Submission No. 14 - Electronic Frontiers Australia
AUSTRALIAN COUNCIL FOR CIVIL LIBERTIES
GPO Box 2281 Brisbane Qld 4001
Our ref: TOG:TJW
Tel: 07 3236 1311
Fax: 07 3236 1223
30 April 1999
FACSIMILE 02 5277 4827 - 9 PAGES
Ms S. Scarlett
Committee Secretariat
Parliamentary Joint Committee on ASIO
Parliament House
CANBERRA ACT 2600
Dear Ms Scarlett
RE: AUSTRALIAN SECURITY INTELLIGENCE ORGANISATION LEGISLATION AMENDMENT
BILL 1999
We refer to your letter of 15 April 1999, received on 16 April 1999,
inviting the Australian Council for Civil Liberties to provide a submission
in relation to the above Amendment Bill.
We particularly thank you for your advice that the transcript of the
public session of the Committees hearings held 27 April 1999 was available
for perusal on the Internet.
We have read the transcript and certain of our comments on the Bill are
related to information given in the oral evidence session on 27 April
1999.
Time frame for reporting on Amendment Bill
We note that Mr Jull, the Presiding Member of the Joint Committee, acknowledges
that the report on the Bill is required within a very short time frame.
There is no explanation as to this totally unacceptable short time frame
for reporting but it should be specifically noted that a number of organisations
who, unlike the bureaucrats who appeared before the Committee, are not
engaged full time in ASIO related work, have simply found it impossible
to submit within the time frame permitted.
When one has regard to other comments as to how long the Amendment Bill
has been under consideration, one is left with the very distinct impression
that the short time frame is deliberate so as to minimise the opportunity
for proper criticism and vigorous public debate on some of the extremely
important changes brought about by the Bill.
In this regard it is noted that the ASIO Director, Mr Richardson, has
given evidence that the proposed amendments were given consideration as
long as two years ago. Mr Richardson said that there was extensive consultation
with a number of Canberra based bureaucratic entities but he does not
give any explanation as to why consultation with civil liberties groups
was not included in the preparation of the legislation.
In January this year there were newspaper reports to the effect that
a report written by Mr Walsh, a former senior officer of ASIO had recommended
that his controversial recommendations for ASIO being granted access to
tapping computers be the subject of community debate.
Mr Walshs report was apparently released to public libraries but, according
to newspaper reports, it was recalled at the direction of the Attorney-Generals
Department.
Any controversy about the legislation is therefore the fault of ASIO
and the Federal Government for refusing access to Mr Walshs report.
If ASIO was, in fact, prepared to have public discussion on the basis
of Mr Walshs report then there should be some explanation extracted from
the Federal Attorney-General as to why the Walsh report was withdrawn.
If, as we hope, the significant extensions of power contained in the
Amendment Bill become a matter of controversy, the Federal Government
and the Attorney-General have only themselves to blame for treating the
Australian public like children in withdrawing from circulation an apparently
important explanatory document in the form of the Walsh report.
ASIOs role
We accept, with reluctance, the necessity for the existence of a body
such as ASIO. However, the questioning of Mr Richardson in the Committee
hearings failed to emphasise the considerably changed role of ASIO since
it was initially established.
While it is true that Mr Jull noted that the public review of the legislation
is a rare opportunity for public input into the legislation underpinning
the operation of ASIO (transcript page 1), the fact is that it
is a serious misnomer to describe the Committees one day public hearings
within an impossibly short reporting time frame constituting "a public
review of ASIO legislation".
There has been much debate about the role of ASIO and related bodies
in the UK and the US such as MI5 and the CIA.
A report in the Australian Financial Review Magazine (August 1997) noted
that in its 1991 Annual Report, ASIO confessed publicly to a moment of
existential agony. The AFR observe that the agency state in its unclassified
version of the 1991 Annual Report to Parliament that its main task was
"to assess its focuses and priorities" but that it "needed
to more conclusively determine the level and direction of threat".
This reflects a similar problem experienced by MI5 since the end of the
Cold War. One of the important, but unaddressed, current aspects of ASIOs
role is its move, like MI5, towards involvement in mainstream policing.
In this regard the comments by Senator Ray to the effect that ASIO should
have the same access to Austrac as other law enforcement agencies such
as the CJC does not address the fact that ASIO, unlike State based police
services or permanent standing royal commissions such as the CJC, is not
subject to judicial control in even its day to day activities such as
the issue of warrants.
For a mainstream law enforcement agency (even including permanent standing
royal commissions such as the NCA, CJC, QCC, NSWCC), the justification
for the issue of search warrants can, and frequently are, challenged in
the courts as a means of maintaining the balance between police powers
and the civil liberties of individual citizens.
Judicial control over ASIO is non existent even though terms such as
search "Warrants" are used in the ASIO Act in a way that prostitutes
the ordinary everyday use of the concept in a search warrant.
The Warrants which can be issued by the Director-General of ASIO and
the Attorney-General should not even bear that name as they have none
of the features of accountability to the courts which warrants obtained
by law enforcement agencies possess.
Therefore, when considering ASIOs role, particularly in the light of
the amendments which are the subject of the legislation under comment,
it is to be borne in mind that despite the small degree of accountability
brought to bear on ASIO by the creation of IGIS, ASIO is still a highly
secretive organisation and is completely beyond the control of the courts.
Therefore, suggestions such as "the police have access to Austrac
records therefore why should ASIO not have similar access" overlook
the most fundamental distinction between police and allied law enforcement
agencies on one hand, and ASIO on the other. Ordinary law enforcement
agencies are subject to a significant degree of obvious and transparent
external accountability as well as being open to challenge in the courts.
ASIO possesses neither of these features.
We endorse the comments made by Mr Connolly in his evidence where he
notes that the original legislators (in relation to the establishment
of ASIO) obviously intended the Act to be read quite tightly and the powers
of ASIO to be contained (transcript page 38).
The concept of "function creep" (in relation to Austrac) is
the situation where activities which are prima facie privacy intrusive
are allowed to proceed after careful consideration and public debate,
often with restrictions (such as the development of the FTR Act) but which
later become subject to gradual extension without similar debate or restrictions.
Mr Connolly quite correctly observes that "if ASIO had been openly
proposed as a user of Austrac information at the time Austrac was introduced,
the debate may have been very different", (see submission by Chris
Connolly, Director, Financial Services Consumer Policy Centre, April 1999
to PJC/ASIO).
As a result of the different focus by ASIO concerning its core activities
since the end of the Cold War there has been an imperceptible but now
quite obvious significant shift in ASIOs functions from a Cold War spy
agency to a body which is, like MI5, trying to justify its continued existence
by moving into fields allied with traditional policing.
Whilst ASIO remains a hugely secret and effectively unaccountable agency
(even acknowledging the limited role of IGIS), it is significantly inappropriate
to proceed on the basis that giving ASIO access to Austrac records, and
the like, is no big deal because mainstream law enforcement agencies have
access to those Austrac records already.
As stated, the simple difference between ASIO and ordinary law enforcement
agencies is the comparative high degree of accountability which ordinary
law enforcement agencies are subject both by way of external oversight
and in the courts. ASIO is not subject to any of these traditional accountability
mechanisms.
Encryption
We wholeheartedly agree with Mr Connollys evidence that the ASIO Amendment
Bill is not the appropriate forum to resolve the debate (which is yet
to occur in Australia) in relation to the Encryption issue. The debate
in relation to Encryption which has occurred in the US in the last two
years has not even started to get off the ground in Australia and yet
Australias principal spy agency which is clearly heading towards a role
complementing mainstream law enforcement agencies in this country are
to be given Encryption type powers by the Computer Access provisions of
the Amending Bill.
There has been a significant ongoing debate in the US about whether Encryption
devices increasingly incorporated in sophisticated electronic products
such as cellular phones and computers should have "key recovery"
features to allow law enforcement agencies to tap into these new forms
of electronic communication.
The ACCL believes that Mr Connolly has succinctly stated the problem
where he observes that:
"I do not believe that this (your Committees hearing) is an
appropriate forum to resolve (the Encryption issue) and I believe
that the Bill before us does resolve it. It makes the unilateral decision
that ASIO, one agency, can have access to computer equipment, computer
data, copy it etc. without restriction which would obviously include
the tools for breaking Cryptography" (transcript page 40)
The fact that there was an opportunity for the beginnings of a debate
in this regard by the release of the Walsh Report to public library shelves,
the inexplicable "Nanny State" removal of this Report apparently
at the behest of the Federal Attorney-General means that even the beginnings
of this important debate have been effectively stifled.
We also support Mr Connollys observation that:
"We are now looking at different types of new technologies and
systems like public key authentication frameworks. I do not think
this is the forum to suddenly give one security agency the ability
to access all computer data without restriction" (transcript
page 46)
Particularly is this so when, in effect, ASIO is moving into some of
the traditional law enforcement fields.
We do not share Mr Richardsons views that "the proposed amendments
in no way cut across and in no way foreclose the issue that is being debated
with respect to Encryption.the two are really quite distinctly separate
animals" (transcript page 58)
Once ASIO is given the right to remote access computers they will have,
by that fact alone, very much planted a foot in the door for the purpose
of eventually opening the door fully in respect of the Encryption wish
list that has so characterised the push for computer access by the FBI
and the CIA.
Computer Access
One of the central features of the Amending legislation is that ASIO
be granted non Court supervised remote access to computers. Mr Richardson
describes the proposals as follows:
"Under the proposed amendments, we would be allowed to interfere
with a computer insofar as it enables us to compromise the protection
mechanism that may surround the information in the computer. However
we would not be allowed to interfere with the information in the computer
itself or indeed the use of the computer" (transcript page
13)
Mr Connolly deals with this contention by Mr Richardson as follows:
"(concerning) the new ability to access and copy computer data.
On the face of it, this is just a bit of a tidying up exercise. Computer
data was not considered to be a core element when the original (ASIO)
Bill was written in the 1970s. We have a process which is supposedly
a minor tidying up exercise for the ASIO Act, but which actually delivers
and resolves one of todays most controversial and burning issues
concerning Cryptography and the use of Encryption tools by citizens
and the balancing of their rights with Government rights to gain access
to Cryptographic keys" (transcript page 40)
As observed earlier in this submission this "controversial and burning
issue is contained in a Bill which has a ludicrously short time frame
for a Report by your Committee against a backdrop of ASIOs evidence before
your Committee that it has been under consideration for more than two
years.
We would agree with Mr Connollys reluctant support for the ability for
ASIO to alter tracks in order to protect ASIOs operations but we would
oppose "the additional ability (of ASIO) to add, delete or alter
computer data" (transcript page 41)
Put differently, we would support Mr Connollys suggestion that "power
should not be given to alter computer data per se. Reliance should be
made on a different section which says that ASIO is allowed to do whatever
is necessary to cover its tracks and that would be it" (transcript
page 45)
We would emphasise that we have considerable reservations about ASIO
being given the power to access computers at all but so long as such proposed
remote access to computers is strictly overseen by IGIS, we would accept,
with significant reservations, the analogy that allowing ASIO to access
computers is in general terms similar to ASIOs power to phone tap and
place listening devices.
However apart from the criticisms which we have already made of ASIOs
complete lack of accountability to the Courts, we also deal below with
the necessity to tighten up the Warrant procedures which will allow ASIO
supposed limited access to computers.
The role of Memoranda of Understanding re Austrac and ATO
Despite the evidence of Ms Montano, Austrac Director, that the Director-General
of ASIO and the Inspector-General of Intelligence and Security will receive
various reports from Austrac in order to prevent ASIO "fishing"
Austrac records, the Memoranda of Understanding that Austrac proposes
to enter into with ASIO is, in our submission, an insufficient protection.
Despite the suggestion of Senator Ray that the MOU between Austrac and
ASIO should become a disallowable instrument, we would argue that the
relevant MOU should be incorporated in the amending Bill itself.
Disallowable Instruments have a habit of generally not being sufficiently
noticed so as to permit an informed decision to be made as to whether
a disallowance motion should be raised.
In this regard it is noted that Mr Richardson when talking about the
MOU indicated that ASIO would not have online access to Austrac records
(transcript page 25) but elsewhere in the Committees hearings
it was observed by Ms Montano that "the MOU already provides for
the possibility of online at ASIO premises" (transcript page 32).
A Memorandum of Understanding is simply a grand name for a working relationship
between the super secret ASIO and the nevertheless reasonably secret Austrac.
The different positions taken by Mr Richardson and Ms Montano on this
one point of online access to Austrac records demonstrates that a MOU
between the two organisations is as changeable as the weather.
We endorse the observation of Mr Connolly that "there is no requirement
for the Director of Austrac or the Director-General of ASIO to notify
Parliament of changes to the MOU yet it contains within it the restrictions
which will need to be promised to the community about things like data
matching, fishing expeditions etc", (transcript page 43).
Warrants
Despite the assurance by Mr Richardson that "the Inspector-General
of Intelligence and Security reviews all Warrant files on a regular basis"
(transcript page 4), it is then asserted by Mr Richardson that while a
listening device warrant is valid for 6 months very often it is not possible
to remove the device within that period (our emphasis) (transcript
page 15).
It would appear, therefore, that ASIO agents are entering private property
well beyond the currency of a so-called warrant (simply permission by
the Attorney-General or in some cases the Director-General of ASIO, not
a court).
The Presiding Member, Mr Jull, makes the following appropriate comment:-
"I would like to move onto the issue of extending the period
of the warrants from 7 to 28 days. We are also adding a potential
commencement delay of another 28 days which, in actual fact, means
that you have 56 days to do the business. Under the present conditions,
it is 7, so that is a massive expansion of that time".
Add to this quite appropriate concern by the Presiding Member the fact
that apparently 6 month warrants for listening devices have the consequential
effect of apparent removal of listening devices significantly outside
the 6 month period.
We agree with the observation by Mr Connolly that the new Section 25(2)
constitutes a new test for a so-called warrant to be obtained by or on
behalf of ASIO.
The current test for a warrant under the existing law is that ASIO has
to be obstructed in its duties before a warrant will be issued to enter
premises whereas, as outlined by Mr Connolly, the proposed new test is
that a warrant will be granted if it will simply help ASIO (transcript
page 39).
It is noted that Mr Connollys challenge to the Attorney-Generals Department
to explain why the new test is justified was replied to by Mr Reaburn
as acknowledging "there certainly has been (a) change", (transcript
page 56).
The whole issue of a very substantial change in the criteria that must
be satisfied before the Attorney-Generals permission can be obtained
for a "warrant" remains singularly unaddressed and is a very
important area which needs critical attention.
From our reading of the 60 pages of the transcript of the Committees
hearing on Tuesday, 27 April 1999, Mr Connollys quite important observation
in this regard remains effectively unchallenged.
Conclusion
Time does not permit me to deal with other aspects that arose from the
Committees hearings on 27 April 1999, particularly in relation to the
following:
- appointment of Acting-Director General by the Minister rather than
the Governor General (transcript page 7);
- what is happening with the ASIS proposed changes (transcript pages
28 - 29);
- the extent to which Courts can order the release of information in
contested cases involving ASIO (transcript pages 33 - 34);
- the extent to which ASIO can engage in foreign intelligence gathering
in Australia (transcript pages 17 - 19);
- tax records (transcript pages 3, 33, 36, 59);
- tracking devices (transcript pages 15 and 16);
On the issue of ASIO being able to intercept packages sent by the ever
increasing number of courier companies operating in Australia, the transcript
does not address the significant privacy and related issues which arise
from a multiplicity of courier companies potentially having to deal with
ASIO in this regard.
When Australia Post was the sole carrier of mail articles it was at least
possible for a very small number of contact persons to have been responsible
for dealing with ASIO. The number of contact persons in courier companies
that may have to deal with ASIO will be very significant indeed.
At least in the public hearings, the significant operational and civil
liberties flow-on from ASIO having contact with a large number of courier
companies has not been addressed.
We conclude this submission with the principal point made at the outset
namely that the reporting time for this Bill is appallingly short. It
is a disgrace that such an important Bill has been forced to be given
only the most cursory consideration because of an apparent agenda by the
Federal Government to ensure that only a minimalist debate occurs in relation
to the Bills provisions.
The Federal Government withdrew the Walsh Report so the community could
not be properly informed about the proposals and has now imposed a ridiculously
short reporting period so that the relevant specialist Parliamentary Committee
cannot properly consider the Amendment Bill.
Yours faithfully
AUSTRALIAN COUNCIL FOR CIVIL LIBERTIES
T P OGORMAN
President.
Top
|