House debates
Tuesday, 24 August 2021
Bills
Surveillance Legislation Amendment (Identify and Disrupt) Bill 2020; Second Reading
4:43 pm
Andrew Giles (Scullin, Australian Labor Party, Shadow Minister for Cities and Urban Infrastructure) Share this | Link to this | Hansard source
I rise to speak on the Surveillance Legislation Amendment (Identify and Disrupt) Bill 2020. The Surveillance Legislation Amendment (Identify and Disrupt) Bill 2020 will amend the Surveillance Devices Act 2004, the Crimes Act 1914 and associated legislation to introduce new law enforcement powers to enhance the ability of the Australian Federal Police and the Australian Criminal Intelligence Commission to combat cyber-enabled serious and organised crime enabled by the dark web and other anonymising technologies. I want to be very clear that this is a bill which Labor supports. The cybercapabilities of criminal networks have expanded, and we know that they are using the dark web and anonymising technology to facilitate serious crime, which is creating significant challenges for law enforcement, in respect of which the parliament must respond. It is evident that Australia's laws at present are not suitably adapted to identifying and disrupting criminals who are actively seeking to obscure their identity and the scope of their activities, so these laws must be made fit for purpose, after due deliberation and consideration and with appropriate safeguards set in place given the novel and broad scope of the provisions contained in this bill.
The bill is aimed at modernising our law enforcement and intelligence legal framework to better equip the AFP and the ACIC to deal with serious cyber-enabled crime and it will do so through three substantive changes in the form of three new warrants: firstly, a data disruption warrant which enables the AFP and the ACIC to access data on one or more computers and perform disruption activities for the purpose of frustrating the commission of criminal activity; secondly, a network activity warrant to enable the AFP and ACIC to collect intelligence on criminal networks operating online; and, thirdly, an account takeover warrant to allow the agencies to take over a person's online account for the purposes of gathering evidence of criminal activity. The bill also provides for minor amendments to the controlled operations regime so as to ensure controlled operations can be conducted effectively in the online environment.
The powers in the Surveillance Legislation Amendment (Identify and Disrupt) Bill are extraordinary. The question before us therefore is whether, in all the circumstances, these are warranted, and, if so, are there sufficient safeguards in place? That's why the Parliamentary Joint Committee on Intelligence and Security carefully examined the government's bill and why we should pay very careful regard to its findings and how they have been responded to by the government in the bill before us and more broadly.
Labor has always sought to engage constructively when it comes to these very difficult, very important questions of keeping the community safe in a changing environment. I acknowledge the thoughtful and critical work of my Labor colleagues on this committee—and, indeed, all the members of that important committee. The committee heard concerns in respect of the initial bill that relate to a number of issues: the issuing authority for warrants; the necessity and proportionality of the powers, particularly with regard to rights of privacy and civil liberties; whether safeguards accompanying these new powers are sufficient; the breadth of crimes that could be the focus of new powers; and the protection of the work of journalists and lawyers from these provisions.
The committee tabled its report on 5 August and made 33 substantive recommendations, including that the bill be passed subject to amendments recommended by the committee. It's obviously a critical finding by this critical bipartisan committee and one that I and Labor pay very careful regard to. I note that 23 of these recommendations have been implemented wholly or substantially, and these include strengthening the issuing criteria for warrants, reviews by the Independent National Security Legislation Monitor and the PJCIS, sunset of the powers in five years and good faith immunity provisions for assistance orders.
Having noted these substantial amendments, I want to touch on the remaining recommendations of the committee and how these have been dealt with, many of which have been advanced even though they have not been directly incorporated in the bill before the House. Four of them have been accepted by the government and are to be incorporated at the Richardson review. These deal with broadening the remit of the ombudsman, looking to issuing authorities being superior courts or issuing judges, reviewing what is a serious offence and seeking some consistency in this regard across other legislation, and constraining post-warrant concealment powers. Recommendation 19, which is effectively that a public interest advocate be appointed where warrants are sought in relation to journalists or media organisations, has also been accepted by the government, as have recommendations expanding the PJCIS's oversight of the intelligence functions of the AFP and ACIC. One recommendation in this space has been rejected, which relates to the oversight of AFP intelligence functions, on the basis of inconsistency with an accepted recommendation of the Richardson review. I note also that recommendation 5 of the committee does not require legislative enactment going, as it does, to the form of submissions by the Department of Home Affairs. Lastly, I note that two additional amendments have been proposed by the government which are intended to secure conformity with other legislation and reporting periods.
The Labor members on the Parliamentary Joint Committee on Intelligence and Security noted, in the additional comments, that they would have preferred the recommendations to go further to ensure that these new powers would be used only in regard to the most serious of crimes. The government has implemented a committee recommendation that improves the bill in this regard, but I do note that it does not go quite as far as the Labor members propose. This recommendation, which is recommendation 10, states:
6.60 The Committee recommends the Surveillance Legislation Amendment (Identify and Disrupt) Bill 2020 be amended to provide additional requirements on the considerations of the issuing authority to ensure the offences are reasonably serious and proportionality is maintained. The effect of any changes should be to strengthen the issuing criteria and ensure the powers are being used for the most serious of offending.
Labor members stated:
We … believe that Recommendation 10 can and should go further.
All members of the Committee have acknowledged that the powers in the Surveillance Legislation Amendment (Identify and Disrupt) Bill 2020 are extraordinary.
… … …
However, in recognition of the extraordinary nature of these new powers and the way in which the Government and agencies sought to justify their introduction, Labor members think the Committee should have gone further by recommending that the references to "relevant offence" in the bill be replaced by a new concept of "serious offence".
This is a point worth touching on. The need for these powers has been justified by reference to the most serious types of offences. In the explanatory memorandum, for example, the government said:
This Bill addresses gaps in the legislative framework to better enable the AFP and the ACIC to collect intelligence, conduct investigations, disrupt and prosecute the most serious of crimes, including child abuse and exploitation, terrorism, the sale of illicit drugs, human trafficking, identity theft and fraud, assassinations, and the distribution of weapons.
I am concerned that this might be seen as mischaracterising the breadth of the new powers. As all members of the PJCIS have acknowledged, the new powers will enable the agencies to collect intelligence, conduct investigations, and disrupt and prosecute all relevant offences. This definition presently includes all offences against the law of the Commonwealth punishable by a maximum term of three years or more, which includes all of those crimes listed in the EM but also tax offences, trademark infringements and a range of other offences which do not fall within the categories I just outlined. I am not suggesting for a moment that these other types of offences are not serious; rather that the government and agencies have failed to fully make the case for why these powers are needed beyond those categories. It is obviously much easier to justify the introduction of such powers by focusing on the most serious types of crime. No-one would argue with that in respect of crimes like child abuse and exploitation, and terrorism. But it is important that we engage in the more difficult task of justifying the introduction of extraordinary powers by reference to how the powers could actually be used.
Labor members on the committee considered that recommendation 10, together with other recommendations that have been incorporated, go a long way to ensuring that these powers will be used only for the most serious offending. Having said that, we do note that there are presently a number of different definitions of serious offence in Commonwealth legislation. The preference of Labor members would have been to adopt a definition broadly consistent with that contained in the Telecommunications (Interception and Access) Act 1979. This is a matter that we should have some ongoing consideration towards, in the interests of the efficacy of this bill, its intended purpose, and balancing all the interests that are at play in this very new, concerning and important area of lawmaking.
On that, I want to briefly note some stakeholder concerns which are there, and the safeguards within the bill. The Human Rights Law Centre have stated that Australia lacks a robust human rights framework that would provide adequate protection against the use of powers contained in the bill. They've expressed broader concern about what they regard as the disproportionate scope of the proposed powers, as did the Law Council. I want to be very clear in saying that I don't take these concerns lightly. It is vitally important that the safeguards are implemented effectively and monitored by this parliament and all members of it, independent agencies, the media and human rights organisations.
The bill proposes that the Ombudsman will have oversight over data disruption warrants and account takeover warrants, and the Inspector-General of Intelligence and Security will have oversight over the use of network activity warrants. The bill provides for the oversight of the AFP's and the ACIC's activities in relation to network activity warrants. The amendments that have been introduced will enable the inspector-general to review the activities of the agencies in relation to network activity warrants for legality, proprietary and consistency with human rights. The inspector-general may carry out his or her oversight functions through a combination of inspections, inquiries and investigations into complaints. The Ombudsman will provide oversight also of the AFP's and the ACIC's use of the account takeover powers, which is consistent with the general oversight arrangements for the activities of these agencies. The Ombudsman is also required to inspect agency records and report to the Minister for Home Affairs every six months. This is a report that must be tabled in the parliament. Respective agencies will also be required to provide statistics of the use of data disruption warrants, network activity warrants and account takeover warrants in annual reports to the minister.
Labor supports this bill. It's an important bill which addresses very significant and worrying gaps in the legislative framework so as to better enable the AFP and the ACIC to collect intelligence, conduct investigations, and disrupt and prosecute the most serious of crimes in an evolving environment. Labor always works constructively with the government and all members of this place to ensure the safety of the community. The process of the parliament here has produced a bill that meets the very serious challenges required to respond to, with appropriate safeguards in place, some of which will require all of us to maintain our attention on their operation and their adequacy. On this basis, I commend the bill to the House.
4:06 pm
Vince Connelly (Stirling, Liberal Party) Share this | Link to this | Hansard source
I rise to speak on the Surveillance Legislation Amendment (Identify and Disrupt) Bill 2020. Some of the current events in Afghanistan really bring into sharp focus the reality in this life that there are those who would seek actively to do us harm, both to our freedoms and to our way of life. We entered Afghanistan 20 years ago, and that was in response to the September 11 attacks on the World Trade Center. Our aim was to work alongside the US, NATO and our other partners to find Osama bin Laden and those responsible for the September 11 attacks, and also to prevent their freedom of action in being able to plan and execute operations of mass destruction on those sorts of scales. Sadly, in 2002, we saw what have now become known as the Bali bombings. We saw the death of 202 people, including 88 Australians.
However, it's not the case that all attacks on our persons and on our freedom necessarily occur in the physical realm. There are certainly attacks and crimes which occur in digital spaces. As I lead into this bill, I'll make some brief commentary about what those spaces look like. We hear about the dark web and anonymising technologies. To give a brief description of what this actually means, the dark web refers to areas of the internet which are intentionally hidden. These cannot be accessed without using specialised browsers. These are not the Google, Chrome or Mozilla Firefox browsers that we might normally use; these are absolutely and intentionally hidden. Many of the sites on the dark web which are of concern to law enforcement include forums and marketplaces which are dedicated to criminal activity, and they are hosted anonymously. In conjunction with the specialised browsers that I mentioned, the dark web uses other anonymising technologies, such as virtual private networks and cryptocurrencies for any transactions that may occur. These approaches help to ensure that the true identities and locations of criminals remain unknown and unseeable.
I talked about anonymising technology. I'll touch briefly on what we mean when we use this term. Anonymising technology refers to technologies which can be used to disguise a person's activities, location or true identity. These include dedicated closed encryption communications platforms, some of which are operated and designed specifically for use by the criminal market, such as bespoke encrypted handsets. Some of these are EncroChat and Cipher, for example. They are used by criminals as devices that operate on a closed network without the normal applications and connectivity that our mobile phones and normal handsets have. Also, virtual currencies, such as bitcoin, allow purchases and funds transfer to be made with a minimum degree of traceability. Virtual private networks help to conceal the location of devices using the internet or incorrectly report a person's IP address, making it appear as if they are in another jurisdiction—for example, even completely offshore. So that's a description of what some of these technologies and activities look like.
Since the Liberal Party came to government in 2013, our successive administrations have enacted legislation that continued to safeguard the laws that protect Australians. The Morrison government, of which I'm an extremely proud member, continue to demonstrate our resolve in combatting all of those who would seek to do us harm. Whether those challenges relate to national security, to defence or to criminal behaviour, we never shy away from tasks despite, at times, their great difficulty.
It is a desperately saddening and deeply troubling fact that some individuals, even within our own communities, seek to exploit and to harm our nation's most vulnerable and, in particular, our children. Like many others in this place, I am a parent, and I will always fight to strengthen laws that provide protection to our children. That's why I fought last year, along with members on this side of the House, when unfortunately Labor and the Greens teamed up and joined forced on Monday 15 June 2020 to oppose what was a really important component of the Morrison government's proposed legislation to keep our children safe from paedophiles. The Attorney-General made the case that, in the previous financial year, there were 39 per cent of federally convicted child-sex offenders who spent no time behind bars. I will just repeat that important statistic: the Attorney-General made the case that, in the previous financial year, 39 per cent of federally convicted child-sex offenders spent zero days behind bars. Thank God that, along with others, we were successful in our advocacy and the Crimes Legislation Amendment (Sexual Crimes Against Children and Community Protection Measures) Bill has now passed and been introduced.
That bill sees minimum mandatory sentences and toughened-up sentencing. It's yet another example of the Morrison government's commitment to protect children in Australia and overseas from the dangers of sexual exploitation and abuse and to improve justice outcomes for survivors of child-sex offenders. Some of the measures contained in that bill included minimum mandatory sentences for the most serious child-sex offences, including for repeat offenders, and increased maximum penalties right across the spectrum, including up to life imprisonment.
I will now reflect on the current bill and other new ways that the Morrison government is seeking to protect those most vulnerable, including children, who are online. The agencies that operate in this space are, namely, the Australian Federal Police, or AFP, and the Australian Criminal Intelligence Commission. We cannot and should not underestimate the complexity and the challenges that these agencies need to deal with. The tools that are proposed in this legislation will enable them to do their job properly, because advancements in anonymising technologies have made it very much harder and more time consuming for law enforcement agencies to take action against dark web users—a group that includes drug and firearm traffickers, terrorists and child-sex offenders. For example, currently over 90 per cent of content being intercepted lawfully uses some form of encryption, with expectations that soon nearly all of this content will be encrypted.
I've mentioned VPNs, cryptocurrency and closed encrypted communications platforms, and these types of anonymity really allow transnational, serious and organised crime groups to operate in a fashion that is borderless and is also significant in scale. It makes it difficult for those law enforcement agencies to identify individual people, organisations, premises or devices.
The AFP-led ACCCE identified a 163 per cent increase in the amount of child abuse material downloaded on the dark web between April and June 2020 compared to the same period in 2019. This, again, is part of the reason why we need to drive forward with these enhanced operational capabilities for our law enforcement agencies. But, even having said that, the true picture is difficult to ascertain because we haven't got that full visibility, and law enforcement estimate that that increase may represent only 50 per cent of the files that are available for download on the dark web.
The scale of organised criminal activity which was uncovered by Operation Ironside in recent times is quite vast. In fact, I have some statistics here. As of 23:30 hours on Saturday 1 August 2021 the domestic Australian statistics were as follows: 696 search warrants were issued, 290 offenders were charged, 728 charges were laid and 139 weapons or other types of firearms were seized—some quite frightening statistics indeed.
This power will enable law enforcement to modify or delete exploitation material to prevent its further distribution. As I mentioned, there are some quite significant and important changes. Firstly, one of those introduces network activity warrants. These enable the AFP or ACIC to collect intelligence on the most harmful criminal networks who are operating online. This includes those who are on the dark web and using some of those anonymising technologies I mentioned earlier. A practical example of the need for this power can be found in the operation against Phantom Secure, an encrypted platform. When Phantom Secure was shut down in 2018, the AFP was aware of 10,000 Phantom Secure handsets being used in Australia. But, back then, without network security warrants, law enforcement would likely needed to have obtained warrants for every individual handset of those 10,000, which would have been unfeasible given the sheer number of devices in use.
Secondly, this bill introduces data disruption warrants. These will enable the AFP and the ACIC to disrupt serious criminal activity online, authorising those agencies to modify data belonging to individuals who are suspected of criminal activity. This will frustrate the commission of serious offences, such as the distribution of child exploitation material.
Thirdly, the bill introduces account takeover power. This will enable law enforcement agencies to take control of a person's online account for the purposes of gathering evidence about criminal activity, to be used in conjunction with other investigatory powers. This could be used, for example, to prevent a suspect from accessing online forums that might be used to spread child exploitation material.
It does go without saying that these powers, whilst necessary, do require appropriate safeguards. This bill provides strict oversight mechanisms that will take into account whether the power is necessary and proportionate to the types of offences being investigated or targeted. The robust oversight will take the form such that the Inspector-General of Intelligence and Security will provide oversight of network activity warrants, and the Commonwealth Ombudsman will provide oversight for the data disruption warrants and the account takeover warrants. These robust reporting requirements balance those operational sensitivities with important accountabilities.
In summary, this bill will appropriately empower our law enforcement agencies to identify and investigate perpetrators, both at home and abroad, of some of the very worst types of online criminal activity. I therefore commend this bill to the House.
5:09 pm
Graham Perrett (Moreton, Australian Labor Party, Shadow Assistant Minister for Education) Share this | Link to this | Hansard source
[by video link] I speak today on the Surveillance Legislation Amendment (Identify And Disrupt) Bill, and I do so from my electorate office in Sunnybank on Turrbal and Jagera lands—people you know very well, Deputy Speaker Vasta. This bill introduces new law enforcement powers to enhance the ability of the Australian Federal Police and the Australian Criminal Intelligence Commission, or the ACIC, to combat serious online crime. The bill introduces three new warrants: the data disruption warrants will allow the AFP or the ACIC to modify, add, copy or delete data in order to frustrate the commission of serious offences online; the network activity warrants will allow agencies to collect intelligence on serious criminal activity being conducted by criminal networks; and the account takeover warrants will provide the AFP and the ACIC with the ability to take control of a person's online account for the purpose of gathering evidence to further a criminal investigation.
Obviously, these are extraordinary powers, and it was proper that this bill was referred to the Parliamentary Joint Committee on Intelligence and Security late last year. That very powerful committee, and very well-credentialed committee, has now tabled its report on this bill and has made 34 important recommendations, including that this bill be passed subject to the amendments recommended being implemented by the Morrison-Joyce government. Currently, it is the coalition government that is responsible for any national security legislation that is introduced to the people's parliament. However, Labor has always worked constructively to improve legislation where that is appropriate. The bipartisan intelligence and security committee works cooperatively to keep Australians safe, and I particularly acknowledge the great work of the Labor members of the committee: the deputy chair, the member for Holt; the member for Cowan; my good friend the member for Isaacs; Senator Keneally; and Senator McAllister.
The power this bill implements is extraordinary, but so too are the many and varied threats that modern Australia faces. Fortunately, the only experience many of us have of the dark web is from movie plots—something coming out of Hollywood. But, sadly, the dark web is a very real place with some very dark characters inhabiting it. While technological advances have improved our lives, they have also brought some unwelcome elements, like the dark web. Increasingly, criminals are using the dark web and anonymising technology to facilitate cyberenabled crime. This has created significant challenges for law enforcement in identifying and locating offenders and gathering admissible evidence. The current powers available to our law enforcement agencies are insufficient and outdated—analogue solutions that won't solve a digital problem. As the cybercapabilities of criminal networks have expanded, Australia's laws are not suitably adapted to both identifying and disrupting criminals who are actively seeking to obscure their identity and the scope of their criminal activities. Identifying potential offenders is the first step to progressing with the criminal investigation. The highly sophisticated cybertools being used by criminals have resulted in many investigations failing because offenders cannot be identified. Prosecutions are impossible if law enforcement does not have the ability to understand the networks and how criminals are actually conducting their crimes.
This bill will address current gaps in the legislative framework. It will enable the AFP and the ACIC to collect intelligence, to conduct investigations, to disrupt—very importantly—and also to prosecute the most serious of crimes, including child abuse and child exploitation, terrorism, the sale of illicit drugs, human trafficking, identity theft and fraud, assassinations and the distribution of weapons.
The 34 recommendations made by the bipartisan Parliamentary Joint Committee on Intelligence and Security should be accepted by the Morrison-Joyce government, and this bill should be amended accordingly. The committee made these recommendations after considering the evidence put before it, including: concerns about the issuing authority for the warrants; the necessity and proportionality of the powers, particularly as regards the rights to privacy and civil liberties; whether safeguards accompanying the new powers were sufficient; the breadth of crimes that could be the focus of new powers; and, importantly, in a healthy democracy like Australia, that the work of journalists and lawyers should be specifically protected from the proposed warrants.
As deputy chair of the Parliamentary Joint Committee on Human Rights, I, along with my colleagues, have had the opportunity to scrutinise this bill through the human rights lens. The human rights committee tabled its preliminary views on this bill in Report 1 of 2021. As with every bill scrutinised by the human rights committee it requires that balancing of rights, that collective safety versus individual freedoms and individual rights. The new powers that will be implemented by this bill will facilitate the investigation, disruption and prevention of serious crimes against persons, including protecting children from harm. To that end the bill may promote multiple rights, including the right to life and the rights of the child. I particularly note with respect to the rights of the child that states have special obligations to protect children from all forms of physical or mental violence, injury or abuse, neglect or negligent treatment, and maltreatment or exploitation including sexual exploitation and abuse—and when I say 'states', I mean sovereign states.
The bill may also limit the right to privacy that citizens of Australia have. This bill gives wide powers to the AFP and ACIC to take actions including:
So they are very serious powers.
The right to privacy prohibits arbitrary and unlawful interferences with an individual's privacy, family, correspondence or home; that's a bedrock of Australian society. There are permissible limitations to the right of privacy, if the limitation is to pursue a legitimate objective, is rationally connected to the objective and—this is important—is a proportionate means of achieving that objective.
As pointed out in the preliminary report of the human rights committee:
The key question is whether the measure is proportionate to achieving the stated objective. Of particular relevance in assessing proportionality is whether the limitation is only as extensive as is strictly necessary to achieve its legitimate objective; whether the measure is accompanied by sufficient safeguards—
always important in a healthy democracy—
whether any less rights restrictive alternatives could achieve the same stated objective; and whether there is the possibility of oversight and the availability of review.
That is, for those times when the state gets it wrong. Many of the 34 recommendations of the Parliamentary Joint Committee on Intelligence and Security go directly to strengthening that proportionality concept.
I have some particular concerns—and it was noted in the human rights report—that have been reflected in the recommendations made by the PJCIS, particularly their recommendation 9:
The Committee recommends the Surveillance Legislation Amendment (Identify and Disrupt) Bill 2020 be amended so that the issuing authority for all of the new powers introduced by the Bill, including emergency authorisations, must be a superior court judge—
I stress that again: must be a superior court judge—
(either of the Federal Court or a State or Territory Supreme Court), except for Account Takeover Warrants which may be granted by an Eligible Judge per Section 12 of the Surveillance Devices Act 2004 (Cth).
That's the recommendation.
During my scrutiny of the bill, this was one aspect that caused a lot of discomfort for me. This bill, as it currently stands, provides that an application for a warrant, or data disruption or network activity may be made to an eligible judge or to a nominated AAT member, and that an application for an account takeover warrant may be made to a magistrate. I don't want to badmouth our magistrates, but an AAT member does not have the security of tenure or generally the same level of expertise as judges. It is considered to be best practice at international law for judicial authorisation of surveillance methods—and I stress that: judicial authorisation. The European Court of Human Rights has said in relation to interception:
In a field where abuse is potentially so easy in individual cases and could have such harmful consequences for democratic society as a whole, it is in principle desirable to entrust supervisory control to a judge, judicial control offering the best guarantees of independence, impartiality and a proper procedure …
The United Nations Special Rapporteur on the right to privacy included in the 2018 draft general principles of the right to privacy that where domestic law provides for the use of surveillance systems, that law shall:
… provide that the individual concerned is likely to have committed a serious crime or is likely to be about to commit a serious crime and in all such cases such domestic law shall establish that an independent authority, having all the attributes of permanent independent judicial standing, and operating from outside the law enforcement agency or security or intelligence agency concerned, shall have the competence to authorise targeted surveillance using specified means for a period of time limited to what may be appropriate to the case.
It is clear that AAT members do not have all of the attributes of permanent independent judicial standing. I think they're appointed for three or five years or so.
There is another reason that I'm concerned about AAT members being given such extraordinary powers right now in this parliament. Since 2013, the Liberals have appointed at least 79 of their mates to the Administrative Appeals Tribunal. Earlier this year, in one of her first acts as Attorney-General, Senator Cash continued the tradition of her predecessor, the member for Pearce, of stacking the tribunal with failed Liberal candidates, dumped Liberal MPs, former Liberal advisers and other Liberal mates. The appointment of Liberal mates to the tribunal is so out of hand that the former High Court judge Ian Callinan QC had to recommend that all further appointments be based on merit. To put that in context, Ian Callinan's first novel was launched by the former member for Moreton, the Hon. James Killen, and he was recommended to the High Court by Liberal Prime Minister John Howard, so I don't think I could exactly call Ian Callinan a Labor stalwart!
By contrast, in six years of the Labor government, from 2007 to 2013, there were just two Labor linked appointments to the AAT, both experienced and highly skilled lawyers who were welcomed by the Liberals. So I'm particularly concerned that recommendation 9 of the PJCIS report on this bill be adopted by the government and I reiterate that all 34 recommendations should be incorporated into this bill.
The PJCIS is a bipartisan committee. It has made recommendations that will ensure that these extraordinary powers include the safeguards necessary in a liberal democracy. It is always important that Australia's two parties of government work constructively together—sorry, I should say three parties of government, I guess, with respect to the Nationals: the Liberals, Nationals and Labor—to ensure that our national security laws are right, fit and proper. Labor will always work constructively to keep our nation safe. Labor supports this bill, but I implore the Morrison-Joyce government to ensure that all 34 recommendations are incorporated into this bill.
5:24 pm
Celia Hammond (Curtin, Liberal Party) Share this | Link to this | Hansard source
I'm pleased to have the opportunity to speak to this bill, the Surveillance Legislation Amendment (Identify and Disrupt) Bill 2020. This bill introduces three new powers for the AFP and the ACIC. They are the data disruption warrants, network activity warrants and account takeover warrants. The goal of these new powers is to enhance the ability of the AFP and the ACIC to combat online serious crime. These are new and extensive powers, and they were subject to a public inquiry and detailed review and consideration by the PJCIS to determine whether they are necessary and proportionate in the current threat environment. I note at the outset that in its final report tabled earlier this month the PJCIS made 33 substantive recommendations to the government with respect to the legislation. The government has accepted in full, part or principle 25 of the recommendations and noted the remaining eight. Before addressing these recommendations and the government's response, it's necessary to understand the scope of the powers and the current threat environment.
In brief terms, the new powers are as follows. The data disruption warrant will allow the AFP and the ACIC to add, copy, delete or alter data to allow access to and disruption of relevant data in the course of an investigation for the purposes of frustrating the commission of an offence. This will be a covert power, also permitting the concealment of those activities. Whilst this power will not be sought for the purposes of evidence gathering, information collected in the course of executing a DDW will be available to be used in evidence in prosecution. The intended purpose of the DDW is to offer an alternative action to the AFP and the ACIC where the usual circumstances of investigation leading to prosecution are not necessarily the option guaranteeing the most effective outcome. For example, removing content or altering access to content such as child exploitation material could prevent the continuation of criminal activity by participants and be the safest and most expedient option where those participants are in unknown locations or acting under anonymous or false identities.
The second of these warrants, the network activity warrant, will allow the AFP and the ACIC to collect intelligence on criminal networks operating online by permitting access to the devices and networks used to facilitate criminal activity. These warrants will be used to target criminal networks about which very little is known. For example, where the AFP or the ACIC know that there is a group of persons using a particular online service or other electronic platform to carry out criminal activity, but the details of that activity are unknown, NAWs will allow agencies to target the activities of criminal networks to discover the scope of criminal offending and the identities of the people involved. For example, a group of people accessing a website hosting child exploitation material and making that material available for downloading or streaming will be able to be targeted under a network activity warrant. Intelligence collection under an NAW will allow the AFP and the ACIC to more easily identify those hiding behind anonymising technologies. This will support more targeted investigative powers being deployed, such as computer access warrants, interception warrants or search warrants. The AFP and the ACIC will be authorised to add, copy, delete or alter data if necessary to access the relevant data to overcome security features like encryption. Data that is subject to some form of electronic protection may need to be copied and analysed before its relevancy or irrelevancy can be determined.
The third type of warrant is the account takeover warrant. These warrants will allow the AFP and the ACIC to take control of a person's online account for the purposes of gathering evidence about serious offences. It also enables the AFP or the ACIC to lock the person out of their account. Currently, agencies can only take over a person's account with the person's consent. An account takeover warrant will facilitate covert and forced takeovers to add to the investigative powers the AFP and the ACIC have. It's important to note that any other activities, such as accessing data on the account, gathering evidence or performing other activities such as taking on a false identity, must be performed under a separate warrant or authorisation. Those actions are not authorised by an account takeover warrant. The ATW is designed to support existing powers, such as computer access and controlled operations, and is not designed to be used in isolation.
It's very clear that these are very serious and extensive powers and more extensive than any that currently exist, and, as the previous speaker, the member for Moreton, said, it is necessary that we analyse to see whether these powers, given the seriousness of them, are reasonable and proportionate. It's one of the roles of the PJCIS. In its inquiry and review into this bill the PJCIS was given detailed information on the background and context to these powers. It's worth noting some of the input and the context that was provided to the committee. Home Affairs highlighted, in particular, the role of anonymising technologies and the dark web. I quote:
New and emerging technology continues to change the landscape in which criminals operate by providing new opportunities for countering law enforcement efforts, in particular by disguising activity and hiding identities. Technology that enables people to be anonymous online, whilst having legitimate uses, is increasingly used by criminals so that they can remain invisible to law enforcement. Often these technologies are cheap, commercially available and require little technical expertise, allowing the scale and sophistication of cyber-enabled crime to grow. The use of the dark web and anonymising technologies…has made it easier than ever before for criminals to commit serious crimes at volume and across multiple jurisdictions. This has significantly degraded law enforcement agencies' ability to access communications, gather evidence, prevent crimes and conduct investigations.
The AFP provided an in-depth description of the threat environment which accorded with that of Home Affairs. Helpfully, it clearly articulated and explained the threats that we are facing and the terminology. The AFP was at pains to point out that the terms 'dark web' and 'anonymising technology', while sometimes thought of as the same thing, are not in fact the same thing. I quote:
'Anonymising technology' refers to those technologies which can disguise a person's activities, location and true identity, while the 'dark web' refers to areas of the internet which cannot be accessed without specialised browsers or other software. These concepts are often linked, because anonymising technology is required to access the dark web. From the AFP perspective, both issues present significant challenges for law enforcement, as they both facilitate a wide variety of criminal activity, while providing offenders with the cloak of anonymity. The intersection of these issues is particularly concerning when investigating offences involving child abuse material.
The ACIC broadly concurred with the AFP articulation of the threat environment and noted that the types of serious crimes being facilitated by these technologies include money laundering, illicit drugs and firearms smuggling and the production and dissemination of child exploitation material. The ACIC was very clear in stating:
…more is needed to provide the ACIC and AFP with effective powers to combat the rising tide of cyberenabled crime.
The Carly Ryan Foundation also made a submission to the committee and set out the threat environment. I quote:
The investigation of alleged crimes is not immune to technological creep, and law enforcement are increasingly dealing with digital aspects of criminality amongst many crime types: terrorism, domestic violence, stalking and harassment, and importantly for the Foundation, child exploitation.
The Carly Ryan Foundation said that the current amount of child exploitation was absolutely extraordinary and had risen with COVID-19. They described the issue as a 'pandemic' and said the proposed bill would help prevent the further victimisation of children.
By way of concluding, it is vital that we give our law enforcement agencies the powers they need to work in environments in which new and emerging technologies are posing greater opportunities for criminal networks to operate and evade detention. The evidence is clear that the use of the dark web and anonymising technologies is increasingly inhibiting agencies' ability to protect the Australian community. At the same time, it is vital that we ensure that the powers are used sparingly and that there is appropriate level of oversight and accountability for their use.
It was with this lens that the 33 substantive recommendations of the PJCIS were made to government. As noted at the outset, the government has adopted 25 of those recommendations. As a member of that committee, while I stand by each of the 33 substantive recommendations that we made—including those eight which have not been adopted by the government—I accept the rationale provided by the government and its statement that, as a number of these recommendations go beyond the scope of the bill, they are better considered as part of the holistic reform to Australia's electronic surveillance network which is currently underway. On the basis of the above, I am happy to provide my support to the bill which gives our security agencies important capabilities to address serious problems.
5:35 pm
Tim Watts (Gellibrand, Australian Labor Party, Shadow Assistant Minister for Communications and Cyber Security) Share this | Link to this | Hansard source
In rising to speak on the Surveillance Legislation Amendment (Identify and Disrupt) Bill 2020, I can't help but reflect on the circumstances in which we find ourselves in debating this bill. This bill is an important piece of national security legislation, which amends the Surveillance Devices Act 2004. It also amends the Telecommunications (Interception and Access) Act, the Crimes Act and associated legislation to give the AFP and the ACIC the tools to combat cyber-enabled crime. It was first introduced into the House on 3 December 2020 and referred to the Parliamentary Joint Committee on Intelligence and Security. The PJCIS tabled its report on 5 August 2021, nearly three weeks ago, but we're yet to see the government's response to the report. We do, however, have the bill in front of us today.
It is pleasing to be advised that the government has agreed to 23 of the 33 PJCIS recommendations wholly or in part and has made amendments to the bill and explanatory memorandum in response to the recommendations of the PJCIS. But it's indicative of this government's record in this place to rush through legislation on national security matters with little regard for process, particularly with national security legislation or even with minor technical legislation. We have seen it countless times before, including just yesterday, with the Counter-Terrorism Legislation Amendment (Sunsetting Review and Other Measures) Bill 2021.
To be clear, Labor supports this bill that the government has brought before the House with the amendments that we have worked constructively with the government to develop through the PJCIS. But it must be said that the way this government approaches critical legislation like this bill from a process perspective leaves much to be desired. I've said that before in this House. Labor has always sought to work constructively with the government on matters of national security, and we will continue to do so. We recognise the need for the powers in this bill to combat the use of the dark web and encryption technology by criminals and organised criminal groups to perpetuate serious crimes like terrorism, child abuse and exploitation, and the sale of illicit drugs.
The dark web is simply a part of the internet comprising sites that you can't search for on typical search engines like Google. To access it you need to download a program that enables access to the dark web, The Onion Router, or Tor. Sites on the dark web were designed with privacy in mind—anonymising. Privacy is a neutral value. There are absolutely legitimate uses for encryption technologies and the dark web. Political activists and dissidents, for example, have used it to allude the eye of autocratic states. But, at the same time, abhorrent things are sold on the dark web. Drug dealers, hackers and child abusers try to use it to traffic in their illegal, destructive and repulsive goods. It does need to be policed.
The powers in this bill are new from what we've seen in Australia to date, as the PJCIS has acknowledged, but they are necessary to combat a growing sophistication of technology by criminals that enables them to commit serious crimes anonymously. While we support the bill, Labor members of the PJCIS do think, however, safeguards in this bill could go further, particularly in relation to the offences this bill applies to in relation to recommendation 10 of the PJCIS report, which Labor thinks should have been strengthened.
Technology has evolved significantly since our original surveillance laws were passed, and it is really beyond time for a review and an updating—indeed, even since before the Crimes Act, which this bill amends. Even in 2004, when the Surveillance Devices Act was passed, some three years before the first iPhone was launched, it would have been difficult to imagine the pervasive use of the internet to conduct serious criminal activity, let alone the use of the dark web to do it anonymously. The Silk Road, for instance, which was the eBay of criminals for some time before its spectacular implosion, is probably the first and most ubiquitous example of a dark website being used to facilitate serious criminal activity, such as the sale of illicit drugs. That wasn't launched until 2011.
Since then the dark web has really become a haven for some of the most evil crimes, with a pernicious effect on our society, like child exploitation, conducted largely anonymously. We have seen this most recently on an incredibly large scale with Operation Ironside, which exposed the widespread use of dedicated encrypted communications devices by organised criminals in Australia. We have seen, courtesy of the reporting of Nick McKenzie and Joel Tozer on 60 Minutes and in the Nine newspapers over the last fortnight, how these technologies have been used by far Right extremist organisations who would seek to commit violent acts against Australians in pursuit of their agenda.
Despite these technological advances, our laws haven't been updated to reflect this new world we live in. Our law enforcement agencies lack similar powers to their overseas counterparts to be able to unmask these criminals and disrupt ongoing cyber-enabled criminal activity. This is an increasing problem for our law enforcement and criminal intelligence agencies. The cyber capabilities of criminal networks have grown in recent years and too often investigations are not able to be pursued to conclusion because our agencies did not have the necessary power to identify offenders. This bill will change that by giving the AFP and the ACIC the power to collect intelligence on criminal networks operating behind anonymising technologies, like the TOR network or a dedicated encrypted communication device.
There are three warrant powers set out in this bill. The first is a data disruption warrant to allow the AFP and the ACIC to disrupt data by modifying, adding, copying or deleting data to frustrate the commission of offences online. The intended purpose of this is that it is to be used where investigations leading to prosecution is not necessarily the most effective outcome. This is an important tool in circumstances where law enforcement discover, for example, a child abuse network that's actively sharing child sexual abuse material, continuing the trauma of child abuse victims through every reproduction and every dissemination of these vile images. But, despite discovering the networks, law enforcement agencies are unable to identify who is sharing child exploitation material. In these circumstances, these powers enable Australian law enforcement agencies to delete the content and disrupt its ongoing distribution through the networks. The bill also includes a new order which will require an individual to provide information or assistance which is reasonably necessary to effect a disruption warrant.
Secondly, the bill creates a network activity warrant which allows our law enforcement agencies to collect intelligence on serious criminal activity being conducted by a criminal network, to reveal the scope of criminal operations and unmask the identities of those involved in these activities. Finally, the bill creates an account takeover warrant to give the AFP and the ACIC the ability to take control of an individual's account to gather evidence for a criminal investigation without their consent or knowledge.
It is important to be clear that these new warrant powers aren't unfettered powers being gifted to our law enforcement agencies. To use these powers, our law enforcement agencies must first go through an independent process seeking approval from an eligible judge, an Administrative Appeals Tribunal member or a magistrate in the case of account takeover warrants. Labor concurs with the recommendation of the PJCIS report into this bill that the exercise of these powers should be authorised by a Supreme Court judge, and we note the government's response that this will be incorporated in its response to the very significant Richardson review.
These powers are new for us, but these kinds of network investigative techniques are not unique around the world. These practices might be somewhat novel in their use by Australian law enforcement agencies, but powers of this kind are already being used by law enforcement and criminal intelligence agencies in other democratic nations around the world. Other jurisdictions have recognised, as we do here, that the threats we face today call for powers that match the seriousness of these threats. Similar powers are already in use in the US, the UK and some European jurisdictions.
Network investigative techniques are an important part of modern law enforcement and criminal intelligence. These techniques are an alternative to regulation that requires blanket lawful access to encrypted devices or software. These techniques allow agencies like the AFP and the ACIC to exploit existing vulnerabilities to circumvent encryption or anonymisation under the authorisation of a warrant. They are commonly and effectively used by the United States FBI, for instance. In 2011, the FBI used a Flash exploit, Metasploit, in Operation Torpedo to compromise a dark web service boasting child abuse material. The FBI gained control of the service and employed an NIT, which revealed the identity of persons who visited the compromised child abuse websites, who ordinarily would have been protected by the TOR network. In 2015, the FBI, in Operation Pacifier, took down Playpen, one of the largest child exploitation sites posted on a server in North Carolina. The FBI operated the server for a limited two-week period and exploited a vulnerability in the TOR browser to unmask 13,000 IP addresses of individuals accessing material.
In 2016, French and Dutch police carried out an operation not dissimilar to Operation Ironside, targeting EncroChat. Like ANOM, EncroChat was a dedicated encryption communication device. This encrypted communication device was operated solely for serious criminal users and it was compromised by French and Dutch police, allowing the gathering of messages in real time by a European joint investigative task force. In Britain alone, 746 people were arrested as a result of the operation, and 80 million pounds worth of illicit drugs and 54 million pounds in cash were seized.
Our agencies do excellent work with existing electronic surveillance laws, and we commend them for it. However, as the cybercapabilities of criminal networks have expanded, Australia's laws are not suitably adapted to both identify and disrupt criminals who are actively seeking to obscure their identity and the scope of their activities. As criminal networks increasingly organise and transact online, these new powers allow our law enforcement agencies to adapt their undercover craft to infiltrate this cyberenabled crime.
For instance, the account takeover provisions in this bill could allow law enforcement to take over the account of someone already established as trustworthy inside these online networks, which often require some proof of criminal bona fides. This could allow them to gather intelligence and further infiltrate other criminal networks. For example, US law enforcement covertly took over the account of a staff member of Silk Road prior to the government's takedown of the site. Through this, law enforcement officers operating that account were able to then infiltrate Silk Road 2.0 and take it down too.
Clearly, you can see from these examples that these kinds of network investigative techniques are not out of step with other comparable jurisdictions. The bill would give our agencies the powers they need to keep pace with technology and those criminals who use it to cause immense harm to Australians. It's important our laws continue to keep pace with constantly evolving technology. Otherwise, we'll be constantly playing catch-up with criminals and terrorists who are increasingly sophisticated in their use of these technologies to disguise their activities. We can't let that happen.
It's the responsibility of everyone in this place, particularly parties of government, to keep Australians safe, and that's why we work together to ensure national security bills like these operate in the best way they can. Labor has strengthened the safeguards in this bill through our work on the PJCIS. While the government is ultimately responsible for national security legislation that they introduce, Labor has always worked constructively to improve legislation as much as we can through the parliament. One of the ways the parliament has worked to keep Australians safe is by cooperating in a bipartisan manner through the PJCIS. This is such an important part of the parliamentary accountability and oversight process, and one which can't be ignored in this bill.
As I said, the powers in this bill are necessary for agencies to continue the vital work they do keeping Australians safe, but no-one is suggesting they be given these powers without appropriate legal safeguards, accountability and oversight. The PJCIS has made 33 recommendations to improve oversight and safeguards in this bill. The government has chosen to accept, wholly or in part, 23 of them.
The explanatory memorandum sets out that these powers apply to the most serious of crimes, including child abuse, child exploitation, terrorism, sale of illicit drugs, human trafficking, identity theft and fraud, assassinations and distribution of weapons. Labor is concerned, though, and Labor members of the PJCIS noted that the definition of 'relevant offences' under the Surveillance Devices Act includes all offences against the law of the Commonwealth that are punishable by a maximum term of imprisonment of three years or more. This includes the types of crimes I mentioned, but also includes tax offences, trademark infringement and a range of other offences which don't have the gravity of the other crimes I discussed earlier.
Labor considers that recommendation 10 and other recommendations in the committee's report go a long way to ensuring that these new powers will only be used for the most serious offences. However, in recognition of the nature of these new powers, Labor members think that the PJCIS should have gone further by recommending that references to 'relevant offences' in the bill be replaced by a definition consistent with the serious offence provisions in the Telecommunications (Interception and Access) Act. This would be an important constraint on the use of these new warrant powers and would limit their application to offences that carry at least a maximum of seven years jail and other specified offences. While these powers do have international precedent, they also carry inherent risks. Lifting the threshold at which these warrants apply would ensure that they were only used to combat the most serious of offences. As currently drafted, the substance of this bill does not match the government's rhetoric. Adopting a definition consistent with that in the telecommunications interception act would ensure that these warrants are reserved for the most serious of crimes, consistent with the standards set by the government itself in its explanatory memorandum.
That said, there are important protections which would have not been included had the Morrison government rushed this legislation or absent the PJCIS. The protections which have been achieved through the PJCIS include an obligation for the issuer of these warrants to specifically consider whether information is privileged or journalistic in nature, the effect on privacy, the financial impacts and the effect of a warrant on a person's ability to give or receive care. These protections are safeguards which will improve the proportionality of these new powers. They recognise that these powers require independent consideration of the substantial effect they may have on an affected person. The PJCIS has also recommended protections for individuals subject to the new assistance order regime, including good-faith immunity provisions for assistance orders. This will require decision-makers to consider whether orders for assistance are reasonably necessary, justifiable and proportionate. These protections would appear to be a baseline for the government doing due diligence on this bill.
I'm pleased that PJCIS has achieved important protections specifically for members of the press. These protections require the warrant issuer to consider the public interest in facilitating the exchange of information between journalists and members of the public and the confidentiality of their sources. These are important bulwarks against cyberenabled assaults on press freedom, a concern that's still fresh in my mind following the 2019 raids on Australian journalists by the AFP. I echo the PJCIS's recommendation that the government introduce legislation to address this.
5:49 pm
Fiona Martin (Reid, Liberal Party) Share this | Link to this | Hansard source
I rise to support the Surveillance Legislation Amendment (Identify and Disrupt) Bill 2020. Australians use the internet every day. What was once a novelty that required the painstaking task of using dial-up has, with each passing year, become more and more intertwined with our daily lives. While most of us use the internet for work or to watch Netflix, chat with friends and loved ones, shop online, listen to music or for online work-outs—something I admit to doing during lockdown!—we know that there is a nefarious side to the internet, an underbelly out of sight to most of us. The dark web is not something many of us would know how to access. It refers to areas of the internet which are intentionally hidden and cannot be accessed without using specialised browsers, primarily the Onion Router. Like the deep web, these areas are not indexed by ordinary search engines. Many of the sites on the dark web which are of concern to law enforcement, including forums and marketplaces dedicated to criminal activity, are hosted anonymously. In conjunction with specialised browsers, people often access the dark web using anonymising technologies such as virtual private networks, or VPNs, and use cryptocurrencies for transactions to ensure their true identities and locations remain obscured.
We know the dark web and the use of anonymising technologies is widespread among the transnational serious and organised crime groups. We saw, through Operation Ironside, that organised crime groups actively used the encrypted chat rooms Anom. To date, as at 1 August 2021, Operation Ironside in Australia has resulted in 696 search warrants being executed, 290 offenders charged, 728 charges laid, 139 weapons or firearms seized, 4,784 kilograms of drugs seized and $49 million in cash seized. We know that law enforcement's continuing challenge, post Ironside, will be combatting serious crime facilitated using anonymising and encrypted technologies, where the identities of those involved in criminal activity are increasingly hidden. We must remember that it was only through a unique set of circumstances that law enforcement had access to those Anom encrypted chats.
This bill introduces three powers that will substantially boost the capacity of the Australian Federal Police and the Australian Criminal Intelligence Commission, or ACIC, to fight cyberenabled serious crime. Network activity warrants will enable the AFP and the ACIC to collect intelligence on the most harmful criminal networks operating online, including on the dark web and when using anonymising technologies. Data disruption warrants will enable the AFP and the ACIC to disrupt serious criminality online, authorising the AFP and the ACIC to modify data belonging to individuals suspected of criminal activity to frustrate the commission of serious offences, such as the distribution of child exploitation material. And account takeover power will enable the AFP and the ACIC to take control of a person's online account for the purposes of gathering evidence about criminal activity, to be used in conjunction with other investigative powers.
I recognise that these powers are extraordinary, and the government has amended this bill to strengthen the conditions, oversight and transparency for when and how these important new powers can be used. The amendments in this bill address recommendations made by the Parliamentary Joint Committee on Intelligence and Security, in line with their advisory report into the bill. These balance the need for safeguards and proportionality whilst preserving the operational effectiveness of the new powers. In particular, the amendments introduce statutory review and sunsetting requirements for the powers contained in the bill; require that additional matters such as privacy and the seriousness of offences be more explicitly considered by an issuing authority before a warrant may be issued; ensure certain warrants are only able to be applied for following approval by a sufficiently senior officer within the AFP and the ACIC; and change key definitions in the bill to restrict the circumstances in which the warrants could be issued.
Whilst we must ensure there are appropriate safeguards and that there is proportionality, we must not lose sight of why the government has introduced this bill. As the PJCIS noted in their advisory report:
… the threat environment from serious cyber-enabled crime is severe and Australian authorities do not currently have the tools to address the threat. It is international, complex, and technologically advanced.
We know that the dark web increasingly hosts large-scale, complex and anonymous platforms and services frequently used to facilitate the most serious of crimes, including child sexual abuse, drugs and firearms trafficking, extremist content and sale of stolen identification documents. In particular, the hosting, sharing and distributing of child abuse material is increasingly occurring on dark web hidden services where the true IP addresses, location and jurisdiction of both users and services are hidden. Online child exploitation is vile. From working with victims of child sexual abuse and seeing the lifelong trauma it has on individuals, I can tell you that it leaves a lifelong effect on people.
We also know just how difficult it is to investigate in this online environment, as secure technologies such as streaming services and pay-per-view, the anonymity of the dark web and less traceable payment systems such as cryptocurrencies all make it increasingly difficult to track offenders. That is why powers like the account takeover warrant and the data disruption warrant, which would authorise the AFP and the ACIC to disrupt activities such as the sharing of child abuse images, are so necessary. As it stands, law enforcement agencies rely on a combination of powers that each provide a partial picture of online criminality by permitting electronic surveillance of aspects of communications traffic, content data and telecommunications data.
We know that more must be done to provide law enforcement with effective powers of response in the fight against cyberenabled crime. In the fast-evolving space of cybercrime, where criminals continue to find new and advanced ways to avoid detection, this bill is about further providing our law enforcement agencies with the tools that they need to keep us safe, to keep children safe, to disrupt drug dealers, to identify extremists and to put an end to organised crime. I commend this bill to the House.
5:58 pm
Tim Wilson (Goldstein, Liberal Party) Share this | Link to this | Hansard source
It is a great pleasure to be able to speak on this important piece of legislation, the Surveillance Legislation Amendment (Identify and Disrupt) Bill 2020, because sitting at the heart of it is the constant tension between freedom and security of the people of Australia, not just in the physical realm but of course online as well. We reviewed this legislation in the Parliamentary Joint Committee on Intelligence and Security, on which I am privileged to serve, because of the very nuanced parts in which it operates around Australia's electronic records and data and the implications it has.
The Surveillance Legislation Amendment (Identify and Disrupt) Bill 2020 is quite an innovative, modern and worrying piece of legislation. I don't say that as any point of criticism of the legislation or its intent, but, in the end, it raises serious questions about the bounds of the state and the capacity of police forces and our agencies to investigate certain operations and the means by which they can do so.
I support the bill wholeheartedly, but I have reservations about it. I am glad that there are constant review mechanisms around how we look at this legislation, through the Independent National Security Legislation Monitor, the IGIS and, of course, the PJCIS, as well as this parliament—and we reviewed legislation around specific and extraordinary powers only in recent days—because we must always make sure that, when legislation of this sort is put before the parliament and imposed upon the people, it has proper accountability and scrutiny and continues to meet the need to keep Australians free and safe.
The legislation itself is quite complicated, but it goes to the heart of one of the emerging challenges that exists around disrupting, significantly, online activity which is done with malicious intent or to undermine Australians' health, welfare and security. The bill introduces, essentially, three new powers that will substantially boost the capacity of the Australian Federal Police and the Australian Criminal Intelligence Commission to fight cyber-enabled serious crime. Of course, in many cases, this work—or what is ordinarily completed by these agencies—is done with existing powers in a physical realm, but this is about updating the legislation to enable them to do similar work, recognising the complexity and the emerging challenges of the online world.
There are three essential new powers. One is for network activity warrants, which will enable the Australian Federal Police and the ACIC to collect intelligence on the most harmful criminal networks operating online, including on the dark web, and when using anonymising technologies. We need to realise how common these anonymising technologies are, particularly amongst criminal networks. We are all very familiar with using encryption with our own communications in the modern era—and, in many cases, we are very thankful for it—to maintain and preserve our privacy and security. However, we are seeing, increasingly, a large amount of activity being done through technology where it is almost impossible to identify the end user and without at least some capacity to utilise the technology to identify them, often having to go beyond the superficial nature of the technology and of course in the realm of the dark web where nefarious intent lies.
Now, the overwhelming majority of Australians have no real interest in the dark web—and I include myself; the only time I've been there is when somebody has demonstrated to me how it is that one gets there, and it's more complicated, frankly, than I'm probably interested in entertaining in an ordinary context. I know that there are many people who have used the dark web, and sometimes for legal or legitimate reasons. But the overwhelming majority of people who use the dark web are doing it because they're trying to conceal something and there's a reason why they're trying to conceal it—and I don't mean in terms of morality, though that can be a part of it, but simply because they know that what they're engaging in is a form of criminal conduct that, if it came to the attention of responsible agencies, would be justifiably suppressed because it would cause harm to others, either to their physical health or wellbeing or to protection of their property.
So the network activity warrants provide a pathway to investigate intelligence on criminal networks that operate online, particularly through the use of new technologies. One of the reasons we need this legislation is that technology—as it should; I just need to be clear—moves faster than the rate of legislation. It moves fast. We are always responding. That's what happens in a free society. In a free society, people are able to go out, to innovate, to push the boundaries, to see where we can take humanity and its progress, and we should be excited by that. But every good technology that comes along with a legitimate purpose can be used, abused and manipulated by those who wish to achieve ill in society or for their own personal gain, with nefarious intent. So we're always responding, and this bill provides for a pathway which is broad enough to enable us to continue to adapt with technology, but narrow enough that it has the safeguards, obligations and restrictions that operate on our agencies so they cannot abuse it and it needn't become a justification for people to be concerned about their lawful privacy or activity simply because they choose to go into the electronic or online realm.
The second significant power is for the data disruption warrants that enable the AFP and ACIC to disrupt serious criminality online, authorising the AFP and the ACIC to modify data belonging to individuals suspected of criminal activity, to frustrate the commission of serious offences such as the distribution of child exploitation material. If we had the capacity to fulfil this function, it would be very hard for most members to argue against the spirit and intent of what this power is designed to do. We all know that, tragically, information and content is shared online that is often sourced explicitly through the abuse of minors and children—normally not in this country, but we need to acknowledge that, tragically, sometimes it does occur in this country. But it doesn't stop there; the exploitation and the distribution of that material, either live or through some sort of stored mechanism online, goes to other parts of the world. If anybody thinks that this parliament would not take the hardest and firmest view against such conduct, not just because of its criminality but also because of its immorality and the abuse of children, they are deluding themselves. I would hope none of us would be prepared to tolerate such conduct when we know that we can take measures to stomp it out, even if it doesn't occur in our country. If Australians, sadly and tragically, are consumers of such behaviour or conduct, we should seek to hold the people engaged in it to account and stomp it out. The role of our agencies, as much as anything else, is to help do that, not just in the interests of Australians and their health and wellbeing but also for children overseas. We make no apologies in standing up against child exploitation, because it is the fundamentally moral position to take and the right one for all of us. I'm sure you would agree with that, Deputy Speaker Vasta.
The third power is an account takeover warrant enabling the AFP and the ACIC to take control of a person's online account for the purpose of gathering evidence about criminal activity, to be used in conjunction with other investigatory powers. This power is actually extraordinary, and I think we need to acknowledge that. It would enable agencies to take over people's accounts and, for want of a better phrase, present themselves as somebody else, in pursuit of investigation and establishment. This raises serious questions about entrapment, whether there's justification for police doing so, and the consequences that then flow. I don't think we should hide away from that.
There were recommendations from the Parliamentary Joint Committee on Intelligence and Security about the threshold tests that apply around warrants that have not been fully adopted. I'll be frank—and I acknowledge the minister in the room—and say that my preference would be more consistent with that of the committee. That's why we made those recommendations. I will not die in a ditch over them, because the purpose of the legislation is more important than the threshold, but I think the threshold test around warrants and their application, particularly with the new powers, is something that we as a parliament need to review. This is an ongoing piece of work that we as a parliament will need to address some time in the future—maybe the next parliament, depending on who is here, of course—to decide on the warrant powers that would exist against new types of online platforms.
The principle remains the same: we need to make sure there is independent oversight and approval associated with the exercise of these powers, because they are serious and they're a departure, particularly when we're introducing world-leading legislation. This is world-leading legislation that seeks to push the boundaries of what can be done online. For a number of reasons, we need to make sure that there are proper accountability mechanisms and safeguards, but firstly because it's about public confidence. One of the things we always face in the space of national security and the tension with civil liberties is making sure that governments don't overstep the mark and aren't given a free hand. Public confidence comes not just from members in this place, although they're a critical part of the conversation. It also comes from the public when they don't feel that these powers will be abused, even by well-meaning agencies, in most circumstances, against otherwise law-abiding citizens going about their normal life.
One of the most significant and dramatic trends that have occurred within my lifetime—and there are a number of them—concerns the privacy people have in an online setting. Some people are completely indifferent and share everything; others take it very seriously. But we should always start from the basic proposition that we respect citizens' rights and their freedom to keep things private. If they don't seek to put something in the public domain, then ultimately their intention is to keep it private, and we don't want agencies or the police to somehow have powers that needlessly compromise not just that principle but the confidence that underpins so much of our national security legislation and framework. We need to be clear: the Australian community does hold a very high degree of confidence in it for that exact reason. So we want to maintain public confidence, but also, as members of parliament, we shouldn't want the abuse of state power, even when we're seeking to achieve something for legitimate purposes, because in the end we all operate in a free society that's based on the idea that we restrain government power, democratise it to the people, and respect their right to live their lives without constant fear of an egregious Canberra monopoly overseeing their daily lives.
I think we have, broadly, the legislation we need. It has gone through the PJCIS process, which, as I have said previously, is a very collegiate one. I know as a committee member that for every piece of legislation we go through, including this one, we get substantial briefings from agencies as well as feedback and public hearings that reflect questioning to challenge and test the assumptions behind the legislation and the justification and need for it. With this particular legislation we were taken through some aspects of the application of it. Some of those briefings were, as always, done confidentially, but they provided committee members with insights into how the agencies work successfully to do the job they need to do on behalf of us.
When you get a report from the PJCIS making a recommendation to pass legislation, it's a reflection of the House's confidence not just in the position the committee had adopted but in the degree of rigour that we apply. It is very rigorous, often with members—including me, I'm proud to say—having quite diverse views and sometimes with a member taking a bent that directly challenges not just the assumptions behind the power of the agencies but the position of government. That includes government members, as well. That should breed confidence. As somebody once remarked, we have the full philosophical spectrum of our parliament represented on that committee, and that is one of the reasons it does good work. And it's one of the reasons it should continue to do good work so this House can make decisions with confidence.
This legislation is important. It gives a very good basis for the updating of appropriate surveillance of online behaviour when people engage in criminal or nefarious activity. The three new powers included in it provide a clear basis on which we can ensure that our agencies have the powers they need to do the job that we the people, as well as this parliament, want them to do. None of them are in contexts where people are engaged in behaviour that would normally pass the test of social acceptability. These powers and the thresholds and safeguards that operate around them are designed so that each time they are used they are cracking down on criminal behaviour, whether it's the drug trade or types of exploitation. I refer in particular to the data disruption warrants around child exploitation material. Technology, though it can be used to empower the individual for good purposes, needs to be constrained when it is used for nefarious ones, and we will need to continue to review and update legislation—not just this bill but many other bills—to follow and respond to the evolution of technology. It is one of the most critical challenges we face in this parliament and one we must take up and master.
6:13 pm
Pat Conaghan (Cowper, National Party) Share this | Link to this | Hansard source
Not just is this legislation, the Surveillance Legislation Amendment (Identify and Disrupt) Bill 2020, important; it is absolutely necessary. The world we live in today is so very different to the world we lived in two years ago or three years ago. The difficulties enforcement agencies face because of technology continue to increase and to get more difficult. To the people who question the need for this type of legislation I'll say two things. If you do not want this legislation because you are blissfully ignorant of what is happening around you in your communities—in schools and on the streets—then you need to educate yourself. Or if you are against this type of legislation, then you're using it for nefarious purposes and you are the type of person that the enforcement agencies are looking at.
The member for Goldstein is always very eloquent and very well prepared, but I'm at odds with one thing that he said—that the production of child exploitation material more often comes from overseas than from here. I apologise if I have misquoted him. All you need to do is go to any courthouse, in any state, on any day of the week, and you will find people charged with the production of child exploitation material in Australia. This isn't unique to overseas. We saw that recently. In my backyard a childcare school was caught up in Operation Arkstone, where two men were charged with sexual assault of 12 minors as well as producing child exploitation material. That is in our own backyard—my own backyard. So I would urge anybody listening to or reading this to not think that this is something out of a movie and to not think that this is only in the realms of the underworld. This is in your backyard.
This is exactly why we need legislation like this, despite the delicate balance with civil liberties. Your civil liberties are not impinged if you're doing the right thing. Do we say, 'I don't want legislation such as this tightened because of something that I hold precious, even though I'll never use it,' over protecting a 12-month-old baby from being sexually assaulted and exploited? I think the answer is fairly clear.
The dark web increasingly frequently hosts large-scale, complex, anonymous platforms and services to facilitate serious crimes. We all know that. It's not only sexual abuse of children but drugs, firearms and extremist content. Of particular concern is the hosting, sharing and distribution of child abuse material that is increasingly occurring on the dark web, where the true IP address, location and jurisdiction of both users and service are hidden or encrypted.
Currently, the powers afforded to law enforcement are focused on gathering evidence from criminal offences and prosecuting offences, and they're targeted at the individual crime through the investigation of particular people or a computer connected with that specific offence. The problem herein is that this restriction to the individual act or the individual device becomes increasingly insufficient to respond to the threat posed by the cyberenabled crime. Without the support of powers to enable the identification of potential offenders and understand the scope of their offending, investigations are often constrained from the outset. It's trite to say that criminals operating online are almost always unknown, inaccessible or too numerous to reasonably pursue for prosecution. That's why these offences generally go unnoticed and unpunished, and it is exactly why these measures put before the parliament today are absolutely necessary.
The assistance and access act, introduced in 2018, was one plank of the government's action to address the challenges that technology like encryption posed to law enforcement. That legislation established a framework for agencies to seek technical assistance from the technology industry and the introduction of computer access warrant powers for law enforcement. But, again, it's becoming more and more difficult with the advancement of technology.
I referred to Operation Arkstone. With these powers, Operation Arkstone has been one of the most significant child protection investigations by the AFP to date, due to its scale of offending and its reach across Australia. Yes, it was overseas, but this was in our own backyard. At the most extreme end, some of the offenders allegedly inflicted acts of sexual abuse on Australian children ranging in age from 16 months to 15 years. It was recorded and put online. This is depraved, evil material and is exactly why we should have this type of legislation and exactly why it takes precedence over civil liberties.
Another operation, Operation Ironside, which we saw recently, was a huge success. During Operation Ironside there were 696 search warrants executed, 290 offenders charged and 728 charges laid. There were 4,784 kilograms of drugs seized, and we know what drugs do to our communities. In my electorate, in Coffs Harbour or Kempsey or Port Macquarie, you see the ice on the street every day and you see the effects it has on our own people. There's never black and white; there's always grey in between. There are very different reasons why people use drugs. But, if the drugs aren't there, they can't be used. We need to give police the powers to investigate and to decrypt.
This bill seeks to introduce three key powers that will significantly assist the AFP and ACIC in the fight against such cyber-enabled serious crimes as were uncovered by Operation Arkstone and Operation Ironside. Firstly, network activity warrants will enable the AFP and the ACIC to collect intelligence on the most harmful criminal networks operating online, including on the dark web, using anonymising technologies, rather than being limited to reactive deployment in relation to nominated and specific criminal offending. Secondly, data disruption warrants will enable the AFP and ACIC to disrupt serious criminality online by authorising the AFP and the ACIC to modify data belonging to individuals suspected of criminal activity, in order to frustrate the commission of serious offences. Importantly, this measure will be particularly effective in disrupting the distribution of child exploitation material. Finally, an account takeover power will enable the AFP and ACIC to take control of an individual person's online account in order to effectively gather evidence about criminal activity. This is to be used in conjunction with other investigatory powers. It is important to note the government has prepared amendments that strengthen the conditions of oversight and transparency for when and how these important new powers can be used. They cannot be used without significant justification.
In conclusion, as a former investigator myself, I commend this government's continued response to countering all forms of criminal activity that seek to harm the most vulnerable within our community. I welcome the changes that this bill will bring to the effectiveness of our law enforcement agencies.
6:24 pm
Andrew Wallace (Fisher, Liberal Party) Share this | Link to this | Hansard source
I rise to speak on the Surveillance Legislation Amendment (Identify and Disrupt) Bill 2020. Internet connected devices are increasingly at the centre of our daily lives and never more so than now, in the era of COVID-19. Whether you're the Prime Minister videoconferencing his national cabinet colleagues, a young person paying for lunch through their digital wallet or an Australian meeting their grandchild for the first time via Zoom, today digital devices are a part of everything that we do. However, that is just as much the case for criminals as it is for the rest of us. Digital connectivity has made it easier than ever before for criminals to communicate with one another, to share resources and knowledge and to prey on Australian families and businesses.
The Morrison government is committed to stamping out this kind of criminal activity. We are making the nation's largest ever investment in cybersecurity through the $1.7 billion Cyber Security Strategy. This includes $1.4 billion over the next decade to enhance the cybersecurity capabilities and assistance provided to Australians through the Australian Signals Directorate and the Australian Cyber Security Centre.
In recent months I've seen firsthand the government's commitment to protecting Australians online. Many people are not aware that in my electorate of Fisher, with the support of the federal government, we are in fact leading the way in the fight against complex and ever-growing cybercrime through local charity IDCARE. IDCARE was established by the federal government in 2014. It's based in Caloundra, in my electorate, and it has directly supported more than 200,000 Australians, helping reverse the impacts of cybercrimes from identity theft to the hacking of personal devices. IDCARE's services range from brief telephone consultations to complex advocacy and technical assistance, ranging across weeks and, in fact, months of support. They've developed a suite of more than a thousand response plans for the more frequently encountered crimes, and there in Caloundra is the only place in the world you'll find specialist identity and cybersecurity case managers. Once again, Fisher is leading the way in dealing with this sort of scourge in our society.
IDCARE's managing director, David Lacey, tells me that demand for their services has increased fourfold since 2015, with hundreds of people on the Sunshine Coast alone seeking support. Indeed, nationwide, a cybercrime is reported to the ACSC, the Australian Cyber Security Centre, every 10 minutes. Yet we know that the majority of incidents still go unreported. The ACCC's Targeting scams report found that in 2019 alone Australians lost more than $634 million to these online crimes. I have to say: it makes my blood absolutely boil to see these crooks trying to steal money from hardworking and often retired Australians.
When I recently visited IDCARE, I met a number of their clients. They were ordinary Australians like you and me, Deputy Speaker Freelander—well, perhaps not like you and me, because we're not retired! These local retirees were looking for investments that would guarantee their financial security after a lifetime of hard work, and they are now left with nothing. Local business owners trying to keep their staff employed and their customers served through the worst economic and health crises in a century have now been devastated by blackmail and extortion. That's why I was proud to join the once Minister for Home Affairs, the now defence minister, at IDCARE earlier this year to announce that the Morrison government would provide the not-for-profit with additional funding of $6.1 million over the next four years to provide their specialist services to a further 54,000 Australians. This funding is going to help IDCARE to help tens of thousands more Australians to protect themselves online and to pick up the pieces when, sadly, things go so wrong.
Scams, cybercrimes and identity crimes impact every one of us, and no-one is entirely safe. I'm sure we've all experienced those fake calls purporting to be from the tax office, Amazon or Telstra, or the ads for products that are too good to be true, and every year these scams just seem to get more and more sophisticated. However, unfortunately, these scams are not the worst of online crime. Child abuse, organised crime, terrorism, drug and human trafficking, large-scale fraud, illegal weapons trading and even assassinations are contracted, planned, funded and paid for on the dark web. Sadly and regrettably, these things are only getting worse.
Last year the AFP identified a 163 per cent increase in the amount of child abuse material being downloaded on the dark web in 2020 compared to the previous year—a 163 per cent increase! This is judged to represent less than half the material that is in fact available. The AFP is aware that in 2018 more than 10,000 secure and encrypted specialist handsets were being used by Australian criminals to send secure communications. Currently, the AFP and the Australian Criminal Intelligence Commission are able to deploy electronic surveillance for aspects of communications traffic, content data and telecommunications data. However, they can only do so in gathering evidence of specific criminal offences and in prosecuting known individuals. However, with the increasing sophistication of the tools available to criminals, it is becoming impractical in all too many cases to identify offenders without deploying electronic surveillance proactively.
Today's criminals use virtual private networks to conceal their location and encrypted physical handsets like Encrochat and Ciphr to operate on a closed, anonymous network. They use bitcoin and other cryptocurrencies to make untraceable purchases and transfers of funds, and they conceal their identities behind random usernames and layers of anonymous accounts. The websites criminals use support their activities by their intentional avoidance of collecting any user information that law enforcement could use to identify a suspect for further investigation. In these circumstances, it can be nigh on impossible to track down an individual user or computer in order to deploy the powers available to them, even as law enforcement can observe a serious crime being committed.
The powers available to law enforcement need to keep pace with the increasing sophistication of crime online, and that is what this bill delivers. Firstly, the bill will get to the heart of this issue by giving the AFP and the ACIC the power to collect intelligence online concerning the activity of unidentified individuals and criminal groups by allowing access to the computers being used to facilitate serious criminal activity. Accessing these computers is often the only practical way to identify who the criminals are in order to investigate and disrupt their offences. We cannot allow a situation to continue where law enforcement can see serious crimes being committed but can do nothing to identify the perpetrators simply because they do not already know who those perpetrators are.
Secondly, this bill would give law enforcement, with the proper warrant, the power to take control of a suspected criminal's account in order to gather evidence about their activities and those of their associates. Once an alleged offender has been identified, the opaque nature of the websites that they use in planning and executing their crimes, and the anonymity of cryptocurrencies, can mean that the only place evidence is recorded is in the alleged offender's own accounts. As it stands, those accounts are only accessible to the AFP if the accused gives them access. Well, that's not going to happen!
With the right oversight from the Commonwealth Ombudsman, this power will ensure that Australian law enforcement doesn't need an alleged offender's permission to investigate their own crimes.
Finally, the bill will introduce a data disruption warrant to enable the AFP and the ACIC to take the fight right to the criminals and stop them in the act. The uniquely live and dynamic nature of the online environment means that, at times, law enforcement officers can see serious crimes, such as the dissemination of child abuse material, being or about to be committed in real time. At present, there is little or nothing an officer can do to prevent these crimes from proceeding. However, under this bill, the AFP and the ACIC would be able to apply for a data disruption warrant. This would give them the ability to disrupt data held on computers by deleting it, adding to it or modifying it such that it can no longer be used to commit a crime. Australians are well aware of the devastating impact that cybercriminals can have on their legitimate activities through modifying or deleting their data. This bill would rebalance the scales and give us the power to disrupt the activities of serious criminals in our turn and use their tools against them.
We've seen in recent months what a devastating impact such a reversal can have on organised crime. When law enforcement have the powers they need to use cutting-edge online tools themselves against the criminals, the results can be explosive. We will have read the extensive coverage in the media of Operation Ironside, the extremely sophisticated international effort which saw hundreds of Australian organised criminals planning their crimes on an online platform which was, in fact, operated by the US FBI. The outcomes delivered by the AFP as part of this operation are nothing short of incredible—nearly $50 million seized, 250 of the most serious offenders charged, 139 firearms recovered, almost five tonnes of narcotics removed from the streets and 20 threats to kill averted. The operation found alleged links between Australian criminals with the Asian crime syndicates, Albanian organised crime gangs and even the Italian Mafia. These are remarkable outcomes, and this one operation has already made Australia a materially safer place. With the bill before the House we have the opportunity to build more such operations and make them an important part of the law enforcement arsenal in this country.
I'd like to take the opportunity to pay tribute to both the former Minister for Home Affairs, the Minister for Defence, who I know put a lot of work into developing this bill before the House, and the current Minister for Home Affairs, who is in the chamber today. I'd like to congratulate them both for their work not just in this chamber—people have no idea of the sacrifices that that role entails, the intrusions on their own privacy, the incredible demands on their family lives and their own personal lives. It is, quite frankly, while probably one of the best portfolios in government, one of the most onerous. I dip my lid to the minister in the chamber today for the great work she is doing in her portfolio.
Australian law enforcement officers are resourceful, skilled and creative. When we give them the tools they need, they can be devastatingly effective against even the most sophisticated criminals. The bill before us levels the playing field. It gives the AFP the opportunity to turn the tables and use the underworld's own technologies and techniques against them to make Australia a safer place for all of us. I commend the bill to the House.
6:39 pm
Karen Andrews (McPherson, Liberal Party, Minister for Home Affairs) Share this | Link to this | Hansard source
I would like to thank my colleagues right across this chamber for their contribution to the debate on the Surveillance Legislation Amendment (Identify and Disrupt) Bill 2020. The government's first priority is ensuring the safety and security of all Australians. It is vital that our law enforcement agencies have effective tools to protect the Australian community. The growing use of the dark web and other technologies that allow criminals to remain anonymous is increasingly inhibiting agencies' ability to protect our community. This bill will substantially boost the capacity of the Australian Federal Police, the AFP, and the Australian Criminal Intelligence Commission, the ACIC, to identify and disrupt serious criminal activity occurring online, particularly activity by criminals who seek to use the dark web and other platforms to evade law enforcement.
The arrest of more than 220 criminals as part of Operation Ironside earlier this year was a testament to the dedication and hard work of our law enforcement agencies, but it also demonstrated the persistent and ever-evolving threat of transnational serious and organised crime and their increasing tendency to seek out and use technology—often operated exclusively for the criminal market to conceal their offending. In the case of Operation Ironside, ingenuity and world-class capabilities gave our law enforcement an edge. This bill is just one more step the government is taking to ensure our agencies maintain that edge.
The bill has been reviewed extensively by the Parliamentary Joint Committee on Intelligence and Security, with a report tabled by the committee on 5 August 2021. I circulate an addendum to the explanatory memorandum, responding to issues raised by the Senate Standing Committee for the Scrutiny of Bills, the Parliamentary Joint Committee on Human Rights and the Parliamentary Joint Committee on Intelligence and Security. The government thanks these committees for their review of these important reforms.
We do not accept serious crime in our communities and neither should we accept it online. Our laws must keep pace with technology if our agencies are to continue to do the job we expect of them to keep Australians safe.
Question agreed to.
Bill read a second time.