Chapter 1 - Introduction

  1. Introduction
    1. Under section 29 of the Intelligence Services Act 2001 (‘IS Act’), the Parliamentary Joint Committee on Intelligence and Security’s (PJCIS) first function is to review the administration and expenditure of six intelligence agencies in Australia that comprise the majority of the National Intelligence Community (NIC):
  • Australian Geospatial-Intelligence Organisation (AGO);
  • Australian Signals Directorate (ASD);
  • Australian Security Intelligence Organisation (ASIO);
  • Australian Secret Intelligence Service (ASIS);
  • Defence Intelligence Organisation (DIO); and
  • Office of National Intelligence (ONI).
    1. There are four additional members of the NIC over which the PJCIS does not presently have responsibility for review of administration and expenditure:
  • Australian Criminal Intelligence Commission (ACIC);
  • Australian Federal Police (AFP);
  • Australian Transaction Reports and Analysis Centre (AUSTRAC); and
  • Department of Home Affairs.
    1. During the reporting period AGO and DIO underwent structural changes as a result of the Defence Intelligence Review of 2019-20. The Defence Intelligence Group (DIG), reporting to the Chief of Defence Intelligence, was established to support the functions of AGO and DIO from 1 September 2020.
    2. While ASIO did not undergo significant structural changes during the reporting period, legislative change impacted certain aspects of its powers under the Australian Security Intelligence Organisation Act 1979 (ASIO Act), including questioning powers and internal authorisation for use of tracking devices.
    3. Having undergone significant change in the preceding years, both ASD and ONI reported that they were not subject to any major legislative changes during the reporting period. Likewise, ASIS did not identify any significant legislative change impacting its operations during the reporting period.
    4. The NIC, and within it the agencies for which the PJCIS has oversight, operates within a strict oversight and accountability framework. This framework serves to balance the need for public accountability and publication of information against the need for agency operations and sensitive information held within agencies to remain classified to protect Australia’s national security and its interests.
    5. As a result, intelligence agencies have limited public reporting responsibilities. During the reporting period ASIO and ASD were the only intelligence agencies that produced and presented unclassified annual reports to the Australian Parliament, while the reporting of DIO and AGO was contained within broader Department of Defence annual reporting.
    6. In addition to annual reporting requirements, there are several levels of oversight to ensure that intelligence agencies are accountable to the Australian Government, Parliament and public. These include:
  • oversight by the responsible Minister for each agency;
  • oversight by the Inspector-General of Intelligence and Security (IGIS), an independent statutory officer who provides assurance that each agency acts legally and with propriety, complies with ministerial guidelines and directives, and acts consistently with human rights;[1] and
  • parliamentary oversight, including oversight of administration and expenditure by the PJCIS.

How the Committee undertakes its review of administration and expenditure

1.9The Committee is established pursuant to section 28 of the IS Act. As noted above, the functions of the Committee include an obligation to review the administration and expenditure of each of the six intelligence agencies listed in the Act, including their annual financial statements.[2] While other work of the Committee contributes to that function, it is fulfilled most directly through the annual administration and expenditure review of the agencies.

1.10For the review the Committee receives detailed classified, as well as some unclassified, information about the administration and expenditure of the agencies. Each agency under review provides classified written submissions, and gives evidence to the Committee in private (classified) hearings. Much of the evidence received by the Committee must remain confidential, due to its classified nature.

1.11In addition, the Committee is able to seek evidence from any other people or organisations that it considers can assist its review, and invite submissions from the public.

1.12The Committee has a limited role in these reviews in advising what level of resourcing is appropriate for each agency to protect Australians from risks to national security.Similarly, the Committee has no role in determining what Australia’s national security priorities should be, nor how these priorities may be met with existing resources.[3] The Committee also has no role in reviewing particular operations conducted by agencies,[4] sources of information available to agencies, aspects of the activities of agencies that do not affect Australian persons, or individual complaints about the activities of the agencies.[5]

1.13Rather, the Committee has responsibility to analyse the evidence put before it and report to the Parliament (and through it, to the Australian public) on the administrative arrangements and expenditure of each agency, and any changes to these that may affect an agency’s ability to continue to meet its objectives. Within these parameters, the Committee is able to set its own terms of reference for the review.

Conduct of the inquiry

1.14The Committee commenced Review No. 20 in November 2021. Submissions were sought and received from the six intelligence agencies, as well as the IGIS and the Australian National Audit Office (ANAO). Submissions were also received from three private citizens, and an advocacy group.

1.15A complete list of submissions for the review is at Appendix A.

1.16Progress on the review was delayed by the May 2022 federal election. Following the formation of the new Committee in September, private (classified) hearings were held in November 2022. Appendix B lists the witnesses who appeared before the Committee. Transcripts of these hearings are classified and not publicly available. However, unclassified aspects of these transcripts are referred to in relevant sections of this report.

1.17In addition to the usual administration and expenditure information provided by agencies, the Committee requested that agencies provide specific additional commentary on the following areas of focus:

  • the ongoing impact of COVID-19 on agencies’ administration and expenditure;
  • business continuity plans in the face of COVID-19 and other operational risks;
  • internal staff complaint investigation and resolution mechanisms, as well as agency instigated review for cause processes – triggers, procedures and support for staff whilst ongoing;
  • initiatives in development or underway regarding integration of artificial intelligence and machine learning, alongside traditional human sources, for intelligence production, analysis or other functions; and
  • shifting operational priorities from emerging threats that alter longer term strategies or capabilities, or appropriation and capital investment.
    1. All submissions received from intelligence agencies, as well as the ANAO, were classified. Accordingly, these submissions are not publicly available. However, unclassified excerpts or summaries from these submissions are used in this report. Other submissions received were unclassified and are available on the Committee’s website.
    2. ASIO provided the Committee with information concerning authorisations for telecommunications data pursuant to paragraphs 94(2A)(c)–(j) of the ASIO Act. It is a function of the Committee to review matters related to the retained data activities of ASIO that are included in this part of ASIO’s annual report,[6] for the sole purpose of assessing and making recommendations on the overall operation and effectiveness of the mandatory data retention regime.[7] Unlike its other functions, the Committee is authorised to review particular ASIO operations for the purpose of performing this function.[8]
    3. This report is divided into four chapters:
  • the remainder of Chapter 1 summarises ASIO’s overview of the security environment for the 2020-21 review period;
  • Chapter 2 discusses administration of the intelligence agencies and any related issues that were identified during the course of the inquiry;
  • Chapter 3 discusses the expenditure and financial position of the intelligence agencies and any identified areas of concern; and
  • Chapter 4 discusses the areas of focus identified by the Committee for this review, as well as other observations noted in the course of the review.

The security environment during 2020-21

1.21ASIO outlined the security and threat environment in Australia during the reporting period and the outlook for the years ahead in its submission to the review, its publicly available annual report and the Director-General of Security’s annual threat assessment.

1.22The key security challenges identified by ASIO during the reporting period were:

  • domestic and international terrorism;
  • violent protest and communal violence;
  • espionage and foreign interference; and
  • border integrity.[9]
    1. These key security challenges have remained largely unchanged over recent years, with some shifting internal and external factors, as outlined below.

Terrorism

Domestic Terrorism

1.24ASIO reported that the national terrorism threat level remained at PROBABLE throughout the reporting period, meaning:

…credible intelligence, assessed to represent a plausible scenario, indicates an intention and capability to conduct a terrorist attack in Australia.[10]

1.25ASIO adopted new terminology in early 2021 to describe terrorism as either ‘religiously motivated violent extremism’ or ‘ideologically motivated violent extremism’.This change reflected ASIO’s efforts to ensure language remained fit-for-purpose and accurately reflected threats posed.

1.26Religiously motivated violent extremism denotes support for violence to oppose or achieve a specific social, political or legal system based on a religious interpretation. Ideologically motivated violent extremism denotes support for violence to achieve political outcomes or in response to specific political or social grievances.[11]

1.27ASIO reported that religiously motivated extremists, particularly Sunni violent extremists and to a lesser extent al-Qa’ida, were an enduring threat to Australia and other Western democracies. These groups continued to seek to inspire terrorist attacks, and al-Qa’ida has sought opportunities to exploit weak governance.[12]

1.28ASIO identified that ideologically motivated violent extremists, particularly nationalist and racist violent extremists, were ‘focused on producing propaganda, radicalising and recruiting others, and preparing for an anticipated societal collapse’.These extremists operated in all states and territories of Australia, and when compared with religiously motivated violent extremism, ideologically motivated violent extremists are far more widely dispersed, including in regional and remote areas.[13]

1.29COVID-19 had not notably reduced the threat of terrorism in Australia, with lockdowns likely to have increased online exposure to violent extremists. Over the review period there were two terrorist attacks and three planned attacks that were disrupted. ASIO explained that due to the move to online coordination and recruitment, detection of attack planning has become more difficult, with the type of attack most likely to be committed by a single actor or small group.[14]

1.30ASIO explained that involvement of minors in Australia has been identified within both types of violent extremism.This includes planning and conducting terrorist attacks, radicalising others, and participation at the leadership level within extremist groups.[15]

Terrorism internationally

1.31Internationally, terrorist attacks highlighted the persistent threat posed by religiously and ideologically motivated extremists. While large-scale attacks in the Middle East were unlikely, smaller attacks by individuals or groups remained a threat.[16]This trend also appeared to be present in attacks in Europe with the ‘use of basic weapons—such as knives, vehicles, firearms and/or explosives—to target crowded places or police and uniformed personnel’ considered more likely.[17]

1.32Although COVID-19 reduced the opportunity for Australians to be the target of attacks, COVID-19 had a limited effect on the threat of terrorist attacks in South Asia. In some cases attacks became more complex over the reporting period.[18]

1.33ASIO also highlighted that the scheduled release of terrorist prisoners across South-East Asia and Europe is likely to exacerbate the terrorist threat in these regions.[19]

Violent protect and communal violence

1.34ASIO noted that while communal violence and violent protest were rare in Australia, communal tensions were generally expressed through peaceful protest or public events which aimed to draw public attention to a specific issue.[20] Although infrequent, ASIO observed isolated incidents of communal violence involving diaspora groups within Australia which were in response to specific events overseas.[21]

Espionage and foreign interference

1.35ASIO identified that while ‘legislative change, operational initiatives and the impact of COVID-19’ made the operating environment more difficult for Australia’s adversaries, Australia remained subject to an enduring threat of espionage and foreign interference.

Foreign powers and their proxies, including intelligence services, continue to steal proprietary, sensitive and commercially valuable Australian information. Their efforts harm almost all facets of Australian society at all levels of government in every state and territory, as well as Australia’s science and technology sectors, both military and civilian.[22]

1.36COVID-19 continued to impact how espionage was undertaken. In the face of a global digital transformation, cyber espionage remained the most pervasive approach adopted by Australia’s adversaries; it is effective, readily deniable, and can be undertaken remotely. ASIO explained that as adversaries develop increasingly powerful digital tools and Australia’s online exposure increases, particularly through the Internet of Things and social networking sites, the need for robust cyber security remained critically important.[23]

1.37Outside of cyber espionage, foreign intelligence services sought to leverage information through cultivating relationships across government, academia and businesses in order to steal Australian information.[24] The availability of personal information found online assisted foreign intelligence services in identifying and contacting potential targets to recruit as human sources.[25]

1.38ASIO said that:

The increasing interconnected nature of Australia’s critical infrastructure exposes vulnerabilities which, if targeted, could result in significant consequences for our economy, security and sovereignty.[26]

1.39For example, pre-positioned malicious software that may be activated at any time, has potential for disruptive or damaging attacks. To date, ASIO has not observed an act of sabotage within Australia by a foreign power. While ASIO endeavoured to remove or hamper the efforts of foreign powers, foreign intelligence officers, or their proxies to undertake espionage and sabotage, these threats remained and could become more likely in times of heightened tension.[27]

1.40Though outside the reporting period, the Director-General of Security’s February 2022 Annual Threat Assessment identified that ‘espionage and foreign interference has supplanted terrorism as our principal security concern’, demanding more attention and resources than the threat of terrorism.[28]

Border integrity

1.41While border integrity continued to be a focus for ASIO there was no evidence of irregular maritime arrivals having occurred during the reporting period. Demand was suppressed due to the low prospect of permanent resettlement in Australia, as well as the impact of COVID-19 lockdowns and travel restrictions.[29]

Continued National Intelligence Community evolution

1.42The 2017 Independent Intelligence Review (IIR) recommended the expansion of Australia’s intelligence community to encompass ACIC and the intelligence functions of AFP, AUSTRAC and the Department of Home Affairs, joining the six intelligence agencies subject to the Committee’s oversight. This expanded intelligence community is now referred to as the NIC.

1.43The IIR also recommended that a review of the legal framework underpinning the NIC be undertaken. In May 2018 the then Attorney-General announced the review would commence and be led by Mr Dennis Richardson AC (‘Richardson Review’). In December 2020 the unclassified version of the report was released, along with the Government’s response. The Richardson Review made 28 recommendations comprising a significant reform agenda for the NIC if fully implemented.[30]

1.44In undertaking this review, the Committee considered how intelligence agencies have operated since the NIC was established, and how the IIR and the Richardson Review may have changed how agencies have operated. Additionally, in line with significant changes forecast for agencies, the Committee considered how this changing environment may have affected the ongoing oversight of the NIC as a whole.

Footnotes

[1]Inspector-General of Intelligence and Security (IGIS), Submission 10, p. 19.

[2]Intelligence Services Act 2001 (IS Act), s 29.

[3]Reviewing the intelligence gathering and assessment priorities of agencies is expressly prohibited under subsection 29(3) of the IS Act.

[4]With a limited exception for the review of matters relating to the retained data of ASIO that are included in ASIO’s annual report—see IS Act, ss 29(4).

[5]See IS Act, ss 29(3).

[6]IS Act, ss 29(1)(bd).

[7]IS Act, ss 29(5).

[8]IS Act, ss 29(4).

[9]Australian Security Intelligence Organisation (ASIO), Submission 6, pp. 8-13.

[10]ASIO, Submission 6, p. 8.

[11]ASIO, Submission 6, p. 8.

[12]ASIO, Submission 6, pp. 8-9.

[13]ASIO, Submission 6, p. 9.

[14]ASIO, Submission 6, p. 8.

[15]ASIO, Submission 6, p. 9.

[16]ASIO, Submission 6, p. 11.

[17]ASIO, Submission 6, pp. 10-11.

[18]ASIO, Submission 6, p. 10.

[19]ASIO, Submission 6, pp. 10-11.

[20]ASIO, Submission 6, pp. 9-10.

[21]ASIO, Submission 6, p. 9.

[22]ASIO, Submission 6, p. 12.

[23]ASIO, Submission 6, p. 12.

[24]ASIO, Submission 6, p. 12.

[25]ASIO, Submission 6, pp. 12-13.

[26]ASIO, Submission 6, p. 13.

[27]ASIO, Submission 6, p. 13.

[28]Mr Mike Burgess, Director-General’s Annual Threat Assessment, Speech, 9 February 2022.

[29]ASIO, Submission 6, p. 13.

[30]Mr Dennis Richardson AC, Comprehensive Review of the Legal Framework of the National Intelligence Community:Volume 1: Recommendations and Executive Summary; Foundations and Principles; Control, Coordination and Cooperation, December 2019.