New Zealand Spy Agency To Vet Network Builds, Provider Staff

Paul Ferguson fergdawgster at
Tue May 13 13:49:09 UTC 2014

Hash: SHA256

So is there just reluctant acceptance of this law, or is there
push-back and plans to repeal, or...?

I guess my question is something along the lines of "Are people just
reluctantly accepting that government surveillance & micromanagement
of private businesses/networks is a fact of life?"

I am purposefully making a distinction here between the U.S. CALEA [1]
and NSLs [2] and a NZ spy agency getting " decide on network
equipment procurement and design decisions".

The latter seems like a bit of an overreach?

- - ferg


On 5/13/2014 6:40 AM, George Michaelson wrote:

> It got a pretty firefight discussion at the NZNOG. None of the ISPs
> feel comfortable with it, but in avoiding a shoot-the-messenger
> syndrome they tried to give good feedback to the reps from GCSB who
> came to talk. Basically, a lot of post-act variations are expected
> to clarify what changes do and do not have to be notified.
> There was a lot of bitter humour about calling them at 3am to
> report BGP failures and ask permission to remediate.
> On Tue, May 13, 2014 at 3:33 PM, Paul Ferguson
> <fergdawgster at <mailto:fergdawgster at>>
> wrote:
> I realize that New Zealand is *not* in North America (hence
> NANOG), but I figure that some global providers might be interested
> here.
> This sounds rather... dire (probably not the right word).
> "The new Telecommunications (Interception Capability and Security)
> Act of 2013 is in effect in New Zealand and brings in several
> drastic changes for ISPs, telcos and service providers. One of the
> country's spy agencies, the GCSB, gets to decide on network
> equipment procurement and design decisions (PDF), plus operators
> have to register with the police and obtain security clearance for
> some staff. Somewhat illogically, the NZ government pushed through
> the law combining mandated communications interception capabilities
> for law enforcement, with undefined network security requirements
> as decided by the GCSB. All network operators are subject to the
> new law, including local providers as well as the likes of
> Facebook, Google, Microsoft, who have opposed it, saying the new
> statutes clash with overseas privacy legislation."
>  FYI,
> - ferg

- -- 
Paul Ferguson
VP Threat Intelligence, IID
PGP Public Key ID: 0x54DC85B2
Version: GnuPG v2.0.22 (MingW32)
Comment: Using GnuPG with Thunderbird -


More information about the NANOG mailing list