House of Representatives

Surveillance Legislation Amendment (Identify and Disrupt) Bill 2020

Revised Explanatory Memorandum

Circulated by authority of the Minister for Home Affairs, the Honourable Karen Andrews MP
This memorandum takes account of amendments made by the House of Representatives to the bill as introduced.

GENERAL OUTLINE

1. The Surveillance Legislation Amendment (Identify and Disrupt) Bill 2020 amends the Surveillance Devices Act 2004 (SD Act), the Crimes Act 1914 (Crimes Act) and associated legislation to introduce new law enforcement powers to enhance the ability of the Australian Federal Police (AFP) and the Australian Criminal Intelligence Commission (ACIC) to combat online serious crime.

2. Cyber-enabled serious and organised crime, often enabled by the dark web and other anonymising technologies, such as bespoke encrypted devices for criminal use, present a direct challenge to community safety and the rule of law. For example, on the dark web criminals carry out their activities with a lower risk of identification and apprehension. Many anonymising technologies and criminal methodologies can be combined for cumulative effect, meaning it is technically difficult, and time and resource intensive, for law enforcement to take effective action. Just as online criminals are constantly changing their operations and reacting to new environments, the law must adapt in order to give law enforcement agencies effective powers of response.

3. Existing electronic surveillance powers, while useful for revealing many aspects of online criminality, are not suitably adapted to identifying and disrupting targets where those targets are actively seeking to obscure their identity and the scope of their activities. Without the critical first step of being able to identify potential offenders, investigations into serious and organised criminality can fall at the first hurdle. Being able to understand the networks that criminals are involved in and how they conduct their crimes is also a crucial step toward prosecution.

4. This Bill addresses gaps in the legislative framework to better enable the AFP and the ACIC to collect intelligence, conduct investigations, disrupt and prosecute the most serious of crimes, including child abuse and exploitation, terrorism, the sale of illicit drugs, human trafficking, identity theft and fraud, assassinations, and the distribution of weapons.

5. The Bill contains the necessary safeguards, including oversight mechanisms and controls on the use of information, to ensure that the AFP and the ACIC use these powers in a targeted and proportionate manner to minimise the potential impact on legitimate users of online platforms.

6. The Bill introduces three new powers for the AFP and the ACIC. They are:

Data disruption warrants to enable the AFP and the ACIC to disrupt data by modifying, adding, copying or deleting in order to frustrate the commission of serious offences online
Network activity warrants to allow agencies to collect intelligence on serious criminal activity being conducted by criminal networks, and
Account takeover warrants to provide the AFP and the ACIC with the ability to take control of a person's online account for the purposes of gathering evidence to further a criminal investigation.

7. The Bill also introduces sunset provisions for warrants and emergency authorisations under the Bill.

Schedule 1: Data disruption warrants

8. Schedule 1 amends the SD Act to introduce data disruption warrants. These warrants will allow the AFP and the ACIC to disrupt criminal activity that is being facilitated or conducted online by using computer access techniques.

9. A data disruption warrant will allow the AFP and the ACIC to add, copy, delete or alter data to allow access to and disruption of relevant data in the course of an investigation for the purposes of frustrating the commission of an offence. This will be a covert power also permitting the concealment of those activities. Whilst this power will not be sought for the purposes of evidence gathering, information collected in the course of executing a data disruption warrant will be available to be used in evidence in a prosecution.

10. The purpose of the data disruption warrant is to offer an alternative action to the AFP and the ACIC, where the usual circumstances of investigation leading to prosecution are not necessarily the option guaranteeing the most effective outcome. For example, removing content or altering access to content (such as child exploitation material), could prevent the continuation of criminal activity by participants, and be the safest and most expedient option where those participants are in unknown locations or acting under anonymous or false identities. Under these circumstances, it may be prudent for the AFP or the ACIC to obtain a data disruption warrant.

11. Applications for data disruption warrants must be made to an eligible Judge or nominated Administrative Appeals Tribunal (AAT) member. A data disruption warrant may be sought by a law enforcement officer of the AFP or the ACIC if that officer suspects on reasonable grounds that:

one or more relevant offences are being, are about to be, or are likely to be, committed, and
those offences involve, or are likely to involve, data held in a computer, and
disruption of data held in the target computer is likely to substantially assist in frustrating the commission of one or more of the relevant offences previously specified that involve, or are likely to involve, data held in the target computer.

12. An eligible Judge or nominated AAT member may issue a data disruption warrant if satisfied that there are reasonable grounds for the suspicion founding the application for the warrant and the disruption of data authorised by the warrant is reasonably necessary and proportionate, having regard to the offences specified in the application. The issuing authority will consider, amongst other things, the nature and gravity of the conduct targeted and the existence of any alternative means of frustrating the commission of the offences.

13. Information obtained under data disruption warrants will be 'protected information' under the SD Act and be subject to strict limits for use and disclosure. Consistent with existing warrants in the SD Act, compliance with the data disruption warrant regime will be overseen by the Commonwealth Ombudsman.

14. It is anticipated that the Australian Signals Directorate (ASD) may provide assistance to the AFP and the ACIC in relation to data disruption. This would be facilitating through ASD's existing functions under paragraph 7(1)(e) of the Intelligence Services Act 2001 (the IS Act) and the information sharing provisions in the SD Act. ASD's assistance under paragraph 7(1)(e) of the IS Act will be overseen by the IGIS, consistent with other ASD powers.

15. If an ASD officer is seconded to the AFP or the ACIC, they would only have access to the powers and functions of an AFP or ACIC staff member, and not those available to an ASD staff member. In this scenario, the use of those powers and functions would be subject to oversight by the Ombudsman, consistent with other powers of the AFP or ACIC.

16. This is because oversight agencies oversee the activities of an agency, not an individual. Oversight arrangements are determined by reference to the agency which is exercising the powers.

Schedule 2: Network activity warrants

17. Network activity warrants will allow the AFP and the ACIC to collect intelligence on criminal networks operating online by permitting access to the devices and networks used to facilitate criminal activity.

18. These warrants will be used to target criminal networks about which very little is known, for example where the AFP or the ACIC know that there is a group of persons using a particular online service or other electronic platform to carry out criminal activity but the details of that activity are unknown. Network activity warrants will allow agencies to target the activities of criminal networks to discover the scope of criminal offending and the identities of the people involved. For example, a group of people accessing a website hosting child exploitation material and making that material available for downloading or streaming, will be able to be targeted under a network activity warrant.

19. Intelligence collection under a network activity warrant will allow the AFP and the ACIC to more easily identify those hiding behind anonymising technologies. This will support more targeted investigative powers being deployed, such as computer access warrants, interception warrants or search warrants.

20. Network activity warrants will allow the AFP and the ACIC to access data in computers used, or likely to be used, by a criminal network over the life of the warrant. This means that data does not have to be stored on the devices, but can be temporarily linked, stored, or transited through them. This will ensure data that is unknown or unknowable at the time the warrant is issued can be discovered, including data held on devices that have disconnected from the network once the criminal activity has been carried out (for example, a person who disconnected from a website after downloading child exploitation material).

21. The AFP and the ACIC will be authorised to add, copy, delete or alter data if necessary to access the relevant data to overcome security features like encryption. Data that is subject to some form of electronic protection may need to be copied and analysed before its relevancy or irrelevancy can be determined.

22. Applications for network activity warrants must be made to an eligible Judge or nominated AAT member. A network activity warrant may be sought by the chief officer of the AFP or the ACIC (or a delegated Senior Executive Service (SES) member of the agency) if there are reasonable grounds for suspecting that:

a group of individuals are using the same electronic service or are communicating by electronic communications to engage in, facilitate or communicate about the engagement in, or facilitation of, criminal activity constituting the commission of one or more relevant offences, and
access to data held in computers will substantially assist in the collection of intelligence about those criminal networks of individuals in respect of a matter that is relevant to the prevention, detection or frustration of one or more kinds of relevant offences.

23. There are strict prohibitions on the use of information obtained under a network activity warrant. Information obtained under a network activity warrant is for intelligence only, and will not be permitted to be used in evidence in criminal proceedings, other than for a breach of the secrecy provisions of the SD Act. Network activity warrant information may, however, be the subject of derivative use, allowing it to be cited in an affidavit on application for another investigatory power, such as a computer access warrant or telecommunications interception warrant. This will assist agencies in deploying more sensitive capabilities, with confidence that they would not be admissible in court.

24. The Inspector-General of Intelligence and Security (IGIS) will have oversight responsibility for network activity warrants given their nature as an intelligence collection tool. This approach departs from the traditional model of oversight by the Commonwealth Ombudsman of the use of electronic surveillance powers by the AFP and the ACIC. However, the approach is consistent with the oversight arrangements for intelligence collection powers available to other agencies, including the Australian Security Intelligence Organisation (ASIO) and the ASD.

25. The Bill also provides that the IGIS and the Commonwealth Ombudsman will be able to share information where it is relevant to exercising powers, or performing functions or duties, as an IGIS or Ombudsman official. This ensures that where a matter may arise during an inspection that would more appropriately be dealt with by the other oversight body, a framework is in place for the transfer of network activity warrant information, allowing efficient and comprehensive oversight to occur.

Schedule 3: Account takeover warrants

26. The Bill inserts account takeover warrants into the Crimes Act. These warrants will enable the AFP and the ACIC to take control of a person's online account for the purposes of gathering evidence about serious offences.

27. Currently, agencies can only take over a person's account with the person's consent. An account takeover power will facilitate covert and forced takeovers to add to their investigative powers.

28. An AFP or ACIC officer may apply to a magistrate for an account takeover warrant to take control of an online account, and prevent the person's continued access to that account. Before issuing the account takeover warrant, the magistrate will need to be satisfied that there are reasonable grounds for suspicion that an account takeover is necessary for the purpose of enabling evidence to be obtained of a serious Commonwealth offence or a serious State offence that has a federal aspect. In making this determination, the nature and extent of the suspected criminal activity must justify the conduct of the account takeover.

29. This power enables the action of taking control of the person's account and locking the person out of the account. Any other activities, such as accessing data on the account, gathering evidence, or performing undercover activities such as taking on a false identity, must be performed under a separate warrant or authorisation. Those actions are not authorised by an account takeover warrant. The account takeover warrant is designed to support existing powers, such as computer access and controlled operations, and is not designed to be used in isolation. Strict safeguards will be enforced to ensure account takeover warrants are exercised with consideration for a person's privacy and the property of third parties. There are strong protections on the use of information collected under the power.

30. The Bill will require the agencies to make annual reports to the Commonwealth Ombudsman and the Minister for Home Affairs on the use of account takeover warrants during that period. There are also annual reports to the Minister for Home Affairs that are required to be tabled in Parliament.

Schedule 3A: Reviews

31. Schedule 3A will introduce a legislative basis for independent and parliamentary review of powers contained in the Bill.

32. In particular, the Independent National Security Legislation Monitor must commence review the operation, effectiveness and implications of Schedules 1, 2 and 3 of the Bill within three years of the day that it receives Royal Assent, and the Parliamentary Joint Committee on Intelligence and Security (PJCIS), if it resolves to do so, is to commence its review as soon as practicable after four years from the day it receives Royal Assent.

Schedule 4: Controlled operations

33. Schedule 4 will introduce minor amendments to Part IAB of the Crimes Act to enhance the AFP and the ACIC's ability to conduct controlled operations online.

34. In particular, the Bill amends the requirement for illicit goods, including content such as child abuse material, to be under the control of the AFP and the ACIC at the conclusion of an online controlled operation.

35. This is intended to address how easy data is to copy and disseminate, and the limited guarantee that all illegal content will be able to be under the control of the AFP and the ACIC at the conclusion of an online controlled operation.

36. This amendment will not change the overall intent of the controlled operations, which is to allow for evidence collection.

Schedule 5: Minor corrections

37. Schedule 5 will make minor technical corrections to the SD Act and the Telecommunications (Interception and Access) Act 1979.

ABBREVIATIONS used in the Explanatory Memorandum

AAT Administrative Appeals Tribunal

AIC Australian Intelligence Community (comprising ASIO, ASIS, ASD, AGO, DIO and ONI)

ACIC Australian Criminal Intelligence Commission (established as the Australian Crime Commission in the ACC Act)

ACC Act Australian Crime Commission Act 2002

ACLEI Australian Commission for Law Enforcement Integrity

AFP Australian Federal Police

AFP Act Australian Federal Police Act 1979

AGO Australian Geospatial-Intelligence Organisation

AHRC Australian Human Rights Commission

AHRC Act Australian Human Rights Commission Act 1986

ASD Australian Signals Directorate

ASIO Australian Security Intelligence Organisation

ASIO Act Australian Security Intelligence Organisation Act 1979

ASIS Australian Secret Intelligence Service

CEO Chief Executive Officer

Crimes Act Crimes Act 1914

Criminal Code Schedule 1, Criminal Code Act 1995

DIO Defence Intelligence Organisation

IGADF Inspector-General of the Australian Defence Force

IGIS Office of the Inspector-General of Intelligence and Security

IGIS Act Inspector-General of Intelligence and Security Act 1986

IC Act Australian Information Commissioner Act 2010

Inspector-General The individual holding the statutory position of Inspector-General of Intelligence and Security, under section 6 of the IGIS Act

Integrity bodies The Ombudsman, the Australian Human Rights Commission, the Information Commissioner, the Integrity Commissioner, and the Inspector-General of the Australian Defence Force

IS Act Intelligence Services Act 2001

LEIC Act Law Enforcement Integrity Commissioner Act 2006

NIC National Intelligence Community (comprising ASIO, ASIS, ASD, AGO, DIO, ONI, the ACIC, and the intelligence functions of the AFP, AUSTRAC and the Department of Home Affairs)

Ombudsman Commonwealth Ombudsman

Ombudsman Act Ombudsman Act 1976

ONI Office of National Intelligence

PJCIS Parliamentary Joint Committee on Intelligence and Security

PID Public interest disclosure

PID Act Public Interest Disclosure Act 2013

Privacy Act Privacy Act 1988

SD Act Surveillance Devices Act 2004

TIA Act Telecommunications (Interception and Access) Act 1979

TOLA Telecommunications and other Legislation Amendment (Assistance and Access) Act 2018

FINANCIAL IMPACT

38. Nil, as all financial impacts for the 2021-2022 financial year will be met from existing appropriations. Any ongoing costs will be considered in future budgets.


Copyright notice

© Australian Taxation Office for the Commonwealth of Australia

You are free to copy, adapt, modify, transmit and distribute material on this website as you wish (but not in any way that suggests the ATO or the Commonwealth endorses you or any of your services or products).