Ref: 2223-0790

 

Dear AS Van Wey,

 

On behalf of the Ministry of Business, Innovation and Employment I
acknowledge your emails of the 16^th of October 2022 requesting under the
Official Information Act 1982 (the Act), the following:

 

“I am writing to request a complete list of Registered Network Providers,
as defined under the Telecommunications (Interception Capability and
Security) Act 2013. If possible, I respectfully request, that the
information be provided as follows. (1) Complete list of Registered
Network Providers who have full interception capability, as defined under
sections 3, 9 and 10 of the act; and (2) Complete list of Registered
Network Providers who have Lower-level compliance duties; and (3) List of
Government Agencies or State Owned Enterprises that must be compliant with
the Act, whether they have registered or not. On page 8 of the Te koke ki
tçtahi Rautaki Matihiko mô Aotearoa Towards a Digital Strategy for
Aotearoa report, it states that CERT NZ reported they had received 125
complaints of "unauthorized Access" and 203 compliant as "other". Of the
125 reports of "unauthorized access", I respectfully request the copies of
the reports in which the person to have allegedly gained "unauthorized
access" was a government employee. To protect victim, and reputation of
the alleged offender, I do request that information which is considered
personal identification information (e.g., names of individuals or
personal identification numbers) be redacted. However, I respectfully
request that the names of the government agency of the alleged
"unauthorized access" remain visible. For each of the above, I also
request the information on what steps you took to investigate these
alleged breaches and to protect and secure the data which was alleged to
have been accessed wihtout authority. I would like to amend my earlier
request to also include copies of all direction and regulations issued
under the Telecommunications (Interception Capability and Security) Act
2013, if any exist. I also ask for a list of network providers or class of
network providers who have been granted an exemption from any or all of
the requirements under this Act.”

 

Your request is being processed in accordance with the Act and a response
will be sent to you in due course.

 

If you have any enquiries regarding your request, or its urgency, feel
free to contact us via email at [1][MBIE request email].

 

Nâku noa, nâ

MINISTERIAL SERVICES

               

Ngâ Pou o te Taumaru

Ministry of Business, Innovation and Employment

Level 4, 15 Stout Street, PO Box 1473, Wellington 6140

NZBN 9429000106078

 

 

References

Visible links
1. mailto:[MBIE request email]

Kia ora,

 

Thank you for your email regarding the registered network providers under
the Telecommunications (Interception Capability and Security) Act. The
Ministry is working on a response to your request. I am writing to clarify
your request for information on “unauthorised access” reports received by
CERT NZ.

 

CERT NZ is a business unit tasked with providing cyber security advice and
information to help New Zealanders improve their cyber security. This role
includes receiving reports of incidents and helping those affected to
recover. The reports that are listed as involving “unauthorised access”
are related to cyber security incidents that a business, organisation, or
individual has been affected by. For example, someone obtaining access to
an organisation’s email account and using this to impersonate the
organisation.

 

As such, any reports that have been received will be about unauthorised
access to a computer system or network. CERT NZ does not monitor or engage
in any assessment of activities undertaken under the Telecommunications
(Interception Capability and Security) Act.

 

Given that the substance of your request is in relation to the use of
powers contained in the Telecommunications (Interception Security and
Capability) Act, could you please confirm whether you still wish to
request copies of the reports to CERT NZ in which the person to have
allegedly gained "unauthorized access" was a government employee?

 

If you could please respond to our clarification request at your earliest
convenience, but no later than 2 November 2022, that would be greatly
appreciated. Alternatively, please feel free to contact us at
[1][MBIE request email] to discuss further.

 

Ngâ mihi

 

Ministerial Services

Te Whakatairanga Service Delivery

Ministry of Business, Innovation and Employment

15 Stout Street, Wellington 6011 | PO Box 1473, Wellington 6140

[2]http://mbieintranet/assets/MBIE-visual-i...

 

References

Visible links
1. mailto:[MBIE request email]

Kia ora,

 

Please find attached a letter from the Ministry of Business, Innovation &
Employment’s in response to your Official Information Act request,
notifying you of a partial transfer.

 

Ngâ mihi

 

Ministerial Services

Te Whakatairanga Service Delivery

Ministry of Business, Innovation and Employment

15 Stout Street, Wellington 6011 | PO Box 1473, Wellington 6140

[1]http://mbieintranet/assets/MBIE-visual-i...

 

References

Visible links

Tēnā koe AS Van Wey

 

I acknowledge receipt of your Official Information Act 1982 (OIA) request
(below), received by Police on 27 October 2022.

Police will be responding to questions 1, 2, 3, 6, 7.

Your reference number is IR-01-22-33208.

You can expect a response to your request on or before 24 November 2022
unless an extension is needed.

 

Ngā mihi

Catherine

Ministerial Services

Police National Headquarters

 

 

 

 

 

 

 

 

 

 

I am a New Zealand Citizen.

 

I am writing to request a complete list of Registered Network Providers,
as defined under the Telecommunications (Interception Capability and
Security) Act 2013.

 

If possible, I respectfully request, that the information be provided as
follows.

(1) Complete list of Registered Network Providers who have full
interception capability, as defined under sections 3, 9 and 10 of the act;
and

(2) Complete list of Registered Network Providers who have Lower-level
compliance duties; and

(3) List of Government Agencies or State Owned Enterprises that must be
compliant with the  Act, whether they have registered or not.

 

(4) On page 8 of the Te koke ki tētahi Rautaki Matihiko mō Aotearoa
Towards a Digital Strategy for Aotearoa report, it states that CERT NZ
reported they had received 125 complaints of "unauthorized Access" and 203
compliant as "other". Of the 125 reports of "unauthorized access", I
respectfully request the copies of the reports in which the person to have
allegedly gained "unauthorized access" was a government employee. To
protect victim, and reputation of the alleged offender, I do request that
information which is considered personal identification information (e.g.,
names of individuals or personal identification numbers) be redacted.
However, I respectfully request that the names of the government agency of
the alleged "unauthorized access" remain visible.

(5) For each of the above, I also request the information on what steps
you took to investigate these alleged breaches and to protect and secure
the data which was alleged to have been accessed wihtout authority.

 

I would like to amend my earlier request to also include:

(6) copies of all direction and regulations issued under  the
Telecommunications (Interception Capability and Security) Act 2013, if any
exist.

(7) I also ask for a list of network providers or class of network
providers who have been granted an exemption from any or all of the
requirements under this Act.

 

 

 

===============================================================

WARNING

The information contained in this email message is intended for the
addressee only and may contain privileged information. It may also be
subject to the provisions of section 50 of the Policing Act 2008, which
creates an offence to have unlawful possession of Police property. If you
are not the intended recipient of this message or have received this
message in error, you must not peruse, use, distribute or copy this
message or any of its contents.

Also note, the views expressed in this message may not necessarily reflect
those of the New Zealand Police. If you have received this message in
error, please email or telephone the sender immediately

Tēnā koe AS Van Wey

The Ministry of Business, Innovation and Employment (MBIE) emailed you (27 October 2022 - MBIE reference DOIA 2223-0790) notifying you that they had transferred questions 1, 2, 3, 6, 7 to New Zealand Police (Police) in accordance with section 14 of the Act. This transfer is occurring because the Ministry believes that the information requested is more closely aligned with the functions of Police.

This being so, Police will respond to those specific questions and you will likely hear from MBIE regarding the others.
Apologies for the confusion.

Kind regards

Catherine
Advisor: Ministerial Services
Police National Headquarters

-----Original Message-----
From: AS Van Wey <[FOI #20867 email]>
Sent: Sunday, 6 November 2022 6:39 AM
To: Ministerial Services <[email address]>
Subject: [EXTERNAL] Re: OIA request acknowledgement IR-01-22-33208

CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.

Dear Ministerial Services,

You had asked if I still wanted the information requested in 4 & 5. Yes, I do.

Again, in terms of the 125 reports of "unauthorized access"; I only request those where the "unauthorized access" was allegedly done by a government employee. For instance, not the unknown hacker of Waikato DHB. I also requested that all personal identifying information, such as the alleged victim and offender, be redacted to protect the individuals.

To clarify my request (5), in the event that CERT NZ did not investigate the alleged "unauthorized access", then I request the name of the agency who did.

Yours sincerely,

AS Van Wey

-----Original Message-----

Tēnā koe AS Van Wey

I acknowledge receipt of your Official Information Act 1982 (OIA) request (below), received by Police on 27 October 2022.

Police will be responding to questions 1, 2, 3, 6, 7.

Your reference number is IR-01-22-33208.

You can expect a response to your request on or before 24 November 2022 unless an extension is needed.

Ngā mihi

Catherine

Ministerial Services

Police National Headquarters

I am a New Zealand Citizen.

I am writing to request a complete list of Registered Network Providers, as defined under the Telecommunications (Interception Capability and
Security) Act 2013.

If possible, I respectfully request, that the information be provided as follows.

(1) Complete list of Registered Network Providers who have full interception capability, as defined under sections 3, 9 and 10 of the act; and

(2) Complete list of Registered Network Providers who have Lower-level compliance duties; and

(3) List of Government Agencies or State Owned Enterprises that must be compliant with the Act, whether they have registered or not.

(4) On page 8 of the Te koke ki tētahi Rautaki Matihiko mō Aotearoa Towards a Digital Strategy for Aotearoa report, it states that CERT NZ reported they had received 125 complaints of "unauthorized Access" and 203 compliant as "other". Of the 125 reports of "unauthorized access", I respectfully request the copies of the reports in which the person to have allegedly gained "unauthorized access" was a government employee. To protect victim, and reputation of the alleged offender, I do request that information which is considered personal identification information (e.g., names of individuals or personal identification numbers) be redacted.
However, I respectfully request that the names of the government agency of the alleged "unauthorized access" remain visible.

(5) For each of the above, I also request the information on what steps you took to investigate these alleged breaches and to protect and secure the data which was alleged to have been accessed wihtout authority.

I would like to amend my earlier request to also include:

(6) copies of all direction and regulations issued under the Telecommunications (Interception Capability and Security) Act 2013, if any exist.

(7) I also ask for a list of network providers or class of network providers who have been granted an exemption from any or all of the requirements under this Act.

===============================================================

WARNING

The information contained in this email message is intended for the addressee only and may contain privileged information. It may also be subject to the provisions of section 50 of the Policing Act 2008, which creates an offence to have unlawful possession of Police property. If you are not the intended recipient of this message or have received this message in error, you must not peruse, use, distribute or copy this message or any of its contents.

Also note, the views expressed in this message may not necessarily reflect those of the New Zealand Police. If you have received this message in error, please email or telephone the sender immediately

-------------------------------------------------------------------
Please use this email address for all replies to this request:
[FOI #20867 email]

Disclaimer: This message and any reply that you make will be published on the internet. Our privacy and copyright policies:
https://fyi.org.nz/help/officers

If you find this service useful as an Official Information officer, please ask your web manager to link to us from your organisation's OIA or LGOIMA page.

-------------------------------------------------------------------

hide quoted sections

Kia ora

Questions 4 & 5 will be responded to by MBIE (reference DOIA 2223-0790) as explained below. You will need to contact MBIE in relation to question 4 & 5,

Kind regards

Catherine
Advisor: Ministerial Services
Police National Headquarters

-----Original Message-----
From: AS Van Wey <[FYI request #20867 email]>
Sent: Monday, 7 November 2022 1:33 PM
To: Ministerial Services <[email address]>
Subject: [EXTERNAL] RE: [EXTERNAL] Re: OIA request acknowledgement IR-01-22-33208

CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.

Dear Ministerial Services,

Thank you for your response; however, it has not addressed my request numbers 4 & 5.

Yours sincerely,

AS Van Wey

-----Original Message-----

Tēnā koe AS Van Wey

The Ministry of Business, Innovation and Employment (MBIE) emailed you (27 October 2022 - MBIE reference DOIA 2223-0790) notifying you that they had transferred questions 1, 2, 3, 6, 7 to New Zealand Police (Police) in accordance with section 14 of the Act. This transfer is occurring because the Ministry believes that the information requested is more closely aligned with the functions of Police.

This being so, Police will respond to those specific questions and you will likely hear from MBIE regarding the others.
Apologies for the confusion.

Kind regards

Catherine
Advisor: Ministerial Services
Police National Headquarters

-------------------------------------------------------------------
Please use this email address for all replies to this request:
[FYI request #20867 email]

Disclaimer: This message and any reply that you make will be published on the internet. Our privacy and copyright policies:
https://fyi.org.nz/help/officers

If you find this service useful as an Official Information officer, please ask your web manager to link to us from your organisation's OIA or LGOIMA page.

-------------------------------------------------------------------

===============================================================
WARNING
The information contained in this email message is intended for the addressee only and may contain privileged information. It may also be subject to the provisions of section 50 of the Policing Act 2008, which creates an offence to have unlawful possession of Police property. If you are not the intended recipient of this message or have received this message in error, you must not peruse, use, distribute or copy this message or any of its contents.
Also note, the views expressed in this message may not necessarily reflect those of the New Zealand Police. If you have received this message in error, please email or telephone the sender immediately

hide quoted sections

Kia ora AS Van Wey,

 

Please find attached the Ministry of Business, Innovation & Employment’s
response to your Official Information Act request.

 

Ngâ mihi

 

Ministerial Services

Te Whakatairanga Service Delivery

Ministry of Business, Innovation and Employment

15 Stout Street, Wellington 6011 | PO Box 1473, Wellington 6140

[1]http://mbieintranet/assets/MBIE-visual-i...

 

References

Visible links

Tēnā koe As                               

Please find attached the response to your Official Information Act
request, received by New Zealand Police on 27 October 2022.

 

Please accept our apologies for the delay in providing you with this
response.

 

Ngā mihi

Dylan

 

 

Dylan

Advisor | Ministerial Services | Police National Headquarters

 

[1]wordmark transparent

 

 

 

===============================================================

WARNING

The information contained in this email message is intended for the
addressee only and may contain privileged information. It may also be
subject to the provisions of section 50 of the Policing Act 2008, which
creates an offence to have unlawful possession of Police property. If you
are not the intended recipient of this message or have received this
message in error, you must not peruse, use, distribute or copy this
message or any of its contents.

Also note, the views expressed in this message may not necessarily reflect
those of the New Zealand Police. If you have received this message in
error, please email or telephone the sender immediately

References

Visible links

The Police Ministerial Services mailbox will not be monitored between 24
December 2022 - 5 January 2023.

 

For emergencies, please contact 111.

 

Morena,

I have forwarded your query to the workgroup that responded to the request and have asked that they contact you directly with further clarification.

Kind regards, Michelle
Ministerial Services Advisor
NZ Police National Headquarters Wellington

-----Original Message-----
From: AS Van Wey <[FOI #20867 email]>
Sent: Friday, 30 December 2022 10:58 AM
To: Ministerial Services <[email address]>
Subject: [EXTERNAL] Re: OIA response IR-01-22-33208

CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.

Dear Ministerial Services,

I was quite confused by one of your responses, and would like to give you an opportunity to seek further information to ensure you have give me and the public accurate information. I placed two complaints about a government employee gaining unauthorized and unlawful access to my private communications, as they were intercepting these communications without my consent or the consent of the intended recipient. I also am aware of one other person who had lodged a complaint with the Ministry of Health, and have copies of letters from the agency to the NZ Police about the matter. However, in that correspondence, the lawyer for the agency misled the police in their response.

Since there have been at least two people who have complained, your answer of zero is inaccurate. Now the question is how many other people have had their personal communications intercepted unlawfully (i.e, intercepted without their consent or the consent of the intended recipient or a lawful warrant). I have also made multiple complaints of unauthorized accesses to my medical information, including multiple employees of Health NZ accessing my medical records without my consent when I had not received care at their facilities and wasn't even present in NZ.

Thus, I ask that you please amend your response to include accurate information.

Yours sincerely,

AS Van Wey

-----Original Message-----

Tēnā koe As

Please find attached the response to your Official Information Act request, received by New Zealand Police on 27 October 2022.

Please accept our apologies for the delay in providing you with this response.

Ngā mihi

Dylan

Dylan

Advisor | Ministerial Services | Police National Headquarters

[1]wordmark transparent

===============================================================

WARNING

The information contained in this email message is intended for the addressee only and may contain privileged information. It may also be subject to the provisions of section 50 of the Policing Act 2008, which creates an offence to have unlawful possession of Police property. If you are not the intended recipient of this message or have received this message in error, you must not peruse, use, distribute or copy this message or any of its contents.

Also note, the views expressed in this message may not necessarily reflect those of the New Zealand Police. If you have received this message in error, please email or telephone the sender immediately

References

Visible links

-------------------------------------------------------------------
Please use this email address for all replies to this request:
[FOI #20867 email]

Disclaimer: This message and any reply that you make will be published on the internet. Our privacy and copyright policies:
https://fyi.org.nz/help/officers

If you find this service useful as an Official Information officer, please ask your web manager to link to us from your organisation's OIA or LGOIMA page.

-------------------------------------------------------------------

hide quoted sections

Kia ora Ms Van Wey

I have forwarded your query to the workgroup that wrote the OIA response, who advise they have nothing further to add regarding the response provided.

If you are unhappy with the response provided, you have the right to seek an investigation and review by the Ombudsman. Information about how to make a complaint is available at www.ombudsman.parliament.nz or freephone 0800 802 602.

If your complaint relates to activity of Police staff, you can express your dissatisfaction or make a complaint at the following link https://www.police.govt.nz/contact-us/gi....

Kind regards, Michelle
Ministerial Services Advisor
NZ Police National Headquarters Wellington

-----Original Message-----
From: AS Van Wey <[FOI #20867 email]>
Sent: Friday, 30 December 2022 10:58 AM
To: Ministerial Services <[email address]>
Subject: [EXTERNAL] Re: OIA response IR-01-22-33208

Dear Ministerial Services,

I was quite confused by one of your responses, and would like to give you an opportunity to seek further information to ensure you have give me and the public accurate information. I placed two complaints about a government employee gaining unauthorized and unlawful access to my private communications, as they were intercepting these communications without my consent or the consent of the intended recipient. I also am aware of one other person who had lodged a complaint with the Ministry of Health, and have copies of letters from the agency to the NZ Police about the matter. However, in that correspondence, the lawyer for the agency misled the police in their response.

Since there have been at least two people who have complained, your answer of zero is inaccurate. Now the question is how many other people have had their personal communications intercepted unlawfully (i.e, intercepted without their consent or the consent of the intended recipient or a lawful warrant). I have also made multiple complaints of unauthorized accesses to my medical information, including multiple employees of Health NZ accessing my medical records without my consent when I had not received care at their facilities and wasn't even present in NZ.

Thus, I ask that you please amend your response to include accurate information.

Yours sincerely,

AS Van Wey

-----Original Message-----

Tēnā koe As

Please find attached the response to your Official Information Act request, received by New Zealand Police on 27 October 2022.

Please accept our apologies for the delay in providing you with this response.

Ngā mihi

Dylan

===============================================================
WARNING
The information contained in this email message is intended for the addressee only and may contain privileged information. It may also be subject to the provisions of section 50 of the Policing Act 2008, which creates an offence to have unlawful possession of Police property. If you are not the intended recipient of this message or have received this message in error, you must not peruse, use, distribute or copy this message or any of its contents.
Also note, the views expressed in this message may not necessarily reflect those of the New Zealand Police. If you have received this message in error, please email or telephone the sender immediately

hide quoted sections