5.1
This chapter provides an overview of the powers in Schedule 2-4, discusses matters raised by both the Inspector-General of Intelligence and Security (IGIS) and industry bodies in relation to the powers, and outlines the Independent National Security Legislation Monitor’s (INSLM) findings in relation to these schedules.
Overview of Schedule 2 to Schedule 4 powers
Schedule 2
5.2
Schedule 2 of the Telecommunications and Other Legislation Amendment (Assistance and Access) Act 2018 (TOLA Act) amends the Surveillance Devices Act 2004 to enable federal, and State and Territory law enforcement agencies to obtain computer access warrants when investigating a serious federal offence incurring a punishment of imprisonment of maximum period of 3 years or more.
5.3
Prior to the introduction of the TOLA Act, the Australian Security Intelligence Organisation (ASIO) was required to apply for an interception warrant in addition to a computer access warrant. However, the Department of Home Affairs said ‘it is almost always necessary for law enforcement and ASIO to undertake limited interception for the purposes of executing a computer access warrant’. Therefore, Schedule 2 of the TOLA Act also provided limited interception powers to permit the interception of communications passing over a telecommunication system to assist in the concealment of the fulfilment of the computer access warrant.
5.4
The ability to intercept communications to carry out a computer access warrant is designed to facilitate law enforcement or ASIO entry to premises and, if required, remove a device in order to maintain operational integrity. The Department of Home Affairs said that the ability to remove a computer from premises is ‘important in situations where an agency may have to use specialist equipment to access the computer but cannot for practical reasons bring that equipment onto the premises in a covert manner.’
5.5
Schedule 2 introduces an assistance order regime, requiring a specified person to provide any information or assistance that is necessary to allow law enforcement officers to access, copy or convert data (into an intelligible form) that is the subject of a computer access warrant, or subject to an emergency authorisation. Such applications must be made to and approved by an eligible judge or nominated Administrative Appeals Tribunal (AAT) member.
5.6
In executing a computer access warrant the amendments to the Australian Security Intelligence Organisation Act 1979 (ASIO Act) and the Surveillance Devices Act 2004 allows law enforcement and intelligence agencies to use force against persons and things in the execution of computer access warrants. The Department of Home Affairs provided an example of how this power would be used in practice:
… the use of force may be required due to the likely eventualities that officers face while executing a warrant. For example, it may be necessary to use force against a door or a cabinet lock to access a thing on the premises or to use force to install or remove a computer. In the case of force against a person, its use is constrained on the face of the legislation to circumstances where force is required to execute the computer access warrant. For instance, it may be necessary to use reasonable force if a person is obstructing a doorway into the warrant premises and an officer needs to move past them.
5.7
Schedule 2 of the TOLA Act also amended the Mutual Assistance in Criminal Matters Act 1987 to allow applications for computer access warrants at the request of a foreign country. During the 2018-19 reporting period, no such applications were made.
5.8
A computer access warrant request made by ASIO can be authorised by the Attorney-General, and an eligible judge or nominated member of the AAT can issue a computer access warrant on behalf of law enforcement. Between 1 July 2019 and 30 June 2020 the Australian Federal Police (AFP) obtained 16 computer access warrants, and during this period two applications for warrants were refused but later issued. In the 2018-19 reporting period, the AFP and the Australian Criminal Intelligence Commission (ACIC) were granted a combined total of eight computer access warrants and in 2019-20 reporting period, the AFP and the ACIC were granted a combined total of 20 computer access warrants.
Schedule 3 and Schedule 4
5.9
The amendments contained in Schedules 3 and 4 of the TOLA Act cover search warrant provisions contained in the Crimes Act 1914 and the Customs Act 1901 for law enforcement and the Australian Border Force (ABF). The Department of Home Affairs said that the amendments contained in these Schedules were designed to modernise search warrants and assistance orders to account for advancements in technology. The INSLM outlined the five main reforms in Schedule 3 as follows:
a.
It introduces the concept of ‘account-based data’.
b.
It expands the scope of actions police can take to access electronic data.
c.
It permits remote access to data from a place other than warrant premises.
d.
It increases the time during which an electronic device moved from warrant premises under s 3K [of the Crimes Act 1914] may be retained for processing or examination.
e.
It amends both the circumstances in which an assistance order is available and the penalties for failing to comply with that order.
5.10
The definition of ‘account-based data’ is set out by s3CAA of the Crimes Act 1914 to provide that if an electronic service has accounts for end users and either the person holds an account or is likely to be a user of an account with an electronic service, and that person can access the data provided by the service, it will be considered account-based data in relation to the person.
5.11
As part of the provisions covering account-based data, the powers allow a law enforcement officer to ‘add, copy, delete or alter other data’ on a computer or a device for the purpose of obtaining access to data.
5.12
The Department of Home Affairs said that Schedule 3 also allows law enforcement officers to use other computers to give effect to the warrant:
The law permits executing officers to give effect to the warrant by using other computers – including when remotely accessing data on the device. This measure is appropriately limited by the requirement for the executing officer to have regard for other methods to access relevant data if it is reasonable in the specific circumstance (paragraph 3F(2B)(c) in the Crimes Act and paragraph 199B(2)(c) in the Customs Act). This important safeguard ensures that the use of a third party’s computer is not arbitrary, and will only occur if other methods of access cannot reasonably deliver the necessary and lawful outcomes for law enforcement and the ABF.
5.13
The Department of Home Affairs said that the amendments under Schedule 4 of the TOLA Act replicated those provided by Schedule 3 in relation to the ABF powers to provide similar investigatory powers.
5.14
Prior to the introduction of the TOLA Act, the ABF had the ability to seek a search warrant to search premises, but not to search computers or data storage devices. The ABF also had the power to compel assistance with obtaining data through an assistance order. However, the TOLA Act introduced new powers and enhanced existing powers as outlined by the INSLM:
a.
It introduced a power for ABF officers to obtain a search warrant in respect of a person.
b.
It expanded the ABF’s powers in respect of electronic items and access to data in connection with the execution of a search warrant in respect of premises.
c.
It increased the time during which a computer or data storage device moved from warrant premises by the ABF for examination or processing may be retained for that purpose.
d.
It amended offence provisions and maximum penalties that apply where a person fails to comply with an assistance order.
5.15
Like the law enforcement powers introduced by Schedule 3, the TOLA Act provides the ability for the ABF to ‘add, copy, delete or alter other data’. However, in contrast to the powers provided to law enforcement, ABF has not been granted powers in relation to account-based data.
5.16
The most significant amendments to ABF powers are in relation to assistance orders, which have expanded to include ‘data storage devices’, expansion of liability for failure to comply with an assistance order, and significant increases to penalties for failure to comply with an assistance order.
Stakeholder views on Schedule 2 to 4 powers
Industry and civil society concerns
5.17
In comparison with the number of concerns raised in relation to Schedule 1 – as discussed in Chapter 4 – the Committee received significantly fewer submissions from industry and civil society in relation to Schedules 2 to 4.
5.18
The Law Council of Australia (hereafter referred to as the ‘Law Council’) said that a number of concerns raised by them during the Committee’s previous inquiries had been addressed. However, the Law Council reiterated concerns regarding the emergency authorisation provisions which would allow for law enforcement to use interception powers without seeking appropriate authorisation:
The [TOLA] Act introduced section 27A, the effect of which was the lowering of this threshold so that telecommunications interception may be permitted as part of a computer access warrant for a ‘relevant’ offence, defined in subsection 6(1) of the [Surveillance Devices Act 2004] as a Commonwealth offence, or a state offence with a federal aspect, that is punishable by imprisonment for a minimum of three years, or an offence otherwise prescribed in section 6(1) or by the regulation. This is a significant increase in the powers of law enforcement agencies, which does not appear to have been justified as a necessary and proportionate response.
The Law Council is concerned that the amendment to subsection 32(4) of the [Surveillance Devices Act 2004] permits telecommunication interceptions under computer access warrants which have received emergency authorisation, meaning they have not been approved by an eligible Judge or a nominated AAT member, and these warrants can be issued for a much broader range of offences.
5.19
The Law Council recommended that the Australian Security Organisation Act 1979 (ASIO Act) and the Surveillance Devices Act 2004 be amended to prohibit the use of force in executing computer access warrants.
5.20
The Law Council raised additional concerns in relation to the authorisation powers granted under the ASIO Act and the Surveillance Devices Act 2004 which allows the Attorney-General, Judge or nominated AAT member to authorise the temporary removal of computers or ‘other things’ for the purpose of entering specified premises or gaining entry or exiting specified premises.
5.21
The Law Council said the removal power is too broad as it allows the temporary removal of ‘other things’ with the potential to apply to any object on the premises in an arbitrary manner. The Law Council recommended that a list of objects permitted to be removed be set out in legislation and that time limits should apply to the removal.
5.22
In regard to concealment of access, the Law Council expressed concern that the absence of a time limit by which the concealment of access powers may be exercised:
Concealment activities can be done ‘at any time while the warrant is in force or within 28 days after it ceases to be in force’. However, if nothing has been done within the 28 day period to conceal the fact a computer has been accessed, they may be authorised ‘at the earliest time after the 28-day period at which it is reasonably practicable’ to conceal access to a computer under warrant.
The Law Council expressed concerned that the absence of a time-limit by which concealment of access powers may be exercised may authorise privacy-intrusive activities in the absence of the reasonable grounds threshold which underpin the initial warrant…
5.23
In addition, the Law Council suggested that wording relating to ‘material’ loss caused by concealment of access by ASIO and law enforcement in the ASIO Act and the Surveillance Devices Act 2004 be revised:
The requirement that the loss or damage be ‘material’ sets a higher bar than ‘cause any loss or damage’ – a bar which may be too high for a person to be able to access compensation for loss or damage.
The Law Council recommends that these sections be amended to omit the requirement of ‘material’.
5.24
Finally, the Law Council noted that the Surveillance Devices Act 2004 does not permit disclosures for the purposes of seeking legal advice in relation to computer access warrants, and recommends that the provisions be adjusted to allow for disclosure for the purpose of seeking legal advice.
5.25
Koji Payne said that computer access warrants – as provided by Schedule 2 – and other warrants amended by Schedule 3 and Schedule 4 of the TOLA Act should explicitly set out the kinds of actions that are permitted in adding, copying, deleting or otherwise altering data for the avoidance of doubt and such provisions should apply to ‘serious offences’ not offences carrying a term of imprisonment of 3 years.
5.26
In addition, the Media Entertainment and Arts Alliance (MEAA) raised concerns in a submission to the INSLM inquiry regarding the threshold for issue of warrants under Schedule 3, noting that the suspicion on ‘reasonable grounds’ may be inappropriate to authorise law enforcement to access communications data.
INSLM findings and recommendations
5.27
The INSLM was satisfied that the computer access warrant regime and associated powers contained in Schedule 2 were both necessary and proportionate. The INSLM accepted the evidence of the Department of Home Affairs that some degree of interception is necessary at times for the purpose of executing a computer access warrant, as well as the assurances that agencies will not use these limited interception powers to circumvent the interception warrant process under the Telecommunications (Interception and Access) Act 1979.
5.28
The INSLM considered evidence provided by the Department of Home Affairs, the Australian Human Rights Commission (AHRC) and the Law Council regarding the timeframe in computer access warrants authorising activities taken to conceal the execution of a warrant beyond the expiry date of the warrant. The INSLM noted that the ability to conceal activities taken under a covert computer access warrant was not subject to separate or additional authorisation and that such concealment activity could be undertaken at a location not included as part of the warrant application.
5.29
Therefore, the INSLM recommended that an agency be required to seek external authorisation to exercise a concealment of access power where it is proposed to occur more than 28 days after the expiry of a warrant.
5.30
Further, where it is necessary that a computer or device is removed from the premises, the INSLM considered the evidence of the Law Council and determined that it is not satisfactory to return a computer or device within ‘a reasonable period’ and recommended that the relevant provisions be amended to require a computer or device to be returned where it is no longer prejudicial to security or otherwise as soon as reasonably practicable.
5.31
In relation to Schedule 3 and Schedule 4, the INSLM was generally satisfied that the powers conferred were both necessary and proportionate.
5.32
The INSLM discussed the definition of suspicion on ‘reasonable grounds’ raised by the MEAA and determined that the matter had been settled by case law, citing the decision in George v Rockett, where in order to meet the threshold there must be facts present which would cause suspicion in the mind of a reasonable person. The INSLM did not make any recommendation to alter or amend this threshold.
5.33
A number of recommendations were made regarding assistance orders. While the INSLM considered that, given an assistance order may be sought at the same time as a computer access warrant, the seniority of issuing officer for an assistance order was appropriate, the INSLM said that the Crimes Act 1914 and the Customs Act 1901 should be amended to specifically state that an assistance order does not authorise the detention of a person where the agency in question does not have any lawful basis to detain an individual.
5.34
The INSLM welcomed the introduction of a monetary penalty for failure to comply with an assistance order as an alternative to imprisonment. At the same time, the INSLM suggested additional reporting requirements in relation to assistance orders that will be discussed further in Chapter 7.
Government agency views
5.35
The Department of Home Affairs said that computer access warrants provided by Schedule 2 are an important covert investigatory tool:
Computer access warrants are an important covert investigatory tool which allows law enforcement and ASIO officers to search electronic devices and content on those devices. The Assistance and Access Act introduced provisions in the SD Act and ASIO Act to ensure these warrants continue to be operationally effective while respecting the need to appropriately limit access to intrusive powers.
5.36
As indicated above, the AFP and the ACIC have used the computer access warrant powers to assist in a number of investigations since the introduction of the TOLA Act. The AFP indicated that these powers have provided access to evidential material not previously available:
The AFP notes that they continue [to] explore less intrusive options for current active investigations before application for a computer access warrant which is provided in Schedule 2 of the Assistance and Access Act. Computer access warrants are necessary and the ability to escalate to this level of access is critical to operational effectiveness. The AFP takes the application of such intrusive powers very seriously and with due consideration. These warrants have been used in a very measured and considered way and have provided access to evidence that had not previously been available.
5.37
In considering the recommendations made by the INSLM in relation to the TOLA Act, the Department of Home Affairs supported the INSLM’s finding that incidental interception for the purpose of executing a computer access warrant was appropriate.
5.38
The Department of Home Affairs noted there are operational challenges in retrieving devices and concealing access without alerting the subject of an investigation:
Officers cannot always reliably predict whether, or when, they will be able to safely enter a premises to retrieve devices or conceal access without compromising a covert operation. For example, a person may unexpectedly relocate their computer or device before it can be removed by law enforcement for concealment purposes. This may ultimately undermine an ongoing investigation. The ability for law enforcement and ASIO to intercept communications pursuant to the purposes discussed above will allow officers to better predict when it is safe and appropriate to enter a premises.
5.39
Noting the risks associated with alerting subjects of an investigation of the execution of a covert warrant, the Department of Home Affairs indicated that it would need to consult with operational agencies regarding the potential impact of the INSLM’s recommendation to impose a requirement for external approval where concealment activities are not carried out within 28 days of the expiry of a computer access warrant.
5.40
Superintendent Robert Nelson of the AFP said that there would be operational difficulties with seeking external authorisation prior to undertaking concealment activities:
It relates to having to go back and obtain a new authorisation. That has an overhead in terms of that. Sometimes the circumstances in which we may effect the removal of a surveillance device are timed more by the suspect. When those opportunities arise we do need to utilise them as quickly and as efficiently as we can. In theory, there could be some delays whilst we obtain that authorisation.
However, Superintendent Nelson considered that external authorisation to extend the ability to undertake concealment activities for an additional window of time, rather than a specific incident, may not adversely impact investigation outcomes.
5.41
The INSLM’s recommendation to amend the ASIO Act to require the return of items temporarily removed under a computer access warrant would impose a positive obligation to return items that did not accord with the requirements of other warrants said the Department of Home Affairs in response to the recommendation.
5.42
Additionally, in relation to the use of force powers in the ASIO Act and the Surveillance Devices Act 2004, the Department of Home Affairs said that if law enforcement and intelligence agencies did not have access to these provisions they would be open to civil and criminal prosecution for proportionate actions taken in executing otherwise lawful actions:
The absence of a power to use reasonable and necessary force could potentially lead to civil action or criminal charges should a law enforcement officer do acts or things against a person proportionate to what is contemplated by warrant. Reasonableness and necessity requires the use of force to be proportionate in all circumstances.
5.43
The Department of Home Affairs indicated that the enhancements enacted by Schedule 3 have been used very regularly by the AFP:
The Australian Federal Police has used the enhanced search warrant provisions amended by Schedule 3 of the Assistance and Access Act very regularly across a variety of investigations. The new search warrant framework has enabled more accurate targeting of suspects and improved identification, access and collection of otherwise secure and encrypted communications.
5.44
The AFP provided an example of the use of the assistance order regime provided by updated s 3LA of the Crimes Act 1914 to compel assistance with an investigation involving importation of drugs via cryptocurrency through the dark web. The Department of Home Affairs said that there are protections in place under the Crimes Act 1914 where those subject to an assistance order are not able to assist.
5.45
In addition, the Department of Home Affairs indicated that the amendments to Crimes Act 1914 enabled the search warrants executed in June 2019 in relation to secrecy offences. The Department noted that the actions permitted by the amendments to the TOLA Act did not allow for a search warrant to destroy or modify the contents of documents:
Schedule 3 of the Assistance and Access Act expanded the types of actions that may be authorised by a search warrant to include:
using electronic equipment to access 'relevant data' that is held in a computer or data storage device found in the course of a search, in order to determine whether the data is evidential material of a kind specified in the warrant; and
using electronic equipment to access relevant 'account-based data' in relation to a person (living or deceased) who is (or was) an owner, lessee or user of a computer found in the course of a search.
This amendment does not authorise officers executing a search warrant to destroy or modify the contents of documents on electronic devices. The power to ‘add, copy, delete or alter other data’ is used solely to obtain access to data held on a computer system.
5.46
The Department of Home Affairs did not outline a position in relation to the recommendations made by the INSLM pertaining to Schedules 3 and 4.
5.47
However, the Department of Home Affairs confirmed that the assistance orders power under the Crimes Act 1914 and Customs Act 1901 do not authorise the detention of an individual where the agency in question does not otherwise have a lawful basis to do so. The AFP confirmed this position.
Committee comment
5.48
The Committee notes the evidence it has received from the Department of Home Affairs and the AFP regarding the benefits to investigatory processes arising from the implementation of computer access warrants in Schedule 2 and the enhanced assistance order powers under Schedules 3 and 4.
5.49
The Committee accepts the evidence received by the Department of Home Affairs and the conclusion reached by the INSLM regarding the utility and practicality of limited telecommunications interception for the purpose of executing a computer access warrant under Schedule 2 without seeking an additional interception warrant to do so.
5.50
In addition, the Committee notes the statutory construction of the provision relating to interception which requires the powers to be used only for the purposes of fulfilling activities as specified by the computer access warrant. Noting that such warrants are subject to external consideration by the judiciary or the AAT in the case of law enforcement applications, or the Attorney-General in the case of ASIO applications, the Committee is satisfied with the provisions as currently stated.
5.51
The Committee notes the concerns raised by submitters in relation to the use of force provisions, however, the Committee also notes that a computer access warrant also authorises the physical activity of entering premises and seizing items and is not willing to make a recommendation to restrict use of force powers that would open Australia’s law enforcement and intelligence agencies to civil and criminal prosecution for unavoidable but unforeseen incidents that may arise in the course of executing a lawfully obtained warrant.
5.52
The Committee appreciates the careful consideration given by the INSLM in relation to concealment of activities undertaken in the course of executing a computer access warrant. In addition, the Committee notes the evidence provided regarding the potential operational impacts of implementing a requirement to seek external authorisation when undertaking concealment activities.
5.53
The Committee is therefore minded to make a slightly different recommendation that attempts to balance the privacy concerns of submitters and the operational requirements of Australia’s law enforcement and intelligence agencies.
5.54
The Committee recommends that authorisation from the Attorney-General or issuing authority be sought for a window of time not exceeding six months from the expiry of the 28 day window provided for by the ASIO Act and the Surveillance Devices Act 2004. Further, the Committee recommends that law enforcement and ASIO be authorised to apply for a further period not exceeding six months should concealment activities be unable to be carried out in the initial window of time.
5.55
The Committee recommends that the relevant provisions of the Australian Security Intelligence Organisation Act 1979 and the Surveillance Devices Act 2004 be amended to require the Australian Security Intelligence Organisation and law enforcement agencies to seek external authorisation from the Attorney-General or issuing authority to carry out concealment activities in relation to the execution of computer access warrants following the initial 28 day window provided in the respective acts.
The Committee recommends that such an application should allow the Australian Security Intelligence Organisation or law enforcement agencies to carry out concealment activities within a window of time not exceeding six months from the expiry of the initial 28 day window, with the option to seek additional external authorisation for a further six months if required.
5.56
In relation to Schedule 3 and Schedule 4, the Committee notes that enhancements to the search warrants provisions and assistance orders have provided the AFP with access to evidential material not previously available. In light of such evidence, the Committee considers that the provisions are operating as intended.
5.57
However, the Committee notes the ability to ‘add, copy, delete or alter other data’ has prompted several submitters to raise concerns regarding the scope of the powers. The Committee has considered these concerns carefully, and has considered the INSLM’s views on the evidence received on the matter.
5.58
In the example of the operation of the enhanced Schedule 3 powers provided by the AFP – notwithstanding the execution of these warrants resulted in the Committee’s recently concluded inquiry into the impact of law enforcement and intelligence powers on the freedom of the press – the Committee is persuaded that the increasing use of technology in the commission of crime has required law enforcement and intelligence agencies to be provided with the tools to ensure that, where necessary, evidence of access to data and information may be rightfully concealed.
5.59
In the course of its inquiry into the amendments made by the TOLA Act, the Committee has not uncovered any evidence that the ability to ‘add, copy, delete or alter other data’ would allow law enforcement or ASIO to carry out any of the potential destructive activities raised by submitters in relation to this issue. However, the Committee will continue to monitor this issue.
5.60
The Committee notes the clarifying statement provided by the Department of Home Affairs in its supplementary submission regarding submitter concerns that the assistance orders power in the Crimes Act 1914 and the Customs Act 1901, and supports the conclusion that these powers alone do not authorise the detention of a person.
5.61
However, the Committee considers there is an opportunity to clarify certain aspects of the legislation to align with the accepted intent. Therefore the Committee recommends that the Government make clear that no mandatory assistance order, including those defined in relevant sections of the Crimes Act and the Customs Act 1901, can be executed in a manner that amounts to the detention of a person where that agency does not otherwise have a lawful basis to detain the person.
5.62
The Committee recommends that the Government make clear that no mandatory assistance order, including those defined in section 3LA of the Crimes Act 1914 and section 201A of the Customs Act 1901, can be executed in a manner that amounts to the detention of a person where that agency does not otherwise have any lawful basis to detain the person.
5.63
The Committee discusses the INSLM’s recommendations regarding additional reporting and monitoring requirements further in Chapter 7.