Tim Watts (Gellibrand, Australian Labor Party, Shadow Assistant Minister for Communications and Cyber Security) Share this | Hansard source

In rising to speak on the Surveillance Legislation Amendment (Identify and Disrupt) Bill 2020, I can't help but reflect on the circumstances in which we find ourselves in debating this bill. This bill is an important piece of national security legislation, which amends the Surveillance Devices Act 2004. It also amends the Telecommunications (Interception and Access) Act, the Crimes Act and associated legislation to give the AFP and the ACIC the tools to combat cyber-enabled crime. It was first introduced into the House on 3 December 2020 and referred to the Parliamentary Joint Committee on Intelligence and Security. The PJCIS tabled its report on 5 August 2021, nearly three weeks ago, but we're yet to see the government's response to the report. We do, however, have the bill in front of us today.

It is pleasing to be advised that the government has agreed to 23 of the 33 PJCIS recommendations wholly or in part and has made amendments to the bill and explanatory memorandum in response to the recommendations of the PJCIS. But it's indicative of this government's record in this place to rush through legislation on national security matters with little regard for process, particularly with national security legislation or even with minor technical legislation. We have seen it countless times before, including just yesterday, with the Counter-Terrorism Legislation Amendment (Sunsetting Review and Other Measures) Bill 2021.

To be clear, Labor supports this bill that the government has brought before the House with the amendments that we have worked constructively with the government to develop through the PJCIS. But it must be said that the way this government approaches critical legislation like this bill from a process perspective leaves much to be desired. I've said that before in this House. Labor has always sought to work constructively with the government on matters of national security, and we will continue to do so. We recognise the need for the powers in this bill to combat the use of the dark web and encryption technology by criminals and organised criminal groups to perpetuate serious crimes like terrorism, child abuse and exploitation, and the sale of illicit drugs.

The dark web is simply a part of the internet comprising sites that you can't search for on typical search engines like Google. To access it you need to download a program that enables access to the dark web, The Onion Router, or Tor. Sites on the dark web were designed with privacy in mind—anonymising. Privacy is a neutral value. There are absolutely legitimate uses for encryption technologies and the dark web. Political activists and dissidents, for example, have used it to allude the eye of autocratic states. But, at the same time, abhorrent things are sold on the dark web. Drug dealers, hackers and child abusers try to use it to traffic in their illegal, destructive and repulsive goods. It does need to be policed.

The powers in this bill are new from what we've seen in Australia to date, as the PJCIS has acknowledged, but they are necessary to combat a growing sophistication of technology by criminals that enables them to commit serious crimes anonymously. While we support the bill, Labor members of the PJCIS do think, however, safeguards in this bill could go further, particularly in relation to the offences this bill applies to in relation to recommendation 10 of the PJCIS report, which Labor thinks should have been strengthened.

Technology has evolved significantly since our original surveillance laws were passed, and it is really beyond time for a review and an updating—indeed, even since before the Crimes Act, which this bill amends. Even in 2004, when the Surveillance Devices Act was passed, some three years before the first iPhone was launched, it would have been difficult to imagine the pervasive use of the internet to conduct serious criminal activity, let alone the use of the dark web to do it anonymously. The Silk Road, for instance, which was the eBay of criminals for some time before its spectacular implosion, is probably the first and most ubiquitous example of a dark website being used to facilitate serious criminal activity, such as the sale of illicit drugs. That wasn't launched until 2011.

Since then the dark web has really become a haven for some of the most evil crimes, with a pernicious effect on our society, like child exploitation, conducted largely anonymously. We have seen this most recently on an incredibly large scale with Operation Ironside, which exposed the widespread use of dedicated encrypted communications devices by organised criminals in Australia. We have seen, courtesy of the reporting of Nick McKenzie and Joel Tozer on 60 Minutes and in the Nine newspapers over the last fortnight, how these technologies have been used by far Right extremist organisations who would seek to commit violent acts against Australians in pursuit of their agenda.

Despite these technological advances, our laws haven't been updated to reflect this new world we live in. Our law enforcement agencies lack similar powers to their overseas counterparts to be able to unmask these criminals and disrupt ongoing cyber-enabled criminal activity. This is an increasing problem for our law enforcement and criminal intelligence agencies. The cyber capabilities of criminal networks have grown in recent years and too often investigations are not able to be pursued to conclusion because our agencies did not have the necessary power to identify offenders. This bill will change that by giving the AFP and the ACIC the power to collect intelligence on criminal networks operating behind anonymising technologies, like the TOR network or a dedicated encrypted communication device.

There are three warrant powers set out in this bill. The first is a data disruption warrant to allow the AFP and the ACIC to disrupt data by modifying, adding, copying or deleting data to frustrate the commission of offences online. The intended purpose of this is that it is to be used where investigations leading to prosecution is not necessarily the most effective outcome. This is an important tool in circumstances where law enforcement discover, for example, a child abuse network that's actively sharing child sexual abuse material, continuing the trauma of child abuse victims through every reproduction and every dissemination of these vile images. But, despite discovering the networks, law enforcement agencies are unable to identify who is sharing child exploitation material. In these circumstances, these powers enable Australian law enforcement agencies to delete the content and disrupt its ongoing distribution through the networks. The bill also includes a new order which will require an individual to provide information or assistance which is reasonably necessary to effect a disruption warrant.

Secondly, the bill creates a network activity warrant which allows our law enforcement agencies to collect intelligence on serious criminal activity being conducted by a criminal network, to reveal the scope of criminal operations and unmask the identities of those involved in these activities. Finally, the bill creates an account takeover warrant to give the AFP and the ACIC the ability to take control of an individual's account to gather evidence for a criminal investigation without their consent or knowledge.

It is important to be clear that these new warrant powers aren't unfettered powers being gifted to our law enforcement agencies. To use these powers, our law enforcement agencies must first go through an independent process seeking approval from an eligible judge, an Administrative Appeals Tribunal member or a magistrate in the case of account takeover warrants. Labor concurs with the recommendation of the PJCIS report into this bill that the exercise of these powers should be authorised by a Supreme Court judge, and we note the government's response that this will be incorporated in its response to the very significant Richardson review.

These powers are new for us, but these kinds of network investigative techniques are not unique around the world. These practices might be somewhat novel in their use by Australian law enforcement agencies, but powers of this kind are already being used by law enforcement and criminal intelligence agencies in other democratic nations around the world. Other jurisdictions have recognised, as we do here, that the threats we face today call for powers that match the seriousness of these threats. Similar powers are already in use in the US, the UK and some European jurisdictions.

Network investigative techniques are an important part of modern law enforcement and criminal intelligence. These techniques are an alternative to regulation that requires blanket lawful access to encrypted devices or software. These techniques allow agencies like the AFP and the ACIC to exploit existing vulnerabilities to circumvent encryption or anonymisation under the authorisation of a warrant. They are commonly and effectively used by the United States FBI, for instance. In 2011, the FBI used a Flash exploit, Metasploit, in Operation Torpedo to compromise a dark web service boasting child abuse material. The FBI gained control of the service and employed an NIT, which revealed the identity of persons who visited the compromised child abuse websites, who ordinarily would have been protected by the TOR network. In 2015, the FBI, in Operation Pacifier, took down Playpen, one of the largest child exploitation sites posted on a server in North Carolina. The FBI operated the server for a limited two-week period and exploited a vulnerability in the TOR browser to unmask 13,000 IP addresses of individuals accessing material.

In 2016, French and Dutch police carried out an operation not dissimilar to Operation Ironside, targeting EncroChat. Like ANOM, EncroChat was a dedicated encryption communication device. This encrypted communication device was operated solely for serious criminal users and it was compromised by French and Dutch police, allowing the gathering of messages in real time by a European joint investigative task force. In Britain alone, 746 people were arrested as a result of the operation, and 80 million pounds worth of illicit drugs and 54 million pounds in cash were seized.

Our agencies do excellent work with existing electronic surveillance laws, and we commend them for it. However, as the cybercapabilities of criminal networks have expanded, Australia's laws are not suitably adapted to both identify and disrupt criminals who are actively seeking to obscure their identity and the scope of their activities. As criminal networks increasingly organise and transact online, these new powers allow our law enforcement agencies to adapt their undercover craft to infiltrate this cyberenabled crime.

For instance, the account takeover provisions in this bill could allow law enforcement to take over the account of someone already established as trustworthy inside these online networks, which often require some proof of criminal bona fides. This could allow them to gather intelligence and further infiltrate other criminal networks. For example, US law enforcement covertly took over the account of a staff member of Silk Road prior to the government's takedown of the site. Through this, law enforcement officers operating that account were able to then infiltrate Silk Road 2.0 and take it down too.

Clearly, you can see from these examples that these kinds of network investigative techniques are not out of step with other comparable jurisdictions. The bill would give our agencies the powers they need to keep pace with technology and those criminals who use it to cause immense harm to Australians. It's important our laws continue to keep pace with constantly evolving technology. Otherwise, we'll be constantly playing catch-up with criminals and terrorists who are increasingly sophisticated in their use of these technologies to disguise their activities. We can't let that happen.

It's the responsibility of everyone in this place, particularly parties of government, to keep Australians safe, and that's why we work together to ensure national security bills like these operate in the best way they can. Labor has strengthened the safeguards in this bill through our work on the PJCIS. While the government is ultimately responsible for national security legislation that they introduce, Labor has always worked constructively to improve legislation as much as we can through the parliament. One of the ways the parliament has worked to keep Australians safe is by cooperating in a bipartisan manner through the PJCIS. This is such an important part of the parliamentary accountability and oversight process, and one which can't be ignored in this bill.

As I said, the powers in this bill are necessary for agencies to continue the vital work they do keeping Australians safe, but no-one is suggesting they be given these powers without appropriate legal safeguards, accountability and oversight. The PJCIS has made 33 recommendations to improve oversight and safeguards in this bill. The government has chosen to accept, wholly or in part, 23 of them.

The explanatory memorandum sets out that these powers apply to the most serious of crimes, including child abuse, child exploitation, terrorism, sale of illicit drugs, human trafficking, identity theft and fraud, assassinations and distribution of weapons. Labor is concerned, though, and Labor members of the PJCIS noted that the definition of 'relevant offences' under the Surveillance Devices Act includes all offences against the law of the Commonwealth that are punishable by a maximum term of imprisonment of three years or more. This includes the types of crimes I mentioned, but also includes tax offences, trademark infringement and a range of other offences which don't have the gravity of the other crimes I discussed earlier.

Labor considers that recommendation 10 and other recommendations in the committee's report go a long way to ensuring that these new powers will only be used for the most serious offences. However, in recognition of the nature of these new powers, Labor members think that the PJCIS should have gone further by recommending that references to 'relevant offences' in the bill be replaced by a definition consistent with the serious offence provisions in the Telecommunications (Interception and Access) Act. This would be an important constraint on the use of these new warrant powers and would limit their application to offences that carry at least a maximum of seven years jail and other specified offences. While these powers do have international precedent, they also carry inherent risks. Lifting the threshold at which these warrants apply would ensure that they were only used to combat the most serious of offences. As currently drafted, the substance of this bill does not match the government's rhetoric. Adopting a definition consistent with that in the telecommunications interception act would ensure that these warrants are reserved for the most serious of crimes, consistent with the standards set by the government itself in its explanatory memorandum.

That said, there are important protections which would have not been included had the Morrison government rushed this legislation or absent the PJCIS. The protections which have been achieved through the PJCIS include an obligation for the issuer of these warrants to specifically consider whether information is privileged or journalistic in nature, the effect on privacy, the financial impacts and the effect of a warrant on a person's ability to give or receive care. These protections are safeguards which will improve the proportionality of these new powers. They recognise that these powers require independent consideration of the substantial effect they may have on an affected person. The PJCIS has also recommended protections for individuals subject to the new assistance order regime, including good-faith immunity provisions for assistance orders. This will require decision-makers to consider whether orders for assistance are reasonably necessary, justifiable and proportionate. These protections would appear to be a baseline for the government doing due diligence on this bill.

I'm pleased that PJCIS has achieved important protections specifically for members of the press. These protections require the warrant issuer to consider the public interest in facilitating the exchange of information between journalists and members of the public and the confidentiality of their sources. These are important bulwarks against cyberenabled assaults on press freedom, a concern that's still fresh in my mind following the 2019 raids on Australian journalists by the AFP. I echo the PJCIS's recommendation that the government introduce legislation to address this.

See this speech in context