Future Tense

As Other Countries Try to Downplay Government Surveillance, New Zealand Is Ramping Up

The new workflow for ISPs.

Chart from TICSA.

Internet service providers in New Zealand have new surveillance legislation to comply with, and it makes it more obvious that big brother is watching. Meanwhile, governments in the United States, United Kingdom, and elsewhere are working to mitigate a similar image in the wake of revelations by Edward Snowden.

The Telecommunications (Interception Capability and Security) Act (TICSA) requires ISPs and other telecommunications services to register with New Zealand’s police force, and disclose how many connections they provide in total, how many customers they have, and what their geographic scope is. This is meant to allow law enforcement agencies to have unhindered access to customer data.

Under the new law, New Zealand’s Government Communications Security Bureau must also be notified of any infrastructure changes or major equipment purchases before they happen. Previously, ISPs and other telecom companies could make these decisions independently. ISPs will still be allowed to patch software and firmware, and make changes to things like power, air conditioning, and fire safety systems. As ITNews describes it:

From this month, the GCSB has to be notified of and approve proposed changes to a provider’s network operations centre, core network including gateways and interconnects as well customer databases and authentication systems.

If ISPs don’t comply they could be charged major fines. Last year the law was criticized by large tech companies like Facebook and Google, but as ITNews points out, the law does not exempt overseas operators. It’s a bold, and strange, step, given the international climate surrounding government surveillance right now.