John Faulkner (NSW, Australian Labor Party) Share this | Hansard source

On behalf of the Parliamentary Joint Committee on Intelligence and Security, I present the report of the committee on its inquiry into potential reforms of Australia's national security legislation, and I move:

That the Senate take note of the report.

In May 2012, the then Attorney-General, Nicola Roxon, asked the committee to inquire into a package of potential reforms to Australia's national security legislation. The committee was provided with a discussion paper outlining the reforms the government wished to have the committee consider. The committee was tasked with examining potential reforms to:

The terms of reference contained 18 reform proposals, involving 44 specific items.

Importantly, the context for the committee's inquiry included the serious challenge presented by new and emerging technologies to agencies' intelligence gathering capabilities.

The committee received 240 submissions. Three submissions were received in largely identical terms from some 5,300 individual members of the public. These submitters expressed opposition to the reforms, particularly to a mandatory data retention regime.

The committee was faced with several difficulties. The terms of reference were wide ranging and canvassed some of the most complex and significant reforms to national security legislation ever to come before the parliament.

The absence of detail in the discussion paper concerning mandatory data retention also significantly impaired both public discussion and the committee's consideration of that issue.

Despite these challenges, the committee has produced a comprehensive and unanimous report.

The committee has made 43 recommendations. I will highlight three of them.

First, the committee recommends that the Telecommunications (Interception and Access) Act should be comprehensively revised, with the objective of designing an interception regime which is underpinned by clear privacy protections, provisions which are technology neutral, maintenance of investigative capabilities, clearly articulated and enforceable industry obligations, and robust oversight and accountability which supports administrative efficiency.

Second, to respond to the decline in interception capability caused by technological developments and countersecurity measures, agencies should be empowered to conduct telecommunications interception on the basis of specific attributes of communications.

Third, the committee recognises that there are occasions on which ASIO officers are placed in positions where, in order to carry out their duties, they may need to engage in conduct which may breach the criminal law. To permit this, the committee recommends that the Australian Security Intelligence Organisation Act be amended to create an authorised intelligence operations scheme.

These recommendations, along with the others in the report, include proposals for detailed safeguards and accountability measures.

A critical proposal the committee examined was mandatory data retention; that is, a regime which would potentially require telecommunications companies to retain communications data, such as subscriber details, for a specified period of time.

In the committee's view, ultimately, whether or not to introduce a mandatory data retention regime is a decision for government. However, the committee has taken account of the substantial and serious concerns about this proposal that have been presented to it.

The committee is of the view that no such regime should be enacted unless privacy and civil liberties concerns are adequately addressed, and that an exposure draft of any legislation should first be referred to the committee for examination.

The committee outlines a number of specific features and safeguards it believes any draft legislation should incorporate. These include that any data retention regime should apply only to metadata and exclude the actual content of communications, and that internet browsing data should be explicitly excluded.

The issue of the establishment of a mandatory data retention scheme is very controversial. There are widely divergent views in the community about it and I expect those differences will be reflected within political parties and the parliament. Unsurprisingly, those differences existed within our committee.

The PJCIS has a strong tradition of attempting to reconcile differences and bring down unanimous reports.

Since its establishment the committee has produced 50 reports with only one dissenting report.

All committee members wanted to avoid signing a dissenting report, but I stress: to achieve unanimous recommendations on so controversial an issue as mandatory data retention required hard work and goodwill from all committee members.

The committee does not recommend the establishment of a mandatory data retention scheme—as I have said, we make clear such a recommendation should come from the government.

But, the committee does propose the features and safeguards such a mandatory data retention regime should have if one is to be legislated in Australia.

I acknowledge that this debate will be affected by the recent controversy surrounding leaks by Mr Edward Snowden in the United States of America.

Although these leaks occurred after this report was finalised, the committee sought and received a briefing from the heads of ASIO and ASD in relation to the US PRISM activities.

We should be very clear here. The regime under which metadata and warranted content data is accessed is different in Australia to that which applies in the USA.

Nevertheless, these revelations will heighten anxiety in this country about data retention.

We must ensure none of our citizens is surprised if and when our intelligence, security and law enforcement agencies use their legislated powers.

We must ensure any legislation to establish a mandatory data retention scheme in Australia contains the strongest safeguards to protect the privacy of our citizens.

Our challenge will be to achieve the right balance between the safety and security of our citizens, and their personal rights and freedoms, including the right to privacy, if a proposal for a mandatory data retention scheme goes forward.