Andrew Hastie (Canning, Liberal Party) Share this | Link to this | Hansard source

by leave—Today I rise to make a statement updating the House on the progress of the committee on intelligence and security's review of the Telecommunications and Other Legislation Amendment (Assistance and Access) Bill 2018.

The committee adopted this review on the 14 December, following its referral from the Senate in December last year. At the end of 2018, the committee agreed to expedite its consideration of the assistance and access bill. This was in response to government advice that the legislation was critical to assist agencies to address heightened national security concerns over the Christmas and New Year period. At this time, the committee was conducting a detailed review of the assistance and access bill referred to it by the Attorney-General in September last year. However, in recognition of the request for expedited consideration and the need to pass the bill before the House rose in December last year, the committee tabled a brief report recommending a series of amendments to respond to the most pressing issues raised during the 2018 review. The committee's advisory report on the assistance and access bill was tabled on 5 December 2018. It contained 17 recommendations for amendments or other action by government. Amendments to the bill were introduced and passed by the parliament on 6 December 2018, the final sitting day of last year. Unfortunately, the tight reporting time frame prevented the committee from clarifying the intent and objectives of its recommendations through its longstanding practice of detailed committee comments.

It is within that context that I rise today to advise that the committee has unanimously agreed that two matters require amendment to the act now in force. In the committee's 2018 report the committee recommended that the Independent National Security Legislation Monitor review the act within 18 months of the bill commencing. The committee notes that the amendments passed by the parliament in December provide for a statutory review of the act as soon as practicable. Whilst there are merits in conducting a statutory review beyond an 18-month period, an earlier timing of this review is preferable. The committee recommended that the commencement of the Independent National Security Legislation Monitor's review be within 18 months of the act's passage, to enable this expert legal advice to inform the committee's own review of the act to commence on 13 April. It is the view of the committee that an amendment is required to clarify the time frame for the Independent National Security Legislation Monitor's review. Likewise, it is the committee's consensus view that the act's industry assistance powers in part 15 of the act be extended to Commonwealth and state anticorruption bodies. The exclusion of these bodies from the access and assistance act was recommended as an interim measure while the committee continued its consideration of the act.

The committee recognises that these commissions have a central role in ensuring integrity and accountability within public administration. They investigate, expose and prevent corruption involving or affecting public authorities and public officials. They also educate public authorities, public officials and members of the public about corruption and its detrimental effects on public administration and on the community. Notwithstanding the importance of these bodies, the exercise of such intrusive powers must always be oversighted. The committee is therefore of the view that the Commonwealth Ombudsman should oversight the use of these powers by state bodies. Such an extension is parallel with the Ombudsman's oversight of the exercise of the act's powers by state and territory police forces. It is the committee's understanding that government amendments to effect these changes will be introduced to the Senate tomorrow.

All members of the committee have worked through these matters with a commitment to bipartisanship on issues of national security and the work of the committee. This is very important legislation. It is necessary to keep Australians safe. I can inform the House these new laws have already assisted our law enforcement and national security agencies in their task of keeping Australians safe. The Australian Federal Police have informed the committee that the legislation has been significant in allowing them to address a number of emerging and urgent operational issues. One example provided by the AFP concerns an investigation, which has been able to be brought to resolution, into the suspected procurement and importation of illicit drugs with cryptocurrency via a dark web marketplace. Another example cited by the AFP concerns an investigation into the distribution and possession of electronic child exploitation material. The Australian Security Intelligence Organisation, ASIO, is also using these new laws to good effect, but for national security reasons I am unable to go into specific detail.

I note with the House the concerns raised by some stakeholders in the tech sector about these laws, including in today's press. I welcome the ongoing contribution from these stakeholders as the committee continues its review. I note, however, that the legislation as passed prohibits the creation of so-called back doors. Companies cannot be required to create systemic weaknesses in their encrypted products or be required to build a decryption capability. Agencies also cannot use the provisions in this legislation to access personal information. Access to personal information must be authorised by existing warrants and authorisations, which are subject to their own safeguards. It is because of these inherent safeguards that the committee unanimously recommended that the assistance and access bill be passed in December. And it is because of these inherent safeguards that that Australian public and the telecommunications sector should have confidence that the legislation will not undermine their privacy and interests.

I thank members of the committee for their commitment and their constructive participation in this ongoing review. It is our shared objective to deliver a final report by 3 April, as required by the Senate's referral. I note that the committee will continue to accept submissions until 22 February. I invite any interested stakeholders to share their views. I thank the House.

Mark Dreyfus (Isaacs, Australian Labor Party, Shadow Attorney General) Share this | Link to this | Hansard source

by leave—On the morning of 6 December 2018, the last parliamentary sitting day of 2018, the government introduced 173 amendments to the Telecommunications and Other Legislation Amendment (Assistance and Access) Bill 2018 in response to the Parliamentary Joint Committee on Intelligence and Security's 17 recommendations, which had been delivered only a day earlier in the committee's report of 5 December. The government's amendments did not fully implement the committee's recommendations. Labor agreed to support the passage of the access bill and the government's 173 amendments on the condition that, first, the new laws be immediately referred to the committee for inquiry and report by 3 April 2019 and, second, that the government agree to facilitate consideration of Labor's proposed amendments that would have made the access bill conform to most of the committee's recommendations in the new year in government business time. On behalf of the government, Senator Mathias Cormann agreed to those conditions. As recorded in Hansard, Senator Cormann also said that the government supported in principle all amendments that are consistent with the committee's recommendations. Since then the government has tried to resile from that commitment.

It is not tenable to argue, as the government continues to argue, that its amendments largely implemented the committee's 17 recommendations. No reasonable person accepts that. The Inspector-General of Intelligence and Security, who has made a public submission to the committee, doesn't accept it. Industry doesn't accept it. Lawyers and other civil society groups don't accept it. The Commonwealth Ombudsman has even told the committee that the government's amendments are inconsistent with the Ombudsman's role as an independent and impartial office. This fiasco of law making is what a job well done looks like to this chaotic government. To make the legislation conform to the committee's recommendations we will be moving amendments to the Telecommunications and Other Legislation Amendment (Miscellaneous Amendments) Bill 2019 when it is introduced into the Senate.

The most fundamental of the committee's recommendations in its 5 December report were recommendations 9 and 10, both of which relate to the meaning of the term 'systemic weakness'. The access bill as originally introduced prohibited an agency from forcing a provider to implement any kind of 'systemic weakness' or 'systemic vulnerability' into a form of electronic protection. However, the committee heard a considerable amount of evidence from industry, digital rights groups, lawyers and technology experts that it was not clear what those terms actually meant. If left unclarified, many submitters were concerned that the systemic weakness or vulnerability limitation would not prevent an agency from requiring a provider do acts or things that would or could compromise the security of the critical systems or result in the personal information of innocent third parties being left vulnerable to hackers, including bank details, health records and private correspondence.

We are not aware of any impacted companies, technical experts, non-government organisations or individuals who accept that the government's rushed amendments implemented the critical recommendations of the committee in relation to the meaning of 'systemic weakness' or 'systemic vulnerability'. In fact, there is broad agreement that, instead of clarifying the meaning of the term 'systemic weakness', the government's amendments have created additional confusion. Technology experts have gone as far as calling the government's amendments 'an abomination'. The amendments Labor introduced on the final sitting day of last year would have implemented recommendations 9 and 10 in full. Those amendments are supported by the major industry groups. The government's amendments are supported by no-one, other than the Morrison government and its incompetent Minister for Home Affairs.

If Labor's proposed amendments are not acceptable, we think that the government must explain to the Australian technology industry and, more importantly, to the Australian people, precisely why it is opposing amendments that would make them safer and make this law operate as the Director-General of ASIO says it's intended to. Why would the government oppose amendments that make it clear that an agency may not require a provider to do anything that could, either knowingly or unknowingly, compromise the security of an innocent third-party's personal information?

This amendment is not some minor, technical matter to be left in the too-hard basket by a government distracted by its internal chaos and focused on nothing but clinging to power. This amendment is necessary to help protect the personal information and, therefore, the security of virtually every Australian who has a smartphone or who uses the internet.

We do not suggest that the full implementation of all of the committee's recommendations would address all of the concerns that have been expressed by stakeholders about the measures that were introduced by the access act. To the contrary, the reason why Labor insisted that the access act be referred to the committee for an immediate inquiry is that the committee did not have enough time to properly consider the access bill.

Labor has a longstanding commitment to ensuring that our agencies have the powers they need to keep Australians safe while also ensuring that such powers are subject to strong and effective oversight and safeguards, and do not give rise to adverse unintended consequences. We believe that strong and effective oversight does not undermine our national security: it enhances it. Public trust and confidence in our security and intelligence agencies are best ensured through strong and rigorous oversight and scrutiny.

In the context of this legislation, and consistent with our longstanding commitment to ensuring that significant powers are subject to appropriate safeguards and oversight, Labor believes that the new powers introduced by the access act should be subject to greater judicial oversight. As a matter of principle, Labor does not believe that the Attorney-General or a senior police officer should be given the power to compel an innocent person unconnected to an investigation to provide technical assistance to a government agency without a warrant, yet this is what the access act currently allows.

While this week's debate is confined to implementing the committee's 17 recommendations, this is an issue that Labor is committed to addressing in the future. In addition, given the impacts that this legislation has already had on Australia's technology industry, Labor is committed to referring the measures introduced by this legislation to a parliamentary committee for inquiry and report on their economic impacts. It's vital that the economic impacts of this legislation are properly considered and, if necessary, amendments are made to reduce any unnecessary impact on Australian businesses.