Monday, 25 November 2019
Telecommunications (Interception and Access) Amendment (Assistance and Access Amendments Review) Bill 2019; Second Reading
Here we are again! This will be the fourth time that I've delivered a speech in this parliament about the measures that were introduced by the Telecommunications and Other Legislation Amendment (Assistance and Access) Bill 2018. Before I continue, it is worth recounting some history. Following its introduction into the parliament, on 20 September 2018, the assistance and access bill was referred to the Parliamentary Joint Committee on Intelligence and Security. That committee, of which I was, and remain, a member, was in the process of carefully and methodically working its way through the very many problems with the bill, because, in the form in which it was originally introduced, the assistance and access bill was deeply flawed in many respects.
When the bill was referred to the intelligence and security committee for inquiry and report, the government did not indicate a date by which the committee should report. That was appropriate given the degree of complexity of the measures that were introduced by that bill. However, on 22 November 2018, in the wake of a fatal terrorist attack in Melbourne, which killed one person, the Minister for Home Affairs wrote to the committee to ask it to 'accelerate its consideration of this vital piece of legislation to enable its passage by the parliament before it rises for the Christmas break'. The committee was understandably sceptical of the minister's request. My Labor colleagues and I were particularly sceptical in light of the fact that the Minister for Home Affairs had a clear political interest in ensuring that the assistance and access bill was not properly scrutinised by the committee. That was because every time the committee held a public hearing in respect of the bill we heard further embarrassing revelations about flaws in the bill and about the competence of the Minister for Home Affairs and his colleagues. To take just two shocking examples: first, it was revealed that the Inspector-General of Intelligence and Security and the Commonwealth Ombudsman—the key Commonwealth oversight bodies—found out about the exposure draft of the assistance and access bill from media reports; second, the committee learned that the government, as well as failing to consult with key Commonwealth agencies, had failed to consult with any of the hundreds, and possibly thousands, of the small to medium-sized Australian businesses who could be significantly impacted by the onerous regulatory requirements the bill could impose on them.
So rather than immediately acceding to the minister's request for the committee to expedite its inquiry by effectively shutting it down, the committee instead held urgent hearings with relevant agencies to gather evidence from them regarding the necessity and urgency of the proposed new powers. Following those hearings, the Joint Intelligence and Security Committee agreed to expedite its inquiry to facilitate the passage of the legislation before Christmas of 2018, but only if the legislation were substantially amended to address some of the key concerns that had by that time been raised by industry, by digital rights groups, by lawyers and by technology experts. To that end, the committee made 17 recommendations to improve the flawed legislation which the government had brought to the parliament.
On 6 December 2018, the final sitting day of last year, the government introduced 173 amendments to the Telecommunications and Other Legislation Amendment (Assistance and Access) Bill 2018 in response to the committee's recommendations. No reasonable person accepts the government's fanciful claim that the 173 amendments implemented the committee's recommendations in full. In fact, it was immediately apparent that the amendments which the government had deigned to bring before the parliament were seriously deficient in a number of respects. That is why Labor only agreed to support the passage of the assistance and access bill and the government's 173 amendments to it on the condition that, firstly, the new laws, as amended, be immediately referred to the Joint Intelligence and Security Committee for inquiry and report and, secondly, the government agreed to facilitate consideration of further amendments in early 2019 to ensure that the new laws fully conformed with the Joint Intelligence and Security Committee's recommendations.
On behalf of the government, Senator Mathias Cormann agreed to those conditions. As recorded in Hansard, Senator Cormann also said that the government supported, in principle, all amendments that were consistent with the Joint Intelligence and Security committee's recommendations. But here we are, a year later, in the final sitting fortnight of 2019, and it remains the case that Senator Cormann and the government have not honoured the commitment that Senator Cormann made. It remains the case that the Morrison government continues to ignore the bipartisan recommendations made by the intelligence committee, continues to ignore the calls for reform of the now enacted legislation from industry and continues to ignore the very direct commitment that it made.
That is not the only piece of unfinished business in relation to the assistance and access act. A number of submitters to the Joint Intelligence and Security Committee's inquiry argued that the bill was not compliant with the United States Clarifying Lawful Overseas Use of Data Act—the CLOUD Act—which was enacted in March 2018. Under the US CLOUD Act, it is possible for Australia to enter into a bilateral agreement with the United States to allow Australian agencies to request the data of non-US persons, like text messages sent by or to a terrorist subject, from American technology companies directly. This new regime, if Australia is able to enter into a bilateral agreement with the United States, would give Australian agencies much faster access than under the existing regime of making such requests via the US Department of Justice under mutual legal assistance arrangements.
The opportunity that the US CLOUD Act offers is hugely significant for Australian law enforcement and for our national security. It is hugely significant for keeping Australians safe. Under current arrangements, it can take up to two years for Australia police or security agencies to access data held in the United States on platforms like Facebook—data which could, if provided in a timely manner, lead to the arrest of a pedophile or assist authorities to thwart a terrorist attack. But there is a catch: in order to qualify for one of these bilateral agreements with the United States under the US CLOUD Act, Australia's domestic laws must afford:
… robust substantive and procedural protections for privacy and civil liberties in light of the data collection and activities of the foreign government that will be subject to the agreement.
In my second reading speech on 6 December 2018, I expressed concern that the government's assistance and access bill did not afford such 'robust, substantive and procedural protections' and, for that reason, could pose a risk to security cooperation with United States if the bill was not amended. A number of Labor MPs and senators also raised this concern in their second reading speeches on the legislation. Partly to ensure that Australia would be able to take advantage of this vital new security mechanism being offered by the United States, Labor made an election commitment to amend the measures introduced by the assistance and access act to ensure that they were subject, among other things, to judicial oversight.
Lest there be any doubt about the significance of the new arrangements that are possible under the CLOUD Act, it's of course the case that the United Kingdom has already taken advantage of what the US has offered by passing the CLOUD Act—that is, the United Kingdom has already entered an agreement with the United States. The United Kingdom is already being offered access under the CLOUD Act because the United Kingdom understood the need to ensure that its domestic legislation conformed to United States requirements, and, indeed, they amended a range of United Kingdom domestic legislation to achieve that end.
The current Australian government, this Liberal government, by contrast, is continuing to pretend that no changes are needed to Australian domestic legislation. It's continuing to pretend that no changes will be needed to the assistance and access act so much so that, if one comes forward to 7 October 2019, we learnt from the Minister for Home Affairs in an announcement that he made that the United States and Australia have finally—this is more than a year after the United States passed its CLOUD Act—commenced formal negotiations for a bilateral agreement under the CLOUD Act. It is truly extraordinary that this government has taken so long to recognise the potential value of the CLOUD Act to Australia and Australian law enforcement agencies. As I've said, the British government, by contrast, recognised it instantly, and has already concluded its negotiations and entered into a bilateral agreement with the United States. While it has taken far too long, Labor welcomes the fact that the Australian government has finally commenced negotiations on our behalf.
However, less than 24 hours after the announcement made by the Minister for Home Affairs that negotiations had commenced, we received a warning from the United States. The chairman of the United States house judiciary committee, Congressman Jerrold Nadler, sent a letter to Minister for Home Affairs, expressing grave concerns about—you guessed it!—the absence of 'robust, substantive and procedural protections' in respect of the measures introduced by the Australian government's assistance and access bill. That is hugely significant, because the United States Congress can, in effect, veto any agreement that is struck between the government of the United States—that is, the Trump administration—and the Australian government under the CLOUD Act. Of course, the house judiciary committee plays a pivotal role in scrutinising any agreement which is struck between the United States and Australia that comes before congress, and it is a requirement of the US CLOUD Act that any such agreement will have to come before the United States Congress for approval.
So let me repeat something I said in this chamber on 6 December last year: it is absolutely vital that the measures introduced by the assistance and access bill, which are now part of the law of Australia, conform to what the United States regards as robust, substantive and procedural protections for privacy and civil liberties, and that in turn will need to take account of what is known as Fourth Amendment jurisprudence in the United States, a key feature of which is judicial warrants. The Fourth Amendment is, of course, the part of the Bill of Rights, the part of the US Constitution, which requires that there be no unreasonable search and seizure.
What the United States and United States authorities are always looking for in order to ensure robust, substantive and procedural protections for privacy and civil liberties is judicial oversight of, and judicial warrants authorising, compulsive processes by government, such as those created by the assistance and access act. At present, the measures introduced by the assistance and access act do not include that form of judicial oversight by requiring judicial warrants for their exercise.
Let me repeat something else that I said when I spoke about this legislation in this chamber on 12 February 2019:
As a matter of principle, Labor does not believe that the Attorney-General or a senior police officer should be given the power to compel an innocent person—
including a law-abiding Australian technology company—
unconnected to an investigation to provide technical assistance to a government agency without a warrant …
That is not to say that the introduction of judicial warrants will fix everything that is wrong with the assistance and access act. The legislation has many problems, and those are currently being worked through carefully and methodically by the Independent National Security Legislation Monitor and by the intelligence and security committee. The purpose of this particular bill, which is on any view a minor procedural bill, is to ensure that the intelligence and security committee has sufficient time to do that important and difficult job properly.
But those processes that I've just outlined—that is, the inquiry that's currently being conducted by the Independent National Security Legislation Monitor and the inquiry that is currently being conducted by the Parliamentary Joint Committee on Intelligence and Security—should not get in the way of the government introducing legislation right now to ensure that the measures that were introduced by the assistance and access act: firstly, conform to the recommendations that were made by the intelligence and security committee in December 2018; and, secondly, are subject to robust, substantive and procedural protections. As well as ensuring that the rights of the Australian people are properly protected and the interests of Australian business are properly respected, this would address one of the obstacles that may lie in the way of securing an agreement with the United States under the CLOUD Act. It's essential that the government do everything possible, and do so much more quickly than it has been doing, to ensure that Australia is able, like the United Kingdom, to take advantage of the processes that have been made available under the US CLOUD Act to give our agencies access—speedy access—to telecommunications data that is sourced from US telecommunications companies.
The Morrison government needs to urgently respond to the significant concerns about the legislation that it has passed. These are significant concerns which have been expressed by Labor. They are concerns which have been expressed by the chair of the US house judiciary committee, Congressman Jerrold Nadler. They are concerns that have been expressed by industry, by digital rights groups, and by lawyers and technology experts. Labor is ready and willing to work with the government to ensure that the measures introduced by the assistance and access act are amended to address any and all obstacles in the way of securing the best outcome for Australian police and security agencies, and for the Australian people. I move the second reading amendment in the terms circulated:
That all words after "That" be omitted with a view to substituting the following words:
"whilst not declining to give the bill a second reading, the House:
(1) notes the lengthy delays currently faced by Australian police and security agencies seeking to access data held in the United States;
(2) acknowledges that the Government has finally begun negotiations for an agreement with the United States to decrease the time it takes for Australian police and security agencies to access such data;
(3) expresses concern that the absence of robust protections for privacy and civil liberties in the Telecommunications and Other Legislation (Assistance and Access) Act 2018 could threaten the prospects of an agreement being reached with the United States;
(4) criticises the Liberal Government for refusing to support Labor's amendments in December 2018 to include such protections; and
(5) calls on the Liberal Government to work productively with Labor to ensure that the measures introduced by the Telecommunications and Other Legislation (Assistance and Access) Act 2018 are amended to ensure the best outcome for Australian police and security agencies, and the Australian people".