t is not as if the ZX Security training programme is coaching a small crack unit of MBIE investigators. In year one, 70 MBIE staff were trained in these undercover skills, and a four year contract has been signed for the entire programme. By completion date in 2021 that means MBIE would have trained 280 staff in fake social media skills that they would be being expected to use online. Even allowing for staff turnover, that can only mean that these privacy-penetrating skills are being mainstreamed into MBIE’s general work in its areas of responsibility. Should tourists (for example) expect that their social media posts are being watched by the Kiwi version of Big Brother, for signs they intend overstaying their visas – and do tourists now have reason to fear that a night of revelry shared with an apparent friend online might be used against them if they should lodge a subsequent claim for residency?
To date, Shane Jones has been the only politician to raise concerns about MBIE’s decision to train its staff in how to fake their identities online. At the end of the month, MBIE is being expected to report back on its programme. Hopefully, MBIE’s rationale will be challenged by someone external to the organisation. MBIE can hardly be trusted as the main evaluator of its own scheme. In the recent past, it hired the notorious Thompson+ Clark security firm to investigate those opposed to its policies, and got heavily criticised in December by the State Services Commissioner for doing so. As RNZ reported less than a month ago:
The entire Ministry of Business Innovation and Employment (MBIE) was… found to have breached the State Services Standards of Integrity and Conduct (code of conduct) by failing to maintain an appropriate level of objectivity and impartiality. MBIE led the charge in a change to the Crown Minerals Act 2013 creating offences for damaging or interfering with structures or ships being used offshore in mining activities.
The design of Operation Exploration was influenced by the concept of “issue motivated groups”. The Minerals Exploration Joint Intelligence Group (MEJIG) was set up and tasked with identifying activities that might lead to interference with offshore petroleum and minerals exploration. Thompson and Clark was a key participant in MEJIG.
The Commissioner found that Thompson and Clark established a very close relationship with Operation Exploration and the information it provided – particularly surveillance of Greenpeace – was most likely paid for by the private sector with interests in petroleum and minerals exploration. The Commissioner has asked MBIE to consider whether Operation Exploration should be discontinued and requested that the chief executive review MBIE’s internal policies to ensure they are consistent with the code.
In other words, MBIE has shown it can’t be trusted to respect free speech and/or the democratic right to protest. Surely then, it cannot be allowed to abuse privacy on social media in the ways this training programme explicitly sets out to do. Any costs involved in breaking the contract with ZX Security have to come out of MBIE’s own operating budget. In the meantime…if Big Brother asks to be your friend on Facebook, it needs to tell you who it is.
Footnote One. Interesting that MBIE put the ZK Security contract up on its website a year after it was signed, and just as the SSC released its damning report on the governmental use of private security firms. The timing looks less like transparency than an attempt by MBIE to pre-empt a future scandal by getting the information out (a) just as the SSC hammer fell and (b) while the media was otherwise engaged with the SSC report findings.
Footnote Two: So what is known about ZX Security? According to Deloittes, it is the 40th fastest growing company in New Zealand. Here is its founder/CEO Simon Howard talking briefly on Youtube about the company’s use of interns. And here is Howard again at a 2017 conference talking at much greater length about the threats posed by ransomware and phishing, and related mat....
According to its publically available Linked In profile, the company’s current employees are Simon Howard, Laura-Jane Howard, Claudio Contin and David Robinson.
Friends You Can Trust
Fake friends are no new thing. Eighty years ago, the Sons of the Pioneers were warning that this new fangled idea of getting an old age pension could attract friends of the wrong sort:
Digital friends come and go, but there are more trustworthy alternatives. Roy Rogers, a graduate of Sons of the Pioneers, spells out the options: