Mega balks at proposed spy powers

Kim Dotcom
Kim Dotcom

Kim Dotcom's Mega online storage service has filed a submission with the law and order select committee, arguing that service providers should not be covered by new spy laws.

Chief executive Vikram Kumar said that, as drafted, the Telecommunications Interception Capability and Security Bill would let ministers single out individual businesses.

Mega could then be forced to comply with what he believed would be "unnecessary" demands from the Government Communications Security Bureau.

The bill, which had its first reading in Parliament last month, would force traditional telecommunications companies such as Telecom and Vodafone to provide technical assistance to the GCSB in its intelligence-gathering.

But it also contains discretionary powers that would let the Government extend the co-operation requirement to "over-the-top" communications services such as Mega, Google and Skype without going back to Parliament for approval.

Companies covered by the law could either be added individually or by class of provider.

Telecom has argued that restricting the compliance requirements to traditional network companies would create an uneven playing field with providers such as Google and Skype.

Mega said the bill would "throttle innovation" among existing operators and make others wary of coming to New Zealand because it would give the GCSB "power of veto" over New Zealand's telecommunications infrastructure.

Kumar said the proposed law change needed to be viewed in conjunction with the Government Communications Security Bureau and Related Legislation Amendment Bill, which would let the GCSB get warrants to spy on "classes" of people, rather than just named individuals.

He said it goes substantially further than the United States' Foreign Intelligence Surveillance Act (Fisa), recently the centre of controversy because of speculation surrounding the activities of the US National Security Agency.

The New Zealand law change would let the GCSB get warrants to spy on "classes" of people, rather than just named individuals, he said. "Secondly, it could get a warrants for things that are otherwise 'non-lawful'.

"The GCSB Bill puts into place the ability for the GCSB to do mass-surveillance. It goes substantially further than Fisa," he said.

Mega could face a conundrum if it was ever to fall within the ambit of Ticsa.

Business, Innovation and Employment Ministry adviser Brad Ward said last month that Ticsa's powers could be used to make companies invest in equipment and expertise required by law enforcement agencies to intercept and decrypt their customers' communications.

However, Mega said it could not decrypt its customers' communications as Mega's architecture, which is designed to protect customers' privacy and the company from copyright-abuse claims,meant it did not hold the necessary keys.

Mega said clauses in the Bill that dealt with those potential responsibilities required clarification.

"If it is intended that Mega or any service provider must decrypt its users material as part of assisting in the exercise of a warrant, then that is absolutely rejected," it told the select committee in its submission.

Kumar denied Mega's implementation of encryption represented a risk to national security. "The bad guys, the ones who are really of interest to the GCSB" would already be using even more secret forms of communication, he said. "All you are doing is spying on innocent people. It doesn't really make a difference."

The select committee is due to hold hearings on the telecommunications interception bill next month.

The Dominion Post