The legislative framework governing electronic surveillance by Australian police and intelligence services is undergoing major reforms. There has long been a call for such an overhaul given the significant changes in the way we communicate since the first of these laws were passed in 1979. the agencies are doing their job without compromising Australians’ right to privacy too much. Privacy is a task complicated by the equally compelling prioritization of federal agency security concerns and civil society privacy concerns.
In December last year, the Home Office invited the public to submit a discussion paper on planned legislative reforms at a granular and operational level. The document shows a genuine commitment to regulating the powers and actions of agencies in accordance with both sides of this argument. But while government agencies and industry are engaged at a detailed working level about how the reforms will work in practice, the civil society debate remains overwhelmingly a high-level conceptual discussion about security and what looks like a rights-based approach in theory.
Audiences only really appreciate the overriding themes and values of security and privacy and the prospect of Orwellian state power. That’s probably (at least in part) because understanding former Australian Security Intelligence Organization chief Dennis Richardson’s 2020 review of the national intelligence community’s legal framework, the government’s response and Home Office documents on this means wading through a whopping 1,485 pages combined – and each document requires significant industry knowledge and time to fully understand.
The three acts to be repealed and replaced are the Telecommunications (Interception and Access) Act 1979the parts of the Australian Security Intelligence Organization Act 1979 and the most recent Monitoring Devices Act 2004.
Advancements in technology have made communication faster, cheaper, more convenient and, in some cases, more private. But in doing so, it has also made policing more difficult, not least because of the popular use of encryption and anonymization software.
Current laws have not proven adaptable to new operational and legal challenges resulting from these iterative advances and the ways in which criminals have exploited new technologies. A multitude of attempts at quick fixes through legislative amendments have only succeeded in creating a “patchwork of overlapping, and sometimes inconsistent and incompatible parts”, according to the Home Affairs working paper.
This makes it difficult for law enforcement to thwart and prosecute organized crime activities such as drug trafficking, child sexual exploitation, and the recruitment, financing, and organization of violent extremist attacks. With an archaic legal framework supporting operations, it has become difficult to achieve security results without compromising civil liberties.
As a result, Richardson’s review recommended that the relevant statutes be removed and replaced with entirely new, fit-for-purpose legislation.
This imperative is the result of three key developments since the laws were passed: how we communicate, how the industry and associated infrastructure operates, and how organized crime is, for lack of a better word, organized.
First, telecommunications has completely transformed since the original laws were passed. Communication is no longer unprotected, point-to-point and with clear terminals. The internet and over-the-top messaging services such as WhatsApp and Signal, which provide data communication services and can encrypt those communications, have reduced the ability of security agencies to lawfully monitor criminal activity under the current framework. .
End-to-end encryption of the entire communication channel and anonymization software that hides the user’s identity have made policing more difficult. Even though law enforcement can legally “eavesdrop on the line,” they can’t see the content, and even though they can see the content or see that two devices are communicating, they can’t necessarily identify the people communicating.
For a long time, the telecommunications infrastructure over which this data travels was not fully owned and controlled by the government. Physical components and electronic communication layers are now likely to have multiple owners. Where before a phone company had all your records, now you can use your cell phone to connect to wi-fi and then to an app that provides over-the-top messaging services.
Private industry now contributes to decision-making and regulation, bringing the necessary considerations of market forces and consumer confidence. The government understands the importance of this contribution and wants it to continue, which means that industry also plays an active role in the legal, ethical and enforcement aspects of this national security issue.
Telecommunications have evolved from landline phones to smartphones, and communication over the Internet (and all the hidden infrastructure that powers it) has become more complex. As part of the reform process, industry providers are rightly engaged on the implementation issues most pressing for them, typically around compliance costs, feasibility and administrative burden for providers. businesses and government agencies. But public expectations of industry responses to these reforms are complicated by the fact that Australians are now both privacy-entitled citizens and willing-to-pay customers. We may choose providers based on the privacy and security they can provide.
Transnational and serious organized crime groups have exploited the privacy and ease of communications that technology can provide within and between criminal groups in Australia and overseas. Through these new means of communication, organized crime has been able to take advantage of the growing interconnectedness of the economies and societies of nations globally to shift its business models from regional to global in terms of supply chains and markets. targets.
Developing a new law is a step in the right direction for both of these interests, as it will align this conversation and legislation with current technology and the threat landscape.
Difficult questions about how to balance security and freedom in practice remain as the new law and Telecommunications (Assistance and Access) Amendment Act 2018 which is pending review.
We should keep, as a guiding principle, the need to hold online law enforcement to a rights-based standard that is equal to or even higher than the standard for offline work due to the increased capacity for insecurity and abuse by others in the online industry. world.