Govt bottles spy bill clause amid tech giant pressure
FYI, this story is more than a year old
Slammed by Microsoft, Google and Facebook over plans to include a clause in the controversial Telecommunications Interception Capability and Security Bill - the government has backed down on the issue.
Tabling a Supplementary Order Paper yesterday, Communications and Information Technology Minister Amy Adams claims the move will make "further improvements" to the bill.
“The select committee has recommended a number of practical and positive changes to the Bill in response to submissions,” says Adams, who revealed the changes are in addition to those recommended by the Law and Order select committee.
“Based on feedback from support parties, the public and industry, I intend to make some further changes that go beyond the committee’s recommendations.”
The clause has caused uproar among tech giants such as Microsoft, Google and Facebook.
Clause 39 of the proposed Bill currently allows the responsible Minister to direct that a network operator must not resell an overseas telecommunications service in New Zealand where the interception capability, or lack of interception capability, raises a significant risk to law enforcement or national security.
It is proposed to remove Clause 39 from the Bill altogether, and, instead, matters of non-compliance could be addressed through the compliance framework.
Part 3 of the Bill deals with the partnership approach between the GCSB and network operators to protect network security.
To ensure that this interaction occurs in a timely manner, the government proposes to introduce the ability for the Minister responsible for the GCSB to make regulations that require decisions to be made under specific timeframes, in the event that decisions are not being made in a sufficiently timely way.
It is also proposed to narrow the scope of the matters that must be notified to the GCSB, reducing compliance costs for network operators.
As a last resort, where network operators and the GCSB are unable to agree on how to respond to a network security risk, Clause 54 of the Bill currently provides that the responsible Minister may issue a direction.
Before the GCSB can ask the Minister to make a direction, a further check and balance will be introduced.
The Commissioner of Security Warrants will now be required to carry out an independent review of the material that informed the GCSB’s risk assessment, and report on whether, in their opinion, the risk amounts to a significant risk to national security.
Finally, to meet the concerns expressed by telecommunications companies that competition and cost implications must be adequately considered, the factors that the Minister must take into account before issuing a direction on network security will be strengthened and clarified.
As a result, Adams believe the changes will deliver a more "rigorous assessment of the costs and benefits, including the impact of the cost on the telecommunications company."
“Although public input has resulted in significant improvements to the Bill, some of the submissions received did not reflect an accurate understanding of what the Bill does and does not do,” Adams adds.
“In particular, I would like to reassure people that this Bill does not change the authority of agencies to intercept telecommunications, it does not change existing privacy protections, and it does not require data to be stored or require stored data to be disclosed. The Bill only relates to real time interception.
“The Bill plays a key role in law enforcement and in protecting New Zealand’s national security.”
After original government proposals potentially subjected over two million Kiwi users’ to surveillance, the reaction within the tech industry was one of anger.
“It is no longer about just tapping into the telephone exchange,” argued Waldo Kuipers, spokesman, Microsoft.
“Today what we are talking about is a diversity of data connections carrying every imaginable service such as games, banking, education services, entertainment, company and government meetings, shopping, email and documents.
“Many of these were never subject to interception capability obligations in the pre-digital world.
“That is a dramatic change in the law.”
“[While] interception tools are necessary for the effective maintenance of law,” Google wrote at the time.
“[The bill] would likely raise public fears of unjustified intrusion into their privacy.”
Speaking in the wake of Facebook’s submission in July also, Mia Garlick, the head of policy in the company’s Australian division claimed the bill “needed to be clarified to ensure that it is beyond doubt that services such as Facebook that provide stored messaging services are not subject to this legislation.”
Were do you stand on the bill? Were companies right to oppose changes? Should the government have caved in? Tell us your thoughts below