Fresh disclosures about new surveillance laws in New Zealand have served to fuel a nationwide round of protests that kicked off over the weekend with a rally outside the home of Prime Minister John Key.
Vikram Kumar, the chief executive of Kim Dotcom's Mega "privacy company", which is developing a new secure email service, revealed new details about planned surveillance laws ahead of a scheduled Town Hall protest in Auckland.
Protestors filled the Town Hall to hear a series of opponents to new and expanded spy powers. They included Kim Dotcom, unionists, indigenous rights activists, lawyers, and politicians.
Kumar said that when the Telecommunications (Interception Capability and Security) Bill ("TICS Bill") becomes law, the New Zealand government plans to issue secret orders to force non-telco service providers, such as email, chat, and online voice services, to create interception capability for surveillance.
Kumar posted documents on Scribd that he said show such that ministerial directives will be used to "secretly impose an obligation to create interception capabilities by individually named service providers (referred to as 'deem-in' but what I call a backdoor) 'so as not to publicly announce a lack of capability in a particular service'".
"This has been approved by Cabinet, and is therefore official government policy," Kumar wrote on the National Business Review website.
"What's not clear is if the mechanism of a ministerial directive will also be used to gag the service provider? Or is the secrecy merely a guise to allow compliant service providers to pretend they haven't been forced to create a backdoor for the government?"
Protest actions focus on two pieces of legislation, the TICS Bill and a Government Communications Services Bureau Bill, both of which opponents fear will expand intelligence surveillance powers to legitimate internal political activism, away from foreign threats, and undermine the integrity and privacy of online communications.
"The government is therefore going to be using secret orders to specific service providers directing the creation of interception capability, allowing real-time access by surveillance agencies," Kumar wrote.
Officials defended the measures, saying confidentiality that they are necessary, and protections are in place for companies required to provide assistance to the GCSB.
John Key has also defended the law changes, saying he would resign if GCSB undertook mass surveillance.
At the Auckland protest, lawyer Rodney Harrison QC outlined the extensions of power in the Bill, which removes a prohibition on GCSB that prevents it from spying on New Zealanders. It also, he said, includes a definition of infrastructure that embraces all forms of data systems, including content.
Harrison said that surveillance under the new law is not restricted to targeted intercepts, as access authorisations can apply to infrastructure classes as well as individuals.
"John Key may care about the kind of economy he leaves behind," Harrison said, "But he does not care what kind of society he leaves behind."
Best estimates are that the GCSB Bill has a majority of one in parliament, and ironically, that one is an MP called Peter Dunne who was himself a victim of spying.
Kim Dotcom told the full house that he first discovered he was being spied on when his internet connection slowed by 20 or 30 milliseconds.
"As a competitive gamer, I noticed," he said to laughter.
Dotcom promised that his upcoming extradition case, following the closure of his Mega Upload file storage service and police raids on his mansion, would function as an independent enquiry into how surveillance has been conducted.
Kumar's revelation appears to echo disclosures by NSA whistleblower Edward Snowden about interception in the US, the UK, and elsewhere that ignited a round of concern among digital freedom activists, civil libertarians, business media, and software and online service providers.
New Zealand, along with the United States, Canada, Australia, and the UK, is a member of the "Five Eyes" surveillance alliance of English-speaking countries. Snowden's revelations about the PRISM and X-Keyscore internet surveillance system, for instance, indicated that servers are based at one site in New Zealand and four in Australia.
The Waihopai spy base in the South Island of New Zealand has previously been the focus of attacks, and was damaged by protesters in 2008.
Dotcom told the Town Hall crowd that his data ended up in PRISM, able to be accessed by Five Eyes members through X-Keyscore, which he described as "Google for spies".
"GCSB is part of it and it has access to the data of every New Zealander," he said. "There is absolutely no doubt about that."
Others expressed their concerns online.
"This goes a long way past 'making sure the data can be handed over to the authorities', which we're still unhappy with, and goes a long way out of my comfort zone, especially given the way international intelligence agencies are using their powers around the world," wrote Telecommunications Users' Association chief executive Paul Brislen in a blog post.
As seen elsewhere around the world, IT industry advocates suggested that there could be a commercial cost, and that the development of cloud computing could be a victim of such mass surveillance powers and capability.
(Thumbnail image: Shutz)