Re: New Zealand Spy Agency To Vet Network Builds, Provider Staff

[Owen DeLong <owen () delong com>]

While I applaud NZ being open and honest about it, I do think that they have gone quite a bit further than the NSA and 
that their proposal is far more damaging.

Owen

On May 13, 2014, at 2:25 PM, Patrick W. Gilmore <patrick () ianai net> wrote:

> Exactly. They just broke in and left a trail of open doors behind.
>
> Again, not saying either is good, just saying at least NZ is being "above board".
>
> -- 
> TTFN,
> patrick
>
> On May 13, 2014, at 14:01 , Owen DeLong <owen () delong com> wrote:
>
> > I didn’t see the NSA telling us what we had to buy are demanding advance approval rights on our maintenance 
> > procedures.
> >
> > Owen
> >
> > On May 13, 2014, at 9:34 AM, Patrick W. Gilmore <patrick () ianai net> wrote:
> >
> > > Don't get me wrong, I'm not a fan of this. But at least they did it in the open, unlike the NSA (where you live).
> > >
> > > -- 
> > > TTFN,
> > > patrick
> > >
> > > On May 13, 2014, at 12:12 , Owen DeLong <owen () delong com> wrote:
> > >
> > > > Yep… If I had infrastructure in NZ, that would be enough to cause me to remove it.
> > > >
> > > > Owen
> > > >
> > > > On May 13, 2014, at 6:33 AM, Paul Ferguson <fergdawgster () mykolab com> wrote:
> > > >
> > > > > -----BEGIN PGP SIGNED MESSAGE-----
> > > > > Hash: SHA256
> > > > >
> > > > > I realize that New Zealand is *not* in North America (hence NANOG),
> > > > > but I figure that some global providers might be interested here.
> > > > >
> > > > > This sounds rather... dire (probably not the right word).
> > > > >
> > > > > "The new Telecommunications (Interception Capability and Security) Act
> > > > > of 2013 is in effect in New Zealand and brings in several drastic
> > > > > changes for ISPs, telcos and service providers. One of the country's
> > > > > spy agencies, the GCSB, gets to decide on network equipment
> > > > > procurement and design decisions (PDF), plus operators have to
> > > > > register with the police and obtain security clearance for some staff.
> > > > > Somewhat illogically, the NZ government pushed through the law
> > > > > combining mandated communications interception capabilities for law
> > > > > enforcement, with undefined network security requirements as decided
> > > > > by the GCSB. All network operators are subject to the new law,
> > > > > including local providers as well as the likes of Facebook, Google,
> > > > > Microsoft, who have opposed it, saying the new statutes clash with
> > > > > overseas privacy legislation."
> > > > >
> > > > > http://yro.slashdot.org/story/14/05/13/005259/new-zealand-spy-agency-to-vet-network-builds-provider-staff
> > > > >
> > > > > FYI,
> > > > >
> > > > > - - ferg
> > > > >
> > > > >
> > > > >
> > > > > - -- 
> > > > > Paul Ferguson
> > > > > VP Threat Intelligence, IID
> > > > > PGP Public Key ID: 0x54DC85B2
> > > > > -----BEGIN PGP SIGNATURE-----
> > > > > Version: GnuPG v2.0.22 (MingW32)
> > > > > Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
> > > > >
> > > > > iF4EAREIAAYFAlNyHw4ACgkQKJasdVTchbLwDgD/WVHo2iTapJ90l8MRcwUZ5OQ7
> > > > > QfJ5cI1v4t2bUXZp1hQBAKHCP0hyxg6naGOzRLt/vHjgxXnl3+yiWoj0ENxQyIr9
> > > > > =0yLu
> > > > > -----END PGP SIGNATURE-----