Christchurch mosque attacks: NZ spy chiefs called in for high-level meeting days after shootings

Spy chiefs pointedly told a high-level intelligence meeting days after the Christchurch terror attacks that domestic security investigations can’t begin without a “lead” and stressed the difficulties in monitoring online extremism, newly-released documents show.

The New Zealand Security Intelligence Service (NZSIS) and Government Communications Security Bureau (GCSB) were sent scrambling after the March 15, 2019 mosque shootings, which left 51 people dead.

Just 12 days after the country’s worst-ever domestic terror attack, Andrew Little, the minister in charge of New Zealand’s spy agencies, called in NZSIS director general Rebecca Kitteridge and GCSB director general Andrew Hampton for an urgent briefing.

The two agencies were being publicly grilled over why they hadn’t had Australian gunman Brenton Harrison Tarrant – last week jailed for life without parole – on their radars.

Kitteridge explained New Zealand was not a surveillance state – despite 2014 claims by United States’ National Security Agency whistleblower Edward Snowden and journalist Glenn Greenwald that John Key’s then-government were secretly developing a mass surveillance system.

“NZSIS must balance carefully the security of the nation with the rights of individuals, including the right to freedom of expression and to privacy,” Kitteridge said in the March 27, 2019 meeting, according to now unclassified documents released the Herald under the Official Information Act.

“New Zealand is not a surveillance state, and nor is that feasible. It is essential that our work, while bounded by practical considerations, is lawful… and guided by the principles of proportionality and necessity.”

She explained that all of NZSIS’s domestic security intelligence investigations “have to start somewhere, so they all begin with a ‘lead’ – the initial information that indicates a potential threat to national security”.

The revelations indicate that Tarrant had not come to any of the spy agencies’ attentions before he committed mass murder.

More information around what was being done to monitor far-right extremists in New Zealand is expected to form part of the final report by the Royal Commission of Inquiry into the attacks, which was tasked to look at what state sector agencies knew about Tarrant before March 15, and what they did, if anything, with that intel, and what they could have done to prevent the attack. It’s been delayed three times and is now expected to be released on November 26.

The challenges of the internet faced by the NZSIS in countering terrorism was also outlined in the briefing – in the wake of revelations that Tarrant had posted his so-called manifesto on controversial forum 8chan and livestreamed his murderous rampage online.

“Monitoring ‘the internet’ is not possible even for those that have the legal mandate (which is not the case in New Zealand) and significantly greater resources,” Kitteridge said.

“In addition, the volume of data available over social media platforms is growing exponentially.”

Again, she stressed the need to have a “lead” before beginning any investigation – including when chasing activity on the internet – and highlighted the “widespread use of anonymised identities” online, which made for assessing the credibility of threats “extremely difficult”.

The encryption of websites, chatrooms, apps and other platforms, including gaming sites, was also “a huge challenge for all security and law enforcements agencies”, Kitteridge said.

“Even if we have a warrant in place, they generally cannot be enforced against tech companies based offshore.”

Other details canvassed in the briefing were not released to the Herald under OIA rules, citing the security or defence of New Zealand, the need for ministers and officials to conduct public affairs through “the free and frank expression of opinions”, and the need to protect the identity of GCSB and NZSIS staff.

Security expert Paul Buchanan, a former intelligence analyst for US security agencies, says New Zealand’s intelligence and security services have been focused on the threat from Islamic extremism since the 9/11 terror attacks.

However, he does not believe that March 15 could be blamed on failures by the GCSB or NZSIS.

New Zealand Police has its own intel units which could have been tasked to monitor right-wing extremists, Buchanan said, but “for some reason” no concerns were elevated to the point where the GCSB – with its increased intercept capabilities and skills at deciphering “deep coding” in encrypted platforms – was asked for help.

Christchurch mosque attacks: NZ spy chiefs called in for high-level meeting days after shootings