Additional comments by Liberal senators
1.1
In order to be effective, legislation designed to ensure that network
owners and operators are able to protect their networks must be clear. In
particular, the law must provide clarity as to what types of actions network
owners and operators, including those operating networks for government
agencies, can lawfully undertake.
1.2
Liberal Senators are concerned that the Bill does not provide sufficient
clarity as to what actions would be considered necessary to effectively
undertake 'network protection duties' and, further, how intercepted information
may be used for 'disciplinary purposes'.
1.3
The Law Council of Australia ('the Law Council') also raised some
important concerns about proposed section 63E and the potential for law
enforcement agencies to bypass warrant arrangements to obtain information using
voluntary disclosure provisions.
'Network Protection Duties'
1.4
Proposed paragraph 7(2)(aaa) provides an exemption from the prohibition
on intercepting communication if the person is authorised to engage in network
protection duties and the interception is necessary for the performance of
those duties. Neither the Bill nor any supporting material provide sufficient
examples for what types of actions constitute 'appropriate use' of the network
for 'network protection duties'. A number of submitters to the inquiry raised
this concern.
1.5
One submitter recognised that some network administrators may
unwittingly engage in unlawful behaviour because of this lack of clarity.
Some of these are everyday activities that almost all network
administrators would do and users would accept without thinking there is any
possibility of contravening the TIA Act.[1]
1.6
The Office of the Privacy Commissioner suggested that additional
guidance be provided to help organisations train authorised persons about what
actions are lawfully enabled under the proposed exemption.[2]
While the Explanatory Memorandum provides examples of people who might be
considered appropriate to undertake network protection duties, no guidance is
given as to what actions they might then appropriately take.
'Disciplinary Action'
1.7
The Office of the Privacy Commission noted that 'disciplinary action',
in relation to the misuse of computer networks within designated Commonwealth
Agencies, security agencies and eligible authorities of a state, was not
defined. Some IT policies include provisions that are unrelated to network
protection.
1.8
Liberal Senators are concerned that, unless the government clarifies that
‘disciplinary action’ only applies to activities that pose a risk to network
security, network owners or operators could use and disclose an intercepted
communication for disciplinary action even though that use of the network does
not pose a network security risk.
Recommendation 1
1.9
That the Government provide greater clarity about what activities do and
don't constitute 'network protection activities'.
1.10
That the Government make it clear that 'disciplinary action' only
applies to activities that pose a risk to network security.
Voluntary Disclosure
1.11
Proposed section 63E of the Bill allows lawfully intercepted information
to be voluntarily disclosed to certain agencies (including law enforcement
agencies) by the person responsible for the network, if the person suspects that
the information is relevant to determining whether another person has committed
a prescribed offence. A 'prescribed offence' is generally an offence punishable
by imprisonment for a maximum period of at least three years.
1.12
The Law Council supports the principles underpinning this provision but
raised concerns that some law enforcement agencies may attempt to bypass
existing warrant arrangements by requesting that information be 'voluntarily
disclosed'. In their submission, the Law Council noted that it would be of
great concern if:
...law enforcement agencies were to use this voluntary
disclosure provision to obtain information by request, when they would
otherwise require a warrant to access it...
...The Law Council accepts that an agency would not have the
power under the Act to compel the disclosure of such information. However, the
Law Council submits that an agency is not expressly prohibited or prevented
from requesting the disclosure of information under proposed section 63E.[3]
1.13
Liberal Senators support the Law Council's proposal that the Bill be
amended to provide that proposed section 63E does not apply where an agency has
requested the disclosure of the information. The Law Council submitted that:
...such an amendment would safeguard against the potential
misuse of the section to circumvent the warrant requirements of the Act.[4]
Recommendation 2
1.14
That proposed section 63E of the Bill should be amended to provide that
the section does not apply where an agency has requested the disclosure of the
information.
Senator Guy Barnett
Deputy Chair
Senator
Mary Jo Fisher
Navigation: Previous Page | Contents | Next Page