Gordon Campbell on the flawed inquiry into the Dotcom security breaches

Who watches the watchers? Putting in place effective oversight mechanisms for intelligence agencies is a chronic problem in Western democracies. Given the recent revelations of the illegal surveillance of Kim Dotcom and his associates by the GCSB (with the possible collusion of the SIS) the public is supposed to feel re-assured that an inquiry into these breaches will be carried out by former judge Paul Neazor, who is the current Inspector General of the Security Services. Yet as Brent Edwards pointed out on RNZ this morning, Neazor may well be in the interesting position of having to inquire into his own oversight failings with respect to the issuance of interception warrants.

Let me explain. On the website of the Security Intelligence Service, the watchdog role of the Inspector-General is defined in these terms: taken from the I-G’s guiding legislation:

The Inspector-General’s role includes enquiring into
any matter relating to the Service’s compliance with its legal obligations
the propriety of its actions, and
complaints about the Service.

The Inspector-General is specifically charged with reviewing the manner in which interception warrants are sought and acted upon by the Service, to ensure that all actions relating to warrants are proper and comply fully with the letter and spirit of the law

The fruits of that oversight are summarized to Parliament each year in the Inspector-General’s annual report. So…if the GCSB and the SIS managed to knowingly or accidentally break the law with respect to the Kim Dotcom surveillance, then why didn’t Neazor pick this up well before now – given that, as Edwards says, he makes regular visits to the agency’s offices to check its interception warrants, as mentioned in the GCSB’s 2011 report?

If part of the answer is that Neazor’s review of the relevant illegal surveillance timeframe hasn’t yet been fully and formally carried out, this only exposes a further problem with New Zealand’s oversight mechanisms – in that the checks and balances that ensure compliance with the law cannot be left until they become merely historical in nature. Surely, they have to occur at a point where the I-G can and does actively intervene to protect the civil liberties of New Zealand residents. So when did Neazor himself become aware of the GCSB breach – given that you would think that the question of whether Dotcom was a New Zealand resident would be the first and most basic check of the warrant’s legality?

As things stand, the oversight mechanisms for intelligence agencies in New Zealand could hardly be more threadbare. Parliament’s Security and Intelligence committee is notorious for meeting for anything from 40 minutes to a couple of hours a year at most, and none of its deliberations are reported to the public. The limitations of the Inspector-General’s office and its vulnerability to bureaucratic capture were highlighted during the Ahmed Zaoui case a few years ago. The role is essentially that of a sole inquisitor with no dedicated research staff, and the I-G has to specifically ask for any assistance and related funding from government if and when he needs it. As currently constituted, the office is not one vested with an independence and with sufficient in-house resources to inspire public confidence that any rogue activity by our intelligence agencies would be detected in a timely fashion. In practice, it entails a retired judge asking the head of the SIS or GCSB – what happened, chief?

In these circumstances, can the Dotcom inquiry possibly be adequate? John Key, as Minister of the relevant security services, can rest easy. Under the provisions of the Inspector-General’s guiding 1996 legislation, the I –G cannot for instance, look into any matters of Ministerial responsibility, or touch on anything that the SIS or GCSB consider to be operational matters. Here is how section 11 clauses (3-4) puts leg ropes upon the Inspector-General:

(3) In carrying out any inquiry in accordance with the provisions of subsection (1)(c)(ii), it shall not be a function of the Inspector-General to inquire into any action taken by the Minister.

(4) Except to the extent strictly necessary for the performance of his or her functions under subsection (1), the Inspector-General shall not inquire into any matter that is operationally sensitive, including any matter that relates to intelligence collection and production methods or sources of information.

Nor even then is the I-G given free rein, and the scope of disclosure to him during – and after – his inquiry is limited. If any other country or any other foreign agency or international organization might object to disclosure of information – or if the Minister feels the I-G’s inquiry might conceivably prejudice future co-operation or information flows with any foreign country agency or organization then that by law, is the end of the story. The potential tension between the Minister and the I-G is plain to see in the competing clauses at section 26, clauses 3-4). Section 3 says this:

Subject to subsection (4), where the Minister certifies—
(a) that the disclosure either to or by the Inspector-General of any security records or any other official information would be likely—

(i) to prejudice the security or defence of New Zealand or the international relations of the Government of New Zealand; or
(ii) to prejudice the entrusting of information to the Government of New Zealand on a basis of confidence by the government of any other country or any agency of such a government; or
(iii) to prejudice the entrusting of information to the Government of New Zealand on a basis of confidence by any international organisation; or
(iv) to endanger the safety of any person; and

(b) that such disclosure—

(i) should not be made; or
(ii) should be made only on such terms and conditions as are, in the Minister’s opinion, necessary in the interests of security,—
the Inspector-General shall act in accordance with the certificate.

So….if say, the FBI objects to disclosure, or the Minister feels they might object and thus endanger future relationships, the I-G is left – under clause 4 – with the fallback of interviewing only the head of the GCSB and SIS, and going no further. Therefore, when it comes to the I-G’s inquiry into the Dotcom breaches, we have a recipe whereby an under-resourced inquisitor who could well be restricted – by law and by Ministerial direction – to talking merely to the head of the GCSB and SIS, and taking their word for what happened.

That’s a worry, right? Because what the Zaoui case revealed was the institutionalised credulity of the intelligence agencies, and their analytical inability to filter the intelligence traffic emanating from their brother agencies overseas. (This intelligence traffic, by its very nature, includes hearsay based on third or fourth hand allegations.) Plus, once they had made palpable mistakes, the SIS became ever more intent on defending to the death their original miscalculations. The alacrity with which the GCSB (and it silent partner, the SIS) acted on the FBI allegations against Dotcom would suggest that it has learned nothing from the Zaoui affair, and is still inclined to jump to conclusions of guilt and offer assistance whenever an ally singles out a target. That culture of gullibility – and the related willingness to surrender our autonomy to the wishes of our friends and allies – seems endemic within our security services. (Under the current government, it has tended to be a hallmark of our diplomacy as well.) For all of these reasons, the inquiry by the Inspector-General into the Dotcom breaches is almost guaranteed to be inadequate.