Chapter 2


Chapter 2

Overview of the Bill

Key provisions of the Bill

2.1        The Bill contains seven schedules of amendments:

  • Schedule 1 proposes to enable the Australian Security Intelligence Organisation (ASIO) to provide technical assistance to law enforcement agencies in relation to telecommunications interception warrants issued to those agencies;
  • Schedules 2-5 include other measures to improve the operation, responsiveness and integrity of the telecommunications interception regime, by, for example:
  • requiring telecommunications carriers and nominated carriage service providers (C/NCSPs) to regularly notify the Communications Access Coordinator (CAC) of proposed changes that could impact on their ability to comply with their legal obligations with respect to interception;[1]
  • authorising disclosure of telecommunications data in relation to missing persons;[2] and
  • enabling the police to apply for a warrant to access stored communications (such as email and SMS) relating to victims of serious contraventions without the victim's consent;[3]
  • Schedule 6 includes amendments to facilitate greater cooperation between law enforcement agencies and intelligence agencies, and to remove legislative barriers to information sharing by intelligence agencies; and
  • Schedule 7 contains minor amendments to definitions in the Telecommunications (Interception and Access) Act 1979 (TIA Act).

Schedule 1 – Interception and other assistance by ASIO

2.2        Schedule 1 amends the TIA Act. Currently the TIA Act prohibits the interception of, and other access to, communications passing over a telecommunications system, except in certain special circumstances as outlined in that Act.[4] Circumstances where interceptions are permitted include where an agency is issued with a warrant to intercept telecommunications.[5]

2.3        In its current form, section 55 of the TIA Act enables the chief officer of a law enforcement agency to seek the assistance of other law enforcement agencies in exercising an interception warrant. This enables smaller law enforcement agencies with limited interception capacity to rely on larger agencies to intercept on their behalf.[6] However, ASIO does not fall within the group of agencies from which assistance can be sought. In his original second reading speech, to which he referred when he reintroduced the Bill, the Attorney-General noted that this does not reflect the reality of the modern security environment and the cooperative basis within which law enforcement agencies and intelligence agencies now operate.[7]

2.4        The Bill aims to address this issue by amending section 55 to enable officers of ASIO, or persons assisting ASIO in the performance of its functions, to be authorised to exercise a telecommunications interception warrant on behalf of a law enforcement agency.[8] Amendments in Schedule 6 will also enable ASIO to provide technical and logistical assistance to a law enforcement agency exercising an interception warrant.[9]

2.5        The proposed amendments in items 5 and 6 of Schedule 1 will broaden the class of persons who could exercise authority under the warrant to include persons assisting ASIO in the performance of its functions. The Bill clarifies that assistance provided by a person assisting ASIO in the performance of ASIO's functions does not remove ASIO's responsibility for that person's actions.[10] In other words, such a person would be acting on behalf of ASIO and ASIO would be exercising authority under the warrant.

2.6        According to the EM, the Bill proposes to maintain existing controls and safeguards on the use and disclosure of information obtained by ASIO intercepting on behalf of another agency or providing technical assistance in relation to telecommunications interception.[11] It does this by preventing ASIO from using or disclosing this information for its own purposes.[12] In addition, ASIO will be subject to existing legislative requirements contained in the TIA Act and the Australian Security Intelligence Organisation Act 1979 (ASIO Act) in assisting law enforcement agencies under this new function.[13] This oversight is provided by the Inspector General of Intelligence and Security (IGIS).

2.7        The Bill also makes a number of associated amendments to give effect to ASIO's proposed new function of intercepting on behalf of, or providing assistance to, another agency, including by:

  • amending the processes for notifying when a warrant is revoked,[14] to ensure that ASIO is adequately informed if it is exercising the authority of another agency's warrant;
  • enabling ASIO to issue an evidentiary certificate in relation to things it has done in exercising the authority of another agency's warrant;[15]
  • placing a requirement on the Director-General of Security to record and provide the agency in relation to which it may undertake an interception with any information the relevant agency requires to meet its recordkeeping obligations under section 81 of the TIA Act;[16] and
  • requiring that the annual report on warrants issued under the TIA Act include the number of interceptions by ASIO on behalf of other agencies.[17]

Schedule 2 – Telecommunications industry requirement to inform of proposed changes

2.8        Schedule 2 also amends the TIA Act. The TIA Act imposes an obligation on C/NCSPs to enable communications passing over a particular type of telecommunications system to be intercepted in accordance with an interception warrant.[18] Currently, C/NCSPs are required to submit an interception capability plan (IC plan) each year to the CAC,[19] setting out the C/NCSPs' strategies to comply with their legal obligations in relation to interception.[20] The C/NCSPs are required to submit a revised plan if there is any change to a matter required to be set out in the plan. The existing provisions only require notification after a change is made to the C/NCSPs' business activities which potentially impacts their ability to comply with their legal obligations in relation to interception.

2.9        The proposed amendments are, in part, modelled on earlier provisions that were contained in Division 4 of Part 15 of the Telecommunications Act 1997 (Telecommunications Act). The Telecommunications (Interception and Access) Amendment Act 2007 removed these provisions from the Telecommunications Act.

2.10      The amendments will require C/NCSPs to notify the CAC in writing if they intend to implement a proposed change to a telecommunications service or telecommunications system that is likely to have a material adverse effect on the C/NCSPs' capacity to comply with their obligations under the TIA Act or the Telecommunications Act.[21] Proposed changes that would have to be reported on would include, but are not limited to:

  • C/NCSPs' provision of a new telecommunications service;
  • C/NCSPs changing the location of 'notifiable equipment',[22] including moving equipment outside of Australia;
  • C/NCSPs procuring notifiable equipment (including equipment located outside of Australia); and
  • C/NCSPs entering into outsourcing arrangements, including having all or some of the information to which section 276 of the Telecommunications Act applies in relation to the C/NCSPs, managed[23] for C/NCSPs by another organisation.[24]

2.11      The C/NCSPs must provide sufficient details of the specifics of the change to allow the CAC and interception and enforcement agencies to analyse the potential impact.[25] After notifying the CAC of a proposed change, the C/NCSPs may implement the proposed change if the C/NCSPs have not been notified in writing by the CAC within 30 days after the day on which the notification was made.[26] If the CAC notifies the C/NCSPs in writing within 30 days of the notification being made and makes a determination under section 203 of the TIA Act, the C/NCSPs must not implement the proposed change until the C/NCSPs have complied with the determination. On receiving notification from C/NCSPs of an intention to implement a proposed change, the CAC and each agency that receives notification of the proposed change must treat the change as confidential.[27] No penalty is provided should a proposed change not be kept confidential.

2.12      The Attorney-General has indicated that it is intended that early notification will assist C/NCSPs to meet their obligations to assist interception agencies and avoid the need for costly alterations once a change has been implemented.[28] The Attorney‑General's Department (Department) has indicated that current requirements for lodging an IC plan do not facilitate notice being provided sufficiently early in the development of changes to telecommunications capacity to enable effective consultation.[29] The proposed amendments only apply to changes to IC plans proposed after the commencement of Schedule 2.[30]

Schedule 3 – Disclosure of telecommunications data in relation to missing persons

2.13      The Telecommunications Act makes it an offence for specified classes of persons, including employees of carriers, to disclose information which comes into existence as a result of the business activities undertaken by that carrier.[31]

2.14      The TIA Act outlines exceptions to these offences. The exceptions relate to authorisations for access to telecommunications data made by senior officers of enforcement and security agencies where the officer is satisfied that the specified information subject to the authorisation is reasonably necessary for the purposes of security, the enforcement of the criminal law, or the enforcement of a law imposing a pecuniary penalty or for the protection of the public revenue.[32]

2.15      There is currently no exception to enable carriers to disclose to the police data which is relevant to locating a missing person. The Bill proposes to amend the TIA Act to insert a new exception to allow an authorising officer of the Australian Federal Police (AFP) or a state police force[33] to authorise disclosure when the officer is satisfied that the disclosure is reasonably necessary for the purposes of finding a person who the police force has been notified in writing is missing.[34] Disclosure would only be of communications data available prior to the person being reported as missing.

2.16      The proposed amendments include constraints on the disclosure of this information to acknowledge that there are circumstances in which missing persons may not want their location divulged.[35] The amendments specify that the information can only be disclosed to the person who made the missing person's report:

  • with the missing person's consent; or
  • to prevent a threat to the missing person's health, life or safety if the missing person is unable to consent;[36] or
  • if the missing person is deceased.[37]

2.17      The EM also notes that the proposed limits on disclosure of missing person information reflect that information obtained in these circumstances is for the purposes of public safety and should not be disclosed to obtain evidence for criminal investigations.[38]

2.18      The amendments also limit the use of the information by the relevant police force to the sole purpose of locating a missing person.[39] Agencies will be required to report on the number of authorisations made in relation to missing persons made by the agency.[40]

Schedule 4 – Stored communications warrants in relation to victims of serious contraventions

2.19      Currently, enforcement agencies are able to access stored communications[41] where the victim of a serious contravention[42] is notified that their stored communications will be obtained in order to investigate the contravention.[43] Stored communications can also be obtained without consent under a stored communications warrant issued by a judge or nominated Administrative Appeals Tribunal member. However, such warrants are currently only issued where an enforcement agency is investigating a serious contravention 'in which the person is involved'.[44]

2.20      While the current requirements clearly apply to perpetrators and persons suspected of committing a serious contravention, it is unclear whether they also apply to the victim of a serious contravention. The EM notes that this gives rise to uncertainty about whether the current wording of the provision enables a warrant to be obtained for the stored communications of the victim of a serious contravention in circumstances where, for example, the victim is not available because they are missing, incapacitated or deceased.[45]

2.21      The proposed amendments to the TIA Act aim to remove any ambiguity, by clarifying that a stored communications warrant can be obtained to access the stored communications of both the offender and the victim of a serious contravention.[46]

2.22      Under the commencement provisions, a law enforcement agency can apply for a stored communications warrant in relation to the victim of a serious contravention regardless of whether the information held on the carrier's network was first held before or after the commencement of Schedule 4 or whether the conduct being investigated was committed prior to or after the commencement of that Schedule.[47]

Schedule 5 – Notifying managing directors of warrants

2.23      Under the TIA Act, an interception under a warrant is only authorised where the managing director of the carrier has been notified of the warrant and the interception is undertaken by an employee of the carrier.[48] Currently, the managing director cannot nominate anyone else within the carrier to receive the notification, meaning that a warrant cannot be executed if the managing director is not readily available.[49]

2.24      The Bill amends the notification provisions to enable notifications of a warrant (and notifications of the revocation of a warrant) to be made to a carrier representative authorised in writing by the managing director.[50]

Schedule 6 – Cooperation and other assistance for intelligence agencies

2.25      Schedule 6 amends the ASIO Act, the Intelligence Services Act 2001 (the IS Act) and the TIA Act. The ASIO Act establishes ASIO and sets out its functions and powers, including the circumstances in which it may cooperate with other agencies and communicate intelligence. Similarly, the IS Act establishes the Australian Secret Intelligence Service (ASIS), the Defence Signals Directorate (DSD), and the Defence Imagery and Geospatial Organisation (DIGO), and sets out those agencies' functions and authorised activities. Subsection 11(1) of the IS Act also provides that ASIS, DSD and DIGO are only to perform those functions:

...in the interests of Australia's national security, Australia's foreign relations or Australia's national economic well-being, and only to the extent that those matters are affected by the capabilities, intentions or activities of people or organisations outside Australia.

2.26      According to the EM, the aim of these amendments is to facilitate greater interoperability in multi-agency teams, and enable agencies to harness resources in support of key national security priorities.[51]

2.27      Schedule 6 proposes to provide ASIO, ASIS, DSD and DIGO with a new function of cooperating with and assisting each other, and prescribed Commonwealth authorities and 'authorities of a State',[52] in the performance of their functions.[53] Regulations will be used to prescribe an authority of the Commonwealth or of a state to enable ASIO, ASIS, DSD and DIGO to cooperate with and assist those bodies in the future.[54]

2.28      In addition, the Bill proposes to give ASIO a new function to cooperate with and assist law enforcement agencies[55] in the performance of their functions.[56] 'Law enforcement agency' is defined as an authority of the Commonwealth or a state 'that has functions related to law enforcement.'[57] The EM indicates that this definition is intended to cover a broad range of agencies – including police forces, integrity and anti‑corruption agencies and other agencies with 'investigatory and enforcement powers' under Commonwealth and state laws.[58]

2.29      The Bill also proposes to amend the communication provisions in the ASIO Act. The amendments will enable the Director-General, or a person acting in accordance with the authorisation of the Director-General, to communicate information that has come into the possession of ASIO in the course of performing its functions, to specified persons in specified circumstances.[59] The circumstances where information may be communicated are where:

  • the information relates, or appears to relate, to the commission, or intended commission, of a serious crime;[60] or
  • the Director-General, or a person authorised for the purpose by the Director‑General, is satisfied that the national interest[61] requires the communication.

2.30      The information may also be communicated to an appropriate Minister or a staff member of a Commonwealth or state authority if the information relates, or appears to relate, to the functions, responsibilities or duties of the person to whom it is communicated.[62] When communicating this information, ASIO will still be required to comply with the requirements of the ASIO Act.[63]

2.31      These proposed provisions are similar to current paragraphs 18(3)(a) and (b) of the ASIO Act, except that the current provisions only enable disclosure of information about indictable offences to 'specified law enforcement agencies', and disclosure of information in the national interest where the information has come into ASIO's possession 'outside Australia or concerns matters outside Australia'.[64]

2.32      The EM notes that broadening the group of persons to whom ASIO can disclose information will provide flexibility to ensure that ASIO is able to provide information to the most appropriate person or body, having regard to their functions. The EM also notes that, while the category of persons is broad, it is required that information only be authorised to be communicated for specified purposes, and the information must be relevant to the functions, responsibilities or duties of the person.[65]

2.33      The Bill also enables ASIO to communicate information that has come into its possession in the course of performing its functions to ASIS, DSD or DIGO, if the information appears to relate to the performance of those other agencies' functions.[66]

2.34      To achieve the same objective in relation to ASIS, DSD and DIGO, the Bill proposes to amend the definition of 'incidentally obtained intelligence' to specifically exclude information obtained for the purpose of cooperating with and assisting another agency.[67] Currently, subsection 11(2AA) of the IS Act outlines the circumstances in which incidentally obtained intelligence may be communicated, and to whom it may be communicated. The EM notes that it is necessary to exclude information obtained solely for the purpose of assisting another agency from the definition of incidentally obtained intelligence, in order to ensure that information which is collected for the sole purpose of assisting another agency is not prevented from being communicated to that agency. This might occur if communication of the intelligence were subject to the requirements in subsection 11(2AA).[68]

2.35      In relation to ASIS, DSD and DIGO, the Bill proposes that the limitations on the performance of those agencies' functions (in subsection 11(1) of the IS Act, described above) does not apply in relation to the new cooperation and assistance functions.[69] The EM notes that the proposed new cooperation and assistance functions are intended to enable the agencies to assist other agencies in the performance of the other agencies' functions, which may not be limited to the matters specified in subsection 11(1) of the IS Act.[70] Cooperation and assistance would include the provision of linguistic, analytical and other technical services, logistical support and the provision of agency staff or other resources.

2.36      Under the proposed amendments, agencies' cooperation and assistance with other agencies will be subject to any arrangements or directions that may be given by the Minister responsible for the agency. Agencies will only be able to cooperate with and assist another agency at the request of the head of that other agency.[71] In addition, in undertaking the new function of cooperating with and assisting one another, ASIS, DSD and DIGO must still adhere to the requirements of the IS Act, and ASIO must still adhere to the requirements of the ASIO Act.[72]

Schedule 7 – Amendments to section 5 of the Telecommunications (Interception and Access) Act 1979

2.37      Schedule 7 makes minor and technical amendments to the TIA Act, including redefining the 'Director-General of Security'[73] and the 'Organisation'[74] in an identical way to the current definition in order to change where the definitions are located, and substituting and repealing definitions of 'Enforcement Agency'[75] and a 'member of the staff of the Police Integrity Commission'.[76]

Navigation: Previous Page | Contents | Next Page