Our website uses cookies to give you the best experience and for us to analyse our site usage. If you continue to use our site, we will take it you are OK about this. Click on More for information about the cookies on our site and what you can do to opt out.

We respect your Do Not Track preference.

Surveillance, spies and secrecy John Edwards
7 September 2015

gcsb logo

2015 has been a busy year for the intersection of privacy, security and intelligence.

I’m looking forward to welcoming the Acting Director of the GCSB, Una Jagose, to our regular Privacy and Technology forum this week on the topic of cyber-security in New Zealand.

In May, I introduced the Director of the SIS, Rebecca Kitteridge, before her address to the Identity Conference on the topic “Is the NZSIS interested in you? Privacy in the security world”. The text of her speech can be found here.

In July, I was invited to address the annual conference of intelligence professionals and gave a speech about “Privacy versus Security: the False Dichotomy and the Myth of Balance”. I talked about the importance of appropriate oversight and accountability for secretly used powers, and challenged the commonly asserted idea that security and privacy are values that can be traded off against each other. The full text of the speech is here.

I’ve blogged here about my oversight role of the SIS and the GCSB. These agencies aren’t subject to the same complaints processes as other government agencies, but citizens do have the right to seek access to any personal information that they may hold, and to seek to have that information corrected (principles 6 and 7 of the Privacy Act). My office can carry out a review of access and correction complaints.

Independent review

In August, my office made a submission to the Independent Review of Intelligence and Security and I was invited to talk to the reviewers, Sir Michael Cullen and Dame Patsy Reddy, about how the legislation governing the SIS and the GCSB might be improved.

One of the questions the review is grappling with is what forms of communication should be considered to be “private” (and need a warrant to be intercepted) and whether some communications may not need the same level of privacy protection. A live issue for the review is how metadata should be treated.

Our submission makes five key recommendations:

  • to bring the SIS and GCSB in line with standard governance and accountability frameworks (such as the privacy principles), subject to specific exceptions rather than general carve-outs
  • to clarify and strengthen the privacy standards for communications and metadata
  • to include explicit safeguards and procedures for all privacy intrusive powers (such as bulk interception)
  • to strengthen oversight of international information sharing by the intelligence agencies (such as the Five Eyes Alliance); and
  • to create an Oversight Board of experts (including the Inspector General) to co-ordinate oversight of the SIS and the GCSB.

The full submission is here.

So far I’ve seen thoughtful submissions from the Law Society, Amnesty International and the Human Rights Foundation, and Internet NZ.

They make for interesting reading and I hope the reviewers find them useful. They also raise some important issues for public debate.

Issues about privacy, surveillance and national security are also raised in recent Law Commission reviews.

Our submission to Extradition and Mutual Assistance in Criminal Matters is here.

Our submission to National Security Information in Proceedings is here.

International insights

New Zealand is not alone in examining the powers and controls on intelligence agencies.

There are a number of recent reports from Britain, the Netherlands, Canada and the United States that analyse the current problems and recommend a range of solutions.

The Dutch Review Committee on the Intelligence and Security Services has put its finger on one key weakness - the limits of national oversight in a security environment that increasingly relies on intelligence sharing across national borders. They’ve called this issue “the accountability deficit”.

This is one of the issues that I’ll be discussing with international colleagues at next month’s International Conference of Data Protection and Privacy Commissioners in Amsterdam. Cheryl Gwyn, New Zealand’s Inspector-General of Intelligence and Security, will be presenting to the conference and it will be an opportunity for her and I to hear and share insights with comparable oversight agencies in other jurisdictions.

Clearly more thinking still has to be done on how we equip our intelligence agencies to protect the State, without sacrificing individual human rights.

It’s an important question for our time and one that deserves the ongoing critical attention of the public and Parliament.


, , ,



No one has commented on this page yet.

Post your comment

The aim of the Office of Privacy Commissioner’s blog is to provide a space for people to interact with the content posted. We reserve the right to moderate all comments. We will not publish any content that is abusive, defamatory or is obviously commercial. We ask for your email address so that we can contact you if necessary to clarify your comment. Please be respectful of authors and others leaving comments.