New Zealand Spy Agency To Vet Network Builds, Provider Staff

Paul Ferguson fergdawgster at mykolab.com
Tue May 13 13:49:09 UTC 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

So is there just reluctant acceptance of this law, or is there
push-back and plans to repeal, or...?

I guess my question is something along the lines of "Are people just
reluctantly accepting that government surveillance & micromanagement
of private businesses/networks is a fact of life?"

I am purposefully making a distinction here between the U.S. CALEA [1]
and NSLs [2] and a NZ spy agency getting "...to decide on network
equipment procurement and design decisions".

The latter seems like a bit of an overreach?

- - ferg


[1]
https://en.wikipedia.org/wiki/Communications_Assistance_for_Law_Enforcement_Act
[2] https://en.wikipedia.org/wiki/National_security_letter


On 5/13/2014 6:40 AM, George Michaelson wrote:

> It got a pretty firefight discussion at the NZNOG. None of the ISPs
> feel comfortable with it, but in avoiding a shoot-the-messenger
> syndrome they tried to give good feedback to the reps from GCSB who
> came to talk. Basically, a lot of post-act variations are expected
> to clarify what changes do and do not have to be notified.
> 
> There was a lot of bitter humour about calling them at 3am to
> report BGP failures and ask permission to remediate.
> 
> 
> On Tue, May 13, 2014 at 3:33 PM, Paul Ferguson
> <fergdawgster at mykolab.com <mailto:fergdawgster at mykolab.com>>
> wrote:
> 
> I realize that New Zealand is *not* in North America (hence
> NANOG), but I figure that some global providers might be interested
> here.
> 
> This sounds rather... dire (probably not the right word).
> 
> "The new Telecommunications (Interception Capability and Security)
> Act of 2013 is in effect in New Zealand and brings in several
> drastic changes for ISPs, telcos and service providers. One of the
> country's spy agencies, the GCSB, gets to decide on network
> equipment procurement and design decisions (PDF), plus operators
> have to register with the police and obtain security clearance for
> some staff. Somewhat illogically, the NZ government pushed through
> the law combining mandated communications interception capabilities
> for law enforcement, with undefined network security requirements
> as decided by the GCSB. All network operators are subject to the
> new law, including local providers as well as the likes of
> Facebook, Google, Microsoft, who have opposed it, saying the new
> statutes clash with overseas privacy legislation."
> 
> http://yro.slashdot.org/story/14/05/13/005259/new-zealand-spy-agency-to-vet-network-builds-provider-staff
>
>  FYI,
> 
> - ferg
> 
> 
> 
> 
> 

- -- 
Paul Ferguson
VP Threat Intelligence, IID
PGP Public Key ID: 0x54DC85B2
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iF4EAREIAAYFAlNyItUACgkQKJasdVTchbL5GwEAxMtkr0W8oCtLTEdJDcdJHZTw
hCGmG1ZTbWdb7NTEnwIA/j4YYMcN/gOQCQfABs1UIYFX30i/SewOkXYDOvfO6ReM
=rAdv
-----END PGP SIGNATURE-----


More information about the NANOG mailing list