Our national security and intelligence agencies have committed to being more open and transparent. But recent revelations that the Security Intelligence Service has been secretly accessing CCTV cameras across Auckland raises uncomfortable questions about intrusion and has the potential to erode public trust.
“It seemed like a huge own goal.”
That’s how NZ Herald reporter David Fisher describes the revelations the New Zealand Security Intelligence Service (SIS) has been remotely accessing – with the ability to control and manoeuvre – CCTV cameras in Auckland City. It has had “round the clock access” to the network of cameras, thought to belong to Auckland Transport.
As a reporter who has extensively covered the country’s security intelligence agencies, and a member of the Inspector-General of Intelligence and Security reference group, Fisher has watched the agencies rebuild themselves from what can only be described as “a shambles” seven years ago, to functional organisations looking to improve transparency and gain public trust.
That’s why this regression to the practices of yesterday’s shut-off spy agencies seems like an unnecessary breach of trust.
A review from the Inspector-General of Intelligence and Security (IGIS) found the service’s remote access and control of the CCTV cameras lawful. The watchdog said the surveillance was targeted, and in most cases the people being watched were either SIS employees undertaking field surveillance, or the people for whom they had warrants to surveil. The cameras were not being used to carry out mass surveillance.
But that report revealed some concerning aspects of the surveillance.
The service’s memorandum of understanding with the CCTV operator was reached prior to a significant law change in 2017, and the MOU was not subsequently updated. This left the agreement on an uncertain legal foundation. Prior to the IGIS review, the SIS had not sought advice from Crown Law on this issue. And while a privacy impact assessment had now been completed, again, that came as a result of the review.
IGIS Brendan Horsley said CCTV could be a valuable tool for intelligence operations, as it had been for law enforcement for some time. “But any misuse or overuse would be a significant, unreasonable and unnecessary erosion of privacy.”
Horsley said there was potential for CCTV to be used in an overly intrusive and unnecessary manner, and he would continue to monitor the service’s access to, and use of, CCTV for lawfulness and propriety.
Then there is the issue of the lack of public disclosure around this highly sensitive surveillance method.
Horsley said when he began his review, the mere fact the SIS used CCTV was classified, which would have prevented any meaningful public report.
The SIS agreed the use of this technology did not need to be classified, which Horsley said was “a welcome and sensible acknowledgement in the interests of better informed public debate”.
But this gets to the heart of an ongoing debate regarding transparency versus classification. A 2018 review from the previous IGIS found overclassification continued to be an issue, and recommended a simplification of the classification system.
Horsley said he recognised the need to keep many operational activities and techniques classified in the interests of New Zealand’s security “On the whole I think the balance between transparency and legitimate classification concerns is still slightly skewed towards over-classification,” he told The Spinoff.
The agencies were rightly protective of compromising their operational abilities, he said. “However, there are areas where I think more consideration could be given to disclosing activities for the benefit of informing the public. Over classification is the enemy of transparency.”
New Zealand experienced a spying zeitgeist in 2013/2014, after the security and intelligence agencies were sprung for illegally spying on Kim Dotcom. At the same time, the Edward Snowden saga was playing out globally, and the government made significant changes to communications surveillance legislation, all of which culminated in protests and a packed Auckland Town Hall meeting. This was followed by an overhaul of two under-resourced, under-funded, outdated, siloed and cagey (to put it mildly) agencies.
Since then, head of the Government Communications Security Bureau (GCSB) Andrew Hampton and SIS head Rebecca Kitteridge have committed to being more open and transparent. And by all accounts they have been.
But every now and again, they’ve fallen back into old patterns, such was the case when the SIS was called out over how it accessed the customs database, and the way it sought information from banks, now it’s the CCTV cameras.
These types of operations don’t sit well with people, Fisher said. They naturally raise questions around personal privacy and mass surveillance, such as whether facial recognition and number plate identification technology is being used. As well as what other databases and systems in the public and private sector are being used to surveil people in New Zealand.
“There has been a public concern about the spies and how their work intrudes on the day-to-day lives of New Zealanders,” Fisher said. “When things like this emerge, it feels to me as if it’s a breach of trust.”
While the SIS may not have had a legal imperative to publicly report the remote access and control of thousands of cameras that had the ability to engage in mass surveillance, they did have a moral and ethical imperative, he said.
Kitteridge is aware of this. In addition to the work that’s taken place in the GCSB and SIS during the past seven years, she has recommitted to transparency, and building public trust – particularly the trust of specific, minority communities – following the Royal Commission of Inquiry into the March 15 attacks.
But the head spies were stuck, straddling two worlds, Fisher said.
“As the agencies tried to walk into that future, they had a bit of a ball and chain in terms of those people that have been working with those agencies for decades… We’re always watching the leaders of those groups trying to work out whether they’re skewing towards more openness, and greater accountability and more disclosure, or whether they’re being captured by that old guard.”
In the case of the CCTV developments, Kitteridge was caught asking forgiveness, when the SIS could have quite easily sought permission prior to beginning its CCTV operations in 2017.
Perhaps this is why the SIS response to the IGIS report felt out of sync with public-facing, proactive communications Kitteridge has undertaken in recent years. The headline of the press release struck an Orwellian tone: NZSIS use of CCTV helps keep New Zealanders safe. The rest of the statement addressed the IGIS findings and recommendations, and not much more.
The minister in charge of the country’s spy agencies, Andrew Little, said he was comfortable with the way the SIS had accessed and used CCTV footage.
Little told The Spinoff he didn’t think New Zealanders would be surprised to hear the SIS accessed CCTV footage. But they wanted to know there were checks and safeguards in place. “We do have this funny, mixed thing about our security and intelligence agencies – sometimes we want them to be across absolutely everything, which they can’t do because technically they can’t; and equally we want them not to be so intrusive and overbearing.”
Like others, he encouraged continued scrutiny from watchdogs and the public.
“It is always difficult with intelligence and security agencies, who necessarily need to do their work in secret. But nevertheless, when they live in a democracy like ours, citizens need to be protected against overreaching use of powers, so there is a complex balancing act to get that right.”
He believed the balance between the two was “reasonably OK”.
Little and Horsley both pointed to work currently being undertaken to increase the amount of public reporting the agencies did to parliament’s security and intelligence committee. There was also an upcoming review of the Intelligence and Security Act, which would open a discussion in this area.
Meanwhile, the agencies would continue to try and build general transparency and public trust, through things like diverse recruitment, improved public reporting, media interviews, and discussions prompted by further IGIS reviews.