New Zealand Spy Agency To Vet Network Builds, Provider Staff

George Michaelson ggm at
Tue May 13 13:40:49 UTC 2014

It got a pretty firefight discussion at the NZNOG. None of the ISPs feel
comfortable with it, but in avoiding a shoot-the-messenger syndrome they
tried to give good feedback to the reps from GCSB who came to talk.
Basically, a lot of post-act variations are expected to clarify what
changes do and do not have to be notified.

There was a lot of bitter humour about calling them at 3am to report BGP
failures and ask permission to remediate.

On Tue, May 13, 2014 at 3:33 PM, Paul Ferguson <fergdawgster at>wrote:

> Hash: SHA256
> I realize that New Zealand is *not* in North America (hence NANOG),
> but I figure that some global providers might be interested here.
> This sounds rather... dire (probably not the right word).
> "The new Telecommunications (Interception Capability and Security) Act
> of 2013 is in effect in New Zealand and brings in several drastic
> changes for ISPs, telcos and service providers. One of the country's
> spy agencies, the GCSB, gets to decide on network equipment
> procurement and design decisions (PDF), plus operators have to
> register with the police and obtain security clearance for some staff.
> Somewhat illogically, the NZ government pushed through the law
> combining mandated communications interception capabilities for law
> enforcement, with undefined network security requirements as decided
> by the GCSB. All network operators are subject to the new law,
> including local providers as well as the likes of Facebook, Google,
> Microsoft, who have opposed it, saying the new statutes clash with
> overseas privacy legislation."
> FYI,
> - - ferg
> - --
> Paul Ferguson
> VP Threat Intelligence, IID
> PGP Public Key ID: 0x54DC85B2
> Version: GnuPG v2.0.22 (MingW32)
> Comment: Using GnuPG with Thunderbird -
> QfJ5cI1v4t2bUXZp1hQBAKHCP0hyxg6naGOzRLt/vHjgxXnl3+yiWoj0ENxQyIr9
> =0yLu

More information about the NANOG mailing list