Nola Marino (Forrest, Liberal Party) Share this | Hansard source

I rise to support the Cybercrime Legislation Amendment Bill 2011, and in doing so offer support to our law enforcement agencies in their efforts to deal with cybercrime and very serious transnational cybercrime. The bill will make amendments to four acts: the Telecommunications Act 1997, the Telecommunications (Interception and Access) Act 1979, the Mutual Assistance in Criminal Matters Act 1987 and the Criminal Code Act 1995.

I am a member of the Joint Select Committee on Cyber-Safety. We made 13 detailed and technical recommendations in our final report. This report was tabled in this House just last Thursday. However, the government has brought on this legislation and debate merely days after the report was tabled, without the Attorney-General or Minister for Home Affairs responding to those recommendations, and the minister has given no indication whether any of these recommendations will be supported and whether there will be further amendments made by the government.

The bill facilitates Australia's accession to the Council of Europe Convention on Cybercrime, and it amends the Telecommunications (Interception and Access) Act and the Telecommunications Act 1997 to oblige carriers and carriage service providers to preserve targeted stored communications when requested by certain domestic agencies or when requested by Australian Federal Police on behalf of certain foreign countries. There are three types of preservation notices: historic domestic preservation notices, the ongoing domestic preservation notices and foreign preservation notices.

The bill also provides Australian agencies with greater access to information held overseas in the investigation of cybercrime and internet crime. It deals with domestic and foreign preservation notices. The bill ensures that Australia meets requirements under the convention, which is the first international treaty on crimes committed either against or via the internet and other computer networks. It covers a broad range of crimes committed over the internet and computer networks, particularly online fraud, child pornography and the unauthorised access, use or modification of data stored on computers, such as violations of network security.

The main objective is to pursue a common criminal policy through consistent legislation and international cooperation. As many members before me tonight have indicated, there is no doubt that cybercrime and cyber-terrorism pose very serious and growing transnational threats that are operating on a global and industrial scale. Also, the ability to share telecommunications data with foreign countries will enhance the ability of the AFP to work with foreign counterparts, both in accessing data and information required for criminal offences and providing information for foreign counterparts to deal with the growing issue of cybercrime and cyber-terrorism threats. One recommendation of the joint select committee that I would like to mention is recommendation 9 in chapter 7, proposing that a new paragraph be inserted into the Telecommunications Act requiring:

… that the Australian Federal Police report to the Minister:

In my view we need to ensure that this legislation does not assist any foreign entity, government agency or partly or fully owned government entity to access material that is commercial-in-confidence, corporate secrets or material that would give it commercial advantage through either an individual or a number of strategically requested preservation orders. However, we do not know yet whether the minister will respond to recommendation 9. I understand from the hearings that the AFP has very sound working relationships with the foreign agencies and counterparts that it deals with on these matters, and they are existing. The AFP is extremely confident that there is not currently and will not be any unauthorised or third party access to the information provided. However, I bring to the minister's attention the importance of recommendations to include the requirement that the AFP report to him any evidence that disclosed data has been passed on to a third party or parties, as recommended by the joint committee.

During the inquiry the committee heard concerns that the convention does not contain sufficiently robust privacy and civil liberties protections to offset its increased surveillance and information-sharing powers. The Law Council, the Australian Bar Association and several other submitters expressed concerns relating to the threshold for granting a stored communication warrant, to privacy safeguards and to conditions of disclosure. The bill in its current form lowers the justification threshold for foreign countries, and this was something that did concern several of the submitters to the inquiry. There is no requirement that a foreign country justify the use of stored communications. The Law Council expressed the view that foreign agencies should be required to provide sufficient information on the merits of the request, but I note that the European convention contains express limitations and assumptions that limit the scope of procedural powers by requiring that such powers be for the purpose of specific criminal investigations and proceedings.

The committee's first recommendation was that the thresholds applying for issuing a stored communication warrant for a serious foreign offence should have the same thresholds as those applying to a domestic Australian investigation. The third recommendation includes 'an additional discretionary ground to decline a request where the requesting country’s arrangements for handling personal information do not offer privacy protection substantially similar to those applying in Australia'. The committee also felt that there are justified concerns about the unrestricted sharing of data with foreign countries. There was a view that the public will have more confidence in the new regime and processes if there is an alignment of the T(IA) and MACM acts to provide clarity to police on factors to be considered, and that is reflected in the recommendations made.

The committee also dealt with the practical issue of the impact of this legislation on the validity of concurrent state criminal offences. Western Australia, Victoria and New South Wales support Australia's accession to the convention provided that this does not lead to conflicts between Commonwealth, state and territory offence provisions. I note that the proposed legislation may have some effect on state and territory governments. In fact, the government of Western Australia said in their submission:

It is important to note that accession to the Convention should not create further bureaucracy which could act to stifle established links between agencies, particularly those formed at a State level. WA Police already has strong ties with a number of … service providers in attempting to tackle cybercrime. It would be detrimental if accession to the Convention were to erode these links.

As noted in the committee report, there is current uncertainty over the constitutional division of legislative power to make laws with respect to crime. The recent High Court decision that invalidated certain Victorian legislative provisions is a decision that has brought into question the approach to resolving the validity of concurrent and overlapping Commonwealth offences. In relation to these concerns, I note that the Criminal Code provides that Commonwealth computer offences are not intended to limit or exclude the operation of any law of a state or territory and that this clause will continue to apply. However, the committee also noted continuing concern about the impact on the validity of state law at a federal level. It was noted in our report that this may be significant, which is why further consultation with the states is required.

The bill does not detail the practical handling of content or trafficked data by carriers and carriage service providers, particularly in relation to privacy and confidentiality. These are critical issues for the consumers of services provided by the carriage service providers. The privacy and confidentiality of their communications is paramount to individuals and businesses, given both commercial-in-confidence issues as well as personal information matters. The committee made specific recommendations for the data handling and the protection obligations of carriers and carriage service providers, as well as the destruction of stored communications.

Tonight I have touched briefly on some of the 13 recommendations in the committee's report into this legislation. The joint committee was quite satisfied with what we recommended in relation to this legislation. The issue of cybercrime may require ongoing and further amendments, given the level of sophistication that our law enforcement agencies are having to deal with. We can only expect that this level of sophistication will increase and that there may be a requirement for further amendments to enable our law enforcement agencies to carry out their responsibilities and discharge the obligations or requirements we place on them as a parliament and as a people. On that basis I support this legislation.

See this speech in context