Thursday, 6 December 2018
Telecommunications and Other Legislation Amendment (Assistance and Access) Bill 2018; Second Reading
I'd firstly like to acknowledge the particularly fine contribution of the shadow Attorney-General to this process. This speech lays down a great foundation for the debate that will proceed now. Obviously, I also want to pay tribute to the shadow Attorney-General and his staff, who've effectively done the work of the department in providing the wherewithal by which the Parliamentary Joint Committee on Intelligence and Security has addressed and handled all of the legislation that has been brought before it. With that foundation having been laid by the shadow Attorney-General, I would like to just take a step back and perhaps contextualise some of this debate we're going to have on this particular legislation. Before people speak and, perhaps, comment by Twitter or by email to MPs on this bill, I would urge them to read the shadow Attorney-General's speech to make sure they are properly informed about what it is that will be in the public space and discussed in relation to this legislation.
There is no question that the core of this legislation is a threat that has been growing over the years to this nation and to the world in general. We have faced a unique period of increased threat but also of exponential growth in technology that provides challenges to our agencies—there is no question about that. The work of the committee has been unprecedented over these last few years in dealing with the volume of legislation and measures that seek to address those threats. It has highlighted issues of the resourcing of the committee and how the committee operates.
Firstly, I pay tribute to the fact that this committee works in an exceptionally bipartisan way. It is a serious committee; I would argue that it's probably the most important committee of this House. Both sides usually take care in the selection of members of that committee. We have had great collaboration within that committee, with the members that have been serving on it, through this period. I particularly pay tribute to the chair, with whom we've all had the great experience of working through this period of dealing, effectively, with groundbreaking legislation, internationally, which traverses whole new legal and technical concepts. The chair and the committee have worked through a modus operandi which has been very effective. It does take time, and it needs to take time, to work through those issues. The whole point of this parliament and the whole point of a committee like this is to have contestability of policy. We are able to hold public hearings and private hearings to tease out all of the dimensions of what is at stake.
Having been on the other side of this desk, I have worked through those processes myself. Particularly in the lead-up to the 2000 Olympics, the reforms to part IIIAAA of the Defence Act happened in this space. They were very complicated and difficult, and traversed issues and concerns about civil liberties and the rest. That coordination process that I was involved in then took three years. Coordination across departments and consultation with stakeholders are absolutely essential in these processes. In response to the nature of heightened threats, we have seen, obviously, truncated processes in the legislation, which we have dealt with, and that presents great difficulty in drafting this legislation properly and in consultation, so it has really fallen to the committee, the secretariat and the shadow Attorney-General to repair quite a lot of legislation that has come to us in quite a rough state. It just emphasises the need to give the committee due regard, due process and due time to work through those issues.
In this context, we have accepted the advice that we have had from the agencies, and I want to thank them for their work in informing the committee. I'm particularly grateful for the in-depth technical assistance that was provided to us by ASIO and the briefings that we received over in ASIO's headquarters. There is no question that the issue of encryption is a really serious one for our agencies. We're in a new world now where things and capabilities that used to be the preserve of states are now quite ubiquitous. You've got kids in bedrooms who are able to develop encryption apps following instructions on the internet. There are specific aspects of that about which, obviously, we are constrained. We are not able to go into them in detail in the public space because of the nature of these issues and the briefings that we've received, but I think the public should be reassured that the committee and Labor on that committee have prosecuted the case effectively in relation to the civil liberties issues that are presented by that. We have also taken great cognisance, as the shadow Attorney-General has mentioned, of the issues that have been raised in relation to commercial impacts and security impacts. One of the things that has guided me in my time working in security affairs is that sometimes the road to hell is paved with good intentions. That's why we need to work through these things carefully.
The Attorney-General has been working with us very well through these processes since he became the Attorney-General. I know that he's under the constraints of working within the cabinet framework and that there are sometimes dynamics that happen in cabinet frameworks, but the problem that we have had in this process has been the truncation. Within the committee we came to an agreement, we believed, on how that might be managed. This was not a question of Labor trying to force measures to deal with this issue of cutting short the committee's processes. There were coalition members' suggestions that we adopted on how that might be managed because they had equal concerns about the evidence that we received about the security risks and, of course, the commercial risks posed by the bill.
My focus is really on the safety of Australians and the security risks that were highlighted. The problem there is that we need the ability to test that evidence, to properly get informed about that evidence and then to propose measures that might address it effectively. The areas that we were particularly concerned in, I think, crossed the spectrum of the members of that committee. Was this issue of the systemic weakness problem, because of the evidence that we received about that, opening up and exposing lots of systems that regulate our transport systems, our banking systems—every system, these days, that is dependent on protected networks?
So that was of concern, and it needed to be tested. But mostly we needed to come up with a proper definition of 'systemic weakness', and that's going to be a huge challenge.
This is a broad concept that will be very difficult to nail down effectively in a regulatory mechanism. However, we have greater comfort in how that will be managed from the fact that we now have an additional mechanism, through the committee working through these suggestions and processes, to have an independent assessment done, which a company can refer to where it has issues of concern about being forced to a requirement, under a technical capability notice, to engage in unlocking some of these aspects of what it does. So it can go to that independent mechanism, which is going to be composed of a judge and a technical expert, and, importantly, the decision of that independent mechanism will be binding. So there's a fair degree of comfort in that, but there is more work that needs to be done in relation to this definitional issue.
Of course, the shadow Attorney-General mentioned the challenge of the processes under the CLOUD Act. People need to step back from the legal detail here. The evidence that we received indicated that there would be a real question—a real challenge—to negotiations Australia is currently involved in to come within that CLOUD Act framework, which the UK is also processing through. The challenge with coming under the CLOUD Act—which enables us to truncate processes of getting access to data, which is essential for our agencies—relates to US conditions on probity. The UK are moving through that process well because, for example, they have judicial warrants in place for the systems that they have. So we need to just test that evidence. We need to get to the bottom of that and then work out ways around it if necessary.
What I'm happy about is that the measure that the committee, across coalition and Labor members, suggested—that we have an interim bill—is effectively where we're at. We're going to have a bill that enables our agencies to deal with what was presented to us as a period of heightened alert and to just deal generally with managing the threat challenge they have around this technical barrier. But, at the same time, we are going to see the committee continue its process of refining what will no doubt be a significantly improved piece of legislation when that process is complete.
We have had something like 17 bills presented to this committee, and Labor has worked to offer over 300 recommendations in relation to those items of legislation, which have all been adopted in that process. Through the input of all the members of the committee in those processes, we have seen the end product that comes out of the bottom of the funnel being better. Every single time, it has been a better piece of legislation. So allowing the committee to continue its process of analysis, of testing this evidence and of coming forward with recommendations will no doubt refine and improve this legislation and address any issues that emerge, and we will have the benefit of some experience with it as well.
Additionally, the INSLM, the independent monitor of our security legislation, will conduct a statutory review after the 18-month period is complete. To have that extra independent oversight is critical as well. We have been served well by INSLMs in the past who have done a great job in that space, such as Bret Walker.
So those are important facts to be aware of and that the community can be reassured about. We have continuing concerns about how this will play out and how this bill will operate. Of course, there are the concerns of the community. It's one of those rare situations where you have civil liberty concerns and industry concerns being raised from completely different perspectives—a conflation of concerns wrapped up in this bill. Of course, those commercial issues are very important. The evidence that we received in the committee highlighted some risks of an order of magnitude that cannot be ignored; we cannot simply brush those aside. They relate, in addition to the way those large IT companies operate, to the way that Australian companies participate in that global space. So it's something that we must test as well. We need detailed review of that commercial impact and how that might be managed and dealt with.
Certainly I know that we can't just make a blanket complaint about the way Silicon Valley operates in the way the Minister for Home Affairs did. A lot of those companies actually got their start in life through assistance from DARPA and the CIA, which are providing fantastic contributions in the security space. Companies like Palantir, for example, effectively vectored Osama bin Laden's location. We need to work with these companies and capabilities, not ruin relationships with them or prevent Australia from accessing and dealing with those companies, which is one of the risks that are involved in a process like this.
There is another issue, of course, that I should deal with—and I know that there are other elements that the shadow minister went to in terms of the probity concerns. We were really supported well by and benefited from the evidence presented by the IGIS, Margaret Stone, who is a very, very capable person with a very capable team. Through all of these processes and all this legislation, she has provided incredibly valuable input. The role that she and her team perform in giving the community comfort about the way our security agencies operate—she is completely embedded in that process—is critically important and has been critically beneficial to all the legislation and how these agencies operate. Any recommendations or suggestions she makes must be taken very seriously. We must be reassured about how this legislation operates in the way she does business, and certainly that is so for the Ombudsman as well, and we're reassured that that will be taken seriously by the Attorney-General.
In conclusion, though, I must draw my final comments to unhelpful sideline comments from the member for Hume and from the finance minister, in the Senate. Those sorts of comments were extreme and grossly offensive not only to Labor but to me and the member for Solomon personally. I have spent 30 years of my life deeply immersed in the security affairs of this nation. I've watched friends lost and killed in operations against terrorists. I've washed the blood of friends from my uniform. And I won't be told by a member of this House that I am 'running a protection racket for terrorists'. That was grossly offensive and was not a contribution to this debate. I understand that, in the heat of politics, you sometimes say things off the top of your head. But I would request that the member for Hume come into this House and make an apology to the members of the Labor Party and personally to the two members of that party who have served our nation in uniform against that terrorist threat. We have entered into this space in all goodwill and in full endeavour to get this job done.