The federal government is reviewing plans to extend electronic surveillance powers beyond law enforcement agencies to the Australian Tax Office, Australian Border Force and Corrective Services, amid serious concerns that those already using them are persistently breaking the law.
Attorney-General Mark Dreyfus, KC, has taken carriage of the former government’s proposed overhaul of all electronic surveillance powers and is re- examining their reach, their effectiveness and how appropriately they are being used. The Morrison government had proposed extending the surveillance and data access powers beyond police, integrity commissions, the Australian Security Intelligence Organisation (ASIO) and the existing law-enforcement community to the ATO and other sections of the bureaucracy.
“Significant powers must be balanced with appropriate safeguards, transparent reporting and robust oversight,” Dreyfus told The Saturday Paper this week, emphasising his concern at new evidence of serious misuse.
Successive inquiries have recommended expanding access to electronic surveillance powers because of their value in preventing and prosecuting crime in the digital age. But they also say that access must be balanced against the individual right to privacy and that there must be measures to prevent misuse.
The former government’s proposal to expand the group of agencies with access to the covert powers was detailed in a discussion paper that the Department of Home Affairs produced late last year.
That paper endorsed a previous proposal that said the ATO should be officially designated as a “law enforcement agency”. Its proposed expanded group of agencies also included financial investigators the Australian Transaction Reports and Analysis Centre (AUSTRAC) and the Australian Criminal Intelligence Commission (ACIC), which investigates organised crime.
The discussion paper was part of a plan to repeal the raft of existing laws covering surveillance and data access and consolidate the powers into a single electronic surveillance act. Current overlapping legislation includes the Telecommunications Act 1997; the Surveillance Devices Act 2004, known as the SD Act; the Telecommunications (Interception and Access) Act 1979, known as the TIA Act; and a range of others.
A series of past inquiries found that the web of laws governing surveillance is overly complex, contradictory and potentially undermines both agencies’ capacity to fight crime and protect individuals’ privacy and human rights.
The proposed consolidation was a key recommendation of a comprehensive review of intelligence and security law conducted by former ASIO chief Dennis Richardson in 2019 and published by the Morrison government in 2020.
That review, along with a 2015 report on financial crime fighting by the parliamentary joint committee on law enforcement, recommended expanding the group of agencies able to conduct surveillance and access electronic data for investigations.
But in an annual examination of the use of powers to access stored data under the TIA Act, published two weeks ago and covering the same period in which the Richardson review was conducted, the acting Commonwealth ombudsman confirmed almost all the agencies that already have such powers have persistently misused them. These include federal and state police, state integrity commissions and other law-enforcement bodies.
As The Saturday Paper reported last week, the ombudsman found agencies investigating serious crime had wrongfully accessed personal email, voicemail and text messages via unlawful or expired warrants, stored the data inappropriately, passed it on to other agencies without authority and failed to destroy it as required. The report found previous reprimands had been ignored and the problem was getting worse, not better.
It found agencies were accessing journalists’ data without obtaining the required special journalists information warrant. They were also accessing the data of victims of crime without their consent and without properly documented justification.
The TIA Act contains penalties of up to two years’ jail for officers who improperly collect and mishandle data for investigations, but The Saturday Paper confirmed this week that nobody has ever been prosecuted.
This is believed to be because the penalties require evidence that the misuse was intentional – and this has not been proved.
The act also provides for a judge to order “remediation” for any person whose data has been misused, but recourse is available only when somebody is convicted of that misuse.
Because the powers are covert, there is no way for individuals to know that their data has been accessed, whether lawfully or not. The only way misuse is disclosed, besides within agencies’ own annual reports, is through the ombudsman’s annual review and a similar review of ASIO’s use of the powers by the Inspector-General of Intelligence and Security. These do not identify the cases involved.
The ombudsman’s findings have prompted calls to re-examine accountability measures relating to the powers.
Bret Walker, SC – a former independent national security legislation monitor – told The Saturday Paper last week that if agencies could not properly uphold their responsibilities, the “drastic” powers should be withdrawn.
This week he went further, proposing more frequent monitoring and suggesting the heads of the offending agencies should lose their jobs if they can’t improve.
“I’ve been driven to the view that perhaps we should have almost real-time monitoring of compliance, not just annually, so that agencies – and more to the point senior officers in agencies – who are repeatedly delinquent lose their authority,” Walker told ABC Radio National.
“That means for some senior officers, that they won’t be able to do their jobs. And so, yes, I think there should be some resignations if this repeated pattern of non-observance of stipulated safeguards were to occur. And the ombudsman has pointed out – and this is disappointing but I fear not surprising – that we do have a pattern for some agencies of … distinctly unenthusiastic and ineffective response to suggestions for improvement.”
Walker agreed that the findings of misuse of the powers could compromise the legality of past and present criminal investigations, adding that this may not be straightforward. But he said the broader implication for the legal system overall was of greatest concern.
“I think the first-order problem is that we’re having the public interest supposedly served by some agencies who are not observing the rules laid down in the public interest as a price for obtaining such drastic powers,” Walker said. “That’s really serious. If you care about the rule of law and the subjection to it of law enforcement agencies – and nearly all of us do care – then there has to be much more than eyebrows raised at the ombudsman’s report. And I think we should be grateful for the fact that the report has been so trenchant.”
The president of the Law Council of Australia, Tass Liveris, said oversight of these significant powers had to be “meaningful”.
“Mechanisms should be in place to safeguard against the misuse or overuse of executive powers,” Liveris told The Saturday Paper. “It is also critical that safeguards which are already in place are complied with to ensure public trust and confidence that these powers are utilised in the public interest.”
Liveris said only senior judicial officers should be authorised to sign warrants. “Practically, this would reduce the likelihood of ineligible warrants being issued because superior courts are less likely to make this type of error.”
The council is pressing for more safeguards around warrant duration, revalidation and reporting obligations. It is expressing some concern about a proposal in the previous government’s discussion paper to remove the distinction between “live” communications – obtained in real time through bugging and other surveillance – and “stored” communications, which have already occurred. The discussion paper proposes collapsing 35 different warrant types into just three: gaining access to the content of private communications; gaining access to metadata, which is information about communications; and tracking a person’s location and movements.
The council emphasises that authorisation thresholds for warrants must not be lowered in the process. Like Bret Walker, it is arguing for stronger, more flexible standing inspection powers for the ombudsman.
Liveris said the Law Council of Australia also sought urgent action to improve the process around journalist information warrants and increase the role of a public interest advocate in all warrant applications relating to accessing journalists’ data in investigations involving leaks of government information, including on national security.
The Richardson review’s recommendation that the whole electronic surveillance framework be drawn together under a single, simplified piece of law included the proposal that surveillance powers should be invested in the Australian Border Force, not in the Department of Home Affairs. The Home Affairs discussion paper proposed them in addition to its own powers, not as a replacement. Home Affairs was one of the agencies the ombudsman criticised for not using the powers properly, although the most serious criticisms were levelled at police forces and integrity commissions.
With the change of government and ministerial arrangements that saw responsibility for the Australian Federal Police and other law enforcement agencies return to the attorney-general’s portfolio, overseeing progress towards a single consolidated legislative framework has now also moved away from Home Affairs.
Attorney-General Mark Dreyfus declined to outline his intentions this week regarding the surveillance and data collection powers overall.
But he noted that the previous government had failed to respond formally to a 2020 report on the same issue by the parliamentary joint committee on intelligence and security (PJCIS), of which he was a member while in opposition.
The report on the mandatory data retention regime – examining the responsibilities of law enforcement agencies, ASIO and the telecommunications providers – made 22 recommendations. Dreyfus said he was now seeking to respond to it urgently.
“I am working with my department, in consultation with relevant agencies in my portfolio, to develop a government response to all of the committee’s 2020 recommendations as soon as possible,” he told The Saturday Paper.
“It is disappointing that, despite the committee’s recommendations being bipartisan, the former government never even responded to the committee’s report.”
There were responses to the PJCIS findings contained in the Home Affairs discussion paper, the status of which is now unclear. It remains on the department’s website, along with dozens of public submissions made in response.
The Saturday Paper understands Dreyfus is reviewing all the previous government’s proposals.
One of the discussion paper’s proposals rejected a PJCIS recommendation to repeal a section of the Telecommunications Act 1997 that has been used to sidestep restrictions on agency powers in other legislation.
Along with recommending that the key bypass clause in that act be repealed, the PJCIS said only ASIO and other agencies already listed in the TIA Act should be allowed to authorise the disclosure of electronic data. It also said those agencies should access the data only through the powers in the TIA Act, not by using any other legislative loophole.
Instead, the Home Affairs discussion paper proposed giving extra powers to other agencies not already listed. “The reform does not propose to remove any existing powers under the TIA Act, SD Act and ASIO Act from any agencies,” the paper says.
It says the previous government intended to “consider which bodies should have access” to both the content of electronic communications and the metadata.
The newly appointed chair of the PJCIS, Labor MP Peter Khalil, lauded the ombudsman’s findings.
“I’m very concerned with the issues around compliance,” Khalil said. “And I should say good work by the ombudsman. That’s why we have, in a democracy, these organisations – independent bodies – that investigate and ensure that laws are being abided by, or uncover the fact that they may be being breached in different ways.”
Khalil said the breaches should not be allowed to continue unabated. “There should be repercussions if law enforcement agencies are acting outside of their scope under the law, and I know that is something the government is putting a priority towards.”
Bret Walker urged Dreyfus and other relevant ministers to enforce the law.
“Ministers not only can’t reasonably be expected to become a chief policeman, so to speak, but neither do we want that to happen,” Walker said. “That would be a reversion to a form of politicised law enforcement that we’ve taken a good century or so to get away from. But there is ultimately – when it comes to the administration of all departments, not just law enforcement – basic requirements for ministers to take the lead in imposing requirements on the agencies and their leaders.”
This article was first published in the print edition of The Saturday Paper on September 24, 2022 as "Dreyfus to review Morrison’s surveillance expansion".
For almost a decade, The Saturday Paper has published Australia’s leading writers and thinkers. We have pursued stories that are ignored elsewhere, covering them with sensitivity and depth. We have done this on refugee policy, on government integrity, on robo-debt, on aged care, on climate change, on the pandemic.
All our journalism is fiercely independent. It relies on the support of readers. By subscribing to The Saturday Paper, you are ensuring that we can continue to produce essential, issue-defining coverage, to dig out stories that take time, to doggedly hold to account politicians and the political class.
There are very few titles that have the freedom and the space to produce journalism like this. In a country with a concentration of media ownership unlike anything else in the world, it is vitally important. Your subscription helps make it possible.
Select your digital subscription