Did New Zealand Spooks Tap Into PRISM To Spy On Dotcom?

from the suggestive dept

As Techdirt has reported, the attempts to extradite Kim Dotcom from New Zealand to the US have turned into one of the most catastrophically bungled legal cases in a long while. One of the biggest scandals to emerge was that New Zealand citizens had been wiretapped in an effort to gain evidence against Dotcom, since domestic spying was forbidden there just as it is in the US (oh, wait...). Unfortunately, rather than rapping knuckles and telling the local spooks not to do it again, the New Zealand government has instead just brought in new legislation to make it legal in the future.

But it seems that the revelations in the Dotcom case aren't over yet. A story on the Australian site ITnews drawing on a blog post by Keith Ng has the following remarkable claim: Police affidavits related to the raid on Kim Dotcom's Mega mansion appear to show that New Zealand police and spy agencies are able to tap directly into United States surveillance systems such as PRISM to capture email and other traffic. Here's why Ng thinks that's the case. On page 13 of the Kim Dotcom affidavits (pdf), which have been released in a redacted form (and are embedded below), there is a request from the Organised and Financial Crime Agency New Zealand (OFCANZ) to the Government Communications Security Bureau (GCSB), New Zealand's signals intelligence unit, to "conduct SIGINT analysis against persons associated with Mega Media Group" -- notably Kim Dotcom.

The police then provided a list of what page 19 of the affidavits calls "selectors" -- precisely the word used by the NSA for PRISM search terms. Page 17 contains some more tantalizing hints of what is going on, as Ng explains: The selectors were entered into █████, in an email classified as "SECRET//COMINT//REL TO NZL, AUS, CAN, GBR, USA". In other words, the selectors were entered into a secret communications intelligence system, and this secret system was considered related to Five Eyes "Five Eyes" is the cosy club of Anglo-Saxon countries -- US, UK, Canada, Australia and New Zealand -- that form a kind of inner circle for swapping surveillance information. It's probably fair to say that these documents don't constitute cast-iron "proof" that the New Zealand police drew on information from PRISM supplied through the Five Eyes collaboration, although it is certainly consistent with that. However, what this does show without doubt is that Kim Dotcom's case was being discussed with New Zealand's spy agency in the context of the Five Eyes group.

At the very least, this demonstrates the completely disproportionate lengths to which the New Zealand government was prepared to go in order to try to obtain evidence against Dotcom for a case that was essentially about alleged copyright infringement. It may even be the first indication that PRISM's global surveillance system is also being deployed in areas that have nothing to do with terrorism or serious threats to the US or its citizens.

Follow me @glynmoody on Twitter or identi.ca, and on Google+

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community. Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis. While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: kim dotcom, new zealand, prism, privacy