Stephen Smith (Perth, Australian Labor Party, Deputy Leader of the House) Share this | Link to this | Hansard source

by leave—On 16 May 2011, three contractors formerly employed at the Defence Security Authority's vetting centre in Brisbane made allegations on the ABC Lateline program concerning inappropriate security vetting practices. The vetting centre is part of the Australian Government Security Vetting Agency, which has provided security vetting for the majority of Commonwealth agencies since 2010. The former contractors alleged that while working at the vetting centre they were encouraged to insert false information into security clearance applications to enable those applications to be successfully uploaded for further security checking by the Australian Security Intelligence Organisation (ASIO).

The government has taken this matter very seriously since the allegations were brought to its attention on 16 May 2011. On 17 May 2011, I asked the Inspector-General of Defence to undertake an initial assessment to determine whether the matter should be referred for external review. Based on this initial assessment, on 27 May 2011, I recommended to the Prime Minister that she refer the allegations to the independent Inspector-General of Intelligence and Security for thorough investigation. The Inspector-General of Intelligence and Security commenced her investigation in June 2011.

On 21 September 2011, I issued a statement outlining the findings of a review undertaken by the Department of Defence's chief security officer into the management practices used in the vetting centre. The chief security officer's review was undertaken in response to requests from the Inspector-General of Intelligence and Security for information to support her inquiry. The chief security officer's review found:

The chief security officer's findings raised serious concerns around the management of security vetting within the Defence Security Authority. I made these concerns public at the time.

The Inspector-General of Intelligence and Security finalised her report late in December 2011 and I am taking my first available opportunity to table it in the House today. Evidence provided to the Inspector-General of Intelligence and Security's inquiry confirmed that the substance of the allegations by the former contractors was true: incorrect data had been inserted into the vetting process. Difficulties in uploading data led to the use by vetting staff of workarounds to address both database incompatibilities and situations where an applicant had not provided all the data required. This corrupted data was provided to ASIO and was used for security assessments.

The practice of workarounds was not confined to the three complainants; most if not all staff used workarounds to some extent. There was a wide variation in the use of incorrect data and little by way of documentation. Further, except in limited circumstances, the use of the modified data had not been agreed by ASIO. There was also no support for the suggestion that this data was used as a place marker to be corrected at a later stage.

In the course of the Inspector-General of Intelligence and Security's inquiry, other practices and incidents, unrelated to data entry, were also identified which were not consistent with good administrative practice. While there was no evidence that there had been any attempt to subvert or mislead the security clearance process, the report identifies a number of contributing factors that led to these practices, including:

The Inspector-General of Intelligence and Security found that the integrity of data in both the Defence Security Authority and ASIO had been undermined if not compromised. Incorrect data entered the databases and some persists today.

The Inspector-General of Intelligence and Security noted that the ASIO security assessment is but one part of a broader assessment of a person's suitability to hold such a clearance. For high-level clearances the process involves a personal interview, multiple referee checks, police record checks and often a psychological interview. This thorough assessment process is designed to pick up issues of security concern.

The Inspector-General of Intelligence and Security noted that it was not possible for her inquiry to determine whether any particular ASIO security assessment had been compromised by the provision of incorrect data. The extensive review and validation of clearances already underway will identify whether any such cases exist. So far, approximately 3,100 high-level security clearances have been reviewed and validated of around 5,300 applications made during the period. The Inspector-General of Intelligence and Security made 13 recommendations and the government has accepted them all.

In accepting all of the 13 recommendations, Defence has taken immediate action to rectify the problems identified by the Inspector-General of Intelligence and Security. These remediation efforts are focused in two areas: remediation of vetting processes, improvement of documentation and updates to information technology systems, and validation of data affected by the inappropriate work practices. Firstly, Defence has stopped all inappropriate data entry practices and is finalising agreed data entry protocols with ASIO for instances where vettees genuinely do not know, or cannot provide some information or evidence. Defence has already taken steps to strengthen the management and oversight of the Defence Security Authority and the Australian Government Security Vetting Agency. Steps have also been taken to:

Secondly, Defence has commenced the careful process of checking and validating each and every one of the security assessments that were subject to the inappropriate practices.

If this validation process identifies that information has been changed without justification then the correct information will be obtained from the clearance holder and provided to ASIO under an agreed remediation strategy. This is a significant task. Care also needs to be taken not to unduly divert resources from ongoing security assessments and clearance processes.

Finally, the Secretary of Defence has written to the three former staff members who raised the allegations to acknowledge their allegations in respect of data-entry were true and to provide them with a copy of the Inspector-General of Intelligence and Security's report. The report of the Inspector-General of Intelligence and Security identified management practices and process deficiencies that do not reflect well on Defence. The report's findings provide a sound framework for addressing the shortcomings that have been identified. It has been very important not to wait for the inquiry of the Inspector-General of Intelligence and Security to be finalised before getting on with the job of addressing these problems. The review and validation process for clearances commenced in September last year.

The government will ensure that the Department of Defence fully addresses the issues identified by the Inspector-General of Intelligence and Security and that all recommendations are implemented in a comprehensive manner. Assurance of Defence's security-vetting efforts will be provided by annual audits of compliance with security-vetting policy conducted by the Defence chief audit executive for at least the next three years. The first audit will be completed by 30 June this year and its results will be published in the Defence annual report. This will provide ongoing public reporting and assurance of Defence's security-vetting practices.

The government takes its national security responsibilities very seriously. The allegations about inappropriate security-vetting practices were first brought to the government's attention on 16 May last year and by the end of May last year had been referred to the Inspector-General of Intelligence and Security. She commenced her inquiry in June. Preliminary findings of a Defence review conducted in support of the inquiry of the Inspector-General of Intelligence and Security were released publicly by me in September last year. Defence's review and validation of security clearances commenced that month ahead of the final report, which, as I have indicated, I received in late December last year. The report of the Inspector-General of Intelligence and Security presented today sets out the work Defence has already undertaken and will need to undertake to remediate the shortcomings identified by the Inspector-General of Intelligence and Security in Defence's security-vetting practices and processes.

I present Inquiry into allegations of inappropriate vetting practices in the Defence Security Authority and related matters by the Inspector-General of Intelligence and Security. I also present a letter to me by the Secretary of Defence, dated today, detailing the implementation of the recommendations of the Inspector-General of Intelligence and Security.

I ask leave of the House to move a motion to enable the member for Paterson to speak for 10 minutes on behalf of the member for Fadden.

Leave granted.

I move:

That so much of the standing and sessional orders be suspended as would prevent Mr Baldwin speaking in reply to the ministerial statement for a period not exceeding 10 minutes.

Question agreed to.

Bob Baldwin (Paterson, Liberal Party, Shadow Minister for Tourism) Share this | Link to this | Hansard source

I am responding to the report of the inquiry into allegations of inappropriate vetting practices in the Defence Security Authority and related matters by the Inspector-General of Intelligence and Security on behalf of the shadow minister, the member for Fadden, as he has had to take leave to attend a regal function on behalf of the opposition.

I would first like to thank the Minister for Defence for providing this House with an update on what was and remains a very serious lapse in Defence's security-vetting practices and for providing the opposition with a chance to respond. I also thank the Minister for Defence for presenting the report of the Inspector-General of Intelligence and Security into this matter, although I profess a certain level of curiosity as to why the Minister for Defence is responding and presenting this report when it was the Prime Minister who referred the original allegations to the Inspector-General of Intelligence and Security for investigation.

Naturally, the opposition will require time to fully avail itself of the details of this important report before making any statement as to the recommendations contained therein. However, I am heartened by Defence's assurances that it will readily adopt all 13 recommendations laid out in the inspector-general's report. Having said that, I remain concerned that the report, at least at face value, appears to acknowledge that there is a problem but that it is unable to identify specifically which Defence or ASIO personnel have been incorrectly vetted. I certainly appreciate the sensitivity of this issue and can only ask the minister to ensure that the private briefing the opposition will receive on this matter in the near future fully explores this specific issue.

The minister has briefly canvassed the events that led up to this wholly unsatisfactory situation. However, it is certainly instructive to recap some of the issues in a little more detail in an attempt to fully tease out the circumstances that gave rise to this sorry saga whereby thousands of security clearances were not conducted in line with existent policy.

As many will recall, this issue was made public in May last year when the ABC's Lateline program interviewed three former Defence Security Authority contractors who said, and I quote from the Lateline program:

… security at Australian military bases and embassies has been significantly compromised by a deliberate fabrication of information to fast-track security clearances.

The three former Defence workers say they were given direct instructions by senior Defence staff to fabricate security checks on civilian and military personnel.

As it turns out, the inspector-general's report confirms what the Defence contractors told the Lateline program. In fact, as the minister has pointed out, it confirms that the use of workarounds and other such malpractices was indeed widespread within DSA. Worryingly, the report also found that problems within DSA went beyond the initial scope of the problem raised by the former Defence contractors on Lateline. It concluded that both DSA and ASIO data had been compromised and that, more worryingly, problems persist today, some nine months after the problem was first made public.

The problems identified in the report include poor personnel management, poor record keeping, a lack of quality assurance, inadequate training for staff, poor IT systems and, most critically and tellingly, sustained pressure on staff for output. To put this critical point another way, there were not enough staff to do what was asked of them. There were not enough staff to do what the government asked of them when in 2010 Labor transformed DSA, which at that stage looked after Defence personnel security rating, into the Australian Government Security Vetting Agency, which is now responsible for whole-of-government personnel security vetting. To put this into context, the number of clearances the agency is required to process a year has more than doubled from 23,000 to approximately 48,000. This represents a substantial increase in the workload of the AGSVA. It is a workload that at the original staffing level was unmanageable, something that was only compounded by the move to a whole-of-government vetting model.

What strikes me as particularly unusual, or perhaps unusual in the context of this Labor government, is that those opposite concluded that they could substantially increase the workload of an organisation without increasing the human capital required to complete the set tasks. It is symptomatic of this Labor government to be so short-sighted. Again, we find ourselves in a very difficult situation—this time affecting the very core of government: national security. Of course we find this report recommending, amongst other things, that more people are required in order to manage an increased workload and associated output pressures. My question to the minister is a simple one: why has it taken yet another report to tell the government what any sensible department or corporate human resources manager would tell you in a heartbeat—that more work requires more staff?

While I again thank the minister for his statement, I nonetheless take exception to the minister's comments that the issues surrounding this matter were first brought to the government's attention on 16 May 2011, on the evening of the Lateline review. I would like to remind the minister that, as my colleague Senator Johnston made quite clear during the October 2011 foreign affairs, defence and trade estimates hearings, members of the Labor government had been alerted to the problems in the DSA some months before the Lateline program in question aired. Senator Johnston said:

I have seen some of the correspondence that they have raised and some of the reports they made to some people who were employed to report on their complaints back in May, June and July 2010. I will come back to those reports in a minute, but the four parliamentarians were the former member for Forde, Mr Raguse; Minister Snowdon; Minister Griffin; and Minister Emerson. They were all given firsthand information about these problems back in 2010.

One would think that such serious allegations would be immediately passed from these Labor MPs, one of them a cabinet minister, to the defence minister. But, no, they failed to pass on this information to the minister or even to the defence department. Instead, the problem festered until the story became public some 12 months after Labor MPs were told of the serious problems in DSA. I am aware that the minister may like to argue that the concerns communicated to the four Labor MPs related to bullying, harassment and maladministration within the DSA. I simply say in response that a responsible government would surely examine these issues in detail. A responsible government would not blindfold itself to the possibility of systemic issues affecting the administration and functionality of the DSA, particularly as work pressures within the organisation were well known at the time. Furthermore, the Trent Brennan report of 2010 highlighted such issues as well. Nothing seems to compel this Labor government to take action unless it first appears on our TV screens.

I am sure the Inspector-General's report will make for sober reading. Indeed, from a cursory examination of the findings we are now aware of the general extent of the problem, although I reiterate that we do not know the precise details of which personnel were not subject to the proper vetting practice. This has led to a situation, as the minister has stated, whereby at least 5,500 applications will need to be re-vetted, of which only 3,100 have so far been completed. I currently appreciate Defence's commitment to allocate additional resources to this problem, both presently and during the period preceding the release of the Inspector-General's report.

In conclusion, I would simply urge the minister to take stock of the report's findings and to ensure that the matters of national security do not fall prey to the increasingly indiscriminate Defence Strategic Reform Program budget cuts. Australia's national security is too important to not be adequately funded. A lack of funding and personnel seems to lie at the very core of this serious lapse in national security administration.