Overview
On 25 August 2021 the Surveillance Legislation Amendment (Identify and Disrupt) Bill 2020 passed through parliament in record time, without anyone so much as a batting an eyelid. So fast, in fact, that most people won’t even know about it. While it was introduced in December 2020, the Bill sat around without much action until it passed both houses of parliament within the space of 24 hours, on 24 and 25 August 2021.
The legislation gives unprecedented, and worrying, powers to Australian Federal Police (AFP) officers and the Australian Criminal Intelligence Commission (ACIC) through three types of warrants:
- Data disruption warrants (DDWs) which enable the AFP and the ACIC to modify, add, copy, or delete data for the purposes of frustrating the commission of serious offences online;
- Network activity warrants (NAWs), which permit access to devices and networks used by suspected criminal networks for intelligence gathering purposes; and
- Account takeover warrants (ATWs), which provide the AFP and the ACIC with the ability to take control of a person’s online account for the purposes of gathering evidence to further a criminal investigation.
In order to get a warrant, AFP and ACC officers can apply to an “eligible Judge” or, more worryingly, a nominated member of the Administrative Appeals Tribunal (AAT) — which is concerning, considering existing warrants which allow police to review the contents of a suspect’s phone need a Magistrate’s explicit authorisation.
When considering whether to issue a warrant, the member or Judge may consider the likelihood of interfering with or preventing any offence under Chapters 5 and 7-10 of the Criminal Code (Cth) or any activities which are against the “security” or “proper administration” of the Commonwealth. In addition, they can consider offences which have the potential to cause serious violence or harm to a person, which cause or have the potential to cause a “danger” to the community, or which cause or might cause substantial damage to or loss of data, property or critical infrastructure.
Submissions on the legislation
The Office of the Australian Information Commissioner (OAIC) submission on the new legislation was effectively that, while law enforcement is important, the powers were effectively too wide-ranging and coercive in nature. Their submission noted that:
These powers may adversely impact the privacy of a large number of individuals, including individuals not suspected of involvement in criminal activity, and must therefore be subject to a careful and critical assessment of their necessity, reasonableness and proportionality. Further, given the privacy impact of these law enforcement powers on a broad range of individuals and networks, they should be accompanied by appropriate privacy safeguards.
A number of recommendations were made for changes to be made to the proposed legislation, one of which was that only Judges be permitted to issue warrants — which was, concerningly, not one of the suggestions incorporated in the final version of the legislation.
Impacts on privacy
While the authorising AAT member or Judge has to consider a number of matters before issuing a warrant, they have the power to issue warrants which abrogate things such as a journalists’ right to confidential sources, as well as being able to interrupt accounts and cause a “temporary” loss of money or digital currency. This is despite Australia being a signatory to the International Covenant on Civil and Political Rights, which provides at Article 17 that:
No one shall be subjected to arbitrary or unlawful interference with their privacy, family, home or correspondence, nor to unlawful attacks on his or her honour and reputation, and that everyone has the right to the protection of the law against such interference or attacks.
The legislation is said to “permissibly limit” those rights because it achieves “legitimate objectives” which are not arbitrary — that is, the protection of public safety by providing law enforcement agencies with additional powers to combat serious online crime.
Police, under the warrants, have power to enter homes or business premises to access targeted computers, remove them, and modify or delete data before returning them — all without the targeted person ever knowing. Such access can even occur outside Australia, or onboard a boat or airplane, if the AAT member of Judge allows it. In addition, NAWs allow for the use of covert surveillance devices to be used to monitor a suspect.
Other impacts
The data disruption warrants also provide AFP officers with the power to force network administrators (or someone with knowledge of that particular computer or network) to comply with their warrants, and hand over access to data and accounts, otherwise they face up to 10 years in jail (ironically titled an “assistance order”). And while such a person isn’t held civilly liable for their actions, forcing someone to do the police’s job for them seems entirely coercive in nature.
Final thoughts
The slow but inevitable erosion of our right to privacy and freedom of speech in the name of democracy is becoming increasingly transparent. The ability for police to intercept and modify your data when they consider it is against the “security” or “proper administration” of the Commonwealth is a scary, but now completely real, scenario.
While it is impossible to predict precisely what activities these laws will now be targeted at, a number of scenarios spring to mind. Police could prevent whistle-blowers from ruining the reputation of the Government or an elected official by deleting incriminating evidence obtained by a journalist. Or, they might use their powers to control messaging around what they consider to be undesirable expressions of opinion on issues such as our immigration policy or climate change. While it’s easy to be optimistic and simply put our trust in the system, we know as criminal defence lawyers that this legislation simply achieves the goal of removing yet another layer of our fundamental rights.
In the words of a famous Australian street poet, “this is democracy manifest”.