Thursday, February 20, 2014

The GCSB lied to Parliament

As a government agency with highly intrusive powers, the GCSB is legally required to report annually on its use of those powers, specifically on how many wiretaps and computer hacks it has been performing. But last year, they lied, massively under-reporting the extent of their spying:

In the Government Communications Security Bureau’s Annual Report for the year ended 30 June 2013, there are errors on page 22 of the report relating to the number of warrants and authorisations.

The error is because of record keeping and we reported the number of operations rather than the number of warrants. This means if there was more than one warrant or authorisation for an operation there has been an under count.

Russel Norman has a picture of the errata compared to the original here. The differences are significant - an understatement of a third on interception warrants, and almost a half on access authorisations. And it raises some interesting questions:
  • Firstly, how many times has this happened before? Has GCSB's statutory reporting to parliament been lies all along?
  • Secondly, if the GCSB are such muppets that they can't even count properly, why should we trust them with our privacy?
  • Thirdly, a false statement in an annual report is a formal lie to Parliament. Will anyone at the GCSB be held accountable for it?
The third one is important, and goes to the heart of GCSB's accountability. Are they above the law, or subject to democratic control through Parliament? Sadly, I think our weak government will let them get away with it - again.