ANNEX 15: THE LAW OF THE FIVE EYES
officer wishes to use an interception device to intercept a private communication (as
well as various other forms of surveillance).75
69.
An application for a surveillance device warrant (which includes a warrant to use an
interception device) must be made in writing and set out in “reasonable detail”: the
name of the applicant, the provision that authorises the application, the grounds on
which it is made, the suspected offence in relation to which authorisation is sought, the
type of device, the name address or other description of the person, place, vehicle or
thing that is the object of surveillance, what material it is hoped to obtain and the period
for which the warrant is sought.76 If the person, place, thing or vehicle cannot be
identified, the application must at least define the parameters of and objectives of the
operation. An application may only be made by a constable or an enforcement officer
that has been approved by an Order in Council.77
70.
Other law enforcement bodies than the police may only undertake interception if they
have been designated by an Order in Council made by the Governor-General.78
71.
The application should be made to a Judge, who must be satisfied that there are
reasonable grounds to suspect that an offence has been or is being or will be committed
and that that offence falls within a list of sufficiently serious crimes, set out in the
Schedule to the Act.79 The Judge must also be convinced that the interception will
obtain evidential material.
72.
There are mechanisms for obtaining a warrant in an emergency, where there is
insufficient time to secure access to a Judge.80
Access to Metadata
73.
The law concerning access to communications data, or metadata, was unclear until
recently. In 2013 it was disclosed that GCSB had taken the view that metadata was
not a communication and so could be obtained without a warrant (or indeed any other
formal authorisation mechanism).81 TICSA 2013 has set the position out on a statutory
footing. It defines “call associated data” as information generated as a result of making
a telecommunication that includes the number from which it originates, the number to
which it was sent, if it is diverted then the number at which it was received, the time at
which it was sent, its duration, if it was from a mobile phone the point at which it first
entered the network.82
74.
Public telecommunications service providers are required to be capable of obtaining
call associated data (other than telecommunications that are not authorised to be
intercepted under the warrant or lawful authority).83 That information should be
75
SSA 2012 s46.
SSA 2012 s49(1).
SSA 2012 s49(5).
SSA 2012 s50(1).
SSA 2012 s51(1).
SSA s48.
Kitteridge Report on GCSB Compliance, available online at: http://www.gcsb.govt.nz/assets/GCSBCompliance-Review/Review-of-Compliance.pdf para 23.
TICSA 2013 s3.
TICSA 2013 s10.
76
77
78
79
80
81
82
83
362