Thursday, 7 September 2006
ASIO, ASIS and DSD Committee; Report: Government Response
I present the government’s response to the report of the Parliamentary Joint Committee on ASIO, ASIS and DSD on the private review of agency security arrangements, and I seek leave to incorporate the document in Hansard.
The document read as follows—
Government Response to the Third Report of the Parliamentary Joint Committee on ASIO, ASIS and DSD
Private Review of Agency Security Arrangements
The Government has considered the Committee’s report on its private review of Agency security arrangements. The Government has decided to implement most of the Committee’s recommendations. This response sets out the action taken to deal with each of the recommendations.
That, as a first priority, the agencies address any existing or anticipated backlog in initial vetting and re-evaluation of TSPV security clearances to ensure that these processes meet PSM standards by 2003-2004 at the latest. Further, that the agencies include statistics on the number of outstanding TSPV re-evaluation cases and the times taken to process clearances in the reports made to this Committee as part of the annual review of administration and expenditure.
Accepted with a qualification.
ASIO reports that it does not have a backlog in initial vetting or re-evaluation of TSPV security clearances. ASIS and DSD report they have given priority to, and made substantial progress on reducing backlogs in initial vetting of TSPV cases, and anticipated increases in initial TSPV clearances. DSD was unable to complete the backlog of overdue re-evaluations in FY2003-04. The responsibility for re-evaluations transferred from DSD to the Defence Security Authority (DSA) in 2004. While priority has been given to clearances for new DSD staff, the increased demand for initial and upgrade TSPVs across Defence (particularly for operational deployments) and Defence industry, has placed increased pressure on DSA’s capacity to complete initial and upgrade TSPVs and to complete re-evaluations. The Secretary of Defence has issued a formal waiver of the Commonwealth Protective Security Manual requirements in this area and DSD has implemented more rigorous internal management of its staff in the meantime. The backlog of TSPV re-evaluations is unlikely to be completed before FY 2006-07.
Statistics on the number of outstanding TSPV re-evaluations in each agency, and the current timeframes for processing TSPV clearances, will be reported to the Committee as part of the annual review of administration and expenditure.
That the IASF review urgently areas where agencies are experiencing difficulties obtaining security-related information about personnel, such as the refusal by credit reference agencies to provide information direct to the Commonwealth, and develop proposals for appropriate legislative or policy action by the Commonwealth Attorney-General.
The IASF recognises that there are some difficulties in obtaining security-related information for vetting purposes. The Forum was of the opinion that legislative change may not be feasible at this time and other avenues should be explored first. The IASF directed the Personnel Security Working Group to look at current research and programs being undertaken by government departments, to help develop proposals for change to address these difficulties.
That, as a priority, DSD implement random bag inspection procedures at all its headquarters facilities and all other installations in Australia.
DSD reports that it has implemented random carried items inspections at the required locations.
The Committee recommends that, subject to the outcomes of the IASF working group findings, ASIO, ASIS and DSD allocate funding for the development and implementation of electronic article surveillance systems for all Australian offices and installations.
The Government will not be immediately implementing the Committee’s final recommendation to fund development and implementation of electronic article surveillance systems. Electronic tagging systems are easy to defeat, and readily circumvented unless the functionality of the item being protected is almost completely compromised.
ASIO has monitored electronic tagging technology continually since 2002. ASIO advised that research by its own T4 Protective Security element, and recent liaison with sister agencies in the UK and USA failed to reveal any systems in existence or development that are capable of overcoming the identified deficiencies.
The Government believes that the large investment costs needed to attempt to develop an electronic article surveillance system incapable of being easily defeated, or circumvented, cannot be justified. The limited areas of application of the system (in Australia and abroad) deny the prospect of any sensible returns on this investment in the unlikely event of successfully developing such a system. The Government considers investing in more effective through-life management of the personnel security processes, improving protective security education and awareness, and increasing auditing and accountability processes will deliver better security outcomes that deter and prevent the unauthorised removal of security classified assets.
by leave—I move:
That the Senate take note of the document.
This response is well outside the three months required by the Senate but, when governments respond to matters related to intelligence and security, I would much rather that they give a considered opinion to the Senate and the House of Representatives than rush something that only pays lip service to the report—one cannot accuse the government of doing that on this occasion. There were four recommendations, and the government have given us a full, rational and reasoned response to each of the recommendations.
The first recommendation relates to the way intelligence agencies do positive vetting. There is no doubt that, at different stages, different agencies have fallen a little behind in this and a backlog has been created. Since this report has come down, further evidence has come to light that most of these backlogs are being eliminated—and the committee would view that with great pleasure.
When you consider that ASIO is going to grow from 600 staff to 1,800 staff over a four- to five-year period, you can see how important it is for these vetting processes to be on track and on time—and the efforts made by the agency to do so are quite impressive. We know that there is going to be considerable growth in ONA, ASIS and the various Defence intelligence agencies. This growth can only be effective if each of the new employees is given a security clearance. Security clearances are done more widely than in just those particular agencies, but it is essential that they keep up to date.
One matter of concern at the time was that employees have to be re-evaluated after five years. Circumstances can change and, therefore, employees have to be vetted again. There were minor lags in some agencies but that has been addressed by the agencies. I congratulate the agencies on continuing to improve in this area.
The final part of the recommendation, which the government has accepted, is that each of these agencies report to the Parliamentary Joint Committee on Intelligence and Security and give us the statistics on whether there is a backlog or otherwise. It would not necessarily be advisable for these figures to be published in annual reports, but the committee will continue to monitor progress and, if we find problems, we will be able to write directly to the minister in charge and draw them to his or her attention.
The second area on which we made a recommendation was access to credit rating agencies. This has to be part of the positive vetting process, but often credit agencies are not that cooperative. We recommend that the government consider legislating in this area because it is absolutely crucial that full positive vetting be done on these employees. The government have responded by saying that, whilst they are not ruling that out, they would prefer other methods to try to achieve that. I am quite happy with that. Let us give the government and the agencies time to establish a relationship with these credit agencies rather than having to bring in the heavy hand of legislation. But I do say to these credit agencies that, if they do not cooperate, in the long run we will have to legislate in that area.
The third recommendation we made was that DSD implement a policy of bag inspection—that is, employees going in and out will have their bags searched on a random basis. This is something that applies in virtually every other intelligence and security organisation. But, for historical reasons, industrial relations reasons or who knows what, in the mists of time there were not bag searches at DSD. We think that in the modern age that is unacceptable. DSD agrees and I think its employees now agree, so they will now be subjected to random searches. It is very difficult to search a bag every day but, as long as you know that your bag could potentially be searched, you would, I think, never try to run the gauntlet.
The final matter that we addressed in our recommendations was a hope that there would be development and implementation of electronic article surveillance systems for all Australian offices. Simply said, leaking is anathema to security and intelligence agencies—let us face it. If you can electronically tag documents so that you can retrieve and see the source of the document, you will prevent leaking. That sounds terrific to the committee. The government have rejected that by saying they think that is avoidable—that it is too easy to find a way around that system and still have documents go missing. I accept that—they are the experts—and they do believe that putting money into education and other security methods would be more effective than the ineffective electronic tagging of documents. I do not pretend to be an expert in this area but, on behalf of all the other committee members, we would accept the government’s recommendation with regard to this.
This will be the last such report that covers ASIO, ASIS and DSD because the remit of the committee, as you would realise Mr Deputy President, has been extended to DIO, DIGO and ONA. So, from now on, when governments respond to reports they will be responding to findings across six agencies, not three.
In conclusion, I have had the privilege to look at oversight of intelligence agencies recently in five countries. And I would have to say, without question and without doubt, that the oversight system in Australia is more effective and more comprehensive than in any of those other countries. For instance, I was surprised to find that France does not yet have parliamentary oversight of its security and intelligence agencies and that inspectors-general do not exist in most countries. Yet we have both: we have parliamentary oversight and we have the inspector-general’s oversight. So we do have comprehensive oversight of our intelligence and security agencies.
By the way, we should have because, year by year, we are giving these agencies wider scope and wider powers, all of which could potentially infringe on the human rights of Australian citizens. If we are going to do that, we are acting appropriately by widening scrutiny and supervision, all of which will prevent abuse. Abuse is normally prevented in Australian society through transparency. It is very hard to have transparency in intelligence and security organisations. Therefore, parliamentary supervision and independent supervision by the Inspector-General of Intelligence and Security provide the necessary balance for us to get the system right. I have to say that, compared with what most other countries are doing, we are getting it right. I seek leave to continue my remarks later.
Leave granted; debate adjourned.