House debates

Monday, 25 November 2019


Telecommunications (Interception and Access) Amendment (Assistance and Access Amendments Review) Bill 2019; Second Reading

4:56 pm

Photo of Mark DreyfusMark Dreyfus (Isaacs, Australian Labor Party, Shadow Attorney General) Share this | | Hansard source

Here we are again! This will be the fourth time that I've delivered a speech in this parliament about the measures that were introduced by the Telecommunications and Other Legislation Amendment (Assistance and Access) Bill 2018. Before I continue, it is worth recounting some history. Following its introduction into the parliament, on 20 September 2018, the assistance and access bill was referred to the Parliamentary Joint Committee on Intelligence and Security. That committee, of which I was, and remain, a member, was in the process of carefully and methodically working its way through the very many problems with the bill, because, in the form in which it was originally introduced, the assistance and access bill was deeply flawed in many respects.

When the bill was referred to the intelligence and security committee for inquiry and report, the government did not indicate a date by which the committee should report. That was appropriate given the degree of complexity of the measures that were introduced by that bill. However, on 22 November 2018, in the wake of a fatal terrorist attack in Melbourne, which killed one person, the Minister for Home Affairs wrote to the committee to ask it to 'accelerate its consideration of this vital piece of legislation to enable its passage by the parliament before it rises for the Christmas break'. The committee was understandably sceptical of the minister's request. My Labor colleagues and I were particularly sceptical in light of the fact that the Minister for Home Affairs had a clear political interest in ensuring that the assistance and access bill was not properly scrutinised by the committee. That was because every time the committee held a public hearing in respect of the bill we heard further embarrassing revelations about flaws in the bill and about the competence of the Minister for Home Affairs and his colleagues. To take just two shocking examples: first, it was revealed that the Inspector-General of Intelligence and Security and the Commonwealth Ombudsman—the key Commonwealth oversight bodies—found out about the exposure draft of the assistance and access bill from media reports; second, the committee learned that the government, as well as failing to consult with key Commonwealth agencies, had failed to consult with any of the hundreds, and possibly thousands, of the small to medium-sized Australian businesses who could be significantly impacted by the onerous regulatory requirements the bill could impose on them.

So rather than immediately acceding to the minister's request for the committee to expedite its inquiry by effectively shutting it down, the committee instead held urgent hearings with relevant agencies to gather evidence from them regarding the necessity and urgency of the proposed new powers. Following those hearings, the Joint Intelligence and Security Committee agreed to expedite its inquiry to facilitate the passage of the legislation before Christmas of 2018, but only if the legislation were substantially amended to address some of the key concerns that had by that time been raised by industry, by digital rights groups, by lawyers and by technology experts. To that end, the committee made 17 recommendations to improve the flawed legislation which the government had brought to the parliament.

On 6 December 2018, the final sitting day of last year, the government introduced 173 amendments to the Telecommunications and Other Legislation Amendment (Assistance and Access) Bill 2018 in response to the committee's recommendations. No reasonable person accepts the government's fanciful claim that the 173 amendments implemented the committee's recommendations in full. In fact, it was immediately apparent that the amendments which the government had deigned to bring before the parliament were seriously deficient in a number of respects. That is why Labor only agreed to support the passage of the assistance and access bill and the government's 173 amendments to it on the condition that, firstly, the new laws, as amended, be immediately referred to the Joint Intelligence and Security Committee for inquiry and report and, secondly, the government agreed to facilitate consideration of further amendments in early 2019 to ensure that the new laws fully conformed with the Joint Intelligence and Security Committee's recommendations.

On behalf of the government, Senator Mathias Cormann agreed to those conditions. As recorded in Hansard, Senator Cormann also said that the government supported, in principle, all amendments that were consistent with the Joint Intelligence and Security committee's recommendations. But here we are, a year later, in the final sitting fortnight of 2019, and it remains the case that Senator Cormann and the government have not honoured the commitment that Senator Cormann made. It remains the case that the Morrison government continues to ignore the bipartisan recommendations made by the intelligence committee, continues to ignore the calls for reform of the now enacted legislation from industry and continues to ignore the very direct commitment that it made.

That is not the only piece of unfinished business in relation to the assistance and access act. A number of submitters to the Joint Intelligence and Security Committee's inquiry argued that the bill was not compliant with the United States Clarifying Lawful Overseas Use of Data Act—the CLOUD Act—which was enacted in March 2018. Under the US CLOUD Act, it is possible for Australia to enter into a bilateral agreement with the United States to allow Australian agencies to request the data of non-US persons, like text messages sent by or to a terrorist subject, from American technology companies directly. This new regime, if Australia is able to enter into a bilateral agreement with the United States, would give Australian agencies much faster access than under the existing regime of making such requests via the US Department of Justice under mutual legal assistance arrangements.

The opportunity that the US CLOUD Act offers is hugely significant for Australian law enforcement and for our national security. It is hugely significant for keeping Australians safe. Under current arrangements, it can take up to two years for Australia police or security agencies to access data held in the United States on platforms like Facebook—data which could, if provided in a timely manner, lead to the arrest of a pedophile or assist authorities to thwart a terrorist attack. But there is a catch: in order to qualify for one of these bilateral agreements with the United States under the US CLOUD Act, Australia's domestic laws must afford:

… robust substantive and procedural protections for privacy and civil liberties in light of the data collection and activities of the foreign government that will be subject to the agreement.

In my second reading speech on 6 December 2018, I expressed concern that the government's assistance and access bill did not afford such 'robust, substantive and procedural protections' and, for that reason, could pose a risk to security cooperation with United States if the bill was not amended. A number of Labor MPs and senators also raised this concern in their second reading speeches on the legislation. Partly to ensure that Australia would be able to take advantage of this vital new security mechanism being offered by the United States, Labor made an election commitment to amend the measures introduced by the assistance and access act to ensure that they were subject, among other things, to judicial oversight.

Lest there be any doubt about the significance of the new arrangements that are possible under the CLOUD Act, it's of course the case that the United Kingdom has already taken advantage of what the US has offered by passing the CLOUD Act—that is, the United Kingdom has already entered an agreement with the United States. The United Kingdom is already being offered access under the CLOUD Act because the United Kingdom understood the need to ensure that its domestic legislation conformed to United States requirements, and, indeed, they amended a range of United Kingdom domestic legislation to achieve that end.

The current Australian government, this Liberal government, by contrast, is continuing to pretend that no changes are needed to Australian domestic legislation. It's continuing to pretend that no changes will be needed to the assistance and access act so much so that, if one comes forward to 7 October 2019, we learnt from the Minister for Home Affairs in an announcement that he made that the United States and Australia have finally—this is more than a year after the United States passed its CLOUD Act—commenced formal negotiations for a bilateral agreement under the CLOUD Act. It is truly extraordinary that this government has taken so long to recognise the potential value of the CLOUD Act to Australia and Australian law enforcement agencies. As I've said, the British government, by contrast, recognised it instantly, and has already concluded its negotiations and entered into a bilateral agreement with the United States. While it has taken far too long, Labor welcomes the fact that the Australian government has finally commenced negotiations on our behalf.

However, less than 24 hours after the announcement made by the Minister for Home Affairs that negotiations had commenced, we received a warning from the United States. The chairman of the United States house judiciary committee, Congressman Jerrold Nadler, sent a letter to Minister for Home Affairs, expressing grave concerns about—you guessed it!—the absence of 'robust, substantive and procedural protections' in respect of the measures introduced by the Australian government's assistance and access bill. That is hugely significant, because the United States Congress can, in effect, veto any agreement that is struck between the government of the United States—that is, the Trump administration—and the Australian government under the CLOUD Act. Of course, the house judiciary committee plays a pivotal role in scrutinising any agreement which is struck between the United States and Australia that comes before congress, and it is a requirement of the US CLOUD Act that any such agreement will have to come before the United States Congress for approval.

So let me repeat something I said in this chamber on 6 December last year: it is absolutely vital that the measures introduced by the assistance and access bill, which are now part of the law of Australia, conform to what the United States regards as robust, substantive and procedural protections for privacy and civil liberties, and that in turn will need to take account of what is known as Fourth Amendment jurisprudence in the United States, a key feature of which is judicial warrants. The Fourth Amendment is, of course, the part of the Bill of Rights, the part of the US Constitution, which requires that there be no unreasonable search and seizure.

What the United States and United States authorities are always looking for in order to ensure robust, substantive and procedural protections for privacy and civil liberties is judicial oversight of, and judicial warrants authorising, compulsive processes by government, such as those created by the assistance and access act. At present, the measures introduced by the assistance and access act do not include that form of judicial oversight by requiring judicial warrants for their exercise.

Let me repeat something else that I said when I spoke about this legislation in this chamber on 12 February 2019:

As a matter of principle, Labor does not believe that the Attorney-General or a senior police officer should be given the power to compel an innocent person—

including a law-abiding Australian technology company—

unconnected to an investigation to provide technical assistance to a government agency without a warrant …

That is not to say that the introduction of judicial warrants will fix everything that is wrong with the assistance and access act. The legislation has many problems, and those are currently being worked through carefully and methodically by the Independent National Security Legislation Monitor and by the intelligence and security committee. The purpose of this particular bill, which is on any view a minor procedural bill, is to ensure that the intelligence and security committee has sufficient time to do that important and difficult job properly.

But those processes that I've just outlined—that is, the inquiry that's currently being conducted by the Independent National Security Legislation Monitor and the inquiry that is currently being conducted by the Parliamentary Joint Committee on Intelligence and Security—should not get in the way of the government introducing legislation right now to ensure that the measures that were introduced by the assistance and access act: firstly, conform to the recommendations that were made by the intelligence and security committee in December 2018; and, secondly, are subject to robust, substantive and procedural protections. As well as ensuring that the rights of the Australian people are properly protected and the interests of Australian business are properly respected, this would address one of the obstacles that may lie in the way of securing an agreement with the United States under the CLOUD Act. It's essential that the government do everything possible, and do so much more quickly than it has been doing, to ensure that Australia is able, like the United Kingdom, to take advantage of the processes that have been made available under the US CLOUD Act to give our agencies access—speedy access—to telecommunications data that is sourced from US telecommunications companies.

The Morrison government needs to urgently respond to the significant concerns about the legislation that it has passed. These are significant concerns which have been expressed by Labor. They are concerns which have been expressed by the chair of the US house judiciary committee, Congressman Jerrold Nadler. They are concerns that have been expressed by industry, by digital rights groups, and by lawyers and technology experts. Labor is ready and willing to work with the government to ensure that the measures introduced by the assistance and access act are amended to address any and all obstacles in the way of securing the best outcome for Australian police and security agencies, and for the Australian people. I move the second reading amendment in the terms circulated:

That all words after "That" be omitted with a view to substituting the following words:

"whilst not declining to give the bill a second reading, the House:

(1) notes the lengthy delays currently faced by Australian police and security agencies seeking to access data held in the United States;

(2) acknowledges that the Government has finally begun negotiations for an agreement with the United States to decrease the time it takes for Australian police and security agencies to access such data;

(3) expresses concern that the absence of robust protections for privacy and civil liberties in the Telecommunications and Other Legislation (Assistance and Access) Act 2018 could threaten the prospects of an agreement being reached with the United States;

(4) criticises the Liberal Government for refusing to support Labor's amendments in December 2018 to include such protections; and

(5) calls on the Liberal Government to work productively with Labor to ensure that the measures introduced by the Telecommunications and Other Legislation (Assistance and Access) Act 2018 are amended to ensure the best outcome for Australian police and security agencies, and the Australian people".

Photo of Steve GeorganasSteve Georganas (Adelaide, Australian Labor Party) Share this | | Hansard source

Is the amendment seconded?

5:15 pm

Photo of Clare O'NeilClare O'Neil (Hotham, Australian Labor Party, Shadow Minister for Innovation, Technology and the Future of Work) Share this | | Hansard source

I second the amendment. It's a real pleasure to make a contribution on behalf of Labor to the discussion today. I want to thank the member for Isaacs, who's just taken you through quite a detailed account of the history of the debate that we've had about this bill in the parliament, and he's also highlighted some of the really critical national security issues that this bill has given rise to. Our spokesperson on cybersecurity is going to follow my speech, and he will make a quality contribution about those security issues.

I am Labor's spokesperson on technology, and I really want to talk today about the other side of this bill and its implications. That is about the economic impacts, because one of the first things I noticed in this portfolio, coming into the shadow ministry for technology, is that the debate we have about technology issues in this parliament needs to be lifted. I don't think anyone in this room would disagree with that. I'm very much a part of the problem—I've been here for six years—but I do think we need to improve the quality of how we talk about these issues. We don't tend to talk about technology issues at the sort of foundation level where we see them affecting the families and businesses that we represent in the community. When we do talk about tech issues in the parliament, I'm not sure that we are creating the space for the quality conversation that needs to be had.

There is literally no better example of that problem than the bill that is before the parliament and the amendment that's been made to that bill. It's absolutely obvious that technology is giving people who want to commit crimes new ways to commit those crimes. It's giving law enforcement a much broader suite of ways that it can determine and build evidence about people who are committing crimes. We need to take advantage of some of those opportunities, but the thing that always needs to be a part of this conversation—that must be central and pivotal to this conversation—is the important economic impacts that all of these decisions will have. One of the things I noticed in the discussion that we had about this bill in the parliament was we talked a lot about national security, but it was Labor people labouring the point and trying to make the case that this is an important and pivotal industry that will employ almost 800,000 Australians by 2022, Mr Deputy Speaker Georganas. They're in your electorate; they're in the electorate of every person in this chamber. When we make decisions like the one that led to this bill, we do a disservice to that industry. Instead of trying to sit on that industry's head, we need to be building, nourishing and growing it, because that is our economic future and those are the jobs of the future.

The way that this bill was put forward by the government was really poorly done—not just in the technology space, but by any stretch. The shadow Attorney­General talked about two pieces of evidence for this. Because this was a security bill, it went to the PJCIS committee, which reviews security legislation for the parliament. Through the hearings of that committee, it was revealed that when the government first proposed the bill the Inspector-General of Intelligence and Security and the Commonwealth Ombudsman, which are the key oversight bodies for the bill, found out about the exposure draft of this bill from media reports. Anyone who is even faintly aware of how government works can see that is ham-fisted. It is no way to make a good law—for the pivotal people who will help oversee the legislation to find out about it from media. It is just unbelievable to hear that a critical piece of national security legislation could be designed that way.

The other extraordinary thing that came out of that committee—I thought—was the fact it uncovered that, as well as failing to consult with key Commonwealth agencies, the government failed to consult with the thousands of small businesses that will be affected by the regulatory requirements this bill puts on those businesses. We have the government coming in here every day, and they love to talk about small business and how they see themselves as representatives of that sector in this House. Well it's apparently not true, because they put together a bill with enormous impacts across the whole of the economy without discussing it with the very people who would be most affected by it.

We on this side found this whole process incredibly troubling. I think you'll remember, Deputy Speaker Georganas, at the time—this was last December—we had this discussion as a parliament. There were Labor people who were raising really significant issues of concern. The government blasted ahead. They insisted that that bill had to be dealt with before the Christmas break, and Labor agreed. Labor tries to work on a bipartisan basis with the government on national security issues because those are issues, of all the ones we deal with, that should be above politics. We wanted to work in a bipartisan way. We agreed to pass the bill even though we knew there were issues, even though the government acknowledged there were issues, on the proviso that, when we returned here at the beginning of 2019, this would be one of the first items on the agenda. What have we heard since then? Basically crickets from the government. Nothing has been brought back to the House which will help us resolve the issues in this bill. Here we are, almost a year on, having an agreement of trust that was made between the government and opposition completely broken. That's incredibly disappointing. We have our disputes in this place but, usually, when you make a deal like that about how a piece of legislation that affects national security is going to be dealt with by the parliament, you get good faith from both sides and that is how we would like to see it. But unfortunately I stand here today, a year on from an unedifying debate that took place in this chamber, and yet we're nowhere on trying to fix this issue.

This is very important to me and the people that I represent in the tech community outside the House, and I say that with absolute categorical confidence. In the five months that I've been in the role of shadow minister for technology I have met the most incredible people who are trying to grow this incredible industry for us in Australia. I've met people who are trying to educate Australians in STEM skills. I've met so many people who are doing that incredibly risky thing and starting their own venture out in the private sector, inventing something completely new, developing new technology, and scientists who are creating new ways of doing things that aren't done anywhere else in the world. The No. 1 issue that is always raised with me by people in this community is this bill. It is not even a broad suite of issues about how we're handling technology; it is this bill. When I say 'What can the government do to help you? What can we do to assist you in growing your business?' They say, 'First principle: do no harm.' That is what they see this bill as. It is the rushed nature, the lack of clarity about what key terms in this legislation mean that a year on have still not been clarified.

I'm referring specifically to issues that are core to the way that the Telecommunications and Other Legislation Amendment (Assistance and Access) Act 2018 works, including systematic weakness and vulnerabilities that were added to the bill quite late in the day. Still today there are people out there trying to run technology companies and cybersecurity companies, and the impact of this legislation is not clear. The government has had a year to fix this problem and, despite having promised the opposition, promised the tech community and promised the Australian people that they would come back in here and, as a matter of priority, fix this bill, we're here a year on and nothing much has changed.

The clarification of these specific terms that I mentioned is crucially important to the impact of this bill on the sector. That's because—you'll probably remember from the initial debate we had, Deputy Speaker Georganas—the existing systemic weakness or vulnerability limitations don't prevent a tech company being directed by a government agency to do things that would or could compromise the security of their critical systems. This is the No. 1 thing people in the community have been concerned about. I've mentioned some of the stakeholders that I represent in this chamber and I use those words specifically because it's actually not Labor that is alone in criticising the way the government has handled this. I want to share a couple of quotes from people working in technology who have been particularly upset by this bill. Scott Farquhar is one of those. He is the co-founder and co-CEO of Atlassian. He said:

We've got to recognise this law threatens jobs.

…   …   …

The fact is that the jobs of the future—these high paying jobs, export dollars that we bring to Australia, largely in technology—are at risk because of the laws that have been passed.

Alan Jones, the general partner at M8 Ventures, has said of this legislation:

It won't have a practical effect on monitoring the people they want to monitor, but it will cripple Aussie tech.

What I hear from those leaders, as well as the general concerns that they have about this bill, is that they actually see this legislation as emblematic of the government's entire approach to their industry. It is absolutely deaf to the voices in the digital sector, and it's not particularly interested in supporting the future growth of those jobs of the future.

I'm really worried about this. One of the other aspects of my role is spokesperson for my party on the jobs of the future. There are communities around this country that are hurting a lot because of the way the economy is changing and the way that's benefitting and hurting different Australians. The very least thing government could do in the face of that problem is, if we as a nation are going to cop some of the downsides of the future of work, we have to capitalise on the upsides; otherwise we pay a huge price for these changes that are occurring and all the benefits and the highly skilled, high-paying jobs that might be created through the new economy are going to end up offshore. This is a very important issue for Australia's economic future, and it's frustrating to see the government deal with it in such a ham-fisted way.

I want to speak a little bit more about the digital economy, because it's not just this bill that I'm worried about in the context of the government's failure to support this industry. AlphaBeta, a consulting firm in Sydney, produced a report recently commissioned by the Digital Industry Group. It showed that Australia is lagging behind global peers and failing to capture the economic opportunities of the very fast-growing digital economy. The report found that Australia ranks second-last among OECD countries for the relative size of our technology sector and its contribution to the economy. This is such a wake-up call for us. We're second-last in the OECD when we are one of the richest countries in the OECD. That is a harbinger of very concerning things to come. This is meant to be the way we build our economic future, but we're second to last in the OECD.

There's no doubt that the technology sector is making a significant contribution, but we can do so much more to help and support them. We need the active engagement and leadership of our government. The AlphaBeta report indicates that the tech sector contributes $122 billion to the economy every year, equivalent to 6.6 per cent of our GDP. Even with all the neglect and the blithe unconcern on the other side of the chamber about the future of this industry, they are growing against the odds, and there is so much more that we could do to support them. They're creating $44 billion a year in additional value to consumers in the form of free, cheaper and more convenient access to the resources, entertainment and information that improve our lives and wellbeing. We think those figures could and should be higher with the right policy settings. Some of the figures suggest that the Australian tech sector could create an additional $50 billion per year if Australia could catch up and match the tech sector growth rates of our global peers.

The research has also shown that small businesses in Australia that have embraced digital technology have experienced a massive productivity boost over the past decade. There is a huge opportunity here to unlock productivity and unlock additional economic impact if we can actually help our tech sector reach the 2.2 million Australian small businesses to make sure that they're accessing and utilising the latest technologies. There's huge growth potential here, but we need to have a coordinated approach to the digital economy. What we have on the opposite side of the chamber is a government which is almost in its seventh year of office and which still has nothing to say on these subjects, except an incredibly damaging piece of legislation that they'd promised to fix within a number of months and haven't done anything about.

It's not just the digital economy where we see this sort of neglect from government. One of the other areas that's related to this subject is about innovation and the digital economy. I'm sure many members of parliament read the reports of Prime Minister Malcolm Turnbull making a rare foray into public commentary to give the government a bit of a whack over its approach to innovation since he left the prime ministership. He said that innovation is not Prime Minister Scott Morrison's comfort zone. I think many people on the Labor side would agree with that.

Mr Turnbull also said Australia cannot drop the ball on innovation any longer. I think that when we look at the numbers, there is absolutely no question that dropping the ball is exactly what has happened in the last six years. Despite all the hype and all the talk about the ideas boom and that this is the greatest time to be an Australian, government research and development expenditure fell 19 per cent in real terms in just two financial years. A fifth of our spending disappeared within two financial years. In 2019 there were 2,000 fewer people working in government funded R&D programs than there were in the mid 1990s. Deputy Speaker, think about how much our economy has changed and yet we're short-changing R&D, we're short-changing our scientists and we're short-changing our tech sector.

I'm going to have to leave my comments there, but maybe I'll just finish with a call to arms for the people on the opposite side of the chamber who actually understand this industry and care about its growth. This is the pivotal building block of Australia's economic future. We have a government that is not only neglecting to have a plan to do anything about helping that sector grow but actually has introduced legislation—and that's probably the only way that Australia has made the news on this subject in recent years—and it's a downside. We can do better. (Time expired)

5:31 pm

Photo of Tim WattsTim Watts (Gellibrand, Australian Labor Party, Shadow Assistant Minister for Communications) Share this | | Hansard source

It is with some regret that I rise to speak on the Telecommunications (Intersection and Access) Amendment (Amendments Review) Bill 2019 before the House, because this bill represents a series of failures: a failure of process, a failure of bipartisanship on matters of national security, a failure of the Morrison government to keep its word and a failure by this place to legislate in a way that supports the growth of the Australian technology sector. In this way, this bill represents a failure of our own economic future.

The impact of the failures in public trust and confidence in this parliament and on the conventions of this place represented by this bill cannot be remedied by amending legislation alone, although many amendments are certainly needed. These failures will only be remedied over time by the conduct and the actions of those of us in this place: by us treating the legislative process with more respect, by putting the national interest above short-term political interests and by actually listening and talking with the technology sector outside this place, as was just so eloquently put by the member for Hotham.

We need to be frank in this parliament: in many ways, Australia is viewed as a worldwide joke in technology policy. From former Prime Minister Malcolm Turnbull's infamous war on maths to the new Department of Home Affairs' policy to use facial recognition technology to verify Australians' use of pornography on the internet, those of us who work in technology policy, who move in those circles and travel the world talking to people, know that around the world Australia is viewed as the global village idiot in technology policy. We need to do something about that in this place.

One step we can take in this respect is to restore process to this place—to restore accountability and proper consideration of legislation so that the mistakes represented in this bill are not replicated in the future. In this respect, we need to restore the Parliamentary Joint Committee on Intelligence and Security—the PJCIS—to its former position as a serious institution of our parliament and a place of genuine bipartisanship scrutiny and review of legislation of this kind. Membership of the PJCIS is coveted in this place because it grapples with the most serious issues before the House—issues of life and death, issues of state powers and individual freedoms. Its work has immediate and weighty human consequences. The PJCIS was once a institution where proposals were rigorously interrogated in the national interest and where members from both sides of politics worked together on improving legislation before the House.

I acknowledge the cynicism that many on the Left have towards the work of the PJCIS. They see its history of bipartisan reports and then see it as a place of capitulation. I get it—I do. But this cynicism does an incredible disservice to the work undertaken by members of this committee. Bipartisanship on these serious issues is not easily won in this committee. Lengthy inquiries and extensive hearings have been followed by even lengthier and extremely robust debates within the committee and negotiations between members. These negotiations are complex and detailed—they're technical and expert. They regularly produce dozens of amendments to the bills considered by the House, amendments that are then made to the bills not as opposition amendments but as government amendments and as a voice for all of us. The fact that these bills aren't amended further by the opposition doesn't reflect parliamentary capitulation; it reflects the robustness of the PJCIS process.

And that's why it was so disappointing last year when the Morrison government abruptly halted the PJCIS inquiry into the assistance and access bill in order to allow the bill to be forced through the parliament in the final sitting week of 2018. The member for Isaacs, the shadow Attorney-General, has recounted in depressing detail the shambolic process that that bill took through both the PJCIS and the parliament last year. The member for Hotham related how this shambolic process resulted in the small business technologies that we hope to grow jobs in the future being cut out of the consultation process. Indeed, key defence exporters, people working in my portfolio of responsibility in cybersecurity, were caught unawares by this bill. This bill represented everything that business hates about government—ramming through legislation, heedless of its consequences, not understanding the impact on their own businesses.

Despite the abrupt end to the inquiry—and thanks, frankly, to a herculean effort by the member for Isaacs and the member for Holt, the Labor members of the PJCIS—the committee provided a series of recommendations for the amendment of this bill, the majority of which were not incorporated into the bill by the government. Byignoringthe PJCIS, the government threw out of the window the longstanding tradition of bipartisanship when it comes to national security and protecting Australians' safety. Trust conventions in this parliament take decades to build up but moments to destroy, and that's what happened in the last sitting week of parliament last year. Even more troubling was the tone of the debate in the second reading speech, where those opposite attacked the motivation of Labor members in the most personal and reprehensible ways. They accused Labor members of wanting to assist terrorists and pedophiles merely because we expressed widely held legitimate concerns about the operation of the bill and wanted to exert the scrutiny required to understand these complex proposals in the national interest. It was a shameful performance by those opposite.

Surely our politics can be better than this. Nobody in this chamber sympathises with terrorists or child abusers. No human being is soft on this. It is important that we are able to have to have complex, nuanced debates on issues like this in the parliament without resorting to disgraceful slurs of this kind—particularly in the technology sector, where these issues are inherently complex. Technology is a complex field, particularly for those with no experience in the sector. The potential for legislation creating unintended consequences is significant and it puts a premium on the in-depth, high-quality consultation between government and technical experts.

That's exactly what didn't happen with respect to this bill. In its politically motivated haste, and its desire to wedge the opposition, the Morrison government passed legislation that potentially closed off access to an important investigative tool for Australian law enforcement agencies. Existing US law prevents US companies from sharing information that they hold outside US borders, outside the existing mutual legal assistance treaty regime, even under warrant from an Australian court. This mutual legal assistance treaty regime is bureaucratic and underresourced. In 2013 the average time to process an MLAT request was 10 months; and, given the dramatically increasing volume of requests we have seen, there is reason to believe this time frame has blown out considerably since then. This means that when Australian law enforcement officials are investigating a crime and they believe that their investigations could be assisted by accessing data held by an electronic communication storage or communications company based in the US—like Facebook, Google or Microsoft—and they are able to convince an Australian court to issue a warrant granting access to this information, it will still take them well over a year to access this information because of this inefficient process.

Access to this stored data data—or 'data at rest' in the industry lingo—is likely to be of far greater value for law enforcement than the intercepted communications. It offers a far greater volume of information about suspects and a richer view of the suspects' communications. And the delays in accessing this information are a significant impediment to law enforcement. To streamline this process for obtaining access to US-held information requested under warrant by another jurisdiction, the US Congress passed the CLOUD Act, a law that authorises the negotiation of bilateral agreements between the US and other nations to streamline this information-sharing process, shortening the time to access the information from years to weeks. However, the CLOUD Act provides that the US government may only enter into agreements under the CLOUD Act where the other government's domestic laws have:

… robust substantive and procedural protections for privacy and civil liberties in light of the data collection and activities of the foreign government that will be subject to the agreement.

By ramming through the assistance and access bill without judicial oversight for the notices issued under it we have put our compliance with this in jeopardy. Well before the Morrison government passed the assistance and access bill in December 2018, they were warned that the bill may not provide these robust, substantive and procedural protections.

A submission made to the PJCIS in October 2018b y the Digital Industry Group, which includes representatives from Amazon, Facebook, Google and Twitter, noted: 'If our access regime doesn't contain sufficient safeguards for user privacy, there's a chance the US Congress will not approve a treaty with Australia under the CLOUD Act, which will interfere with legitimate law enforcement investigations.' In my second reading speech on this bill—I quote myself and I couldn't agree with myself more—I said:

This bill doesn't resolve, and may even make more difficult, the mutual legal assistance treaties and the CLOUD Act problems in us accessing data from these providers overseas.

The government ignored these warnings. They ignored warnings from industry. They ignored warnings from civil society. They ignored warnings from members of this parliament during the scrutiny of this bill in this place. And instead they play politics and they rush through a deeply flawed piece of legislation. Those flaws are now catching up with the government.

On 4 October this year, only days before the Minister for Home Affairs and the US Attorney-General, William Barr, announced that negotiations on an Australia-US bilateral CLOUD Act agreement had begun, Congressman Jerry Nadler, the chairman of the US house judiciary committee, sent a letter to the Minister for Home Affairs expressing concerns about the absence of robust, substantive and procedural protections in the assistance and access act. Congressman Nadler's letter highlighted that the lack of judicial authorisation and review under Australia's encryption laws—something those on this side of the House warned about—made it difficult for the US to enter into a CLOUD Act data sharing agreement. This is someone speaking on behalf of the body who will be able to give an up or down consent on any agreement negotiated between the executive of the United States and Australia. It's a warning that we ought to heed.

The assistance and access act, rushed through the parliament in the name of protecting Australians against terrorists and paedophiles, now seems to be jeopardising Australian safety. It's jeopardising our law enforcement and national security agencies' ability to access critical investigatory data within weeks, instead of years, when investigating serious crimes like terrorism and paedophilia.

Despite the shortcomings in the long-term in this bill, in the last parliament Labor ultimately agreed to support the bill in the last sitting of the year—indeed, on the last sitting day of the year—on the advice of security agencies that the powers of the bill were necessary to protect Australians from imminent security threats during the months-long summer recess of the parliament. In exchange, the government committed to progressing these amendments to the bill recommended on a bipartisan basis by the PJCIS in early 2019.

On 6 December 2018 the Minister for Finance announced in the Senate that the government would 'facilitate consideration of these amendments in the new year in government business time.' The Minister for Finance also said that the government 'supported in principle all amendments that are consistent with the Parliamentary Joint Committee on Intelligence and Security recommendations in relation to this bill'. I guess his word meant as much to us as it meant to Malcolm Turnbull. The Morrison government pettily broke this promise when parliament resumed in February 2019.

Almost a year later the government still hasn't kept its promise. On a crucial issue of national security it's dudded the parliament. It's time the government not only honours its promise to Labor but also honours a longstanding bipartisan tradition in this place when it comes to national security.

The assistance and access act is flawed in many ways. It hinders our law enforcement agencies' ability to investigate serious crimes. It hinders our ability to enter into an agreement with the US on the CLOUD Act, undermining our longstanding relationship with the US. The shambolic way that this bill was drafted and reviewed by the parliament has also created a series of enduring myths and public misconceptions about this bill that go beyond even the existing factual flaws of the bill, severely damaging perceptions of the law domestically and abroad. It's really hurt 'brand Australia' in the technology space, hindering the Australian tech industry's ability to innovate and expand their businesses, destroying jobs and causing damage to an industry that should be the engine of creating these jobs of the future.

We need to return to bipartisanship on these issues. To this end, I'm heartened by the PJCIS's recent report on the identity-matching services bills and its recommendation that these bills not proceed without being fundamentally rewritten. This creates the potential to restore the PJCIS to its former role as a place of genuine bipartisanship and legislative review in our parliament. It is also why I welcome the assistance and access amendments review bill, the bill before the House, which will extend the reporting date for the PJCIS's review of the assistance and access act from 13 April 2020 to 30 September 2020. It will give the PJCIS a second chance to get this right, to look at this bill in its totality, to do the consultations it should have done the first time, to listen to the experts in the Australian technology sector and to get the drafting right. Issues like the prohibition on issuing notices in a circumstance where it will create a systemic weakness are crucial; they are pivot points for this bill. The amendments only exist in the bill, frankly, because of the work of the Labor members of the PJCIS. To be operative, they need to be appropriately designed, drafted and understood throughout the industry. I welcome the review of this bill, and I commend this bill to the House.

5:46 pm

Photo of Ed HusicEd Husic (Chifley, Australian Labor Party) Share this | | Hansard source

I don't buy for one minute any suggestion that this government has suddenly discovered its inner voice when it comes to consultation—that it in some way has suddenly had a revelation in the middle of the night that it's done the wrong thing and needs to listen to people about this bill, the Telecommunications (Interception and Access) Amendment (Assistance and Access Amendments Review) Bill 2019, and, in particular, at the heart of this bill, about the whole architecture that was spawned around encryption, and the access arrangements for that. There were 15,000 submissions made by people in Australia's tech sector about the flaws in this bill. This government refused to take those submissions on board, refused to make a lot of those submissions public and refused to listen to what was said. On top of that, they then tried to shut down the committee when it was considering this bill. They tried to shut down consultation on, and consideration and criticism of, this bill back at the tail end of last year—this time 12 months ago. That is what they did. And, in their inability to manage the legislative program, they failed to bring their own legislation to this place to have it properly discussed in a timely way and to ensure that, when it got to the other place, the amendments could be considered.

The finance minister gave his word to us as a Labor opposition. The finance minister made a commitment that, in return for allowing the bill to go through, he would consider the amendments that in good faith reflected what the PJCIS had said needed to be amended; there were 17 recommendations that triggered nearly 200 amendments to the bill. The finance minister made a commitment that those amendments would be considered in the new year. But the honour of the finance minister gave way to his fear of the home affairs minister, and those amendments never got considered. So the government ratted, the home affairs minister ratted and the finance minister yet again bowed to the home affairs minister—we saw how that worked countless times last year—in failing to put those amendments through. And now, all of a sudden, the government say they need extra time to consider the work of both the PJCIS and the INSLM. This is why I say I don't buy what's being put forward by the government, because they're not fair dinkum about making the necessary changes to this.

As the shadow assistant minister, the member for Gellibrand, just pointed out a few moments ago, their failure to do the right thing has caught up to the government. Their failure to address the flaws the way the PJCIS recommended that they be fixed, in the face of the criticisms that were raised at the time about our inability to get access to data because our arrangements wouldn't conform with the way the US expects these things to be managed, is now catching up to the government. And their failure to fix that has jeopardised national security. It has jeopardised our ability to access the data that is required and that can be accessed if it's done the right way, in line with the US CLOUD Act. Because the government rammed through the changes, wouldn't listen to advice and ratted on a deal about this, we are now in a position where our national security is not strengthened; it's weakened. It's been weakened fundamentally because we're not allowed to get access to this data.

The other reason I don't trust this government's new-found commitment to consultation and extending the period for consideration of this is that the home affairs minister is peddling the idea that he has created a backdoor that will allow a new backdoor to be created in terms of encryption by going around and saying that these legislative arrangements that would never see the light of day in the US will gain them access to information that other jurisdictions could not access on their own turf. They have put in place a weaker, diluted set of arrangements in relation to encryption here and they're now flogging that concept overseas to other jurisdictions. So, when the chair of the house judiciary committee writes to Australia, writes to the government, and says they've got serious doubts about what the Australian government has put in place, I say—through you, Deputy Speaker McVeigh—to that chair: you are spot on the money. Jerrold Nadler is spot on the money. The house judiciary committee is spot on the money, and I absolutely urge US lawmakers to recognise that this act is flawed and that, until this government fixes the flaws in this legislation, this government should get nowhere near, and should not be considered compliant to, the US CLOUD Act at all.

The message that should be taken by our friends across the Pacific is that what this government has done is tried to put a shoddy backdoor arrangement into the way that this data should be accessed, and it should not be gifted that access. In particular, the way this government put these so-called judicial oversight arrangements in place with a retired judge and then getting two ministers to agree with each other on getting access to it in terms of the arrangements under this act—this is a terrible arrangement. This is not judicial oversight at all. This is an absolute and utter facade.

Why do we need to extend the period of time for this to be considered when we know all these flaws exist right now and they should be fixed? They absolutely should be fixed. Frankly, as the Labor opposition we will not give up at all on pressing the case for these laws to be fixed. They need to be fixed to ensure, from a national security perspective, that we get access to the type of data that is needed to prevent harm to others in the community.

On another quite distinct plane, we should make sure that Australia's tech sector is not treated as a pariah on the world stage. There are doubts being expressed by those overseas to tech companies here. They say that they're genuinely concerned about the arrangements the Australian government has put in place and they're questioning whether or not they can work with Australian tech. They're wondering whether or not Australian tech is robust because of what's been unleashed as a result of this act. The Australian tech sector should not be put in that position whatsoever by this government—this government that claims it's pro-business but did everything it could to ignore the views of business on this.

Business said it wanted to work with the government to achieve what it wanted to but not in the way that the government was proposing. Australian and overseas businesses, particularly from the tech sector, wanted to work with the government in the way it had sought. As an opposition, many of us on this side of the chamber had said that if someone wants to do harm and there is a way to intercept that information and act on it to prevent that harm from occurring, those arrangements should be made. This government, in its clumsy attempt to try to politicise the debate and make itself look tougher than it was, set in place these measures that have caused this type of concern within the tech sector and which now raise a genuine concern about whether or not we would be in a position to get important advice, data, that could help national security agencies here. It is a complete and utter disgrace that we have reached this position.

The constant bravado and politicking of the home affairs minister, who wants to score the political point rather than reach the substantive one, is coming to undo him. But worse still, we're the victims of it as a community, because his politicking means we won't get access to the data that will allow for national security agencies to work efficiently. This is the problem when it comes to those opposite on national security, particularly the home affairs minister, who always wants to play politics when Labor try to work with him, when Labor try to do the bipartisan thing. Frankly, I have on countless occasions raised with him other issues—for example, the rise of far-right extremism that has grown 320 per cent in the last five years—and he won't do a thing about it. But if it's to score a political point, he will. He's an absolute disgrace. We on this side try to talk, try to work with the government quietly and try to get things done. Communities that have seen the rise of Islamophobia and anti-Semitism who are genuinely concerned about this stuff, can't get anywhere. But if it is to make a political point—bam—he's there, trying to score the points. He then brings through shoddy law that affects our ability to perform the roles of national security effectively.

The US Democrats are absolutely right to put the spotlight on this shoddy work and then demonstrate how bad this law is and how bad it's being viewed overseas. And they would absolutely be well within their rights to set an expectation about judicial oversight, certain steps to be followed before you get access. They say that you should not do things that weaken the system of encryption that is used by business and others for legitimate reasons to be able to securely ensure the passage of data between parties. People say that the system shouldn't be weakened and this government goes ahead and tries to do just that. And if they say that, no, you're not meeting the standard and therefore you should not be entitled to data in that way, well, guess what? You shouldn't get it. You should not get that free pass. Certainly the US house committee should put a very sharp focus on whether or not this law, this shoddy law that the government has put in place, meets the high standards that they put in place in the US jurisdiction. They should absolutely put that magnifying glass over that law that has been passed in this country, and the government should be held to account for weakening our national security as a result of putting these laws in place.

As I said, when I look at this bill and I look at this sudden desire for consultation by the government I finish as I started, by making the point that this government cannot be trusted in terms of national security. It rats on deals that have been designed. When it talks about bipartisanship it does not mean it, and it will not follow through on it. We will be required to do what we must to ensure that the law in relation to encryption is such that our national security is maintained and that we are able to get access to the data that is vital for the work of our agencies, but to do it in a way that's fundamentally better than what has been put forward by a government more interested in politicking than in a genuine pursuit of a much higher quality and a much stronger level of national security than what we'd have as a result of this bill.

6:00 pm

Photo of Steve IronsSteve Irons (Swan, Liberal Party, Assistant Minister for Vocational Education, Training and Apprenticeships) Share this | | Hansard source

I'd like to thank my colleagues for their contribution to the debate on this bill. This Telecommunications (Interception and Access) Amendment (Assistance and Access Amendments Review) Bill 2019 ensures that both the Parliamentary Joint Committee on Intelligence and Security, the PJCIS, and the Independent National Security Legislation Monitor, the INSLM, have adequate time to complete their comprehensive reviews of the Telecommunications and Other Legislation Amendment (Assistance and Access) Act 2018.

As such, I urge the timely passage of this bill at the bipartisan request of the PJCIS and with the support of the INSLM. I also acknowledge and appreciate the extensive and continuing work of the PJCIS and the INSLM in reviewing this legislation. I commend the bill to the House.

Photo of John McVeighJohn McVeigh (Groom, Liberal Party) Share this | | Hansard source

The original question was that this bill be now read a second time. To this the honourable member for Isaacs has moved as an amendment that all words after 'That' be omitted with a view to substituting other words. The immediate question, therefore, is that the amendment be agreed to.

Question negatived.

Original question agreed to.

Bill read a second time.