Senate debates

Monday, 10 February 2020

Bills

Telecommunications Amendment (Repairing Assistance and Access) Bill 2019; Second Reading

4:55 pm

Photo of Jenny McAllisterJenny McAllister (NSW, Australian Labor Party, Shadow Cabinet Secretary) Share this | Hansard source

The challenge, of course, is that this approach also has the significant deficiency of being out of step with what most Australians want. People do value their freedoms. People also want to know that their government is taking steps to make sure that they and their families can feel safe in their places of worship, in their homes, at airports and on the streets. It is a fundamental responsibility for any party of government to protect its citizens and that is a responsibility that Labor takes seriously. So, whether we are in government or opposition, Labor have worked to ensure that our security agencies have the powers and the resources they need to keep our community safe, and that our laws are appropriately adapted to preserve the nature of our civil society, our rights, our freedoms and our democracy. And our approach is very consistent.

First, Labor take the advice of national security agencies seriously. It is not open to us to simply ignore that advice despite what some in the Greens political party may suggest. This government is rightly criticised for ignoring the advice of experts when the health and safety of people is at risk; for instance, as they continue to do in relation to climate change. Responsible parliamentarians cannot ignore warnings from the people charged with keeping Australians safe. Second, Labor understand the context of our decisions. Most specifically, in acting to protect our nation, we act to protect a nation founded on the rule of law and on respecting individual liberties. Our approach to national security needs to respond to these core values and, to the extent that individual rights are burdened, such a burden must represent the least intrusive manner to achieve the security objective and be proportionate to the actual threat. Third, we scrutinise evidence carefully and we never politicise national security.

Labor is committed to working through the evidence of agencies, stakeholders and experts in a deliberative manner. And, when we talk about bipartisanship, this is exactly what we mean. We expect PJCIS to robustly interrogate the issues placed before it, without any member seeking to obtain narrow electoral advantage, and, in my experience, this has generally been the way in which this committee has worked. It's why I continue to support the PJCIS as an incredibly important institution in the national parliament. Thoughtfully, we seek to embed our national security architecture in a system of robust oversight. Strong and effective oversight does not undermine national security; it enhances it. Public trust and confidence in our security and intelligence agencies are best ensured through strong and rigorous oversight and scrutiny.

So Labor brings forward this bill today with that spirit of balance and proportionality, reflecting those principles that underwrite the way that we operate in the national security space. As Senator Keneally has explained, this bill seeks to amend the laws that were passed at the end of 2018 and our amendments are in line with the recommendations that were tabled in that same month by the PJCIS. Those laws back in December 2018 sought to address a real policy problem—a real one. In recent years, the agencies charged with maintaining Australia's national security have publicly and privately raised concerns about encryption technology.

These are not abstract concerns. The agencies contend that their investigations of individuals and entities suspected of being involved in a range of very serious offences have been frustrated by these technologies. As people under investigation or surveillance migrate towards the use of encrypted apps their communications go dark. There are examples overseas where this has both prevented law enforcement from predicting attacks or prevented them from gaining access to crucial evidence to understand attacks after they have occurred. Our national security agencies provided advice that widespread use of encryption in digital communications was hindering intelligence and law enforcement to the detriment of Australia's national security.

From the outset, Labor was clear that the government's response to this policy challenge needed to be reworked in order to be effective and appropriate. It is worth briefly recapping on the process that led us to the bill before the chamber today. Senator Abetz, in his remarks earlier, made a stirring case for the integrity of the PJCIS and its processes. Well, I agree with that, and it might be worth reflecting just a little bit about what happened on the process that led us to this point. In September 2018 the government introduced the Telecommunications and Other Legislation Amendment (Access and Assistance) Bill. It was referred to the Parliamentary Joint Committee on Intelligence and Security for inquiry. The committee started its inquiry; it called for submissions and held hearings, as it normally does.

Midway through the process, in November 2018, the Minister for Home Affairs asked the committee to accelerate its inquiry into the bill in order to enable it to pass the parliament before the end of the year. The case for urgency was forcefully prosecuted by the government in the media, not in the committee, and at one point documents that had been provided to the committee confidentially were leaked into the public domain and appeared on the front page of a newspaper. The government has refused to initiate any investigation of that leak. National security agencies subsequently gave public evidence to the committee that they needed the powers contained in the 2018 bill in order to respond to the heightened risk of terror over the Christmas period.

And so, in response to that evidence, the committee did the only thing that I think was available to it at that time: it finished its inquiry early. It issued a bipartisan report that made 17 recommendations for a range of amendments to improve the laws, and the government committed to moving amendments that reflected those recommendations. It did not. On the last parliamentary sitting day of 2018 the government introduced its proposed amendments, which we consider did not properly reflect the text or the intent of the committee's recommendations. And that was not just Labor's view; it was the view of the Inspector-General of Intelligence and Security, of lawyers, of civil society groups and of the Commonwealth Ombudsman. We noted our dissatisfaction with this process during the debate in 2018. We secured from the government a commitment that would allow consideration of our proposed amendments but still allow the agencies to obtain the powers that they briefed us that they required—public briefings in the lead-up to that Christmas period. When we came back in February we brought those amendments forward. And, for the most part, those amendments were not supported by the government. We are returning to the chamber with the present bill because we are committed to improving the law.

It is important to emphasise that the majority of the provisions in this bill seek to properly implement the bipartisan recommendations made by the PJCIS—as I said, an incredibly important institution in our parliamentary system. Our amendments go to the scope of the powers allocated in the bill and the appropriateness of the authorising arrangements. They are sensible, they are proportionate and they make the bill more effective. They are amendments that should have been included in the bill that passed the parliament in December 2018. They are amendments that the government should have voted for back in February last year.

I'm going to turn now to some of the specific provisions of the bill. The evidence from the industry placed before the PJCIS raised serious concerns about the government's bill and its impact on internet security and the public trust in internet security and, consequently, on the competitiveness of Australian IT businesses subject to these laws. Through the course of the inquiry, the government sought to reassure industry that the bill prohibited an agency from forcing a provider to implement any kind of systemic weakness or systemic vulnerability. However, many submitters to the committee contended it was not clear what those terms meant. To this end the committee made two recommendations—recommendations 9 and 10—which both relate to the meaning of the term 'systemic weakness'. We do not consider that those recommendations have been satisfactorily realised. Our proposal today reflects the true intent of the PJCIS recommendations. Our proposal has the support of industry. It puts in place safeguards to ensure that actions taken under this legislation will not create a material risk that the information of innocent persons will be compromised by an unauthorised third party.

When we put this amendment up in February a joint statement was issued by leading industry groups, including the Communications Alliance, the Ai Group, the Australian Information Industry Association, the Australian Mobile Telecommunications Association, the Digital Industry Group and the Information Technology Professionals Association. They supported Labor's proposal, saying:

    They recommended deleting that definition of 'systemic weakness' and more clearly and narrowly articulating the prohibited effects of a technical assistance notice or a technical compliance notice. Schedules 1 and 2 in this bill make these changes, as recommended by industry.

    Labor is also concerned that the legislation as it currently stands may prevent Australia from reaching a bilateral CLOUD Act agreement with the States. 'CLOUD' stands for 'clarifying lawful overseas use of data'. It's a mechanism that gives Australian law enforcement and national security agencies access to data held by US authorities that may be crucial to their investigations. For an agreement under the CLOUD Act to be approved, the US must determine that a partner country's laws appropriately protect privacy and civil liberties and should not introduce requirements for decryption of user data. If the government cannot reach a CLOUD Act agreement with the United States, our national security and law enforcement agencies may be without an important tool.

    Congressman Jerrold Nadler, Chair of the US House of Representatives Judiciary Committee, wrote to the Minister for Home Affairs in October last year to express concerns about the powers provided under the assistance and access act. He said that the encryption laws, as they currently stand:

    … may undermine your ability to qualify for an executive agreement under the CLOUD Act.

    When national security laws confer extraordinary powers, we must treat these powers as extraordinary and not simply as the new norm. They require robust and significant oversight in order to ensure that they are being used appropriately. That is why Labor is proposing in schedule 5 of this bill that a judicial officer be involved in the issuing or varying of a technical assistance notice or a technical capability notice. That was not one of the original PJCIS recommendations but it responds to an important argument that has been made subsequently. It is an important protection that Labor supports.

    The bill also seeks to enact PJCIS recommendations not properly implemented by the government, in particular in relation to a redaction power. Recommendation 4 of the report from the committee called for the Commonwealth Ombudsman to be given appropriate oversight of the administration of the industry assistance measures. When the government's amendments sought to give effect to that recommendation, they also introduced an additional provision enabling the Minister for Home Affairs to delete information from an ombudsman report if that information could reasonably be expected to prejudice certain agencies' activities. The inclusion of that new power has not been explained by the government. The Commonwealth Ombudsman has written to the committee to express his concern about a ministerial power to delete information from a report prepared by an ombudsman. The Ombudsman also argued that this power is unnecessary, given that his office routinely consults with agencies to identify whether a draft report contains operationally sensitive material that should be removed or amended before it is published. Schedule 4 of this bill would remove the ability of the Minister for Home Affairs to edit and delete information in relevant reports prepared by the Commonwealth Ombudsman.

    Labor also seeks to make amendments consistent with recommendation 7 of the committee's report, in relation to the role of the Commissioner of the Australian Federal Police in approving technical assistance notices that are initiated by state and territory authorities. The intention of this is to ensure consistency of decision-making and reporting across jurisdictions.

    This bill is one of a number of means by which Labor has tried to force the government to remedy some of the issues that arose as a result of the rushed time line the government imposed for consideration of the original legislation last year. Labor voted for the legislation last year because of the advice from our national security agencies that these powers were needed, but we take seriously the task of making sure legislation is appropriate, and that is why we're going through this process today. We've been consulting with industry, and we're doing the work to improve this legislation.

    Comments

    No comments