Deployment of Deep Packet Inspection Systems and associated costs
B M Murrah made this Official Information request to Government Communications Security Bureau
The request was refused by Government Communications Security Bureau.
From: B M Murrah
Dear Government Communications Security Bureau,
Under the Official Information Act 1982 I request information and documentation relating to the following:
1. Confirmation of the deployment of Deep Packet Inspection systems via infrastructure providers, including Chorus, following the passage of the TICS legislation.
2. Specific confirmation whether a Deep Packet Inspection system has been deployed in the Dunedin central exchange area via Chorus.
3. Costs to date re-imbursed to providers, including Chorus, for the installation of Deep Packet Inspection systems to comply with TICS legislation requirements.
Yours faithfully,
Beau Morgan Murrah
From: Information
Government Communications Security Bureau
GCSB acknowledges receipt of your request and will respond within the statutory deadlines.
Regards.
show quoted sections
From: Information
Government Communications Security Bureau
Please find attached the response to your OIA Request.
Regards.
show quoted sections
This email has been filtered by SMX. For more information visit
[2]smxemail.com
References
Visible links
1. mailto:[email address]
2. http://smxemail.com/
B M Murrah left an annotation ()
As you can see above, today I received a refusal based on s6(a) that it would prejudice the security or defence of New Zealand or the international relations of the Government of New Zealand.
I am considering reviewing the first part of my request- just to know whether at all they have been deployed. My second question was admittedly cheeky and based on a widely circulated rumours that such a system has been installed in Dunedin.
Anyways-
DPI systems are already in wide use by ISPs in Canada, the United States, and United Kingdom. To a certain extent these have been well documented. For a start, their existence would not seem in anyway to prejudice our international relations given the climate of awareness around this issue/it would not exactly be a revelation.
I would challenge the idea that merely knowing whether they have been deployed would threaten our security in anyway- anyone that would possibly threaten our national security would already know or likely assume they are being deployed.
This issue concerns me as a citizen in Dunedin with lofty hopes of starting an ICT business here and conducting research for which privacy is important. Its of interest to my (and our communities) democratic participation through the internet- knowing more exactly what infrastructure is possibly affecting it- and I just think we have a right to know in this respect.
Any advice on how to write/frame a review to the ombudsman?
Things to do with this request
- Add an annotation (to help the requester or others)
- Download a zip file of all correspondence
Offensive? Unsuitable?
Requests for personal information and vexatious requests are not considered valid requests for Official Information (read more).
If you believe this request is not suitable, you can report it for attention by the site administrators
Report this requestAct on what you've learnt
Similar requests
Armed Offenders Squad, Special Tactics Group and Counter Terrorism manuals
To New Zealand Police by Scott
NCSC/CCIP Incident Report Statistics
To Government Communications Security Bureau by Joshua Grainger
Alex Harris left an annotation ()
This will be interesting. The "cybersecurity" function (which would presumably be the justification for such a deployment) is only tangentially related to national security, and so they may not be able to rely on s6(a) to refuse requests.
Link to this