Part 2: The Context for Domestic Security

Managing Threats to Domestic Security.

In this part we explain the context for domestic security in terms of:

Policy Dimensions of Domestic Security

Much can be done to reduce the risk of terrorism – such as intercepting information to warn of potential incidents, or implementing strong border security – but the risk cannot be totally eradicated. Therefore, the Government needs to establish the level of risk that it is prepared to accept and the precautions required to maintain the risk at or below this acceptable level.

It is not easy to assess what the accepted level of risk should be, and what level of investment in precautions is the most effective. Difficulties include:

  • the infrequency of domestic security incidents;
  • a lack of any models or norms to help assess the most effective level of investment in domestic security;
  • the ‘globalisation of the border’6, so that it is no longer enough just to focus on people and goods at the point of entry into the country; and
  • the variety of participants in domestic security.

Infrequency of Domestic Security Incidents

Many public policy decisions (for example – for reducing: the road toll, the rates of burglary, and the incidence of diabetes) can be subjected to detailed analysis over time, so that the effects of different policy initiatives can be assessed with some certainty. In these examples, it is also often possible to demonstrate a clear link between the policy initiative and its outcome.

This is not the case for domestic security. Because domestic security incidents occur infrequently, it is difficult to test the effect of domestic security policies, systems, and procedures. The fact that no domestic security incident occurs may be the result of good systems and procedures – but it could equally be because no threat has arisen.

The infrequency of domestic security incidents can also make it difficult to maintain public support. This is especially the case when initiatives to deter threats are likely to impinge on business interests or the freedoms people enjoy. For example, increasing border security generally results in longer delays for people crossing the border, and higher costs for imported goods. The greater the length of time between security incidents, the greater the likelihood of reduced public consciousness of the threat, and the more likely people will be to perceive precautions as excessive.

Lack of Models for Defining Levels of Investment in Domestic Security

There are few generally accepted approaches to designing, or analysing the efficiency or effectiveness of domestic security initiatives.

A policy framework that is utilised in many countries in some form or another deals with domestic security incidents in three phases – prevention, response, and recovery (see Figure 2 on the opposite page). This framework helps to define where capabilities are required – for example, a certain amount of intelligence resource is required to support an adequate preventive capability.

Figure 2
Three-phase Policy Framework for Domestic Security

Prevention Taking the measures necessary to prevent terrorism and other forms of politically motivated violence, which include:
• collecting, analysing and disseminating intelligence about terrorist intentions and capabilities;
• having effective border security that prevents known or suspected terrorists from entering the country;
• other security that successfully deters individuals and groups from carrying out any attack;
• reducing the vulnerability of potential victims and targets; and
• identifying and protecting critical infrastructure and key assets.
Response Having adequate systems and arrangements that come into effect, especially where a joint response is required, when an incident or threat occurs. The aim is to resolve the incident or reduce the possible impact. Those responding include police officers, fire fighters, emergency medical providers, and emergency management specialists. The ability to respond also means having appropriate technical advice and capabilities to prevent cascading effects, especially with infrastructure.
Recovery Having sound financial, legal, and social systems in place to be able to recover from a domestic security incident. Recovery may include:
• rehabilitation, including medical care for people affected;
• rebuilding destroyed property;
• rebuilding or replacing critical infrastructure to minimise the potential adverse effects on people’s lives and the economy;
• re-establishing our reputation (e.g. after bio-terrorist attack);
• assisting victims and their families; and
• rapidly restoring normal economic and social functioning.

However, it is difficult to know when enough resources have been applied to the prevention, response, and recovery phases, or whether the correct trade-offs between the phases have been made.

A variation of the three-phase policy framework that has worked well in other areas of risk management, and DPMC has adapted for wider security applications, is known as the “4-Rs” – Reduction, Readiness, Response, and Recovery. This provides for a slightly different balance of emphasis, with more attention to pre-emptive control and mitigation, and fits closely with the approach advocated by AS/NZS 4360:1999 Risk Management – the risk management standard developed jointly by Australia and New Zealand.

There are few international standards to help define required levels of preparedness. Individual governments must therefore define their own levels. To the extent that it would be very expensive and impractical to be fully prepared at all times, the affordability and feasibility of preparedness also predicates a level of acceptable risk.

The level of acceptable risk is a matter of judgement, and may change over time as people become accustomed to living with the threat of terrorism (or with the measures to counter the threat). In practice, judgements have to be made in the light of the complex tensions around what is publicly acceptable in terms of risk and the measures to reduce risk, perceptions about the relative importance of different forms of risk, and what is required to meet international obligations.

‘Globalisation of the Border’

Traditionally, domestic security has focused on monitoring goods and people at the point of entry, to prevent dangerous or illegal goods and undesirable immigrants and visitors entering the country. Efforts are now increasingly being directed at preventing undesirable visitors from departing for New Zealand.

Internationally (at the instigation of the USA), steps are being taken to ensure that goods are safe and legitimate at the time they are packed and shipped from the country of origin. These developments are extending and ‘globalising’ the traditional concept of the border.

Domestic security can be affected by events occurring outside the country – such as through trans-national organised crime operating in the Pacific, or nationals of one country being attacked in another country (as in Bali).

Involving a Variety of Participants

Central government agencies have a prime role in domestic security, but local government, quasi-government agencies, and the private sector have increasingly important roles as well.

Much of the critical infrastructure (such as information and computer systems7 within the banking system, water and power supplies, and telecommunications equipment) is controlled or owned by local government, private sector entities, or a mix of government and private sector entities. These entities serve a wide range of communities and stakeholders who have a variety of priorities and expectations – among which security and contingency planning may not be prominent.

Many security initiatives will place responsibilities on private sector as well as public sector organisations. Private sector participation in domestic security initiatives needs to be identified to ensure that best practice – in terms of security and recovery – is fully applied across all sectors. In this report we concentrate on how well central government agencies are managing risks to domestic security.

What Is Driving the International Response?

After 11 September 2001, there was strong international support for comprehensive, collective action against terrorism. On 28 September 2001, the United Nations Security Council unanimously adopted Resolution 13738, which binds all member states and provides a framework for the international response to the terrorist attacks.

In summary, Resolution 1373 calls on all states to take action to:

  • prevent and suppress the financing of terrorist acts;
  • prevent their country from being used to support terrorism;
  • improve co-ordination and information flows between countries; and
  • set up effective border controls to prevent the movement of terrorists and terrorist groups.

The Security Council also noted with concern the close connection between international terrorism and trans-national organised crime, illicit drugs, money-laundering, illegal arms-trafficking, and the illegal movement of nuclear, chemical, biological and other potentially deadly materials.

Obligations arising from New Zealand agency membership of international organisations – the WCO, the IMO, and the ICAO – include:

  • identifying and examining high-risk containers and assuring in-transit integrity, implementing standards for electronic customs reporting, and promoting high standards of supply chain security in the private sector;
  • promoting ship and port security plans by July 2004, and the installation of automatic identification systems on certain ships by December 2004;
  • introducing new baggage screening procedures and equipment in all APEC major airports by 2005, reinforcing flight deck doors by April 2003, and supporting ICAO mandatory aviation security audits; and
  • implementing a common global standard on advance passenger information, adopting a biometrics standard, reforming immigration service procedures, and promoting adoption of air cargo security guidelines drawn up by the ICAO.

New Zealand’s Response

Resolution 1373 calls upon all countries to join and fully implement the relevant international conventions and protocols (in all, ten conventions and two protocols). New Zealand has been party to a number of these international conventions, with implementing legislation, for some years.

Following adoption of Resolution 1373, the Government acted quickly to:

  • strengthen existing counter-terrorism legislation and obtain new legislation to implement obligations under the resolution and other conventions; and
  • require government agencies to review their procedures in relation to security, and strengthen them as required.

The legislative changes, both complete and intended (see Appendix 3 on page 90), have been wide-ranging and have addressed a number of identified deficiencies.

Government responses have included additional funding of almost $30 million for the three years to June 2004 for initiatives such as extra security at airports, increased provision of intelligence capability, and the establishment of a bio-chemical incident response capability. A detailed list of those responses is provided in Appendix 4 on pages 91-92. The Government sent troops in support of operations in Afghanistan in 2002.

For the three years 2003-04 to 2005-06, ODESC has endorsed budget bids for $73 million of operational expenditure and $25 million of capital expenditure. These bids have been further refined and included in each department’s budget bids. In addition, Cabinet has agreed that the Immigration Service will receive $5.4 million in 2003-04 and $4.8 million for each subsequent year to strengthen its immigration intelligence capacity.

Steps are also being taken to address port security, supply chain security, baggage screening, and advance passenger processing. These initiatives are discussed in Part Five on pages 63-81.

One important rationale for the changes is the need to ensure that New Zealand’s security response does not get out of step with the responses of other countries. As some countries tighten their domestic security measures, the focus of terrorism could move to less-protected locations that provide an easier option for terrorists as a base for their activities, or as the target for an actual attack.

Security issues are also relevant to New Zealand’s interaction with Pacific Island nations. The international community is looking to regional partners like Australia and New Zealand to work with Pacific Island nations to help them upgrade their systems to meet international requirements. As a result, government agencies – the Police, the NZDF, Customs, the Immigration Service, MFAT, the NZSIS, the Ministry of Fisheries, and the CAA – increasingly have to take this wider environment into account.

On 31 March 2003, Cabinet noted that, as part of the 2003 Budget process, a Pacific Security Fund of $2 million was being established in Vote Foreign Affairs and Trade to meet the costs of advisory, training, and technical support for Pacific Island nations to meet security threats (and risks to New Zealand interests).

MFAT was directed to lead and co-ordinate the preparation of a whole-of-government strategy to guide the allocation of Pacific Security Fund resources. An inter-agency working group was established and recommended that a Pacific Security Co-ordinating Committee be established.9

In August 2003, Cabinet approved the establishment of the Committee (to be based in MFAT) to:

  • assess and prioritise security risks in the Pacific;
  • develop (for ODESC approval) an annual package of security initiatives to assist Pacific Island nations resourced through the Pacific Security Fund; and
  • evaluate and report on implementation of Pacific Security Fund initiatives by New Zealand agencies.

An Ambassador for Counter-Terrorism was also appointed in August this year. The Ambassador’s responsibilities will include:

  • co-ordinating counter-terrorism policy and activities within MFAT to ensure that New Zealand is complying with all its legal and reporting obligations (such as Resolution 1373);
  • liaising with other government agencies to ensure that MFAT understands their priorities and activities in relation to counter-terrorism;
  • participating in the development and implementation of whole-of- government counter-terrorism policies; and
  • assisting South Pacific nations to develop and manage their own security from a counter-terrorism perspective.

Who Is Responsible for Domestic Security?

The Domestic and External Security Coordination (DESC) structure is used for co-ordinating the efforts of security-related agencies.

Figure 3 on page 32 illustrates the key groups and organisations involved in domestic security. Responsibility for domestic security is at three levels:

  • the Cabinet Committee on Domestic and External Security Co-ordination (DES);
  • the Officials Committee for Domestic and External Security Co-ordination (ODESC); and
  • the individual agencies involved in domestic security.

Figure 3
Who’s Who in Domestic Security

Figure 3.

DES10 is the central decision-making body of executive government for issues involving intelligence, security, and crisis management. The Prime Minister chairs the committee, and its members comprise those Ministers with portfolio responsibilities for key agencies involved in domestic security. Other Ministers can be co-opted onto DES depending on the needs of any specific crisis.

Under DES sits the ODESC, which facilitates a whole-of-government approach to national crises and circumstances affecting security. ODESC is a chief executive level forum in which agencies come together to establish whole-of-government approaches to domestic security. ODESC comprises a generic committee having flexible membership that deals primarily with response and recovery issues for specific events or issues. ODESC has two standing committees – ODESC(P) for ongoing policy, planning and preparedness, and ODESC(I) for intelligence matters.

A number of committees and working groups support the DESC structure. Standing working committees include the Foreign Intelligence Requirements Committee, the Interdepartmental Committee on Security, and the Working Committee on Terrorism. Ad hoc working groups (known as Watch Groups) are formed to concentrate on specific crises or issues as they arise (for example, the Iraq war, or the deployment between 1999 and 2002 of peace-keeping forces to East Timor).

The DESC structure does not override the statutory powers and responsibilities of Ministers and departments. Responsibility for actions and policies remains with the chief executive of an agency and the relevant Minister. The aim of the DESC structure is to ensure that agencies work together in order to achieve better outcomes, not to provide an additional accountability or control mechanism.

Security and intelligence is a primary focus for some agencies – such as the NZSIS and GCSB. Where such intelligence indicates criminal activity (as terrorism and terrorist acts are “crime”) the Police become involved arising from their aims to reduce the incidence and effects of crime, detect and apprehend offenders, maintain law and order, and enhance public safety. However, this responsibility is only part of the wider duties that the Police undertake.

For a large number of agencies, domestic security is increasingly becoming an important aspect of their wider responsibilities. For example, the agencies that control who and what is crossing the border bear some responsibility for identifying potential threats to domestic security. Often, these agencies must balance domestic security concerns with the need to ensure the economic benefits of the free flow of people and goods.

The Current Structure Is an Advantage

New Zealand is a lot less complex in terms of policy development and co-ordination than other countries because it has a unitary system of government and national Police and Fire Services. The simplicity of structure is a major benefit in implementing domestic security policies, or in responding to events.

For example, all civil aviation activities in New Zealand fall under a single jurisdiction, which is legislated for by the Civil Aviation Act 1990. Civil aviation activities in most other countries are divided among a range of federal, state, county, and private jurisdictions. Sydney, for example, has a range of different organisations providing aviation security services at its international airport.

6: See paragraphs 2.13-2.15 on pages 26-27.

7: The Centre for Critical Infrastructure Protection (a business unit within GCSB) was established in August 2001 to provide advice and support to protect the country’s critical infrastructure from cyber threats.

8: Reproduced in full in Appendix 1 on pages 84-87.

9: Committee membership will include DPMC, Ministry of Fisheries, MAF, MFAT, NZ Agency for International Development, the Immigration Service, the Police, NZDF, Customs, NZSIS, the Treasury, MoT (AvSec, MSA, and CAA), with provision to co-opt as appropriate.

10: This Committee replaced two former committees – the Ad Hoc Cabinet Committee on Intelligence and Security and the Ad Hoc Cabinet Committee on Domestic and External Security Coordination. Its Terms of Reference incorporate the Terms of Reference of both former committees.

page top