Spies behaving badly
This weekend has seen revelations that some staff at the US National Security Agency (NSA) has mis-used the agency's massive surveillance apparatus to spy on love interests.
They even have a name for it - "LOVEINT" - the Wall Street Journal reveals ("int" being short for "intel" or "intelligence").
And a Bloomberg investigation reveals the NSA often ignored restrictions on domestic surveillance, and other guidelines.
For Auckland-based security expert Dr Paul Buchanan, the revelations come as no surprise.
Spying organisations and the people who work for them will always push the limits, he tells NBR ONLINE. He says that means legislation controlling security organisations should have tough oversight provisions - but he thinks they are lacking from the recently passed GCSB Act.
"The willful violations are symptomatic of the problems inherent in a business that trades in secret information," says the founder of 36th Parallel Assessments, who has worked at senior lecturer at Auckland University, and as a policy analyst for the US Secretary of Defence advising the Pentagon.
"On the one hand, the agency is only as secure as are the people working in it. Although NSA employees take loyalty and non-disclosure oaths that explicitly prohibit them from using their classified access for anything other than authorized information-gathering and analysis - usually based on national security grounds - there is always a few who, due to personal pressures, succumb to the temptation to use their access for other purposes," Dr Buchanan says.
"The degree of professionalism is always going to be variable in large organisations, so in an agency as large as the NSA - 33,000+ employees - there was and is bound to be at least a few who do not honour their oaths or adhere to the code of conduct that they signed up to. That is why regular security checks on intelligence employees, including random polygraph tests and forensic audits of their computers, is a standard in the business."
Swing vote Peter Dunne successfully lobbied for several oversight provisions to be added to the recently passed GCSB Act, including reviews every five to seven years, an annual budget review, and an annual report on the number of NZ residents subject to surveillance.
Given his inside knowledge of the way security agencies tend to behave, are the oversight provisions enough?
"Not even close," Dr Buchanan says.
"Adding a deputy IG [Inspector-General] and notifying the IG when warrants are issued is a step in the right direction, but far from being effective, proactive oversight. The obligation to issue annual reports to the parliamentary committee and hold public hearings on them are more ex post window dressing," he tells NBR.
"The cross-signing of warrants by the PM and Commissioner for Security Warrants on cases of domestic espionage looks good but will unlikely result in anything other than a rubber stamp by the latter of the former's decision, and we must remember that the grounds for issuing security warrants has been expanded under the new Act. They are no longer confined to matters of national security, among other things.
"And of course, 'independent' oversight still ultimately remains under the control of the PM, as neither the select committee or the IG will have powers of compulsion or access to operational details without approval of the SIS and GCSB Directors.