House of Representatives

Surveillance Legislation Amendment (Identify and Disrupt) Bill 2020

Addendum to the Explanatory Memorandum

(Circulated by authority of the Minister for Home Affairs, the Hon Karen Andrews MP)
This addendum responds to issues raised by the Senate Standing Committee for the Scrutiny of Bills in Scrutiny Digest No. 5 of 2021, dated 17 March 2021, the Parliamentary Joint Committee on Human Rights in Report 3 of 2021, dated 17 March 2021, and the Parliamentary Joint Committee on Intelligence and Security's Advisory Report on the Surveillance Legislation Amendment (Identify and Disrupt) Bill 2020, tabled 5 August 2021.

NOTES ON CLAUSES

Schedule 1 - Data disruption

Item 13 - At the end of Part 2

27KD What must a data disruption warrant contain?

On page 33, in paragraph 83, after the second sentence ending in "computer access warrants" insert the following sentence:

"Maintaining consistency in the length of time warrants can be issued allows different warrants to be sought and executed together, where relevant to the same investigation or operation."

On page 33, after paragraph 83, insert the following paragraph:

"Relevantly, this does not mean that all warrants will be issued for a period of 90 days. The period for which a warrant is in force will be determined by the issuing authority on a case-by-case basis depending on the circumstances of the application."

27KE What a data disruption warrant authorises

On page 40, after paragraph 135, insert the following new paragraph:

"While the eligible Judge or nominated AAT member may impose conditions to which the execution of the warrant would be subject, the eligible Judge or nominated AAT member may not impose a condition that is inconsistent with a statutory condition in subsection 27KE(12). For example, the eligible Judge or nominated AAT member could not impose a condition which authorises an action that results in loss or damage to data that causes the permanent loss of money, digital currency or property."

Item 28 - Subsection 44(1) (after paragraph (aa) of the definition of protected information )

On page 49, after paragraph 195, insert the following paragraph:

"Protected information is also subject to the destruction requirements in section 46 of the SD Act. Under section 46, the chief officer of a law enforcement agency must cause the destruction of any record or report referred in subsection 46(1), after the chief officer is satisfied the record or report is not likely to be required for a civil or criminal proceeding, and within 5 years unless the chief officer is satisfied the record or report is likely to be required for a civil or criminal proceeding."

On page 49, after paragraph 196, insert the following paragraphs:

"As a result of this item, information obtained under, or relating to, a data disruption warrant or an emergency authorisation is protected by the restrictions on use, communication and publication, in a consistent manner to information obtained under, or relating to, computer access warrants and surveillance device warrants under the SD Act. Likewise, the destruction requirements for information obtained under, or relating to, data disruption warrants and emergency authorisations are consistent with the destruction requirements for information obtained under, or relating to, computer access warrants and surveillance device warrants.

The ability to retain information for 5 years reflects the fact that some investigations and operations are complex and run over a long period of time. Requiring the security and destruction of records ensures that the private data of individuals accessed under a warrant is only handled by those with a legitimate need for access, and is not kept in perpetuity where there is not a legitimate reason for doing so."

Item 47 - After section 64A

64B Person with knowledge of a computer or a computer system to assist disruption of data etc.

On page 56, delete paragraph 238 and replace it with the following paragraphs:

"This item ensures that should the AFP or the ACIC be issued a data disruption warrant, they will be able to compel assistance in accessing devices, accessing and disrupting data, copying data, and converting documents. The intent of this provision is not to allow law enforcement to compel assistance from industry (for example, a telecommunications company), but rather from a person with knowledge of a computer to assist in disrupting data (such as a person who uses the computer). The provision does not replicate the industry assistance framework introduced by the Telecommunications and Other Legislation Amendment (Assistance and Access) Act 2018, or allow the AFP or the ACIC to circumvent the protections in that framework.

For an abundance of clarity, an assistance order cannot ever authorise the detention of persons."

Item 49 - After subsection 65(1A)

On page 59, after paragraph 257, insert the following paragraph:

"The item is intended to minimise lawfully obtained information being deemed invalid or unusable solely on the basis of a minor defect or irregularity in an otherwise valid warrant. Some examples of a defect or irregularity in the warrant may include a typographical error, misprint or minor damage to a written form warrant. Such defects or irregularities are minor, and would not affect the warrant's intended operation.

A defect or irregularity in this context could not be one that would cause the warrant to operate beyond the scope of what is authorised by the legislation."

Schedule 2 - Network activity warrants

Item 9 - At the end of Part 2

What must a network activity warrant contain?

On page 76, in paragraph 367, after the second sentence ending in "computer access warrant may be in effect (subsection 27D(3))" insert the following sentence:

"Maintaining consistency in the length of time warrants can be issued allows different warrants to be sought and executed together, where relevant to the same investigation or operation."

On page 76, after paragraph 367, insert the following paragraph:

"Relevantly, this does not mean that all warrants will be issued for a period of 90 days. The period for which a warrant is in force will be determined by the issuing authority on a case-by-case basis depending on the circumstances of the application."

Item 19 - After section 45A

45B Prohibition on use, recording, communication or publication of protected network activity warrant information or its admission in evidence

On page 91, after paragraph 458, insert the following paragraph:

"The ability to share information obtained under a network activity warrant with ASIO or an intelligence agency is intended to facilitate joint operations between the AFP and the ACIC and other members of the National Intelligence Community. These agencies currently conduct complex and interrelated intelligence operations, and may need to share information to support activities within their respective functions, in particular those in relation to safeguarding national security. For example, information collected under a network activity warrant about a terrorist organisation may be shared with ASIO if related to ASIO's functions. Information obtained under a network activity warrant, that is then communicated to ASIO and intelligence agencies, is protected by strict use and disclosure provisions in the Australian Security Intelligence Organisation Act 1979 and Intelligence Services Act 2001."

46AA Dealing with records obtained by accessing data under a network activity warrant

On page 94, in paragraph 478, after the final sentence ending in "listed in subsection 45B(5) or (7)", insert the following sentences:

"As with information collected under existing warrants in the SD Act, the ability to retain information for five years reflects the fact that some investigations and operations are complex and run over a long period of time. Requiring the security and destruction of records ensures that the private data of individuals accessed under a warrant is only handled by those with a legitimate need for access, and is not kept in perpetuity where there is not a legitimate reason for doing so."

Item 30 - After subparagraph 64A(1)(a)(i)

On page 97, delete paragraph 499 and replace it with the following paragraphs:

"This item amends section 64A to provide that a law enforcement officer may apply for an assistance order (under section 64A) to allow them to access data held in a computer that is the subject of a network activity warrant. This ensures that the AFP or the ACIC, with a network activity warrant, will be able to compel assistance in accessing devices. The intent of this provision is not to allow law enforcement to compel assistance from industry (for example, a telecommunications company), but rather from a person with knowledge of a computer to assist access (such as a person who uses the computer). The provision does not replicate the industry assistance framework introduced by the Telecommunications and Other Legislation Amendment (Assistance and Access) Act 2018, or allow the AFP or the ACIC to circumvent the protections in that framework.

For an abundance of clarity, an assistance order cannot ever authorise the detention of persons."

Item 32 - Paragraph 65(1A)(a)

On page 98, in paragraph 504, after the final sentence ending in "can be given in evidence", insert the following sentence:

"A defect or irregularity in this context could not be one that would cause the warrant to operate beyond the scope of what is authorised by the legislation."

Schedule 3 - Account takeover warrants

Item 4 - After Part IAAB

3ZZVG Person with knowledge of an online account to provide assistance

On page 166, replace paragraph 997 with the following paragraphs:

"New section 3ZZVG ensures that when an account takeover warrant or emergency authorisation is in place, a law enforcement officer will be able to compel assistance to take control of the online account that is the subject of the warrant or authorisation. The intent of this provision is not to allow law enforcement to compel assistance from industry (for example, a telecommunications company), but rather from a person with knowledge of an online account, such as a person holds or uses the account. Assistance provided by industry is governed by the industry assistance framework introduced by the Telecommunications and Other Legislation Amendment (Assistance and Access) Act 2018. The provision does not replicate that framework, or allow the AFP or the ACIC to circumvent the protections in that framework.

For an abundance of clarity, an assistance order cannot ever authorise the detention of persons"

3ZZVH Unauthorised use or disclosure of protected information

On page 170, in paragraph 1006, after the final sentence ending in "Criminal Code Act 1995", insert the following sentences:

"The defendant bears the evidential burden because the defendant would be best placed to explain his or her motivations when using or disclosing protected information, including how they were acting in accordance with one of the exceptions set out in subsections 3ZZVH(3) to (5)."

3ZZVJ Dealing with records obtained under, or relating to, account takeover warrants

On page 171, in paragraph 1010, after the final sentence ending in "subparagraph 3ZZVJ(b)(i)", insert the following sentences:

"These requirements are consistent with existing record-keeping and destruction obligations for computer access warrants and surveillance device warrants in section 46 of the SD Act. The ability to retain information for 5 years reflects the fact that some investigations and operations are complex and run over a long period of time. Requiring the security and destruction of records ensures that the private data of individuals accessed under a warrant is only handled by those with a legitimate need for access, and is not kept in perpetuity where there is not a legitimate reason for doing so."

3ZZVZ Evidentiary certificates

On page 180, after paragraph 1073, insert the following paragraph:

"However, these matters will only be details of sensitive information such as how the evidence was obtained and by whom. This is necessary to protect law enforcement agencies' sensitive capabilities and methodology. Evidentiary certificates do not establish the weight or veracity of the evidence itself, which is a matter for the court."

On page 180, after paragraph 1076, insert the following paragraph:

"A defendant will not be prevented from leading evidence to challenge an evidentiary certificate. They can seek to establish that acts taken in order to give effect to a warrant contravened the legislation, and put the party bringing the proceedings to further proof. Further, regardless of the evidentiary certificate regime, the prosecution will still have to make out all elements of any offence."


View full documentView full documentBack to top