The biggest problem with the proposed New Zealand Government Communications Security Bureau (GCSB) legislation is that its subject, the GCSB, is an anachronistic relic that creates more problems than it might solve.
Formed secretly in 1977 in close consultation with the United States NSA (National Security Agency), it is a node that networks with similar nodes in Britain, Australia, Canada and the United States. This cyber-network is known as the “Five Eyes”.
The proposed legislation would reaffirm and extend the GSCB’s roles in exchanging information with others in the “Five Eyes” network. So who, and what agendas, drive the Five Eyes?
The main driving force behind the Five Eyes is of course the United States. Driven by global-scale ambitions and sense of threat, the United States wants to be in a position to scrutinize any data-flows it can for their potential to further its interests or for security or criminal threats to itself. So it uses the most powerful new cyber technologies available to vacuum up comprehensive swathes of such flows created by almost anyone and everyone who simply makes a phone call, send a text or use the internet where this involves cables or uses databases located in the United States or elsewhere.
Other Five Eyes nodes feed into these vast suction processes. Notably, the British Government Communications Head Quarters (GCHQ) uses its own powerful cyber-monitoring tools to create its own massive pool of data, including flows from European nations. The NSA has an arrangement with the British GCHQ to take whatever information it might want from this pool, which does not leave the Europeans very pleased with either Britain or the United States.
The proposed New Zealand GCSB legislation needs to be read in the light of these pooling processes (cf an article, Five Eyes and Anachronistic Setup by Terence O’Brien, a former diplomat). Edward Snowden has named New Zealand’s Waihopi spy base as contributing to them. The biggest issue here is not so much whether these processes are legal or not (the Prime Minister insists they are). There are even bigger, underlying issues. These are that the GCSB feeds information into into massive, intrusive world-wide systems that operate beyond New Zealand’s control or knowledge, and in ways that are fraught with potential to damage his country’s reputation and interests.
The potential consequences of Five Eyes engagement need to be weighed very seriously. Unsurprisingly, the week-by-week release of NSA files by Edward Snowden detailing its operations and opening up controversies about their ramifications has been continuously putting cats amongst upset pigeons in Europe and around the world.
These upsets have potential implications for New Zealand’s international relations and trade. New Zealand is now seen by otherwise very friendly nations, including China and others in Asia, Latin America and Europe, to collaborate in a network that spies extensively on them. Indeed, China has also just become our biggest trading partner. As is stressed in other Village-Connections blogs, New Zealand needs to be in a position to communicate comfortably and sustain good diplomatic and trade connections with both China and the United States (along with many others). Consequently, it literally cannot afford to engage in activities that support one nation to act against the interests of the other(s). That was the stuff of the Cold War.
The Cold War is over, thank goodness. I have contended in several blogs how in a now globalizing environment the most constructive and effective contributions New Zealand can hope to offer are not as an anachronistic partisan, quasi-Cold War actor. I have argued that its most promising future lies, rather, in building up roles and communications channels as a valued and effective bridge-builder or communications-broker, including by helping to help develop new consensuses about matters of common concern.
So I consider the New Zealand Government would be well-advised set aside the nationally and internationally highly-divisive GCSB Bill. It could then give a much more useful priority to getting international conversations underway, with all nations and interests that would like to engage in them, about cyber-technology rules that all concerned can feel secure and comfortable with.
Again, I would like to recall how in previous blogs I have proposed that a small country like New Zealand that is remote from international hot-spots and has many excellent diplomatic connections with all kinds of countries, could be well situated to develop channels and and forums for such conversations. There are quite a few embassies in Wellington that could be encouraged to engage, both formally and informally in calm, deliberative, “diplomatic village” conversations in New Zealand’s capital city as something of a “Geneva of the Southern Hemisphere”. I have also asked whether and how Wellington’s Victoria University might assist.
Finally, to help develop an agenda for further discussion, I would like to offer some suggestions about the kinds of issues that might be usefully discussed.
1. The personal and social fulfillment that amazing cyber-technologies are bringing and can bring to intellectual, artistic, scientific, business and other fields, from local through to national and global levels.
2. The right to use cyber-technologies for the pursuit of such purposes not entangled in or encumbered by nation-state security agendas and apparatuses.
3. How, nonetheless to better understand the concerns and driving-forces that give rise to such entanglements, and to develop a range of constructive and acceptable ways of addressing such concerns.
4. To also look at how to begin introducing accountability into the way states engage in such activities, or build up systems to do so.
5. Accordingly, to also look into the practicality of establishing a regime of international data flows and services free of, or as free as is practically possible of, state or other monitoring (so that if there is any such monitoring for “legitimate” purposes, this is done at minimum needed rather than at maximal levels as at present).
6. Accordingly, further, where and to the extent that there is a need to monitor data flows for real or genuinely credible security or criminal threats, that this is done in terms of internationally defined rules and, as far as possible, overseen and implemented by some duly constituted, internationally accepted and accountable authority, possibly under United Nations auspices.
A truly impartial New Zealand that could host and help promote these kinds of discussions might also come to be seen as well situated to develop international data storage, processing and consultancy services that all could trust. (see Neutral venue for safe secure data services?)