The Security Intelligence Service Director General, Rebecca Kitteridge, has revealed that the agency has partnerships with other overseas intelligence agencies beyond its Five Eyes partners.
But a report into the Christchurch Mosque massacre published this week shows that at home, it is struggling to get basic data-sharing arrangements with key agencies like the Police and Immigration Department.
And increasing oversight of its activities suggests that the SIS is in danger of being strangled in red tape.
Kitteridge appeared before Parliament’s Intelligence and Security Committee on Wednesday evening and was responding to a question from National Leader Judith Collins about how the Five Eyes alliance worked.
The Alliance; the US, Canada, United Kingdom, Australia and New Zealand was established through a secret agreement between the UK and the US in 1946, and New Zealand joined in 1956.
Kitteridge said Five Eyes was “incredibly important to the New Zealand intelligence community generally,”
“SIS receives a lot of leads about a whole range of different types of national security threats from partners,” she said.
“But it’s not just that partnership.
“We also have relationships with a range of other security intelligence agencies around the world and including in Europe and Scandinavia and South-East Asia and so on.”
The publication, also this week, of the full Aoraki Review of the SIS’s performance before the Christchurch terrorist attack also confirms the other partnerships,” the Review says.
“NZSIS is a net beneficiary and a longstanding member of the Five Eyes group of security and intelligence agencies, but it has growing relationships with partner organisations around the world,” it says.
But then there is a brief segment which has been redacted with the comment: “Information about international partners.”
The Review carries on.
“Via NZSIS, international partners provide the Government with insights on global trends and developments which increasingly stand to impact New Zealand and New Zealanders.
“The global nature of modern national security threats and New Zealand’s unprecedented connectedness to the world will almost invariably see global trends become domestic issues.”
Then, another redaction: “Describes international partner reporting.”
And the Review carries on describing how the partners assist New Zealand with intelligence-gathering technology.
“NZSIS’s international counterparts also provide access to unique and sophisticated capabilities and technologies ordinarily well beyond NZSIS’s means, offering the Government both significant capabilities and savings,” it says.
But if the SIS has a useful relationship with its overseas partners, it appears it has not been able to achieve the same level of co-operation with its principle New Zealand partner, the Police.
The Aoraki Review says the relationship with the Police is increasingly positive and productive.
But it adds: “However, the present state of co-operation between the NZSIS and the NZ Police falls short of the true partnership.”
The Review says the partnership is constrained by three factors; Cultural hurdles, technical barriers and legal constraints.
A lengthy segment on cultural barriers has been redacted. But a key area of co-operation should be data sharing.
Kitteridge told the Select Committee that data analytics was a“definitely extremely helpful method of connecting the dots that we need to connect.”
“Having said that, I am aware that this is a subject that needs proper discussion,” she said.
“It’s not something that I would be wanting to surprise the public with.
“I think that as we develop this area of investigative capability, we need to make sure that we have thought through and been quite public about the data ethics aspects of this.”
In the meantime, it appears from the Aoraki Review that the SIS’s hands are tied, certainly in its relationship with the Police.
“Despite the Intelligence and Security Act (of 2017) providing for NZSIS to negotiate direct access agreements for access to certain databases with specified agencies, not all of these are currently in place,” it says.
“In particular, there is no direct access agreement with the NZ Police.
“Direct access to information, particularly police information, is crucial in the context of counter-terrorism due to the importance of being able to act on leads quickly.”
The Review says the access should be moved forward as a priority.
But the Review then points out that the SIS legislation allows the SIS to negotiate direct access to the NZ Police database only be for “financial intelligence information” or ‘information about people and locations identified as posing a possible physical threat to GCSB or NZSIS employees.
“There is no broad provision for accessing this information for purposes such as to assist NZSIS to fulfil its statutory functions or for counter-intelligence purposes,” the Review says.
Otherwise, the legislation allows the SIS to access data from the Ministry of Internal Affairs’ Births, Deaths and Marriages, from Customs and from Immigration.
There were, however, significant constraints on what material could be access.
The Aoraki Reviewers were able to search the Immigration Department’s database to see if it held any information on the Christchurchurch shooter as part of this investigation as to whether the SIS should have known in advance about him.
“The search did highlight 32 travel records were inaccessible to NZSIS’s investigators due to the constraints of NZSIS’s direct access agreement with the Ministry of Business, Innovation and Employment (which is responsible for Immigration New Zealand), As (the perpetrator) was not a person of interest to NZSIS prior to the attack he did not trigger advanced passenger processing (APP) alerts to inform NZSIS of his travel,” it says.
“Moreover, hits only recorded the check-in for flights to or from New Zealand and retained his passport details for immigration purposes.
“The data on (the perpetrator) was no different to that collected on all international airline passengers.”
The Review recommends that the legislation be changed to allow the SIS to add databases to its access list.
As a consequence of a review of the security agencies in 2015 by Sir Michael Cullen and the present Governor-General, Dame Patsy Reddy, legislation in 2017 not only limited the use the SIS could make of other Government databases but also imposed tougher oversight on the activities of the SIS.
An indication of how tough (or even, possibly, suffocating) this oversight has become is revealed in the Aoraki Review with its discovery the average length of the 21 (interception) warrants NZSIS applied for between June 2018 and May 2019 was 29 pages, with an average of 12 pages setting out the intelligence case and an average of 31 reference documents attached per application.
“This amounts to a significant body of work by the Intelligence Directorate, Legal, and the Director-General; and of course, an application and folder of intelligence references of this size requires a significant amount of review time for the Minister and the Commissioner,” the Review says.
“The Review understands that the length of the warrants has grown over time since (the 2017 Act) came into force, at least partly as a result of NZSIS seeking to conform with Crown Law advice and prevent criticism of NZSIS during a subsequent review of the warrant application by the Inspector General of Intelligence Services.”
The Review would seem to suggest that this level of oversight has introduced tension between the Inspector General and the SIS staff.
A section on the “staff view regarding Inspector General and impact on NZSIS activities” has been redacted, but political sources with knowledge of the SIS’s work have previously suggested to POLITIK that the activities of the previous Inspector General, Cheryl Gwyn, had led to some frustration among SIS officers.
The Review said: “The Inspector General considers that the agencies have struggled to respond to the more extensive and persistent oversight that has been required of them in the last five years, both in terms of adequately resourcing their response to oversight and in dealing with what close scrutiny requires of them in practice.
“ In the Inspector General’s view, complaints within NZSIS that oversight created uncertainty, or imposed ambiguous or unworkable demands, reflected Service staff dislike of oversight, reluctance to change their practice, and/or lack of the wherewithal to make the changes required.”
The Aoraki Review was not even mentioned at the Select Committee Annual review on Wednesday.
But the Minister in Charge of the security agencies, Andrew Little, was critical of the level of the public debate generally about the agencies after the Select Committee hearing.
“With all due respect to some of the organisations you guys (journalists) represent, the public debate as expressed in some of our media outlets isn’t actually, in my view certainly, not very well informed, and it’s not a particularly mature attitude towards a very difficult function of government, which is security and intelligence,” he said.
“You can’t just focus on little bits that give you a media headline; you’ve got to look at everything.
“The way we have a debate about security and intelligence is not to focus on the titillation, but to actually look at everything that’s going on.”
There is certainly now enough background information in the public arena to conduct that debate.