Google, Microsoft claim proposed NZ spy law threatens IT industry

Google and Microsoft have slammed a proposed bill that would compel United States providers to assist New Zealand agencies with interception as potentially harmful to the country's IT industry and incompatible with international privacy laws.

Microsoft NZ corporate affairs manager Waldo Kuipers said at a select committee hearing on the Telecommunications Interception Capability and Security (TICS) bill that the proposed new law was similar to British 19th century legislation that required a person to walk in front of motor cars, waving a red flag.

Such law left Britain's car industry at a disadvantage to United States and German competitors for the next thirty years, and Kuipers said TICS, which would introduce legal powers to demand that innovative new products and services in NZ behave more like analogue phone calls for ease of interception, could hamper the country's IT industry in a similar manner.

In his oral submission, Kuipers said the existing interception law had limited the the availability of service offerings in New Zealand.

"While we expect that it may well have enabled surveillance of some additional services offered by network operators, we know that the current legislation has already caused network operators to not offer services that would have been beneficial to New Zealanders and their businesses," Kuipers said.

Asked if the existing 2004 legislation was to blame for Microsoft not establishing an instance of its Azure cloud computing and storage platform in New Zealand, Kuipers told iTnews local legislation factors in when a large provider such as Microsoft weighs up whether or not to establish a cloud presence in country.

"It's true that local laws and conflict of laws issues will be part of what any major service provider considers before setting up in a new country," Kuipers said.

Kuipers also pointed to TICS being incompatible with overseas privacy legislation.

"For example, the Electronic Communications Privacy Act (ECPA) in the US would generally prohibit a US-based provider from complying with New Zealand interception warrant.

"If the proposed law leads to a situation where a US-based provider must choose between breaking New Zealand law, and breaking US law, the provider may in effect be forced to withdraw a service from New Zealand," Kuipers said.

Google warned in its submission that the new law threatened economic growth, which according to a McKinsey research report is increasingly IT-based, accounting for a fifth of gross domestic product expansion in 2011.

Ross Young, Google's NZ head of public policy and government affairs, said while law enforcement should have effective methods to address crime, these should be proportional to the impact on citizens and companies.

"We believe that narrow, targeted, proportional rules should always be preferred over blanket rules that the potential to infringe on civil liberties and constrain economic growth," Young said.

Young said TICS would require internet providers outside New Zealand to intercept services and provide the contents of people's emails to local law enforcement and security officials.

Under ECPA a provider is not permitted to disclose the contents of users' communications to law enforcement outside the United States, without a warrant from an American agency or court that has jurisdiction over such matters.

"Unless the bill is amended, overseas providers could be left in the position of having to breach either the bill or the privacy laws in their home jurisdiction," Young said in his submission.

Instead of compelling internet providers to intercept traffic, Google said New Zealand should consider entering into a Mutual Legal Assistance Treaty with the United States that would provide a proper process to handle such surveillance requests.

Minister rallies behind new law

NZ communications minister Amy Adams dismissed the submissions from Google and Microsoft, accusing the internet giants of presenting 'misinformation' according to Fairfax News.

According to Adams, telcos would benefit from TICS by having only to deal with one spy agency over three, and the government would have to make a good case that it was warranted and feasible to impose the additional obligations in the proposed new law on internet companies.

Opposition communications and IT spokesperson Clare Curran noted that there had not been a single submission in favour or TICS.  

Ignoring warnings from the IT sector that TICS would have a chilling effect on overseas investment in New Zealand demonstrated "wilful ignorance" on Adams' part, Curran said.

Under the security provisions of TICS, telcos will have to submit any changes and new designs of their networks to the Government Communications Security Bureau (GCSB) for approval, something mobile provider 2Degrees told the select committee would push up its costs by at least NZ$1 million while slowing down decision making and potentially, preventing the telco from upgrading and making improvements.

Earlier this week, the Telecommunications Users Association of New Zealand criticised the vendor and equipment vetting provisions in TICS as having potential to keep out Chinese vendors such as Huawei in favour of United States ones.