Surveillance Legislation Amendment (Identify and Disrupt) Act 2021 (98 of 2021)
Schedule 1 Data disruption
Surveillance Devices Act 2004
13 At the end of Part 2
Add:
Division 5 - Data disruption warrants
27KAA Sunsetting
This Division ceases to have effect 5 years after it commences.
27KA Application for data disruption warrant
(1) A law enforcement officer of the Australian Federal Police or the Australian Crime Commission (or another person on the law enforcement officer's behalf) may apply for the issue of a data disruption warrant if the law enforcement officer suspects on reasonable grounds that:
(a) one or more relevant offences of a particular kind have been, are being, are about to be, or are likely to be, committed; and
(b) those offences involve, or are likely to involve, data held in a computer (the target computer ); and
(c) disruption of data held in the target computer is likely to substantially assist in frustrating the commission of one or more relevant offences that:
(i) involve, or are likely to involve, data held in the target computer; and
(ii) are of the same kind as the relevant offences referred to in paragraph (a).
Procedure for making applications
(2) An application under subsection (1) may be made to an eligible Judge or to a nominated AAT member.
(3) An application:
(a) must specify:
(i) the name of the applicant; and
(ii) the nature and duration of the warrant sought; and
(b) subject to this section, must be supported by an affidavit setting out:
(i) the grounds on which the warrant is sought; and
(ii) the things proposed to be authorised by the warrant in accordance with section 27KE; and
(iii) an assessment of how disruption of data held in the target computer is likely to substantially assist as described in paragraph (1)(c), to the extent that such an assessment is possible; and
(iv) an assessment of the likelihood that disruption of data held in the target computer will substantially assist as described in paragraph (1)(c), to the extent that such an assessment is possible.
Unsworn applications
(4) If a law enforcement officer believes that:
(a) immediate disruption of data held in the target computer referred to in subsection (1) is likely to substantially assist as described in paragraph (1)(c); and
(b) it is impracticable for an affidavit to be prepared or sworn before an application for a warrant is made;
an application for a warrant under subsection (1) may be made before an affidavit is prepared or sworn.
(5) If subsection (4) applies, the applicant must:
(a) provide as much information as the eligible Judge or nominated AAT member considers is reasonably practicable in the circumstances; and
(b) not later than 72 hours after the making of the application, send a duly sworn affidavit to the eligible Judge or nominated AAT member, whether or not a warrant has been issued.
Target computer
(6) The target computer referred to in subsection (1) may be any one or more of the following:
(a) a particular computer;
(b) a computer on particular premises;
(c) a computer associated with, used by or likely to be used by, a person (whose identity may or may not be known).
27KB Remote application
(1) If a law enforcement officer believes that it is impracticable for an application for a data disruption warrant to be made in person, the application may be made under section 27KA by telephone, fax, email or any other means of communication.
(2) If transmission by fax is available and an affidavit has been prepared, the person applying must transmit a copy of the affidavit, whether sworn or unsworn, to the eligible Judge or to the nominated AAT member who is to determine the application.
27KBA Endorsement of application - Australian Federal Police
(1) A law enforcement officer of the Australian Federal Police (or another person on the law enforcement officer's behalf) must not make an application for the issue of a data disruption warrant unless the making of the application has been endorsed, either orally or in writing, by an endorsing officer of the Australian Federal Police.
(2) An endorsing officer of the Australian Federal Police must not endorse the making of an application for the issue of a data disruption warrant unless the endorsing officer is satisfied that the making of the application is appropriate in all the circumstances.
(3) For the purposes of this section, an endorsing officer of the Australian Federal Police means:
(a) a law enforcement officer of the Australian Federal Police who is declared, in writing, by the chief officer of the Australian Federal Police to be an endorsing officer of the Australian Federal Police; or
(b) a person who is in a class of law enforcement officers of the Australian Federal Police that is declared, in writing, by the chief officer of the Australian Federal Police to be a class of endorsing officers of the Australian Federal Police.
(4) The chief officer of the Australian Federal Police must not make a declaration under paragraph (3)(a) in relation to a law enforcement officer of the Australian Federal Police unless:
(a) the law enforcement officer is a superintendent, or a person holding a higher rank, in the Australian Federal Police; and
(b) the chief officer is satisfied that the law enforcement officer has the relevant skills, knowledge and experience to endorse the making of applications for the issue of data disruption warrants; and
(c) the chief officer is satisfied that the law enforcement officer has completed all current internal training requirements relating to endorsing the making of applications for the issue of data disruption warrants.
(5) The chief officer of the Australian Federal Police must not make a declaration under paragraph (3)(b) in relation to a class of law enforcement officers of the Australian Federal Police unless:
(a) each person in that class is a superintendent, or a person holding a higher rank, in the Australian Federal Police; and
(b) the chief officer is satisfied that each person in that class has the relevant skills, knowledge and experience to endorse the making of applications for the issue of data disruption warrants; and
(c) the chief officer is satisfied that each person in that class has completed all current internal training requirements relating to endorsing the making of applications for the issue of data disruption warrants.
(6) A declaration under this section is not a legislative instrument.
27KBB Endorsement of application - Australian Crime Commission
(1) A law enforcement officer of the Australian Crime Commission (or another person on the law enforcement officer's behalf) must not make an application for the issue of a data disruption warrant unless the making of the application has been endorsed, either orally or in writing, by an endorsing officer of the Australian Crime Commission.
(2) An endorsing officer of the Australian Crime Commission must not endorse the making of an application for the issue of a data disruption warrant unless the endorsing officer is satisfied that the making of the application is appropriate in all the circumstances.
(3) For the purposes of this section, an endorsing officer of the Australian Crime Commission means:
(a) a law enforcement officer of the Australian Crime Commission who is declared, in writing, by the chief officer of the Australian Crime Commission to be an endorsing officer of the Australian Crime Commission; or
(b) a person who is in a class of law enforcement officers of the Australian Crime Commission that is declared, in writing, by the chief officer of the Australian Crime Commission to be a class of endorsing officers of the Australian Crime Commission.
(4) The chief officer of the Australian Crime Commission must not make a declaration under paragraph (3)(a) in relation to a law enforcement officer of the Australian Crime Commission unless:
(a) the law enforcement officer is an executive level member of the staff of the Australian Crime Commission; and
(b) the chief officer is satisfied that the law enforcement officer has the relevant skills, knowledge and experience to endorse the making of applications for the issue of data disruption warrants; and
(c) the chief officer is satisfied that the law enforcement officer has completed all current internal training requirements relating to endorsing the making of applications for the issue of data disruption warrants.
(5) The chief officer of the Australian Crime Commission must not make a declaration under paragraph (3)(b) in relation to a class of law enforcement officers of the Australian Crime Commission unless:
(a) each person in that class is an executive level member of the staff of the Australian Crime Commission; and
(b) the chief officer is satisfied that each person in that class has the relevant skills, knowledge and experience to endorse the making of applications for the issue of data disruption warrants; and
(c) the chief officer is satisfied that each person in that class has completed all current internal training requirements relating to endorsing the making of applications for the issue of data disruption warrants.
(6) A declaration under this section is not a legislative instrument.
27KC Determining the application
(1) An eligible Judge or a nominated AAT member may issue a data disruption warrant if satisfied:
(a) that there are reasonable grounds for the suspicion founding the application for the warrant; and
(b) the disruption of data authorised by the warrant is reasonably necessary and proportionate, having regard to the offences referred to in paragraph 27KA(1)(c); and
(c) in the case of an unsworn application - that it would have been impracticable for an affidavit to have been sworn or prepared before the application was made; and
(d) in the case of a remote application - that it would have been impracticable for the application to have been made in person.
(2) In determining whether a data disruption warrant should be issued, the eligible Judge or nominated AAT member must have regard to:
(a) the nature and gravity of the conduct constituting the offences referred to in paragraph 27KA(1)(c); and
(b) the likelihood that the disruption of data authorised by the warrant will frustrate the commission of the offences referred to in paragraph 27KA(1)(c); and
(c) the existence of any alternative means of frustrating the commission of the offences referred to in paragraph 27KA(1)(c); and
(ca) the nature of the things proposed to be authorised by the warrant in accordance with section 27KE; and
(cb) the extent to which the execution of the warrant is likely to result in access to, or disruption of, data of persons lawfully using a computer, and any privacy implications (to the extent known) resulting from that access or disruption; and
(cc) any steps that are proposed to be taken to avoid or minimise the extent to which the execution of the warrant is likely to impact on persons lawfully using a computer; and
(cd) the extent to which the execution of the warrant is likely to cause a person to suffer a temporary loss of:
(i) money; or
(ii) digital currency; or
(iii) property (other than data);
so far as that matter is known to the eligible Judge or nominated AAT member; and
(ce) if:
(i) the eligible Judge or nominated AAT member believes on reasonable grounds that the data covered by the warrant (within the meaning of section 27KE) is data of a person who is working in a professional capacity as a journalist or of an employer of such a person; and
(ii) each of the offences referred to in paragraph 27KA(1)(c) is an offence against a secrecy provision;
whether the public interest in issuing the warrant outweighs:
(iii) the public interest in protecting the confidentiality of the identity of the journalist's source; and
(iv) the public interest in facilitating the exchange of information between journalists and members of the public so as to facilitate reporting of matters in the public interest; and
(d) any previous warrant sought or issued under this Division in relation to the alleged relevant offences referred to in paragraph 27KA(1)(c).
(3) For the purposes of having regard to the nature and gravity of the conduct constituting the offences referred to in paragraph 27KA(1)(c), the eligible Judge or a nominated AAT member must give weight to the following matters:
(a) whether that conduct amounts to:
(i) an activity against the security of the Commonwealth; or
(ii) an offence against Chapter 5 of the Criminal Code;
(b) whether that conduct amounts to:
(i) an activity against the proper administration of Government; or
(ii) an offence against Chapter 7 of the Criminal Code;
(c) whether that conduct:
(i) causes, or has the potential to cause, serious violence, or serious harm, to a person; or
(ii) amounts to an offence against Chapter 8 of the Criminal Code;
(d) whether that conduct:
(i) causes, or has the potential to cause, a danger to the community; or
(ii) amounts to an offence against Chapter 9 of the Criminal Code;
(e) whether that conduct:
(i) causes, or has the potential to cause, substantial damage to, or loss of, data, property or critical infrastructure; or
(ii) amounts to an offence against Chapter 10 of the Criminal Code;
(f) whether that conduct involves, or is related to, the commission of:
(i) transnational crime; or
(ii) serious crime; or
(iii) organised crime;
that is not covered by any of the preceding paragraphs.
(4) Subsection (3) does not limit the matters that may be considered by the eligible Judge or nominated AAT member.
(5) To avoid doubt, this Act does not prevent a data disruption warrant from being issued in a case where the conduct constituting the offences referred to in paragraph 27KA(1)(c) is not covered by subsection (3).
(6) For the purposes of this section, secrecy provision means a provision of a law of the Commonwealth or of a State that prohibits:
(a) the communication, divulging or publication of information; or
(b) the production of, or the publication of the contents of, a document.
27KD What must a data disruption warrant contain?
(1) A data disruption warrant must:
(a) state that the eligible Judge or nominated AAT member issuing the warrant is satisfied of the matters referred to in subsection 27KC(1) and has had regard to the matters referred to in subsection 27KC(2); and
(b) specify:
(i) the name of the applicant; and
(ii) the alleged relevant offences referred to in paragraph 27KA(1)(c); and
(iii) the date the warrant is issued; and
(iv) if the target computer is or includes a particular computer - the computer; and
(v) if the target computer is or includes a computer on particular premises - the premises; and
(vi) if the target computer is or includes a computer associated with, used by or likely to be used by, a known person - the person (whether by name or otherwise); and
(vii) the period during which the warrant is in force (see subsection (2)); and
(viii) the name of the law enforcement officer primarily responsible for executing the warrant; and
(ix) any conditions subject to which things may be done under the warrant.
(2) A warrant may only be issued for a period of no more than 90 days.
Note: The access to, or disruption of, data held in the target computer pursuant to a warrant may be discontinued earlier - see section 27KH.
(3) In the case of a warrant authorising access to, or disruption of, data held in the target computer on premises that are vehicles, the warrant need only specify the class of vehicle in relation to which the access to, and disruption of, data held in the target computer is authorised.
(4) A warrant must be signed by the person issuing it and include the person's name.
(5) As soon as practicable after completing and signing a warrant issued on a remote application, the person issuing it must:
(a) inform the applicant of:
(i) the terms of the warrant; and
(ii) the date on which, and the time at which, the warrant was issued; and
(b) give the warrant to the applicant while retaining a copy of the warrant for the person's own record.
27KE What a data disruption warrant authorises
(1) A data disruption warrant must authorise the doing of specified things (subject to any restrictions or conditions specified in the warrant) in relation to the relevant target computer.
(2) The things that may be specified are any of the following that the eligible Judge or nominated AAT member considers appropriate in the circumstances:
(a) entering specified premises for the purposes of doing the things mentioned in this subsection;
(b) entering any premises for the purposes of gaining entry to, or exiting, the specified premises;
(c) using:
(i) the target computer; or
(ii) a telecommunications facility operated or provided by the Commonwealth or a carrier; or
(iii) any other electronic equipment; or
(iv) a data storage device;
for the following purposes:
(v) obtaining access to data (the relevant data ) that is held in the target computer at any time while the warrant is in force, in order to determine whether the relevant data is covered by the warrant;
(vi) disrupting the relevant data at any time while the warrant is in force, if doing so is likely to assist in frustrating the commission of one or more relevant offences covered by the warrant;
(d) if necessary to achieve the purpose mentioned in subparagraph (c)(v) or (vi) - adding, copying, deleting or altering other data in the target computer;
(e) if, having regard to other methods (if any) of obtaining access to, or disrupting, the relevant data which are likely to be as effective, it is reasonable in all the circumstances to do so:
(i) using any other computer or a communication in transit to access or disrupt the relevant data; and
(ii) if necessary to achieve that purpose - adding, copying, deleting or altering other data in the computer or the communication in transit;
(f) removing a computer or other thing from premises for the purposes of doing any thing specified in the warrant in accordance with this subsection, and returning the computer or other thing to the premises;
(g) copying any data to which access has been obtained, and that:
(i) appears to be relevant for the purposes of determining whether the relevant data is covered by the warrant; or
(ii) is covered by the warrant;
(h) intercepting a communication passing over a telecommunications system, if the interception is for the purposes of doing any thing specified in the warrant in accordance with this subsection;
(i) any other thing reasonably incidental to any of the above.
Note: As a result of the warrant, a person who, by means of a telecommunications facility, obtains access to data stored in a computer etc. will not commit an offence under Part 10.7 of the Criminal Code or equivalent State or Territory laws (provided that the person acts within the authority of the warrant).
(3) If:
(a) a data disruption warrant authorises the removal of a computer or other thing from premises as mentioned in paragraph (2)(f); and
(b) a computer or thing is removed from the premises in accordance with the warrant;
the computer or thing must be returned to the premises as soon as is reasonably practicable to do so once the computer or thing is no longer required for the purposes of doing any thing authorised by the warrant.
(4) For the purposes of paragraph (2)(g), if:
(a) access has been obtained to data; and
(b) the data is subject to a form of electronic protection;
the data is taken to be relevant for the purposes of determining whether the relevant data is covered by the warrant.
When data is covered by a warrant
(5) For the purposes of this section, data is covered by a warrant if disruption of the data is likely to substantially assist as described in paragraph 27KA(1)(c).
When a relevant offence is covered by a warrant
(6) For the purposes of this section, a relevant offence is covered by a warrant if the relevant offence is referred to in paragraph 27KA(1)(c).
Certain acts not authorised
(7) Subsection (2) does not authorise the addition, deletion or alteration of data, or the doing of any thing, that is likely to:
(a) materially interfere with, interrupt or obstruct:
(i) a communication in transit; or
(ii) the lawful use by other persons of a computer;
unless the addition, deletion or alteration, or the doing of the thing, is necessary to do one or more of the things specified in the warrant; or
(b) cause any other material loss or damage to other persons lawfully using a computer, unless the loss or damage is reasonably necessary, and proportionate, to do one or more of the things specified in the warrant.
Warrant must provide for certain matters
(8) A data disruption warrant must:
(a) authorise the use of any force against persons and things that is necessary and reasonable to do the things specified in the warrant; and
(b) if the warrant authorises entering premises - state whether entry is authorised to be made at any time of the day or night or during stated hours of the day or night.
Concealment of access etc.
(9) If any thing has been done in relation to a computer under:
(a) a data disruption warrant; or
(b) this subsection;
then, in addition to the things specified in the warrant, the warrant authorises the doing of any of the following:
(c) any thing reasonably necessary to conceal the fact that any thing has been done under the warrant or under this subsection;
(d) entering any premises where the computer is reasonably believed to be, for the purposes of doing the things mentioned in paragraph (c);
(e) entering any other premises for the purposes of gaining entry to or exiting the premises referred to in paragraph (d);
(f) removing the computer or another thing from any place where it is situated for the purposes of doing the things mentioned in paragraph (c), and returning the computer or other thing to that place;
(g) if, having regard to other methods (if any) of doing the things mentioned in paragraph (c) which are likely to be as effective, it is reasonable in all the circumstances to do so:
(i) using any other computer or a communication in transit to do those things; and
(ii) if necessary to achieve that purpose - adding, copying, deleting or altering other data in the computer or the communication in transit;
(h) intercepting a communication passing over a telecommunications system, if the interception is for the purposes of doing any thing mentioned in this subsection;
(i) any other thing reasonably incidental to any of the above;
at the following time:
(j) at any time while the warrant is in force or within 28 days after it ceases to be in force;
(k) if none of the things mentioned in paragraph (c) are done within the 28-day period mentioned in paragraph (j) - at the earliest time after that 28-day period at which it is reasonably practicable to do the things mentioned in paragraph (c).
(10) Subsection (9) does not authorise the doing of a thing that is likely to:
(a) materially interfere with, interrupt or obstruct:
(i) a communication in transit; or
(ii) the lawful use by other persons of a computer;
unless the doing of the thing is necessary to do one or more of the things specified in subsection (9); or
(b) cause any other material loss or damage to other persons lawfully using a computer, unless the loss or damage is reasonably necessary, and proportionate, to do one or more of the things specified in the warrant or authorised by subsection (9).
(11) If a computer or another thing is removed from a place in accordance with paragraph (9)(f), the computer or thing must be returned to the place as soon as is reasonably practicable to do so once the computer or thing is no longer required for the purposes of doing any thing mentioned in paragraph (9)(c).
Statutory conditions
(12) A data disruption warrant is subject to the following conditions:
(a) the warrant must not be executed in a manner that results in loss or damage to data unless the damage is reasonably necessary, and proportionate, to do one or more of the things specified in the warrant or authorised by subsection (9);
(b) the warrant must not be executed in a manner that causes a person to suffer a permanent loss of:
(i) money; or
(ii) digital currency; or
(iii) property (other than data).
(13) Subsection (12) does not, by implication, limit the conditions to which a data disruption warrant may be subject.
(14) The conditions set out in subsection (12) must be specified in a data disruption warrant.
27KF Extension and variation of data disruption warrant
(1) A law enforcement officer to whom a data disruption warrant has been issued (or another person on the law enforcement officer's behalf) may apply, at any time before the expiry of the warrant:
(a) for an extension of the warrant for a period of no more than 90 days after the day the warrant would otherwise expire; or
(b) for a variation of any of the other terms of the warrant.
(2) The application is to be made to an eligible Judge or to a nominated AAT member and must be accompanied by the original warrant.
(3) Sections 27KA and 27KB apply, with any necessary changes, to an application under this section as if it were an application for the warrant.
(4) The eligible Judge or nominated AAT member may grant an application if satisfied that the matters referred to in subsection 27KC(1) still exist, having regard to the matters in subsection 27KC(2).
(5) If the eligible Judge or nominated AAT member grants the application, the eligible Judge or nominated AAT member must endorse the new expiry date or the other varied term on the original warrant.
(6) An application may be made under this section more than once.
27KG Revocation of data disruption warrant
(1) A data disruption warrant may, by instrument in writing, be revoked by an eligible Judge or nominated AAT member on the initiative of the eligible Judge or nominated AAT member at any time before the expiration of the period of validity specified in the warrant.
(2) If the circumstances set out in subsection 27KH(2) apply in relation to a data disruption warrant, the chief officer of the law enforcement agency to which the law enforcement officer to whom the warrant was issued belongs or is seconded must, by instrument in writing, revoke the warrant.
(3) The instrument revoking a warrant must be signed by the eligible Judge, the nominated AAT member or the chief officer of the law enforcement agency, as the case requires.
(4) If an eligible Judge or nominated AAT member revokes a warrant, the eligible Judge or nominated AAT member must give a copy of the instrument of revocation to the chief officer of the law enforcement agency to which the law enforcement officer to whom the warrant was issued belongs or is seconded.
(5) If:
(a) an eligible Judge or nominated AAT member revokes a warrant; and
(b) at the time of the revocation, a law enforcement officer is executing the warrant;
the law enforcement officer is not subject to any civil or criminal liability for any act done in the proper execution of that warrant before the officer is made aware of the revocation.
27KH Discontinuance of access and disruption under warrant
Scope
(1) This section applies if a data disruption warrant is issued.
Discontinuance of access and disruption
(2) If:
(a) the data disruption warrant has been sought by or on behalf of a law enforcement officer; and
(b) the chief officer of the law enforcement agency to which the law enforcement officer belongs or is seconded is satisfied that access to, and disruption of, data under the warrant is no longer required for the purposes referred to in paragraph 27KA(1)(c);
the chief officer must, in addition to revoking the warrant under section 27KG, take the steps necessary to ensure that access to, and disruption of, data authorised by the warrant is discontinued.
(3) If the chief officer of a law enforcement agency is notified that a warrant has been revoked by an eligible Judge or a nominated AAT member under section 27KG, the chief officer must take the steps necessary to ensure that access to, and disruption of, data authorised by the warrant is discontinued as soon as practicable.
(4) If the law enforcement officer to whom the warrant is issued, or who is primarily responsible for executing the warrant, believes that access to, and disruption of, data under the warrant is no longer necessary for the purposes referred to in paragraph 27KA(1)(c), the law enforcement officer must immediately inform the chief officer of the law enforcement agency to which the law enforcement officer belongs or is seconded.
27KJ Relationship of this Division to parliamentary privileges and immunities
To avoid doubt, this Division does not affect the law relating to the powers, privileges and immunities of any of the following:
(a) each House of the Parliament;
(b) the members of each House of the Parliament;
(c) the committees of each House of the Parliament and joint committees of both Houses of the Parliament.
Copyright notice
© Australian Taxation Office for the Commonwealth of Australia
You are free to copy, adapt, modify, transmit and distribute material on this website as you wish (but not in any way that suggests the ATO or the Commonwealth endorses you or any of your services or products).