25 May 2013
A high-tech United States surveillance tool which sweeps up all communications without a warrant was sent to New Zealand for testing on the public, according to an espionage expert.
The tool was called ThinThread and it worked by automatically intercepting phone, email and internet information.
ThinThread was highly valued by those who created it because it could handle massive amounts of intercepted information. It then used snippets of data to automatically build a detailed picture of targets, their contacts and their habits for the spy organisation using it.
Those organisations were likely to include the Government Communications Security Bureau (GCSB) after Washington, DC-based author Tim Shorrock revealed ThinThread was sent to New Zealand for testing in 2000-2001.
Mr Shorrock, who has written on intelligence issues for 35 years, said the revolutionary ThinThread surveillance tool was sent to New Zealand by the US National Security Agency. The GCSB is the US agency's intelligence partner - currently under pressure for potentially illegal wide-spread spying on the public.
The claim ThinThread was sent to New Zealand has brought fresh calls for the bureau to explain what it does.
A spokesman said the bureau was currently reviewing how much it did tell the public - but it would not be making comment on the ThinThread test. He said the intelligence agency "won't confirm or deny" the claim because it was an "operational" matter.
A spokeswoman for Prime Minister John Key also refused to comment saying it was an operational matter.
The claim emerged in an article by Mr Shorrock which ran in a magazine last month and featured whistleblower William Binney - a former high-ranking NSA official who designed ThinThread.
Mr Shorrock said the "ThinThread prototype" was installed at two NSA listening posts in late 2000 and at Fort Meade where the NSA is based.
"In addition, several allied foreign intelligence agencies were given the program to conduct lawful surveillance in their own corners of the world. Those recipients included Canada, Germany, Britain, Australia and New Zealand."
The "lawful" aspect was due to the software's ability to mask the identities of those whose information was being intercepted - a technical work around of the legal barrier which prohibits New Zealand and the US from spying on its own citizens.
Mr Shorrock said ThinThread operated in three phases. It began by intercepting call, email and internet traffic on a network and automatically assessing it for interest. The scale of the traffic was such that it narrowed down targets of interest by focusing on patterns of information rather than the content of the information.
Secondly, ThinThread automatically anonymised the collected data so the identities stayed hidden "until there was sufficient evidence to obtain a warrant".
The magic was in the back end of the system which used the raw data "to create graphs showing relationships and patterns that could tell analysts which targets they should look at and which calls should be listened to" using "metadata" - the same type of "information about information" which featured in about 60 of the 88 potentially illegal spying cases identified in the GCSB review.
The Greens and Labour both said it showed the need for an inquiry into the GCSB - an investigation which both have repeatedly demanded. Greens' co-leader Russel Norman said the Prime Minister and GCSB needed to explain to the public whether it was spied on by ThinThread.
"It reinforces why there is a different set of rules for the GCSB - they
are integrated into this global spy network," he said.