Our electronic spy agency might be on the brink of a fresh Kim Dotcom-sized illegal spying scandal.

But the agency's minister Chris Finlayson isn't concerned - he says he's satisfied with the way the Government Communications Security Bureau investigated itself.

The prospect of a new GCSB scandal was raised in this week's annual report of Inspector General of Intelligence and Security Cheryl Gwyn.

In it, she said the GCSB had told her it had carried out an investigation into "a potential error in reporting of historical unlawful intelligence-gathering".


She said the style of illegality was "along the lines" of that raised in the Kitteridge Report - the 2013 Government inquiry into the illegal spying on German-born entrepreneur Kim Dotcom, which found 88 cases in which the powers of the GCSB had been used unlawfully.

In this fresh case, the GCSB identified the issue but stopped investigating when it found "further inquiry would be frustrated by poor past documentation and incomplete historical records".

The GCSB found there to be "no credible reason to suspect" that there had been additional illegal intelligence gathering. "On that basis there was no further audit or investigation."

The Herald sought comment from Finlayson, asking if he was concerned or had sought more information about missing records.

Finlayson did not answer any questions, instead supplying a statement which noted the GCSB had "self-reported and investigated this potential error".

"The Minister is satisfied with the steps taken by the Compliance and Policy Team in relation to this historical reporting matter.

"The GCSB has made significant improvements in relation to its compliance practices in recent years and the IGIS certifies that the GCSB has sound compliance procedures and systems in place."

Finlayson's endorsement of his agency and ruling out of further need for inquiry comes while Gwyn continues to consider whether further investigation was possible, and if so, necessary.


The GCSB's improvement in compliance came after the Kitteridge Report - so named because it was written by then-Cabinet secretary and current NZ Security intelligence Service director Rebecca Kitteridge.

She was called in to investigate the GCSB after it was caught out illegally spying on Dotcom and Bram van der Kolk, both wanted by the FBI on copyright charges. The GCSB had bungled the law which protected New Zealand residents and citizens from its powerful, National Security Agency-linked, spying technology.

In her report, Kitteridge noted the GCSB's flawed basis for operating inside the law. The bureau relied on a document called NZSID7 - the "NZ Signals Intelligence Directorate" rulebook which gave staff at the GCSB an operating guide to the law.

Kitteridge found that the document was rigidly adhered to by staff - but that it was filled with flawed understandings of the law. She wrote: "There have been many basic documents that I have been unable to find and that others have struggled to find for me."

Kitteridge also wrote that it was "unlikely that GCSB complies fully with the Public Records Act 2005".

Four years on, Gwyn's report said the GCSB investigation into the new potential illegal spying included a recommendation to check internal policies to make sure its record-keeping was in line with the Public Records Act and other laws.