Proposed new surveillance legislation was introduced to the Australian Parliament in early December 2020. The legislation is intended to provide Australia’s law enforcement agencies with additional regulatory powers to tackle crime which is enabled through the dark web as well as through the use of anonymising technologies. As with all surveillance legislation, this is controversial and has been sent to a Parliamentary Committee for further scrutiny.
New warrants powers for the Australian Federal Police and the Australian Criminal Intelligence Commission
The Surveillance Legislation Amendment (Identify and Disrupt) Bill 2020 (Identify and Disrupt Bill) provides for three new types of warrants:
- “Data disruption warrants”: These will be issued under the Surveillance Devices Act 2004 (Cth) (SD Act). These warrants are intended to prevent or disrupt defined “relevant offences” that involve data held in a computer. If a data disruption warrant is obtained by the Australian Federal Police (AFP) or the Australian Criminal Intelligence Commission (ACIC), it will enable that agency to covertly access and disrupt data for the purposes of frustrating the commission of a relevant offence. Any information obtained in executing such a warrant will be able to be used as evidence in a prosecution.
- “Network activity warrants”: Like data disruption warrants, these will be issued under the SD Act. These will enable the AFP or ACIC to investigate a “criminal network” by accessing data in computers used or likely to be used by that network, whether that data is stored on the relevant computer or temporarily linked or transited through it. A criminal network is a network that has or may engage in defined “relevant offences” (or the facilitation of such offences). Information obtained may generally not be used as evidence in criminal proceedings but may be used to support an application for another type of evidence gathering warrant.
- “Account takeover warrants”: These warrants will enable the AFP and ACIC to take control of an account or accounts where the applicant suspects on reasonable grounds that defined “relevant offences” have, are or may be committed which are or are likely to be investigated, where control of the accounts is necessary to enable evidence to be obtained. Unlike the other two types of warrants, which (as applies for other warrants under the SD Act) may generally only be granted by certain federal judges or a limited category of members of the Administrative Appeals Tribunal, these warrants may generally be granted by a magistrate. The account takeover warrant provisions will be incorporated in the Crimes Act 1914 (Cth) (Crimes Act), not the SD Act.
For each of the first two types of warrants, the “relevant offence” definition is the general definition in the SD Act and applicable to other warrants that may be issued under that Act, that is, it encompasses, amongst other offences, offences with a maximum penalty of at least three years’ imprisonment. For the third type of warrant, there is a more limited category of relevant offence defined by reference to the Crimes Act – being a “serious Commonwealth offence”, which is a more limited category of serious offence that relates to particular types of matters such as money laundering or tax evasion, or a “serious State offence that has a federal aspect”, that is, an offence that affects the interests of the Commonwealth or relates to a matter outside Australia or for some other reason has a federal aspect and which would be a serious Commonwealth offence if it was a Commonwealth offence.
As with all surveillance legislation, this legislation is controversial. The Minister for Home Affairs, The Hon Peter Dutton MP, stated that the purpose of the Identify and Disrupt Bill is to better equip the AFP and the ACIC to take on criminals who use the dark web and online technologies that cloak their identities and encrypt their communications, but the “relevant offences” to which the new warrants will apply include a much broader category of offences. Concerns have also been expressed by privacy advocates and in relation to judicial oversight of these warrants.
The Bill was introduced at the same time the Government released the unclassified version of the report from the Comprehensive Review of the legal framework of the National Intelligence Community (Comprehensive Review) and the Government’s response to that Comprehensive Review. As the Government accepted one of the primary recommendations from that Comprehensive Review to create a new electronic surveillance act, it may seem counterintuitive that it has proposed the Identify and Disrupt Bill at the same time. However, given the complexity of Australia’s electronic surveillance legislation, which is largely contained in three different acts, the SD Act, the Telecommunications (Interception and Access) Act 1979 (Cth) and the Australian Security Intelligence Organisation Act 1979 (Cth), it will take some time for the proposed new electronic surveillance act to be developed and put into place. It appears that the Government considers that providing these new warrants powers cannot wait for that process.
Following introduction, the Identify and Disrupt Bill was sent to the Parliamentary Joint Committee on Intelligence and Security for further scrutiny. The Committee is required to provide a report to the Australian Parliament by 5 March 2021, which will potentially allow the Bill to be passed early in 2021. Whether the Committee makes recommendations to limit the scope of the Bill, or to introduce additional protections around privacy, judicial scrutiny or other matters, remains to be seen. Even if the Committee does not make such recommendations, there is no certainty that the Bill will be approved by the Senate in its current form.