How to thoroughly mislead the public without lying once

My response to this Stuff article: New cyber-defence system for NZ


1. "If there is a cloud hanging over public trust in the GCSB it may be its involvement in the Dotcom saga."

Well yes, there is that thing of GCSB's illegal actions during the illegal targeting of a New Zealander, but most of the distrust is rather based on internal documents leaked by Edward Snowden showing what the GCSB has been doing: illegal mass surveillance, there is no doubt at all. And how private contractors in the US have casual, unaccountable access to the data gathered in New Zealand. Data including phone calls, emails and web browsing habits of ordinary Kiwis unsuspected of any crime.

It's also based on the Kitteridge report that found the GCSB had illegally investigated at least 88 Kiwis in the past decade, evidence which Prime Minister John Key called "pretty damning", but who then went on to pass the GCSB bill, which made those investigations retrospectively legal, and increased its sanctioned power to spy on New Zealand citizens without warrants.

So no, this goes far beyond the Dotcom saga.


2. "But he says the beefing-up of the resources of the Inspector-General of Security and Intelligence means the GCSB is now subject to "much more detailed oversight than was possible previously"."

Given there was practically no oversight before, and that it was in fact operating illegally for over a decade, that's not saying much.

We've yet to see if this oversight will provide real accountability. But in any case, the GCSB bill means that any oversight cannot consider there to be a problem with the spying that was previously illegal. Spying which violates our Bill of Rights, according to the NZ Law Commission, the NZ Human Rights Commission, and even a report from the UN Special Rapporteur. So this statement that there is now more oversight is extremely misleading.


3. a) Everything Fletcher says about this Cortex program is meaningless and cannot be validated so long as all the details are secret. The complete lack of transparency is insane. No-one can judge the program's effectiveness or how much it violates privacy, and these are both clearly in the public interest.

 b) How can a secret program justify public funding? It's not just covert operations, but an entire program that can't be understood, let alone evaluated. We are not fighting a war, despite the commonly used "cyberwarfare" rhetoric. Spying, commercial espionage and hacking isn't warfare; it should be obvious why calling it that is stupid, dangerous and leads naturally to escalation and rights violations.

 c) If knowing basic details would jeopardize security, then it's a poor program indeed. Either:

  1. it's introducing backdoors that actually reduce security (which the GCSB's main tool provider, the NSA, does as a matter of course), or
  2. it's relying far too much on security through obscurity. That strategy is only proving to be more and more useless as hackers get more sophisticated. Using continuously improving automated bug discovery tools and exploit blackmarkets, hackers - whether teenage idealists, organized crime, or foreign government spies - take advantage of security based on secret methods on a daily basis. Either that, or
  3. the GCSB doesn't want to subject the program to public investigation because it inherently involves mass surveillance.

 Most likely it's a combination of all three.

 

4. The Southern Cross cable was tapped, we know that from leaked documents - whether or not the tap is part of Cortex. Saying it isn't part of this project is irrelevant. In any case it doesn't even really matter whether or not the tap exists - we know the GCSB is tapping Internet traffic, if not there then in other places.


5. Even if the program is effective, is it worth the cost of increased secret powers and surveillance? This is the most crucial question, and reporters aren't asking it. So long as we don't know details, it can't be answered. Based on every Five Eyes program we do know about thanks to Snowden and others, the answer is almost certainly "no".


6. Even if the program is effective, why should the government be involved? Why should the government compensate for bad security? Do we think police should act as security guards for a select group of private companies? Perhaps the answer is yes, but it's a discussion that needs to be had.


7. This is not simply police guarding things. This is secret police having access to the private, personal data they are protecting from nameless enemies. This is secret police watching things happening online - like a camera watching someone's house, Internet surveillance can't collect only cybersecurity-related data, it also collects very personal data.


The GCSB and its foreign counterparts have shown time and again that they will abuse this data - and why not, when they never face any consequences for their abuse, instead getting new laws passed to legalize their crimes retrospectively?


(This post was originally posted to Facebook; see further updates and comments there)

Comments

Post a Comment

Popular posts from this blog

The end of Team New Zealand

Image
After tomorrow our government splits New Zealand in two along political, religious, and marginalised lines. And the conditions of that split have already escalated out of control. Two months ago  experts said domestic vaccine passports were unlikely; now they're practically everywhere, far beyond government orders, let alone the law. If this were the last blog post I ever made, it would be enough. Though I have so much to say about all this, I've said little, because I've been so discouraged since the first lockdown. I thought New Zealand believed in equality and non-discrimination. Turns out it was – in the vast majority of Kiwis – nothing but lip-service. I know most people don't understand why strict limits on power are necessary. What's happening now may make some realise - but most aren't even aware of what's happening now, which is what this post is for. Going by historical precedents, most still won't understand until it's far too late. But w
Read more

Why I cannot complete the census

Image
I'm going to not fill in the New Zealand census today, because I cannot do so honestly . By including a question that assumes a radical political-religious conception of gender, and by removing the ability to object or refuse to answer the question, Stats NZ has created a census that is invalid for me . In the famously repeated words of NZ's single source of truth, "I completely reject the premise of that question". Yes, it is an offence to not complete the census. But it is also an offence to supply false or incomplete information. So I am duty bound to commit an offence, one way or the other. This unprecedented stupidity applies to anyone who doesn't accept an ideology that didn't even exist until innovative child-mutilator and paedophile John Money invented it in 1955 . Interestingly he went to the same High School and University as I did. New Zealand academia, healthcare and Government continues to be at the forefront of genital mutilation and promoting
Read more

More Kiwis have been seriously injured by the vaccine than by Covid

Image
For many years Medsafe NZ has kept a database of reports of suspected reactions to vaccines. This one of its primary jobs, and it uses this data as an indicator of vaccine safety. This wasn't controversial. But for the covid vaccine, we have  reports like this  where Medsafe says the data they publish should not be used as a safety indicator. Despite this being the entire purpose of the database. Note that this is not a database of post-vaccination deaths and injuries, as implied in the article, but of injuries and deaths that are suspected to have been caused by vaccines. Yes it's likely that some of these deaths and injuries were coincidental. However it should be noted that it's impossible to demonstrate a reaction definitely was caused by a vaccine; this correlative data is the best we have at the statistical level – which is why it is kept. As of January 31st (the most recent report), Medsafe recorded 2,447 reports of suspected serious adverse reactions to the Pf
Read more