Re: New Zealand Spy Agency To Vet Network Builds, Provider Staff

[George Michaelson <ggm () algebras org>]

I can't speak to that Paul. I attended NZNOG as a guest, I'm from
Australia. Others will have to say how the NZ industry is approaching this,
I'd get it wrong if I tried!

-G


On Tue, May 13, 2014 at 3:49 PM, Paul Ferguson <fergdawgster () mykolab com>wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> So is there just reluctant acceptance of this law, or is there
> push-back and plans to repeal, or...?
>
> I guess my question is something along the lines of "Are people just
> reluctantly accepting that government surveillance & micromanagement
> of private businesses/networks is a fact of life?"
>
> I am purposefully making a distinction here between the U.S. CALEA [1]
> and NSLs [2] and a NZ spy agency getting "...to decide on network
> equipment procurement and design decisions".
>
> The latter seems like a bit of an overreach?
>
> - - ferg
>
>
> [1]
>
> https://en.wikipedia.org/wiki/Communications_Assistance_for_Law_Enforcement_Act
> [2] https://en.wikipedia.org/wiki/National_security_letter
>
>
> On 5/13/2014 6:40 AM, George Michaelson wrote:
>
> > It got a pretty firefight discussion at the NZNOG. None of the ISPs
> > feel comfortable with it, but in avoiding a shoot-the-messenger
> > syndrome they tried to give good feedback to the reps from GCSB who
> > came to talk. Basically, a lot of post-act variations are expected
> > to clarify what changes do and do not have to be notified.
> >
> > There was a lot of bitter humour about calling them at 3am to
> > report BGP failures and ask permission to remediate.
> >
> >
> > On Tue, May 13, 2014 at 3:33 PM, Paul Ferguson
> > <fergdawgster () mykolab com <mailto:fergdawgster () mykolab com>>
> > wrote:
> >
> > I realize that New Zealand is *not* in North America (hence
> > NANOG), but I figure that some global providers might be interested
> > here.
> >
> > This sounds rather... dire (probably not the right word).
> >
> > "The new Telecommunications (Interception Capability and Security)
> > Act of 2013 is in effect in New Zealand and brings in several
> > drastic changes for ISPs, telcos and service providers. One of the
> > country's spy agencies, the GCSB, gets to decide on network
> > equipment procurement and design decisions (PDF), plus operators
> > have to register with the police and obtain security clearance for
> > some staff. Somewhat illogically, the NZ government pushed through
> > the law combining mandated communications interception capabilities
> > for law enforcement, with undefined network security requirements
> > as decided by the GCSB. All network operators are subject to the
> > new law, including local providers as well as the likes of
> > Facebook, Google, Microsoft, who have opposed it, saying the new
> > statutes clash with overseas privacy legislation."
> http://yro.slashdot.org/story/14/05/13/005259/new-zealand-spy-agency-to-vet-network-builds-provider-staff
> >  FYI,
> >
> > - ferg
>
> - --
> Paul Ferguson
> VP Threat Intelligence, IID
> PGP Public Key ID: 0x54DC85B2
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.22 (MingW32)
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>
> iF4EAREIAAYFAlNyItUACgkQKJasdVTchbL5GwEAxMtkr0W8oCtLTEdJDcdJHZTw
> hCGmG1ZTbWdb7NTEnwIA/j4YYMcN/gOQCQfABs1UIYFX30i/SewOkXYDOvfO6ReM
> =rAdv
> -----END PGP SIGNATURE-----