Secure encrypted email (SEEMail)

Secure email environment between New Zealand public sector agencies which protects information classified as IN-CONFIDENCE, SENSITIVE or RESTRICTED.
SEEMail is opt-in for all eligible public sector agencies.

SEEMail is opt-in for all eligible public sector agencies.
Status Operational

Agency Contact

Department of Internal Affairs Sandeep Dalvi SEEMail Product Manager +64 4 462 0138

Service Description

SEEMail secures email traffic over the internet between participating New Zealand public sector agencies. The system is a gateway-to-gateway encrypted email service where the email is encrypted and decrypted by the agency’s SEEMail server and not at the end device i.e. a user’s PC, laptop or mobile.

SEEMail is approved to protect information classified IN-CONFIDENCE, SENSITIVE or RESTRICTED.


Participating SEEMail agencies have deployed agency-accredited secure email gateways (sign and encrypt sensitive messages using Secure Multipurpose Internet Mail Extension - S/MIME).

Dimension Data New Zealand provides the SEEMail PKI (certificate management and LDAP infrastructure) and is contracted under the one.govt agreement. Dimension Data directly invoices the Certificate Authority Management charges to SEEMail Participating Agencies. This does not require one.govt participation. 

Each participating agency must engage the services of an authorised SEEMail gateway provider.


If SEEMail is used appropriately by participating agencies, users can be confident that:

  • no one outside the sending participating agency can read the email when it is in transit
  • no one outside the sender’s participating agency can alter the message
  • the email does in fact come from the participating agency as claimed
  • all email traffic between participating agencies is secured
  • all email traffic between participating agencies authenticates the sending agency
  • email marked [SEEMAIL] and [IN-CONFIDENCE], [SENSITIVE] or [RESTRICTED] can only be read by the recipient participating agency and cannot be inadvertently sent to non-participating agencies.

Lead Agency

Department of Internal Affairs

Adopting the service

Agencies wanting to take up SEEMail do not need to undertake a full procurement process. Lead Agency has procured the product on behalf of all agencies and has signed a Lead Agency Agreement with the vendor.

Agencies can take advantage of the work done by the Lead Agency by contacting the product manager and following the process below. 

  1. send a community membership request through the SEEMail Member Portal
  2. once authorised to join the SEEMail community, source SEEMail gateway services from an authorised gateway provider
  3. the SEEMail Registration Authority and the authorised gateway provider will transition the service when the Terms of Use has been agreed.

Lead Agency Agreement summary

  • Closed Supplier Panel
  • Syndicated
  • Initial ten-year agreement, signed in 2009, with one two-year op

Lead Agency Agreement details

The Department of Internal Affairs has contracted management of the SEEMail PKI (certificate management and LDAP infrastructure) to Dimension Data New Zealand and, through it, Liverton. Separation of duties is a contractual requirement. Each SEEMail Participating Agency has a direct commercial agreement with their preferred authorised gateway provider.

The contract term between the Department of Internal Affairs and Dimension Data New Zealand is for an initial term of 10 years to 2019 with one two-year renewal option.

Supplier Information

Authorised SEEMail Gateway suppliers

  • Liverton Security Limited
  • Scientific Software & Systems (SSS-IT Security Specialists)
  • M86 Security NZ Limited (Trustwave)
  • Dimension Data New Zealand Limited
  • Datacom Systems Limited
  • Spark New Zealand Trading Limited
  • Vodafone New Zealand Limited
  • SMX Limited

Provides a gateway service for SEEMail and also provides the SEEMail PKI/Certificate Authority Management service.

Contract Began January 2009