Key releases GCSB documents

Prime Minister John Key. File photo / Getty Images
Prime Minister John Key. File photo / Getty Images

Prime Minister John Key has released a series of documents 'setting the record straight' over claims the GCSB had spied on New Zealanders.

Mr Key responded quickly to Edward Snowden and Glen Greenwald's freshest claims - that "if you live in New Zealand, you are being watched" - this afternoon.

"Claims have been made tonight that are simply wrong and that is because they are based on incomplete information.

''There is not, and never has been, a cable access surveillance programme operating in New Zealand.

"There is not, and never has been, mass surveillance of New Zealanders undertaken by the GCSB.

He would not discuss XKEYSCORE, ''we don't discuss the specific programmes the GCSB may, or may not use''.

''But the GCSB does not collect mass metadata on New Zealanders, therefore it is clearly not contributing such data to anything or anyone," Mr Key said.

"The GCSB undertakes cyber security operations to protect individual public and private sector entities from the increasing threat of cyber-attack and this is very important work.

"It does not, however, remotely resemble what has been claimed''.

Read the released documents here:


Mobile readers: tap here to read the full document


Mobile readers: Tap here to read the full document


Mobile readers: Tap here to read the full document


Mobile readers: Tap here to read the full document

Writing ahead of his planned satellite appearance at Kim Dotcom's Moment of Truth event in Auckland tonight, Snowden said "if you live in New Zealand, you are being watched".

Watch - Key: 'Dotcom is trying to save Dotcom's butt'

Video

Snowden claimed that while working at the NSA he routinely came across the communications of New Zealanders through a mass surveillance tool shared with GCSB, called X-Keyscore.

The tool allowed access to a database of communications collected through mass surveillance and was not used for the purposes of cybersecurity, but instead to read private emails, text messages, and internet traffic, Snowden claims.

"I know this because it was my full-time job in Hawaii, where I worked every day in an NSA facility with a top secret clearance."

Read more:
John Armstrong - Dotcom's last chance to shine
Kiwis' data lodged with NSA - Greenwald
PM withheld spying data - critics

He said on the website The Intercept that the X-Keyscore program had a filter called a Five Eyes Defeat -- "the Five Eyes being the US, UK, Canada, Australia, and yes, New Zealand".

He said the the checkbox allowed analysts to "prevent search results from being returned on those countries from a particular search. Ask yourself: why do analysts have a checkbox on a top secret system that hides the results of mass surveillance in New Zealand if there is no mass surveillance in New Zealand?"

Snowden claimed the GCSB had provided mass surveillance data for the X-Keyscore system -- including the communications of millions of New Zealanders through the GCSB station at Waihopai -- and that Prime Minister John Key was aware of the fact.

The GCSB did not merely use X-Keyscore, but also developed mass surveillance algorithms for the system, he said.

As a result, the GCSB had the ability see every website an individual visited and "every text message you send, every call you make, every ticket you purchase, every donation you make, and every book you order online".

The Intercept's report exposes the Government's actions in implementing a system designed to record citizens' metadata, Snowden said.

"Let me be clear: any statement that mass surveillance is not performed in New Zealand, or that the internet communications are not comprehensively intercepted and monitored, or that this is not intentionally and actively abetted by the [GCSB], is categorically false.

"If you live in New Zealand, you are being watched."

Snowden said Mr Key's claim to the public that there had never been any mass surveillance was false.

"The GCSB, whose operations he is responsible for, is directly involved in the untargeted, bulk interception and algorithmic analysis of private communications sent via internet, satellite, radio, and phone networks."

He said his claims were supported by "actual pictures and classified documentation of X-Keyscore" which were now available online.

Snowden is expected to address this evening's event electronically from Moscow where he is currently sheltering from US efforts to extradite him on espionage charges.

In a separate article on The Intercept this afternoon, Greenwald, who has been in a public war of words with Mr Key over his mass surveillance claims since arriving in New Zealand last week, gave further detail.

Greenwald, who is due to address tonight's meeting, said the project to implement mass surveillance was code named "Spear Gun".

The first stage, which was tapping into New Zealand's main submarine data link -- the Southern Cross Cable -- was implemented at some point in 2012 or early 2013.

Mr Key today acknowledged the GCSB had indeed tapped into the cable, but for the purposes of a cybersecurity programme.

However, Mr Key said concerns the project would be perceived as mass surveillance led to it being scaled back to a much narrower programme.

But Greenwald wrote the that in the second phase of Spear Gun, "metadata probes" were to be inserted into the Southern Cross Cable.

"Surveillance probes of this sort are commonly used by NSA and their partners to tap into huge flows of information from communication cables in real time, enabling them to extract the dates, times, senders, and recipients of emails, phone calls, and the like."

Greenwald said the technique was "almost by definition a form of mass surveillance".

Watch - Key: Spy claims relate to trading partners?

Video

It was a step too far'

But Mr Key says problems with the GCSB over its unlawful spying on Mr Dotcom and controversy over metadata were part of the reason he pulled the pin on a proposal for widespread cyber monitoring by the agency.

He said work on the business case began in March or April 2012 and later that year revelations of unlawful spying on Dotcom and other issues with the GCSB emerged.

Mr Key said the Government had told the GCSB to stop its work in March 2013 before it had even presented its business case. That was after the Kitteridge Report found wider problems with the agency including potential unlawful spying and confusion over how it could use metadata.

He said that report identified weaknesses in the agency.

"When we had a look at it, we believed the way it would be interpreted by some people would be as mass surveillance. In fact, it's not -- it's protection of people's data. But when we saw that we took the view that on balance it was a step too far."

He said the system was scaled back so it was placed only on specific entities in the public sector -- including Treasury and the Reserve Bank. It had also been installed for some private companies which had requested it. Mr Key said the GCSB remained convinced that the wider system was best for cyber security.

Mr Key said there had been no wholesale data collection even in the trial periods of that system.

"There never has been, either on a test basis or implemented, mass collection of data."

Mr Key said the capability the GCSB developed was "for want of a better term, a probe" to sit over the Southern Cross Cable.

"A test probe was built, but it was never used to collect wholesale metadata. But we never went ahead with the project, so it was never turned on."

Asked if he was declassifying the documents for pure political expedience rather than public interest, Mr Key said it was "a bit rich" to accuse him of political expedience given Dotcom and Greenwald were trying to "bamboozle" New Zealanders five days before an election.

"He came to New Zealand to have a gotcha moment and unfortunately for him the gotcha moment has evaporated before his eyes."

Mr Key said Greenwald had put himself into the political process by timing his revelations five days out from an election.

"We've declassified the Cabinet papers so people can see what we are saying is absolutely right."

The Kitteridge Report identified a further 87 cases of possible unlawful spying, resulting in a law change to clarify when the GCSB could spy on New Zealanders on behalf of other entities. The law change also clarified that the agency required a warrant to collect metadata in the same way as it would other information.

Mr Key said the GCSB would still argue that the first, broad approach was the best because it would protect New Zealanders from cyber risk.

"What they would have wanted was broad cable access to be able to run their equivalent of the Norton AntiVirus on all information coming to New Zealand, and what they've ended up with is that over specific entities."

Questions over law changes

Meanwhile, documents released from the Snowden archive raise questions about the reason for spy law changes made last year.

The documents released by Greenwald include an NSA memo detailing a visit to the United States by Roy Ferguson as director of NZ's Intelligence Coordination Group at the Department of Prime Minister and Cabinet.

The memo stated the visit took place on March 22 and was to "provide an update on legislation being proposed for the New Zealand Intelligence Community".

While noting the legislation would provide a "strong oversight component", the date of it jars with the Prime Minister's previous assertions the law change was needed to fix problems which emerged after the raid on Kim Dotcom.

Key announced the law changes almost a month later - in the wake of the Kitteridge report, which detailed the failures which led to the illegal spying on Dotcom.

And a timeline with the Kitteridge report shows that the report was delivered to government on March 29. Her recommendations - made after Ferguson's visit to the NSA - included proposing new legilslation which appeared to already underway.

While the Dotcom failures were linked to the law changes, other documents released by Greenwald showed the GCSB needed the new law to be passed to allow the mass surveillance plan to go ahead.

Timeline

2011: Cyber attacks on New Zealand.

Early 2012: GCSB starts looking at a mass protection solution.

April 2012: Cabinet approves GCSB working towards a business case.

September 2012: Illegal spying on Kim Dotcom admitted.

October 2012: Then-Cabinet secretary Rebecca Kitteridge reviews GCSB.

February 2013: NSA engineer specialising in cable tapping comes to NZ.

March 2013: GCSB draft review tells Key bureau's practices don't fit with the law. Key puts GCSB "mass protection" plan on hold.

April 2013: GCSB review made public raising concerns about illegal spying on Kiwis.

May 2013: Two new spy laws are introduced. Key says it stops mass surveillance, opponents say it allows it.

June 2013: Edward Snowden begins to divulge NSA documents, which include the GCSB cable-tapping plan.

August 2013: After months of public meetings and concerns over mass surveillance, the new laws pass.

- NZ Herald

Your views

Get the news delivered straight to your inbox

Receive the day’s news, sport and entertainment in our daily email newsletter

SIGN UP NOW

© Copyright 2016, NZME. Publishing Limited

Assembled by: (static) on production bpcf02 at 31 Aug 2016 06:06:53 Processing Time: 817ms