Zealand’s data gathering role based on Eric Snowden’s files.  The story is bound to have a profound effect on New Zealand’s relationship with its Pacific neighbours.  Essentially New Zealand has been collecting data en masse from them and handing it over to the Americans.

From the Herald:

New Zealand’s spies are targeting the entire email, phone and social media communications of the country’s closest, friendliest and most vulnerable neighbours, according to documents supplied by United States fugitive and whistleblower Edward Snowden.

Snowden’s files reveal a heavy focus on “full-take collection” from the Pacific with nearly two dozen countries around the world targeted by our Government Communications Security Bureau.

Information from across the Pacific is collected by New Zealand’s GCSB but sent onto the United States’ National Security Agency to plug holes in its global spying network, the documents show.

From there, the documents show information collected by New Zealand is merged with data captured from across the world. It is then able to be accessed by the NSA’s XKeyscore computer program through an online shopping-style interface, which allows searching of the world’s communications.

Ex GCSB head Bruce Ferguson did confirm that New Zealand was harvesting data from our Pacific Neighbours.

If the intelligence collection started in 2013 it may or may not have been related to changes made to the Government Communications and Security Bureau Act 2003 made in 2013 by the Key government.

The latest revelation makes you question all of the assurances previously given.  There needs to be a proper inquiry into what has occurred.

24 comments on “The GCSB revelations ”

  1. Anne 1

    Former American intelligence analyst, Paul Buchanan sums up the situation in this portion of his post on the subject:

    In effect, the story about this foreign intelligence “capability” secretly operated from within the GCSB is one about violation of basic principles of democratic oversight of intelligence agencies, of an abdication of sovereignty to a foreign power when it comes to intelligence collection and analysis, and above all, of an ongoing culture of impunity within NZ intelligence agencies that do not appear to have learned the right lessons from the Zaoui, Dotcom or March 15 cases when it comes to behaving ethically and taking responsibility for the actions or inactions taken on their watch.

    For an in-depth study of what appears to have happened I recommend people read the entire post.

    https://www.kiwipolitico.com/

    • Tiger Mountain 1.1

      yes
      The “pie and Penthouse” bunglers roll on…

    • mickysavage 1.2

      It is a very good post and Pablo has a better understanding of this issue than pretty well any of us.

      Time and my brain space stopped me from referring to it.

      Also I could not believe the history of what happened and trying to understand this development in the historical context.

  2. KJT 2

    Thanks for reminding me about my Anzac Day. post.

    Still relevant now with the election of a bunch of wannabee, if they thought they could get away with it, Fascists, in our current Coalition of Clowns.

    • mickysavage 2.1

      I am really terrified. Key at least had the understanding that the Government had to give the appearance it was not succumbing to US requests for mass surveillance and collection of all of our data.

      This current lot would not see it as a problem.

      • Anne 2.1.1

        I disliked Key but his friendship with Obama did seem to be genuine. Luxon is a boot licker. He would sell his soul provided he got a good deal for himself.

        Given the latest terrorist attack it would seem to me the Middle East is about to become a tinder box that could go off at any time. Helen Clark very wisely kept us out of the last meelee, but this Luxon clown is likely to drop us headfirst into the next one.

  3. Ad 3

    I would certainly like to know whether the state public safety reaction to COVID19 has formed a permanently deeper surveillance state than we used to have – whether foreign or domestic. Hopefully that comes out in the COVID19 review.

    I'm slightly bothered that Minister Little didn't know anything about and didn't seem to care. On the other hand I struggle with the very idea of privacy.

    • lprent 3.1

      He cared enough to support the IGIS enquiry after he found out in 2020 that there was an issue. GCSB has 'a much different attitude' now – Andrew Little says after foreign op

      When Little found out about it he was concerned whether the operation was consistent with the legislation which had taken effect in 2017 and provided much tighter constraints and greater oversight of the spy agencies.

      He supported it being referred to the Inspector General of Intelligence and Security for investigation.

      That review by the IGIS that made this public. That was specifically because he thought that the matter violated the requirements of the 2017 act about reporting foreign use of locally acquired intelligence – which its did. (see para 115-117 of the IGIS report)

      115. From 2017 the ISA also required the GCSB to have a Ministerial authorisation for sharing intelligence.13 A Ministerial authorisation to share intelligence with relevant parties was issued on 18 September 2017. In it the Minister authorised the listed parties: 1. […] to receive from the Government Communications Security Bureau intelligence and analysis collected in accordance with the Government’s priorities, pursuant to s10(1)(a) of the ISA.

      I'd point that was 5 days before the general election in 2017

      116. The authorisation was subject to the GCSB complying with the Joint Human Rights Risk Management Policy before providing any intelligence and analysis to any authorised parties. It did not state any further conditions or any details of how intelligence would be shared.

      117. In 2020 the GCSB sought and received another authorisation of the same scope and terms.

      Don't have a date on the latter or a timeline on it. But what else did you expect him to do?

      Miraculously intuit that there was some hardware sitting in the GCSB racks that might be a problem? Pry into the operational aspects of the GCSB himself? Which in itself would have been unlawful for him to do. Ministers in some ministries like intelligence, police, military, etc aren't allowed to get involved in operational decisions. And I'd argue that we sure as hell don't want them to be. It was bad enough in the past. I'd hate to think what vindictive dickhead like Simeon Brown would try to do with it.

      As far as I can see Little did exactly what he should have done and supported what would be a inquiry to IGIS who does have a investigative and advisory role in the GCSB and SIS. He followed the procedure that made this public and provided the ministerial advice.

      https://en.wikipedia.org/wiki/Inspector-General_of_Intelligence_and_Security_(New_Zealand)

      The IGIS is an independent oversight body, with a broad function of assisting the Minister responsible for NZSIS and GCSB to ensure the activities of each agency comply with the law; ensure that complaints relating to these agencies are independently investigated;[7] and review those bodies' compliance procedures and systems.[8] Neither the National Assessments Bureau nor the Directorate of Defence Intelligence and Security are under the oversight of the role.[9]

      The Inspector-General does not have a management role in the NZSIS or GCSB and cannot order them to take, or to cease, any activity – the role is limited to reporting concerns and findings to the Minister,[10] who ultimately is responsible for corrective action. Reports are also made public, so far as possible, as are steps to implement recommendations.

      The Inspector-General conducts inquiries into matters of concern, including individual complaints, and reports consequent findings and recommendations to the Minister. Those reports, excluding information withheld because of security concerns, may be found on the Inspector-General's website.[11] The Inspector-General also makes a report each year to the Minister. A copy of that report, excluding material of security concern or which may cause danger is presented to Parliament. A copy, without deletions, must be given to the Leader of the Opposition.[12]

      Looking at the resourcing of a office of the IGIS, I suspect we need that increased so this type of investigation gets handled more quickly and in a more timely manner.

      Traditionally the office had been very small, but was expanded from 2014 onwards in response to controversies over unlawful activities to include a Deputy Inspector-General, two external advisors, and a number of investigation staff.[2] That expansion was accompanied by some greater resourcing and a more intensive role, in particular with the addition of an own motion power of inquiry, and quickly resulted in a significantly larger number and depth of inquiries, including into systemic issues and matters of public controversy such as an incident involving adverse allegations arising from briefings claimed to have been given by the Security Intelligence Service to the Leader of the Opposition [3] and the conduct of the agencies in parts of the conflict in Afghanistan. [4] Senior political figures have at times criticised the extent of the broadened independent oversight that followed the 2014 reforms. [5]

      The IGIS report about authorisations (and warrants) from September 2017 onwards para 132-153 was interesting to read because it highlights how much of a change (and lack of retrospective view) that the GCSB took from it. To me it seems clear that the GCSB in their new 'candor' requirements from 2018 onwards should looked to see what current capabilities and operations it had inherited.

      The register referred to in para 161, in particular, if implemented retrospectively after the 2017 act came into force in 2018 should have allowed the required levels of 'candor' to have been informed by fact rather than by institutional forgetfulness.

      Overall, a good report highlighting the flaws (especially the historical ones)- I suggest that you read it. Then make some more relevant criticisms or suggestions that actually relate to changes to the legislation that governs the gap between minister and intelligence agency.

      So far I’m coming up empty on changes apart from wanting the IGIS to have a bigger staff. Taking 2-3 years to dig into this doesn’t seem responsive enough.

      • Ad 3.1.1

        Little did the minimum, Didn't even note displeasure. Even Findlayson the ex GCSB Minister had the sense to go all out against this kind of deliberate bullshit from GCSB.

        Finlayson said he agreed with former prime minister Helen Clark that there needed to be “disciplinary consequences” for anyone working on the relationship responsible for the handling of the foreign intelligence system.

        And this is how they do it. Wellington bullshit:

        Both current and previous governments need to penetrate the weasel-words harder. Despite the review you cite, this is how the intelligence community responded through the IGA:

        https://igis.govt.nz/assets/Annual-Reports/Annual-Report-2022-23.pdf

        "The Foreign Cooperation MPS came into effect on 28 September 2017. Since then neither agency has referred an arrangement to the ISC for noting. This is despite both agencies entering into significant arrangements with foreign counterparts since that date. Both agencies have asserted that on their interpretation of the MPS they were not required to refer the arrangements to ISC. The nub of the interpretation issues, about which my Office and the agencies disagree, relates to the word “new”."

        Neither agency has found an international partnership worth noting to Parliament.

        That was so last week.

        This week we have major revelations that the Chinese government has been undertaking operations against MPs in Britain and reps in the United States that criticise China. Our new Foreign Minister has stated this is unacceptable.

        https://www.aljazeera.com/news/2024/3/26/new-zealand-says-chinese-state-sponsored-group-hacked-parliament

        Our new GCSB Minister has condemned China for its "malicious cyber activity". Prime Minister Luxon made similar comments.

        https://www.nzherald.co.nz/nz/politics/new-zealand-parliament-systems-targeted-by-china-based-hackers/RNUEMYIZFBAILLCOJ7QMIUZJ5Y/

        In a rare move, the GCSB Director General did his own press conference, saying a Chinese group connected to Beijing’s Ministry of State Security had obtained data. Sure it wasn't massively sensitive this time, but it was serious.

        So what you do is not more ineffectual reviews. You fire peoples asses.

        The PM simply should state he no longer has confidence in the head of GCSB. Which is of course what Little could have done, rather than just complacently saying he'd done a review and was satisfied.

        • Anne 3.1.1.1

          Before you start throwing accusations at Andrew Little, suggest you check out the facts:

          https://www.beehive.govt.nz/release/new-zealand-condemns-malicious-cyber-activity-chinese-state-sponsored-actors

          And here is what Andrew Little had to say earlier today:

          https://www.nzherald.co.nz/nz/politics/very-low-former-security-minister-on-the-risk-of-mps-personal-information-being-stolen-in-china-sponsored-cyberattack/6FKI6KAW2NDQFBWXXECQWO7YMY/

          My reading of the situation is that investigations into these activities have been ongoing since 2021. They were almost complete – or at least ready to be publicly revealed – when he had to hand over the reins to Judith Collins.

          • Ad 3.1.1.1.1

            From your own links:

            The Parliamentary Counsel's Office is actually where experts draft the precise wording of a proposed law.

            Little: “The attack ended up being mainly on the Parliamentary Counsel Office (PCO) – they’ve got draft legislation and instructions, that sort of thing,”

            That is one of the smartest and most acute points to attack our system. Far more effective than attacking an MP, occupying Parliament's grounds, or having a swipe card access into the Beehive. Surely you know that?

            And to underscore the point about our abject international weakness, Little says:

            “In the end, China understands that our relationship with them is multidimensional. I think that the prospects of retaliatory action are very low.”

            Do you even know what the word sovereignty means?

            • lprent 3.1.1.1.1.1

              Umm. You have to remember that the responsibility for any public accessible system lies completely with the person(s) maintaining it.

              Doesn't matter if it is a state actor or not, simply because you can't prove it one way or another. You have to put that kind of protection in anyway.

              Incidentally, this site gets tens of thousands of attempted attacks on it daily. I depend on several different layers of protection from the OS, the internal malware detection, apache, php, wordpress plugins like word fence and others, and wordpress itself. That is reason that comments take so long to save. The intrusion protection on the web system.

              The server itself, outside of the web ports, has a number of external port access on the gateway for me to remote in. They each get hundreds of attempts per hour from a multiplicity of IPs across many countries to login. Both act as honey traps that are there for me to collect kinds of attempted intrusions. They also block IPs for some time if they don't detect specific remote hardware credentials.

              This isn't exactly a high value target. But along with the unwanted crawlers, >95% percent of the traffic to this site is always malicious to some degree of another.

              That is the reality of running any exposed server. Having state financed actors just kicks the required defences up a bit. You still have to defend like crazy. That is the sole responsibility of the IT admins and the people who give them budgets.

  4. thinker 4

    I think the can that got kicked down the road some years back was:

    We are friends with the Chinese government not least because they do a lot of trade. Some people close to the National Party have been on the boards of Chinese companies, as far as I remember.

    We are friends with the American government not least because of our 5 eyes relationship.

    What happens if the American and Chinese governments fall out with each other?

    • KJT 4.1

      Well.

      There are those who think we need the USA, to defend our sea trade routes to/from China! That China makes the most use of and will lose the most from blocking……………

      The USA is more likely to block our sea trade, which is predominantly with China.

      And those who think the USA will win a conventional war with China. When the USA has shifted their manufacturing capability to China, China has many times the people and the means to extend their capability. The only way the USA can "win" that war is with nuclear strikes. Then everyone loses.

      Which side will our large Chinese population, take?
      I know many who will “side” with NZ. Whichever side we take. Not all.
      And the National party whose associates are directors, share holders in Chinese companies?

      Of course the USA and China could continue with proxy wars of attrition in other countries, like Vietnam and North Korea. Syria! Ukraine! Afghanistan! How do those end?
      Or. Both could negotiate a way to live together.

      Unfortunately, unlike China, the US economy cannot survive without war.

      Those talking about war, sides and who wins, are living a dangerous fantasy.

      • Bruce 4.1.1

        I'm not sure China represents the threat many assign it. Corruption is a great equalizer.

        China's Army Had Missiles Filled With Water Instead of Fuel: Bloomberg (businessinsider.com)

      • SPC 4.1.2

        The USA made the mistake of presuming a more prosperous China (access to WTO) would develop a civil society glasnost as it became part of the global market. China chose vertical integration and the One Belt and Road, and the multiple line border expansion and associated military build-up.

        A bit like how Russia chose war with Ukraine and NATO, rather than allow it to join the EU.

        NATO made its own mistakes, it could have followed George Kennan's advice on a post Cold War regime in Europe and the US opened up trade with China more conditionally (sorted out Korea and Taiwan and international sea borders first).

        Now we have Europe as the NATO hawk on Russia and the USA winding down connection to the Chinese economy – exacerbating their issues with labour lying flat and demographic decline.

        All we can do is note the absurdity of the GOP "isolationism" to explain pandering to Putin in Ukraine (a member of the UN) all while talking tough on Taiwan (which is part of China).

        This for mine is the reason why we defer entry to AUKUS Pillar 2 until we know what direction the USA is on.

        And instead we should partner with other nations and try and broker an arrangement for Taiwan within China. And a peace for Korea. We do not want the region to blunder into a war as has happened in Europe.

    • No-Skates 4.2

      China gets to have us every second weekend.

      • SPC 4.2.1

        There is culture and heritage, western tradition etc and then there is region and the economy. If the love of money grows under NACT, as it has for the GOP (walking away from Ukraine), it might end up being every first weekend.

  5. francesca 5

    Now that is funny! On several different levels

  6. Ad 6

    The core reason that the New Zealand government cannot speak up against China's spying is because of our dairy and meat industry.

    Westland Milk Products, Synlait Milk, Yashilii NZ, the Synlait and Crafar Farms owned by Synlait, and of course Silver Fern Farms – all locked up either 100% or significantly by China.

    Dairy is our largest export by far, and dairy companies other than Tatua and Fonterra are controlled by the Chinese.

    No New Zealand government will dare oppose the Chinese when they control so much of our largest export.

    We are bought and sold to China.

    • joe90 6.1

      We are bought and sold to China.

      Thanks to our own parcel of rogues.

      /

      `We're bought and sold for English gold' — Such a parcel of rogues in a nation!

      Rabbie Burns

    • Tiger Mountain 6.2

      There is some truth in that if you have a reasonably detailed knowledge of the NZ Dairy industry as it has evolved and the ownership strands.

      But until someone “names names” it sounds much like a 5 Eyes beat up with the Poms, Aussies and Yanks all chiming in.

      • Ad 6.2.1

        Brief though it was, we had a highpoint of sovereignty from 1973 (when we sent a naval ship in protest against French nuclear bombing), to 1984 (when we passed the anti-nuclear ships legislation and three years before that signed CER).

        That was our strong moment between the loss of Britain as an export market, defiance against the United States, and finding a real and binding future partnership in our interests in Australia.

        Before and after that brief era, we tried hard but we were bought and sold.

The server will be getting hardware changes this evening starting at 10pm NZDT.
The site will be off line for some hours.