Josh Wilson (Fremantle, Australian Labor Party) Share this | Hansard source

On behalf of the Joint Standing Committee on Treaties, I present the following reports: report 204, Agreement between the government of Australia and the government of the United States of America on access to electronic data for the purpose of countering serious crime, incorporating a dissenting report; and report 205, Joint initiative on services domestic regulation.

Reports made parliamentary papers in accordance with standing order 39(e).

by leave—I'm glad to make a statement on the Joint Standing Committee on Treaties reports into two separate agreements: first, the agreement between the government of Australia and the government of the United States of America on access to electronic data for the purpose of countering serious crime, also referred to as the CLOUD Act agreement and, second, on the joint initiative on services domestic regulation.

The CLOUD Act agreement will allow relevant Australian law enforcement and intelligence and security agencies to seek an order under Australian law to obtain, through a structured and oversighted process, electronic data that is required for investigating serious criminal conduct or serious national security concerns. In essence, it allows Australian agencies to seek such information directly from data-holding or communication service providing companies in the US, rather than by making a request through the mutual legal assistance framework, which is much slower and more cumbersome.

Under the arrangement, access orders can be made on appropriate grounds for the interception of communications, access to stored communications and access to telecommunications data. Australian agencies will be able to seek that information with respect to its citizens, and the US will be able to do the same. As one would expect, the scale and concentration of data-holding and service provision in the United States means that the CLOUD Act arrangements will certainly be utilised to a much greater degree by Australian authorities than in the reverse direction. That disparity is already evident in the respective use of the unwieldy mutual legal assistance processes.

In Australia's case, the Telecommunications (Interception and Access) Act 1979, usually called the TIA Act, provides the legal framework and authority for the CLOUD Act agreement requirements, just as it does in the case of domestic access or interceptions. For the CLOUD Act agreement to be properly invoked, all those TIA requirements and protections need to be satisfied, including limitations on who may be targeted, the application of proper minimisation procedures, the various issuing requirements of orders and exceptions for essential interests that are specified in side letters to the agreement, which, in Australia's case, are consistent with our opposition to the death penalty. It's salient to note that, whereas interceptional access warrants sought for domestic application by ASIO in relation to domestic security matters can be approved by the Attorney-General, for the purposes of the CLOUD Act agreement an order requires the approval of the security division the AAT.

The committee could see clearly from the evidence that the current mutual legal assistance treaty process for obtaining data from United States communications service providers is cumbersome and not suited to modern communications data storage and the cloud computing environment. While the CLOUD Act agreement doesn't replace that process, it does provide a parallel and more efficient alternative for Australian agencies dealing with matters relating to serious crime or national security matters, and they are often, in their nature, urgent matters that need timely action.

There doesn't appear to be any question that it will substantially reduce the time involved for the acquisition of relevant data relating to the commission or contemplation of a serious offence. In the committee's view, the agreement will achieve that improved timeliness of access without compromising proper process and appropriate protections.

The committee examined a range of issues in that area, including the implications with respect to civil liberties, the reporting on and oversight of the use of orders, particularly orders issued at the request of the United States authorities to Australian providers—which we don't expect will occur very often—and the question of consultation with civil society during the negotiation of the agreement. To that end, the committee encourages the Australian government to be especially mindful that consultation, reporting and oversight are critical integrity elements that should be applied rigorously wherever surveillance or other incursions into privacy are involved, even when those incursions serve a legitimate purpose, as they will do under these arrangements.

Notwithstanding the general concerns and issues identified, the committee regards the CLOUD Act agreement as an important tool for Australian law enforcement and intelligence agencies to better respond to the increasingly sophisticated tactics of criminals and those who would jeopardise our national security, but in a way that is consistent with existing domestic requirements. For that reason, the committee is of the view that ratifying the CLOUD Act agreement is in the national interest and has recommended accordingly.

The second report that I speak to covers the Joint Initiative on Services Domestic Regulation, a plurilateral agreement negotiated among 69 members of the World Trade Organization that aims to establish uniform requirements for service delivery authorisation processes. What does that mean? It means that, when it comes to the process by which a business or entity seeks to provide a service into another country, a group of 69 nations, including Australia, have now agreed that they will each commit to some principles and objectives to make that process user-friendly, timely and transparent. In essence, this is designed to facilitate the fair and free provision or export of services from one country to another rather than having lots of different processes, some of which are difficult, slow and obstructive.

Provisions in the joint initiative relate to a range of areas, including transparency when it comes to fees and application procedures, efficient processing of applications, evaluation based on clear and objective criteria, review opportunities, reasonable access to examinations where required, acceptance of electronic documents rather than requiring hard-copy documents, and the adoption of technical standards through open and transparent processes. This joint initiative represents the first time that such an agreement has included a provision that measures should not discriminate between men and women, although it is still the case that members can opt out of that provision. We hope that that isn't the case. Australia won't be, and we'd hope that the other 68 nations choose not to.

The joint initiative is intended to provide simple, transparent, fair and user-friendly global rules to facilitate trading services. It's notable that because Australia has been convinced of this logic for some considerable time our regulatory settings and practice already comply with the new rules. As to the benefits that might flow to Australian service suppliers from the joint initiative, the committee has previously noted in its scrutiny of trade agreements the value of independent analysis of expected impacts. Of course, it's notable in this case that Australia's major service export earners are tourism and international education. They're our two major service export earners. They both occur fundamentally within Australia and therefore within our regulatory environment. The joint initiative doesn't improve circumstances or reduce costs in relation to those sectors, for obvious reasons.

See this speech in context