Hello there-

A lawyer signal? I am a recent law graduate and soon to be admitted as a Barrister and Solicitor, based in Otago.

I would love to attend the conference and contribute to any discussions/workshops about the topic of being legally compliant with and legally protected from the NCSC. 
You will be safe because I won���t have been admitted to the Bar by that time and thus legally can���t charge out services as a lawyer yet.

Anyways, I am a very big supporter/fan of the Electronic Frontier Foundation in the United States which has done quite a bit of work around these kinds of legal issues of often costly and unclear national security regulations in telecommunications, which can stifle innovation in the wider scheme of things.  I have read over the TICSA Act and GCSB quite a bit for research about legal issues relating to TOR Exit Relays. Quite passionate about this topic. 

Would there be interest in having a group meeting/workshop around this topic at the Conference?

---
Email: bmurrah@icloud.com
PGP: https://keybase.io/airbridge
Landline: +643 260 2600
Mobile: +6427 375 7897

On 28/11/2014, at 2:01 pm, Dean Pemberton <nznog@deanpemberton.com> wrote:

I'm not a lawyer either, but I do have an idea.

It's late November...  It's pretty clear that TICSA notifications only
relate to network changes, and most of you are about to enter brownout
periods.
If you're not you should be, but thats another story, just let me know
so I can change ISPs.

That should take us through until the first or second week of January,
and we have a conference at the end of Jan.

I'm going to propose that we get the TICSA team from GCSB along to the
conference so that we can have some of these discussions in person and
get them all straight in everyones mind.

They can explain why they think the industry isn't reporting enough,
and the industry can ask questions around which areas of reporting are
exempt.

It's clear now that TICSA is a reality and everyone needs to have an
understanding of what that means for them.

Happy to look out a tame lawyer too, but I think it'll just increase
the NZNOG registration price by Nx7min blocks =P


Sound like a plan?

On Tue, Nov 25, 2014 at 12:12 PM, Alexander Neilson
<alexander@neilson.net.nz> wrote:
What I think is missing here is where providers have a standard system they
have used with the same hardware before May 11th.

These were decisions made beforehand, no change to deployment, or not
covered by an area of specified security interest.

How many people on this list would have changed the manufacturer / type of
equipment used in the NOC / core network that meets the threshold in 6
months?

IANAL

However from my lay reading of the guidance and exemptions continuing to use
the exact same systems as were decided on and deployed prior to 11 May would
not require a notice and replacing dead hardware with the same thing doesn���t
require this notice either.

So I am not sure that a low number of notifications is an odd thing unless
people had major changes to their core and a short run time to make these
changes.

Others may want to chime in with their experiences.

Regards
Alexander

Alexander Neilson
Neilson Productions Limited

alexander@neilson.net.nz
021 329 681
022 456 2326

On 25/11/2014, at 11:51 am, Dave Mill <dave@mill.net.nz> wrote:

I'm actually surprised that our GCSB overlords haven't done something like
this sooner. To me it seems pretty obvious that not all network providers
are using/following the new guidelines. And much better an email like this
one than a proper slap by the NCSC/GCSB.

To explain my logic without giving too much away.

We are a small ISP. We have submitted proposals under this new law. Lets
call our number of proposals X.

At a technical conference recently the GCSB were able to share with us their
rough total number of proposals. That number was also reasonably obvious
from the proposal numbering system the NCSC use. Lets call this number Y.

Y wasn't that much bigger than X. I'm talking 5 or 6 times bigger from
memory.

We have spent a lot of time and effort in following this new legislation. I
think its only fair that others do also (lets not debate whether we needed
the legislation here). And with the numbers talked about so far I think its
pretty clear that some organisations out there aren't following this new
legislation.

At the very least (based on Ray's comments) most network operators should be
submitting at least 5 - 10 standard builds each IMHO.

Cheers
Dave


On Mon, Nov 24, 2014 at 8:30 PM, Ray Taylor <ray@ruralkiwi.com> wrote:

I am assuming this refers to notifications about equipment changes, vendor
suppliers etc?

It may come as a surprise to these people but most network operators
create standards and stick to them!







Ray Taylor

Taylor Communications

ray@ruralkiwi.com



Ph 021-483-280

Network status 06-929-9082



<image001.png>



From: TICSA [mailto:TICSA@ncsc.govt.nz]
Sent: Monday, 24 November 2014 3:21 p.m.
To: TICSA
Subject: Letter to Network Operators 24 Nov 2014



Dear Network Operator



Please find attached a letter to all network operators. This letter shares
our surprise at the low number of notifications received from registered
network operators to date. We want to reinforce that we are here to support
you in meeting your obligations under the TICSA.



We thank those network operators who have actively engaged with us under
the TICSA since May.





Kind regards

From the TICSA Team





________________________________

This electronic message, together with any attachments, contains
information that is provided in confidence and may be subject to legal
privilege. Any classification markings must be adhered to. If you are not
the intended recipient, you must not peruse, disclose, disseminate, copy or
use the message in any way. If you have received this message in error,
please notify us immediately by return email and then destroy the original
message.
The Government Communications Security Bureau (GCSB) accepts no
responsibility for changes to this e-mail, or to any attachments, after its
transmission from GCSB.  Thank you.

________________________________

This email has been filtered by SMX. For more information visit
smxemail.com


_______________________________________________
NZNOG mailing list
NZNOG@list.waikato.ac.nz
http://list.waikato.ac.nz/mailman/listinfo/nznog


_______________________________________________
NZNOG mailing list
NZNOG@list.waikato.ac.nz
http://list.waikato.ac.nz/mailman/listinfo/nznog



_______________________________________________
NZNOG mailing list
NZNOG@list.waikato.ac.nz
http://list.waikato.ac.nz/mailman/listinfo/nznog

_______________________________________________
NZNOG mailing list
NZNOG@list.waikato.ac.nz
http://list.waikato.ac.nz/mailman/listinfo/nznog