Telecommunications (Interception Capability and Security) Act 2013 (TICSA)
The Telecommunications (Interception Capability and Security) Act 2013 (the TICSA) establishes obligations for New Zealand’s telecommunications network operators in two key areas – interception capability and network security.
The Government Communications Security Bureau (GCSB) is responsible for administering the network security provisions of the TICSA.
Part 3 of the TICSA, which relates to network security, establishes a framework under which network operators are required to engage with the GCSB (through the NCSC) about changes and developments with their networks where these intersect with national security.
The legislation sets out a path to identify and address, prevent, mitigate, or remove network security risks which may arise. To assist in applying TICSA, the Director of the GCSB has issued Guidance for Network Operators, and has granted a number of exemptions from the duty to notify which are in place as of 11 May 2014, when the network security part of TICSA came into effect.
The GCSB will work co-operatively and collaboratively with network operators so that risks to New Zealand’s national security arising from the design, build or operation of public telecommunications networks and their interconnection to other networks both domestically and overseas are identified and addressed as early as possible.