2015 has been a busy year for the intersection of privacy, security and intelligence.
I’m looking forward to welcoming the Acting Director of the GCSB, Una Jagose, to our regular Privacy and Technology forum this week on the topic of cyber-security in New Zealand.
In May, I introduced the Director of the SIS, Rebecca Kitteridge, before her address to the Identity Conference on the topic “Is the NZSIS interested in you? Privacy in the security world”. The text of her speech can be found here.
In July, I was invited to address the annual conference of intelligence professionals and gave a speech about “Privacy versus Security: the False Dichotomy and the Myth of Balance”. I talked about the importance of appropriate oversight and accountability for secretly used powers, and challenged the commonly asserted idea that security and privacy are values that can be traded off against each other. The full text of the speech is here.
I’ve blogged here about my oversight role of the SIS and the GCSB. These agencies aren’t subject to the same complaints processes as other government agencies, but citizens do have the right to seek access to any personal information that they may hold, and to seek to have that information corrected (principles 6 and 7 of the Privacy Act). My office can carry out a review of access and correction complaints.
In August, my office made a submission to the Independent Review of Intelligence and Security and I was invited to talk to the reviewers, Sir Michael Cullen and Dame Patsy Reddy, about how the legislation governing the SIS and the GCSB might be improved.
One of the questions the review is grappling with is what forms of communication should be considered to be “private” (and need a warrant to be intercepted) and whether some communications may not need the same level of privacy protection. A live issue for the review is how metadata should be treated.
Our submission makes five key recommendations:
The full submission is here.
So far I’ve seen thoughtful submissions from the Law Society, Amnesty International and the Human Rights Foundation, and Internet NZ.
They make for interesting reading and I hope the reviewers find them useful. They also raise some important issues for public debate.
Issues about privacy, surveillance and national security are also raised in recent Law Commission reviews.
Our submission to Extradition and Mutual Assistance in Criminal Matters is here.
Our submission to National Security Information in Proceedings is here.
New Zealand is not alone in examining the powers and controls on intelligence agencies.
There are a number of recent reports from Britain, the Netherlands, Canada and the United States that analyse the current problems and recommend a range of solutions.
The Dutch Review Committee on the Intelligence and Security Services has put its finger on one key weakness - the limits of national oversight in a security environment that increasingly relies on intelligence sharing across national borders. They’ve called this issue “the accountability deficit”.
This is one of the issues that I’ll be discussing with international colleagues at next month’s International Conference of Data Protection and Privacy Commissioners in Amsterdam. Cheryl Gwyn, New Zealand’s Inspector-General of Intelligence and Security, will be presenting to the conference and it will be an opportunity for her and I to hear and share insights with comparable oversight agencies in other jurisdictions.
Clearly more thinking still has to be done on how we equip our intelligence agencies to protect the State, without sacrificing individual human rights.
It’s an important question for our time and one that deserves the ongoing critical attention of the public and Parliament.