4. Areas of focus for 2020-21 review period
   1. As discussed in Chapter 1 of this report, the Committee requested intelligence agencies to provide information on specific areas of focus in submissions to the 2020-21 review.
   2. Those areas of focus were:

• the ongoing impact of COVID-19 on agencies’ administration and expenditure;
• business continuity plans in the face of COVID-19 and other operational risks;
• internal staff complaint investigation and resolution mechanisms, as well as agency instigated review for cause processes – triggers, procedures and support for staff;
• initiatives in development or underway regarding integration of artificial intelligence and machine learning, alongside traditional human sources, for intelligence production, analysis or other functions; and
• shifting operational priorities from emerging threats that alter longer term strategies or capabilities, or appropriation and capital investment.
  3. All agencies addressed these areas of focus in their submissions and in evidence provided at the classified hearings of 14 and 15 November 2022.

Impacts of COVID-19 and business continuity

Workforce and business continuity

4.4COVID-19 had a widespread impact on Australians over the 2020-21 reporting period. Intelligence agencies were not immune to these impacts, and, working within unique operating environments, faced a specific range of challenges that impacted how agencies undertook administration, expenditure, business continuity planning and operations.

4.5While the digital work-from-home reforms saw most office workers utilise flexible working arrangements, this option was limited for intelligence agencies. As ASIO noted, while its mission did not ‘diminish’, it did evolve.[1] This included agencies acquiring appropriate approvals where needed to ensure all staff could legally attend the workplace, travel, and engage with partners where needed.[2]

4.6In addition, maintaining a ‘COVID-safe working environment’ remained a priority for all intelligence agencies as they balanced their core mission and organisational priorities against the health and safety of staff.[3]

4.7ASIO said that it established a COVID-19 Crisis Management Team (CMT) in March 2020, which oversaw the organisation-wide response to the pandemic. Over the reporting period the CMT navigated ASIO through 12 lockdowns across six different jurisdictions.[4]

4.8Despite business continuity efforts, productivity losses were noted by some agencies.[5] AGO explained that, compared with similar periods in recent years, the organisation experienced an overall reduction in output.[6]

4.9While the operating environment was more complicated by COVID-19, ASD reported that for the majority of the review period the disruption to business was minimal.[7]

4.10Agencies also detailed a range of approaches to protect and support staff members during the reporting period.[8] Many of these details are classified and cannot be discussed in this report.

4.11Some activities in response to COVID-19 included the following:

• Most agencies were able to continue essential tasks by implementing staggered staffing arrangements, accommodation changes and increased cleaning. ASIO reported significantly increased cleaning costs over the reporting period, when compared to pre-COVID reporting periods.[9]
• ASD seconded up to 30 staff at a time to support Services Australia in its response to the pandemic.[10]
• Critical operations requiring access to sensitive and classified information and systems were able to continue, however with some variations in staffing arrangements.
• Nearly all agencies implemented working groups or committees to meet and assess the changing health requirements and respond in the most appropriate fashion.
• All agencies emphasised their focus on staff wellbeing, particularly through the use of employment assistance programs.
• Agencies with staff located overseas faced unique challenges: the Committee received evidence on support for staff, as well as special circumstances for travel and support of overseas operations.
  12. Some agencies indicated that by the conclusion of the reporting period work efforts were returning towards business as usual.

Security and intelligence environment

4.13The impact of the pandemic on intelligence agencies was multifaceted, altering the security and intelligence environment as well as the organisational environment discussed above. ASD reported that the pandemic exposed many Australians and organisations to increasing compromise online.[11] ASIO reported that COVID increased the opportunity for radicalisation and accelerated online propaganda and misinformation.[12]

4.14During the reporting period, the Australian Cyber Security Centre, within ASD:

• Received over 1,500 cybercrime reports of malicious cyber activity related to COVID-19.
• Removed over 7,770 websites hosting cybercrime material, from the commencement of a takedown service in March 2021.[13]
• Disrupted over 110 malicious COVID-19 themed websites over the reporting period.[14]
  15. In March 2021, the Director-General of Security said that COVID-19 impacted a range of security priorities, and required ASIO to adapt its methods and approaches.

For those intent on violence, more time at home meant more time in the echo chamber of the internet on the pathway to radicalisation. They were able to access hate-filled manifestos and attack instructions, without some of the usual circuit breakers that contact with the community provides.

Extreme right wing propaganda used COVID to portray governments as oppressors, and globalisation, multiculturalism and democracy as flawed and failing.

Islamic extremist narratives portrayed the pandemic as divine retribution against the West for perceived persecution of Muslims.

For foreign spies, the lack of opportunity for international travel and reduced social mobility meant their tradecraft evolved, and they increased their online activity and approaches.

As our targets changed their modus operandi in response to COVID, we too adapted our methods and approaches.[15]

4.16Though outside the reporting period, the Committee notes the Director-General of Security identified that issues related to radicalisation arising from COVID-19 continued into 2022.

Online radicalisation is nothing new, but COVID-19 sent it into overdrive, isolated individuals spent more time online exposed to extremist messaging, misinformation and conspiracy theories.[16]

4.17The Committee heard that COVID-19 saw an abundance of misinformation and disinformation produced and shared during the reporting period. The Australian Government’s Electoral Integrity Assurance Taskforce provides the following definitions of these phenomena:

• Misinformation is false information that is spread due to ignorance, or by error or mistake, without the intent to deceive.
• Disinformation is knowingly false information designed to deliberately mislead and influence public opinion or obscure the truth for malicious or deceptive purposes.[17]
  18. Observed throughout the reporting period (and since), misinformation and disinformation inevitably impacted Australia’s security and intelligence environment. Some of the discourse in Australia has used bots or fake actors, which are commonly used disinformation campaign techniques. Indeed, Facebook publicly reported in 2021 on several cases of ‘coordinated inauthentic behaviour’ networks that directly affected Australia.[18] Such campaigns can seek to undermine trust in democratic processes, reduce community cohesion, or destabilise local institutions.
  19. Several governmental bodies put measures in place to assist in the identification of misinformation[19] and dispelling COVID-19 myths.[20] Social media was (and remains) a particularly effective vessel for the distribution of this type of material, and the Australian Communications and Media Authority (ACMA) found in a 2021 report that where stricter content moderation on larger platforms is enforced, users frequently migrate to smaller social media networks that are less regulated.[21] Of note, the move to smaller social media networks has been linked to particular events (including riots, protests and the banning of public figures from mainstream social media services) which have focused on a broad range of issues beyond COVID-19.
  20. During the period ACMA oversaw the establishment of the voluntary Australian Code of Practice on Disinformation and Misinformation by the Digital Industry Group,first published in February 2021 and supported by eight key digital platforms.[22]
  21. Beyond the reporting period, in early 2022 the Director-General of Security continued to express concern that the:

… acceleration of radicalisation, online propaganda and misinformation, single issue extremism and minors embracing violent extremism all require a whole-of-government, whole-of-system and whole-of-nation approach.[23]

Staff complaint investigation and resolution mechanisms

4.22While the majority of information provided regarding staff complaints was classified, agencies commented broadly on the resolution mechanisms available, both internally and externally. Some additional details on staff complaints processes are contained in Chapter 2.

4.23Some submissions stressed the importance of providing a supportive environment, and the need to uphold organisational values alongside those shared across the Australian Public Service (APS), the APS Code of Conduct and relevant workplace legislation.[24]

4.24Investigation and resolution mechanisms varied between agencies. While some agencies emphasised their support for incidents to be resolved, initially, at the working level, all submitters outlined their formal workplace behaviour policies and supporting frameworks.[25] These frameworks include both internal and external complaints resolution schemes.

4.25Some external complaints avenues for staff across all agencies include the Inspector-General of Intelligence and Security (IGIS), the Public Interest Disclosure scheme, and the Commonwealth Ombudsman. ASIO also reported that its staff are able to utilise the services of its own independent ASIO Ombudsman, who is ‘used in a limited capacity to undertake complex formal investigations as delegated’.[26] Similarly, as discussed in Chapter 2, ASIS staff members have access to the ASIS Ombudsman who provides impartial and confidential advice to staff and management to address staffing concerns.[27]

Intelligence production through artificial intelligence and machine learning

4.26In explaining the potential application of artificial intelligence (AI) and machine learning (ML) to intelligence work, ASIO said:

There is a great deal of hype and misperception around artificial intelligence (AI). Much of the discussion exaggerates the capacity and scope of AI’s current application. In its simplest form AI is a computer program running on a central processing unit.[28]

4.27While the majority of evidence provided by agencies on their current and future use of AI and machine learning was classified, there were similar themes across intelligence agencies.

4.28Agencies explained how AI and ML were applied to support decision-making, such as through data collection and triage.[29] These tools were used to automate and improve a range of tasks that would otherwise be actioned by humans such as finding patterns in data, undertaking translation, or optical character recognition.[30] Intelligence agencies indicated that AI assists decision-making, rather than making decisions.[31]

4.29In a submission to the review, security academic Dr William Stoltz noted that the relevance of technological change and AI expansion was broader than its use by intelligence agencies:

… many transformative technologies impacting upon intelligence collection and counter-intelligence will continue to be developed by private firms or universities for typically non-intelligence purposes.[32]

4.30To illustrate the practical application of these technologies, agencies provided the Committee with a number of classified case studies on the application of AI and ML which cannot be included in this report.

4.31ONI reported that as part of its ongoing National Intelligence Community (NIC) Innovation Program it brought together NIC data practitioners, with a key point of discussion during the report period being ethical frameworks for AI and the scope for a common NIC approach.[33] Consensus was that ‘the NIC will be best served by aligning our whole-of-community efforts with the whole-of-government ethical framework led by the Department of Industry, Science, Energy and Resources’, with adaptations as needed to reflect NIC operational requirements.[34]

4.32Specific focus on AI and ML within AGO has seen the agency seek improvement to its ability to collect, process, analyse and produce geospatial intelligence through the Data Innovation and Analytics Directorate’s (DIAD) DEF100 project.[35] This project sought to improve analysts’ ability to interrogate larger volumes of data as well as appraise what infrastructure and processes will be necessary to support the adoption of ML and AI technologies into the future.[36] Further, DIAD has been able to collaborate with industry and academia to problem-solve unclassified technical challenges that can be addressed through application of AI and ML.[37] AGO reported that it ‘has operationally tested one object detection technology identified through an AGO Labs challenge against AGO missions’.[38]

4.33Other AI and ML areas on which agencies were focused during the reporting period included improving data literacy amongst staff, and expanding the role for a human-led, data-driven and technology-enabled approach to security intelligence.[39]

Security classifications and security incident terminology

4.34In the course of its review the Committee identified an additional issue warranting specific focus: compliance with the Australian Government’s Protective Security Policy Framework (PSPF) in relation to both the application of security classifications, and the terminology used to report on security matters.

4.35In February 2021 the IGIS released the report of its Preliminary Inquiry into the application of national security classifications in ASIO, ASIS, ONI, ASD, AGO and DIO.[40] This inquiry stemmed from the PJCIS’s ‘Inquiry into the impact of the exercise of law enforcement and intelligence powers on the freedom of the press’. Following concerns about over-classification of national security material raised during the PJCIS inquiry, the Committee recommended that IGIS conduct a preliminary inquiry into intelligence agencies’ national security classifications.

4.36Recommendation one from the IGIS’s preliminary inquiry found that within some intelligence agencies, ‘guidance on national security classifications is not up to date with amendments to the PSPF and legislative provisions, and some agency staff are not aware of this written guidance’.[41] The IGIS did find that in cases where this existed, agencies were already in the process of remediation.

4.37On a separate but related issue, the Committee observed variations between agencies in the way security incidents were categorised or described, in the evidence given to the Committee and the ensuing discussions. ASD noted that:

As part of ASD’s security governance uplift, the terminology used to report security matters has been updated to align with the PSPF. In the 2019-20 submission to the Committee, security incidents were reported as ‘breaches’.[42]

4.38Not all agencies had updated language to match the PSPF. In some cases agencies applied internally determined terminology to delineate particular matters.

Committee comment

4.39Overall, the Committee was satisfied with intelligence agencies’ approach to the areas of focus for this inquiry. The Committee acknowledges the quality of evidence given and the candour of agencies in discussing a range of topics including the impacts of COVID-19, staffing matters, the growth and application of artificial intelligence and machine learning, and security matters.

4.40The Committee notes that COVID-19 continued to present a unique range of challenges for intelligence agencies during the reporting period and that each intelligence agency employed a range of strategies to mitigate the impact to its core business. During its inquiry the Committee received evidence that the Office of National Intelligence commenced an enterprise-wide review of approaches to COVID-19 in line with the previous recommendation of the Committee.[43] Noting that COVID-19 continued to impact the NIC during the reporting period, the Committee considers there may be additional information that could inform ONI’s review.

4.41Therefore, the Committee reiterates its previous recommendation and looks forward to seeing the Office of National Intelligence conclude its review into the initial and ongoing response to COVID-19 and provide its report to the Committee.

4.42The Committee also notes the evolution of the intelligence and security environment resulting from COVID-19, including the ongoing rise of radicalisation and the spread of disinformation, misinformation and propaganda online.

4.43The Committee acknowledges the statements made in successive threat assessments by the Director-General of Security in this regard and considers that these speeches carry weight with the Australian public. Coming from an authoritative source, and in a position of trust within the Australian community, there is a role for Australia’s intelligence chiefs to continue to bring light to these issues and to continue to advocate for a ‘whole-of-nation approach’ to combatting misinformation and disinformation.

4.44To counter the spread of disinformation and propaganda in particular, the Committee considers that there could be an opportunity for the Director-General of Security to speak more broadly about the sources of disinformation and misinformation, and actions that can be taken to minimise its impact.

4.45Therefore, the Committee recommends that the Director-General of Security consider appropriate opportunities to report on the prevalence of disinformation, misinformation and propaganda, in relation to COVID-19 and more broadly, with a view to educating the public on their sources, the strategies undertaken by intelligence agencies to reduce their impact, and the preventative measures all Australians may take to reduce this threat.

4.46This recommendation is not intended to imply that public discourse or reporting on the prevalence of misinformation and disinformation is solely the provenance of the Director-General of Security. Rather, given public comments already made on this matter by the Director-General of Security, the Committee considers that the position of the head of ASIO is particularly well-placed to amplify communications to the Australian public about this significant and growing threat. Should other intelligence agencies seek to contribute similar public interventions where appropriate, this would be welcome.

The Committee recommends that the Director-General of Security consider reporting publicly, when appropriate opportunities arise, on the prevalence of disinformation, misinformation and harmful propaganda that threaten Australia’s national security, their sources, and strategies undertaken by intelligence agencies to reduce their impact.

4.47The Committee regarded the evidence of intelligence agencies in relation to artificial intelligence and machine learning with interest. The Committee notes that while AI and ML are not a ‘cure all’ solution to challenges faced by Australia’s intelligence agencies, this technology presents an opportunity to enhance resource allocation in the future. The Committee will continue to consider developments in this area in future reviews.

4.48In examining the administration of intelligence agencies, the Committee considered that inconsistency in language surrounding security incidents hampered the development of a complete understanding of the security operating environment. While work by agencies to address inconsistencies in security incident terminology may already be underway, the need for consistency in language used across intelligence agencies remains integral to the Committee’s effective understanding of security matters.

4.49The Committee will return to this in future reviews, with a view to ensuring that the frequency, severity and effectiveness of response to security incidents, and how the PSPF influences that understanding, can be more readily compared and understood.

4.50The Committee notes that the intelligence landscape continues to evolve as a result of the ongoing implementation of the outcomes of the Independent Intelligence Review (IIR) in 2017, the finalisation of the Richardson Review during the reporting period, as well as the independent review of the Defence intelligence enterprise. The Committee has considered a number of these changes in the course of this review and will continue to do so in future reviews.

4.51Though outside of the reporting period, the Committee notes the announcement of the establishment of the National Security Precinct as one such change, and looks forward to ONI keeping the Committee informed of developments on this significant project.

4.52Over time, the Committee’s consideration of the effectiveness of administration and expenditure by intelligence agencies has grown more complex, especially following the establishment of the NIC. The Committee is increasingly called upon to consider the granting of intelligence-related powers to agencies in the NIC where it does not have the ability to assess the administration of the powers.

4.53The IIR recommended that the functions of the Committee, and the IGIS, be expanded to cover the entirety of the NIC. The Committee has also made recommendations in this regard in its own reporting to Parliament.[44]

Mr Peter KhalilMP

Chair

Footnotes

[1]ASIO, Submission 6, p. 22.

[2]Department of Defence (DIO), Submission 9, p. 7; Department of Defence (AGO), Submission 9, p. 11.

[3]ASIO, Submission 6, pp. 22-24; Department of Defence (AGO), Submission 9, p. 11; Department of Defence (DIO), Submission 9, p. 7; ASIS, Submission 7, p. 14; ONI, Submission 4.1, p. 14; ASD, Submission 8, pp. 10-13.

[4]ASIO, Submission 6, p. 22.

[5]ASIS, Submission 7, p. 15; Department of Defence (AGO), Submission 9, p. 11.

[6]Department of Defence (AGO), Submission 9, p. 11.

[7]ASD, Submission 8, p. 10.

[8]ASIO, Submission 6, p. 25; ONI, Submission 4.1, p. 14.

[9]ASD, Submission 8, p. 12.

[10]ASD, Submission 8, p. 12.

[11]ASD, Submission 8, p. 12.

[12]Mr Mike Burgess, Director-General’s Annual Threat Assessment, Speech, 9 February 2022.

[13]Australian Cyber Security Centre, ACSC Annual Cyber Threat Report, July 2020 to June 2021, Report, September 2021.

[14]ASD, Submission 8, p. 12.

[15]Mr Mike Burgess, Director-General’s Annual Threat Assessment, Speech, 17 March 2021.

[16]Mr Mike Burgess, Director-General’s Annual Threat Assessment, Speech, 9 February 2022.

[17]Electoral Integrity Assurance Taskforce, Disinformation and Misinformation, Factsheet, www.aec.gov.au/About_AEC/files/eiat/eiat-disinformation-factsheet.pdf.

[18]Australian Communications and Media Authority (ACMA), A report to government on the adequacy of digital platforms’ disinformation and news quality measures, June 2021, p. 28.

[19]eSafety Commissioner, Media, misinformation and scams, www.esafety.gov.au/key-issues/covid-19/media-misinformation-and-scams, accessed 13 July 2023.

[20]Australian Government, COVID-19 Mythbusting, www.australia.gov.au/covid-19-mythbusting, accessed 13 July 2023.

[21]ACMA, A report to government on the adequacy of digital platforms’ disinformation and news quality measures, June 2021, p. 20.

[22]ACMA, Online misinformation, www.acma.gov.au/online-misinformation, accessed 13 July 2023. The signatories at the time of this report are Adobe, Apple, Facebook, Google, Microsoft, Redbubble, TikTok and Twitter.

[23]Mr Mike Burgess, ‘Director-General’s Annual Threat Assessment’, Speech, 9 February 2022.

[24]ONI, Submission 4.1, p. 13; see also, Mr Damon O’Hara, Submission 11.

[25]ONI, Submission 4.1, p. 13; ASIS, Submission 7, p. 29; Department of Defence (DIO), Submission 9, pp. 16-18; ASIO, Submission 6, pp. 58-61; Department of Defence (AGO), Submission 9, p. 39.

[26]ASIO, Submission 6, p. 61.

[27]ASIS, The benefits of working at ASIS go beyond ordinary, just like the job, www.asis.gov.au/Life-At-ASIS/Benefits, accessed 2 February 2023.

[28]ASIO, Submission 6, p. 79.

[29]ASD, Submission 8, p. 67.

[30]ASD, Submission 8, p. 65; ASIO, Submission 6, p. 79.

[31]ASD, Submission 8, p. 65; ASIO, Submission 6, p. 80.

[32]Dr William Stoltz, Submission 3, p. 9.

[33]ONI, Submission 4.1, p. 17.

[34]ONI, Submission 4.1, p. 17.

[35]Department of Defence (AGO), Submission 9, p. 6.

[36]Department of Defence (AGO), Submission 9, p. 6.

[37]Department of Defence (AGO), Submission 9, p. 6.

[38]Department of Defence (AGO), Submission 9, p. 6.

[39]Department of Defence (DIO), Submission 9, p. 4; ASIO, Submission 6, p. 82.

[40]IGIS, Preliminary Inquiry Report - Preliminary Inquiry into the application of national security classifications in ASIO, ASIS, ONI, ASD, AGO and DIO, 25 February 2021, p. 8.

[41]IGIS, Preliminary Inquiry Report - Preliminary Inquiry into the application of national security classifications in ASIO, ASIS, ONI, ASD, AGO and DIO, 25 February 2021, p. 8.

[42]ASD, Submission 8, p. 50.

[43]Parliamentary Joint Committee on Intelligence and Security, Reviews of Administration and Expenditure: No. 18 (2018-2019) and No. 19 (2019-2020) – Australian Intelligence Agencies, October 2021, paras. 4.37-4.38.

[44]Parliamentary Joint Committee on Intelligence and Security, Advisory report on the Intelligence Oversight and Other Legislation Amendment (Integrity Measures) Bill 2020, February 2022, Recommendations 1 and 2.