1.10
The statement of compatibility provides limited information about the
objective of the information sharing powers. However, the explanatory
memorandum explains that:
1.11
In light of this information, it is possible that the measure
pursues a legitimate objective under human rights law and is rationally
connected to that objective.
1.12
In relation to proportionality, the statement of compatibility provides
the following information regarding the availability of safeguards to protect
against the disclosure of personal information:
1.13
Such provisions, including proposed section 62 of the bill, are
relevant safeguards to protect against unauthorised disclosure of personal
information.
1.14
However, in order to be a proportionate limitation on the right to privacy,
powers to disclose personal information must be sufficiently circumscribed and
be only as extensive as is strictly necessary to achieve the objective of the
measure.
1.15
In this regard, the statement of compatibility does not provide any
information about what constitutes the 'public interest' for which information
can be disclosed, nor does it clarify whether all persons and organisations to
whom information may be disclosed under section 61 are subject to the Privacy
Act 1988 (Privacy Act). Further, the statement of compatibility does not
provide any information as to the proposed power to disclose information
pursuant to rules,[16] which raises additional questions as to whether the disclosure power is
sufficiently circumscribed. It is not clear, for example, whether the rules
will contain safeguards on the disclosure of personal information, such as
requiring the consent of the person affected, or providing for review of the
disclosure by an independent body. A copy of the proposed rules would assist in
this respect.
1.18
Division 2 of part 7 of the bill contains provisions relating to
information sharing between the Commissioner, secretary and minister.
1.19
Proposed section 56 provides that the Commissioner must give
information to the secretary in accordance with the rules or at the secretary's
request, where the secretary requires the information to perform their
functions or exercise their powers. Section 57 similarly provides that the
secretary must give information to the Commissioner at the Commissioner's
request, where the information is available to the secretary, and the
Commissioner requires the information to perform their functions.
1.20
Proposed section 58 provides that the minister may, by written
notice, require the Commissioner to prepare a report or document about matters
relating to the performance of the Commissioner's functions, and provide the
report within the period specified by the notice. Subsection 58(4)
provides that the minister may publish such a report or document on the
internet or otherwise.
1.21
The relevant principles relating to the right to privacy are outlined
above at [1.8]. It is unclear whether the information that can be shared or
published under Division 2 could include personal information, or whether
Division 2 excludes the disclosure of such information because it is 'protected
information'. To the extent that personal information might fall within the
scope of 'information' prescribed by Division 2, questions arise as to whether
the measure is a proportionate limitation on the right to privacy. This is
particularly the case in relation to section 56, where the circumstances and
the kind of information to be shared are to be specified in the rules. The
statement of compatibility does not provide any information in this respect.
1.24
Proposed subsection 60(1) of the bill would make it an offence for
a person to record, use or disclose protected information, including personal
information, to another person if they obtain such information in the course of
performing functions or exercising powers under, or for the purposes of, the
(proposed) Act or the rules.
1.25
Proposed subsection 60(3) provides that subsection 60(1) does not
apply if:
1.26
Proposed subsection 60(4) provides that subsection 60(1) does not
apply if the disclosure is to the person or body to whom the information
relates or the disclosure is to the minister or the secretary.
1.27
For each of these defences, the defendant bears an evidential burden in
relation to proving the relevant matters.
1.28
Article 14(2) of the International Covenant on Civil and Political
Rights protects the right to be presumed innocent until proven guilty according
to law. Generally, consistency with the presumption of innocence requires the
prosecution to prove each element of a criminal offence beyond reasonable
doubt. Provisions that reverse the burden of proof and require a defendant to
disprove, or raise evidence to disprove, one or more elements of an offence,
engage and limit this right.
1.29
Reverse burden offences will not necessarily be inconsistent with the
presumption of innocence provided that they are within reasonable limits which
take into account the importance of the objective being sought and maintain the
defendant's right to a defence. In other words, such provisions must pursue a
legitimate objective, be rationally connected to that objective and be a
proportionate means of achieving that objective.
1.31
In relation to the defences in subsections 60(3) and (4), the defendant
bears an evidential burden (requiring the defendant to raise evidence about the
matter). However, the statement of compatibility does not identify that the
reverse burden offences in the bill engage and limit the presumption of
innocence, and therefore does not provide an assessment as to whether the
limitation is permissible. Relevant information in this respect would include
whether the matters for which the defendant is required to raise evidence
include information that would be peculiarly within the knowledge of the
defendant.
1.35
Currently, section 3UM of the Crimes Act provides that a constable may
request a person provide evidence of their identity where the constable
reasonably suspects the suspect has committed, is committing or intends to
commit an offence against a law of the Commonwealth, or a law of a State or
Territory, punishable by imprisonment for 12 months or more.
1.36
The bill seeks to introduce additional bases on which the powers can be
exercised and additional persons who can exercise these powers. Proposed
section 3UN provides that a constable or a PSO may direct a person to give the
constable or PSO evidence of the person's identity (identification direction).[20] An identification direction may be issued if the constable or PSO:
1.37
Proposed section 3UO provides that a constable or PSO may give a
direction to a person (a move-on direction) not to take a specified flight, or
any flight, to or from that airport, or any specified major airport, for a
specified period of no more than 24 hours after the direction is given.[23] A move-on direction may also direct a person to leave the airport premises as
soon as practicable, and not enter those premises, or the premises of any
specified major airport, for a specified period of no more than 24 hours after
the direction is given .[24]
1.39
A move-on direction covering a period of more than 12 hours must be
given, or authorised, by a senior police officer.[26] There are restrictions on repeated directions within seven days of the first
move-on direction, such that no more than one later direction (the second
direction) can be given within that period; the second move‑on direction
can only be given if: another assessment is made that the requirements to issue
a move-on direction are satisfied; the second direction is given or authorised
by a senior police officer; and the second period of exclusion from the airport
premises would end no later than seven days after the first direction was
given.[27]
1.40
Proposed section 3UQ provides that a constable or PSO may direct a
person to stop or 'do anything else the constable considers on reasonable
grounds to be necessary' to facilitate the direction to give identity
information or the move-on direction.[28] A constable or PSO may give this direction if it is given on the premises of a
major airport and the constable or PSO considers on reasonable grounds that it
is necessary to give the direction to facilitate the exercise of the power to
give a direction to give identity information or a move-on direction.[29]
1.41
The identification, move-on and stop and ancillary directions powers
introduced by the bill engage and may limit several human rights including:
1.42
Each of these rights is discussed further below.
1.43
Article 17 of the International Covenant on Civil and Political Rights (ICCPR)
prohibits arbitrary or unlawful interferences with an individual's privacy,
family, correspondence or home. As acknowledged in the statement of
compatibility,[31] the bill engages and may limit the right to privacy as it requires a person to
produce evidence of their identity to a constable or PSO if certain
circumstances exist. The right is also engaged by the stop and ancillary
directions powers, as a person may be directed to do anything the constable
considers on reasonable grounds to be necessary to facilitate the exercise of
an identification direction.[32]
1.44
The right to privacy may be subject to permissible limitations which are
provided by law and are not arbitrary. In order for limitations not to be
arbitrary, the measure must pursue a legitimate objective and be rationally
connected and proportionate to that objective.
1.45
The statement of compatibility describes the objective of the measures
as follows:
1.46
The statement of compatibility also explains that the new powers are
aimed at addressing the following pressing and substantial concern:
1.47
Based on the information provided in the statement of compatibility, the
stated objectives of enhancing safety and security in airports, and of
preserving national security, public order and the rights and freedoms of
others, are likely legitimate objectives for the purposes of international
human rights law.
1.48
Directing a person to provide identification where it is necessary to
safeguard aviation security, or where a person is suspected on reasonable
grounds to have committed, be committing or be intending to commit particular
offences, appears to be rationally connected to these objectives. However, it
is not clear based on the information provided how the power to 'do anything
else' necessary to facilitate the exercise of the identification directions
power would necessarily be effective to achieve the objective, as the concept
is extremely broad. Further information from the minister as to what ancillary
directions would be included in the concept of 'do[ing] anything else' would
assist in determining whether this aspect of the measures is rationally
connected to the stated objective.
1.49
As to proportionality, the statement of compatibility states that the
identification directions 'have a minimal impact on a person's privacy'.[35] This is relevant to determining whether the limitation on the right to privacy
is proportionate.[36]
1.50
However, in order to be a proportionate limitation on the right to
privacy, a limitation must be sufficiently circumscribed to ensure that it is
only as extensive as is strictly necessary to achieve the objective. Here,
questions arise as to whether the ability of the constable or PSO to issue an
identification direction where they consider on 'reasonable grounds' that it is
'necessary' to give the direction to 'safeguard aviation security' is
sufficiently circumscribed. In this respect, the statement of compatibility
states that an identification direction issued to safeguard 'aviation security'
is proportionate because:
1.51
While the requirements that a constable or PSO must have 'reasonable
grounds' to consider it 'necessary' to issue an identification direction are
important safeguards, concerns remain insofar as 'aviation security' is defined
broadly to include the 'good order and safe operation' of major airports, their
premises and flights to and from such airports. In particular, 'good order' is
not defined in the bill, and it is unclear whether the concept would capture a
broader range of conduct than is strictly necessary to fulfil the legitimate
objectives of the bill. It is unclear, for example, whether a peaceful protest
in a major airport would be conduct capable of disrupting the 'good order' of
the airport so as to enliven the power to give an identification direction.[38]
1.52
Similarly, there are also concerns as to the breadth of the ancillary
directions power to direct a person to 'to do anything else' considered on
reasonable grounds to be necessary to facilitate the identification direction
power. It is not clear, for example, whether this could require a person to
remove an item of clothing (such as a facial covering) for the constable or PSO
to ascertain a person's identification. This raises concerns that the measure
may be insufficiently circumscribed. Further information as to what is
envisaged by the ancillary power to require a person to 'do anything else'
considered necessary to facilitate the identification direction power would
assist in determining whether the measure is proportionate.
1.55
Article 12 of the ICCPR protects freedom of movement. The right to
freedom of movement includes the right to move freely within a country for
those who are lawfully within the country, and also includes the right to leave
a country. The right to leave a country encompasses both the legal right and
practical ability to leave a country, and therefore it applies not just to
departure for permanent emigration but also for the purpose of travelling
abroad. There can be limitations on the right to leave a country, including
where it is necessary and proportionate to achieve the objectives of protecting
the rights and freedoms of others, national security, public health or morals,
and public order.
1.56
As acknowledged in the statement of compatibility, the right to freedom
of movement is engaged by the bill in several respects. First, it is engaged by
the move-on directions, which are capable of limiting the movement of a person
in and out of major airports (including preventing them from leaving the
country).[39] It is also engaged and limited by the ancillary directions powers to direct a
person to stop or to do anything else the constable considers on reasonable
grounds to be necessary to facilitate the move-on powers.[40]
1.57
The statement of compatibility states that the move-on and ancillary
directions serve a legitimate objective because the directions powers:
1.58
The statement of compatibility also explains that while there are
limited powers under the Commonwealth law to direct a person to move on from
the premises of airports,[42] the existing powers are limited to safeguarding against unlawful interference
with aviation rather than 'disruptive behaviour more generally'.[43] It also explains that there is a suite of move-on powers under state and
territory legislation, but that these vary between the jurisdictions. Therefore
the move-on directions powers in the bill 'will ensure police have access to
consistent and targeted powers across Australia to exclude a person from the
aviation environment in order to prevent and/or disrupt criminal or security
threats'.[44]
1.59
Preventing or disrupting criminal or security threats may be capable of
constituting legitimate objectives in the context of the move-on directions
power, in light of the explanation in the statement of compatibility regarding
the inadequacy of existing laws. However, in relation to the ancillary
directions power, which would require a person to stop or do anything else
necessary to facilitate the exercise of the identification or move-on
directions powers, the statement of compatibility does not address why current
laws are insufficient such as to warrant this additional power. Further
information as to how the ancillary directions power addresses a pressing and
substantial concern, including why current powers are insufficient, would
assist in determining whether this measure pursues a legitimate objective for
the purposes of international human rights law.
1.60
Directing a person to move-on by not taking a specified flight or leaving
the airport premises would appear to be rationally connected to the stated
objective.[45] However, as discussed above in relation to the right to privacy, it is not
clear based on the information provided how the power to 'do anything else'
necessary to facilitate the exercise of the move-on or identification
directions power would be effective to achieve the objective, as the concept is
very broad.
1.61
In relation to the proportionality of move-on directions, the statement
of compatibility states that the measure takes the least rights restrictive
approach on the following basis:
1.62
The statement of compatibility also states that the requirement that the
constable or PSO must suspect or consider on reasonable grounds that the
move-on direction is necessary to achieve the permissible purposes also ensures
that these directions will be used in a proportionate manner.[47]
1.63
The statement of compatibility states that the measures are necessary
because:
1.64
However, the consequence of a move-on direction, including a requirement
not to take a flight for a period of time, could be significant for a person.
For example, a person directed not to take their flight when traveling with
their family could be separated from their family as a result of the move-on
direction.[49] Further, as discussed in relation to the right to privacy at [1.51] above, the
breadth of the definition of 'aviation security' (including 'good order and
safe operation' of major airports) raises questions as to whether the power
would apply to a broader range of conduct than is strictly necessary to fulfil
the legitimate objectives of the bill. This raises questions as to whether the
move-on directions power to safeguard aviation security is sufficiently
circumscribed.
1.65
In relation to the ancillary directions powers, the statement of
compatibility states that while an ancillary directions order (such as an order
to stop) may impede a person's freedom of movement, 'it remains necessary and
proportionate as a constable or PSO must have reasonable grounds that the
direction is necessary before it can be issued'.[50] The statement of compatibility also states that the phrase 'reasonable
grounds' means that the constable or PSO 'must choose the least intrusive means
to ensure that an identity check or move-on direction can be facilitated, as a
more excessive option is unlikely to be found to be necessary on reasonable
grounds'.[51]
1.66
However, there remain concerns as to whether this power is sufficiently
circumscribed and accompanied by adequate safeguards in circumstances where it
is not clear what the power to direct a person 'to do anything else' to
facilitate the exercise of the identification and move-on directions powers
entails. It is not clear, for example, whether it could require a person to
sit in a separate room in the airport until the specified flight departs or the
person's identity can be ascertained. It is also unclear whether there is any
limitation to the duration of time in which a person can be stopped pursuant to
an ancillary direction. This raises concerns that the measures may also not be
accompanied by adequate safeguards.
1.67
Additionally, the ability to direct a person to stop for an undefined
period of time coupled with a power to direct a person to 'do anything else'
raises additional questions as to whether the measure may engage and limit the
right to liberty. The right to liberty in Article 9 of the ICCPR prohibits
state parties from depriving a person of their liberty except in accordance
with the law, and provides that no one shall be subject to arbitrary detention.
It applies to deprivations of liberty, rather than mere restrictions on whether
a person can freely move around. However, a restriction on a person's movement
may be to such degree and intensity that it would constitute a 'deprivation' of
liberty, particularly if an element of coercion is present.[52] The statement of compatibility does not address whether the power to direct a
person to 'stop' or 'do anything else' may engage and limit the right to
liberty.
1.68
The preceding analysis indicates that the measures in the bill engage
and limit the right to freedom of movement. The committee seeks the further
advice of the minister as to the compatibility of the measures with this right,
in particular:
1.69
The preceding analysis also indicates the ancillary powers to require a
person to stop or 'do anything else' to facilitate the exercise of the
identification and move-on directions powers may engage and limit the right to
liberty. The committee therefore seeks the further advice of the minister as to
the compatibility of the measures with this right.
1.70
The right to equality and non-discrimination provides that everyone is
entitled to enjoy their rights without discrimination of any kind, and that all
people are equal before the law and entitled without discrimination to the
equal and non‑discriminatory protection of the law.[53] Equality before the law provides that law must not be applied by law
enforcement authorities or the judiciary in an arbitrary or discriminatory
manner.
1.71
'Discrimination' is defined as a distinction based on a personal
attribute (for example, race, sex or religion)[54], which has either the purpose ('direct'
discrimination), or the effect ('indirect' discrimination), of adversely
affecting human rights.[55] The UN Human Rights Committee has explained
indirect discrimination as 'a rule or measure that is neutral on its face or
without intent to discriminate', which exclusively or disproportionately
affects people with a particular personal attribute.[56] Where a measure impacts on particular groups disproportionately, it establishes prima facie that there may be indirect discrimination.
1.72
The statement of compatibility states that the proposed identity check,
move-on and ancillary directions will apply equally to all persons within a
major airport regardless of age, gender, ethnicity, religious background or
other status.[57] However, there are questions as to whether the powers to issue directions where
a constable or PSO considers on reasonable grounds that a person has committed,
is committing, or intends to commit certain offences, or that it is necessary
to safeguard aviation security, may engage this right. This is because, unless
there are sufficient safeguards, the directions powers introduced by the bill
have the potential, in practice, to be applied in a manner which may target,
for example, persons with certain physical characteristics or of particular
national or ethnic origins. Where this kind of targeting occurs, without
objective or reasonable justification, it will be incompatible with the right
to equality and non-discrimination.[58] That is, it may result in the law being applied in ways that are
discriminatory, and may have a disproportionate or unintended negative impact
on particular groups based on race or religion and therefore be potentially
indirectly discriminatory. This form of targeting is often referred to as
racial profiling.
1.73
Differential treatment (including the differential effect of a measure
that is neutral on its face) will not constitute unlawful discrimination if the
differential treatment is based on reasonable and objective criteria such that
it serves a legitimate objective, is effective to achieve that legitimate
objective and is a proportionate means of achieving that objective.
1.74
The statement of compatibility states that the 'reasonable grounds'
requirement for each of the powers 'ensures that directions are based on
actionable intelligence relevant to aviation security or criminal
conduct' and that this requirement prevents a direction being issued 'solely on
the basis of a person's age, ethnicity or religious background'.[59] The statement of compatibility further states in this respect that:
1.75
The statutory frameworks relating to anti-discrimination are important
safeguards, as is the requirement that a constable or PSO has 'reasonable
grounds' before issuing a direction. However, as discussed above, the power to
issue a direction on reasonable grounds is framed broadly, arising where a
constable or PSO considers on reasonable grounds that exercising the power is
necessary to safeguard aviation security (including 'good order', which is not
defined), or where he or she suspects that a person 'intends to commit an
offence'. The conferral of this widely framed power to an officer gives rise to
a risk of arbitrariness or a risk that the power may be misused in a manner
incompatible with the right to equality and non-discrimination.[61]
1.76
The Committee on the Elimination of Racial Discrimination has stated
that the fulfilment of the non-discrimination provisions of the International
Convention on the Elimination of All Forms of Racial Discrimination requires
national law enforcement officials who exercise police powers to receive
intensive training to ensure that in the performance of their duties they respect
as well as protect human dignity and maintain and uphold the human rights of
all persons without distinction as to race, colour or national or ethnic
origin.[62] In this respect, the AFP Code of Conduct and the Behavioural Assessment and
Security Questioning are also relevant safeguards. However, further information
as to how these professional standards apply in practice is required to assess
whether such practices provide an adequate safeguard against the laws operating
in a discriminatory manner. It is also not clear from the information provided
the extent to which those frameworks will apply to PSOs, who are not members of
the AFP.[63]
1.79
The right to freedom of expression requires the state not to arbitrarily
interfere with freedom of expression, particularly restrictions on political
debate. It protects all forms of expression and the means of their dissemination,
including spoken, written and sign language and non-verbal expression. The
right to peaceful assembly is the right of people to gather as a group for a
specific purpose.
1.80
As discussed above, due to the breadth of the definition of 'aviation security'
(and in particular the words 'good order') it is unclear whether a peaceful
protest in a major airport would be conduct capable of disrupting the 'good
order' of the airport so as to enliven the power to give an identification,
move-on or ancillary powers direction because the constable or PSO considers on
reasonable grounds it is necessary to 'safeguard aviation security'. If this
were the case, the measures would engage and may limit the right to freedom of
expression and the right to freedom of assembly. These rights may be subject to
permissible limitations where the measure pursues a legitimate objective, and is
rationally connected to, and proportionate to achieving, that objective.
However, the statement of compatibility does not acknowledge that this right is
engaged and limited, so does not provide an assessment as to whether the
limitation is justifiable under international human rights law.
Committee comment
1.81
The preceding analysis indicates the measures may engage and
limit the right to freedom of expression and the right to freedom of assembly.
The statement of compatibility does not acknowledge these rights may be engaged
and limited by the bill. The committee therefore seeks the advice of the
minister as to the compatibility of the measures with this right, including:
- whether there is reasoning or evidence that establishes that the
stated objective addresses a pressing or substantial concern or whether the
proposed changes are otherwise aimed at achieving a legitimate objective;
- whether there is a rational connection between the limitation and
that objective; and
- whether the limitation is a reasonable and proportionate measure
for the achievement of that objective.
Telecommunications and Other Legislation Amendment (Assistance and Access)
Bill 2018
Purpose |
Seeks to amend various
Acts in relation to telecommunications, computer access warrants and search
warrants to: introduce new provisions to
allow law enforcement and security agencies to secure assistance from key
providers in the communications supply chain both within and outside
Australia; increase agencies' ability to use a range of measures, including
to obtain computer access warrants, to covertly collect evidence from
electronic devices, and to request a search warrant to be issued in respect
of a person for the purposes of seizing a computer or data storage device. |
Portfolio |
Home Affairs |
Introduced |
House of Representatives,
20 September 2018 |
Rights |
Multiple rights |
Status |
Seeking additional
information |
Technical assistance notices, technical capability notices and technical
assistance requests
1.82
Schedule 1 of the bill seeks to amend the Telecommunications Act 1997 (Telecommunications Act) to grant certain persons with the power to give a
'designated communications provider'[64] (provider) technical assistance notices, technical assistance requests, and
technical capability notices, for the purposes of assisting law enforcement and
intelligence agencies with performing certain functions and discharging certain
powers relevant to crime, national security, and other objectives.
Technical assistance notice
1.83
Section 317L provides that the Director-General of Security (who leads
the Australian Security Intelligence Organisation, ASIO) or the chief officer
of an 'interception agency'[65] may give a provider a notice that requires the provider to do one or more specified
'acts or things' in connection with any or all of the 'eligible activities'[66] of the provider (technical assistance notice). Prior to giving the notice, the
Director-General or chief officer giving the notice must be satisfied that
doing so is reasonable, proportionate, practicable and technically feasible.[67] The 'act or thing' specified in the technical assistance notice must be by way
of giving help to either ASIO or the interception agency in relation to the
performance of a function or the exercise of a power relevant to the objectives
of: enforcing the criminal law and laws imposing pecuniary penalties, or
assisting the enforcement of the criminal laws in a foreign country, or
safeguarding national security.[68]
Technical capability notice
1.84
Section 317T gives the Attorney-General the power to issue a 'technical
capability notice' requiring a provider to do an 'act or thing' which must be
directed towards ensuring that the provider is capable of giving 'listed help',
or be by way of giving help, to ASIO or an interception agency, in relation to
performance of a function or exercise of a power insofar as it relates to a
'relevant objective'. 'Relevant objective' means enforcing the criminal law
and laws imposing pecuniary penalties, or assisting the enforcement of the
criminal laws in a foreign country, or safeguarding national security. Help
will constitute 'listed help' if it consists of a listed act or thing, or one
or more acts or things of a kind determined by legislative instrument.[69]
Technical assistance request
1.85
Section 317G of the bill provides for the giving of 'technical
assistance requests', which operate similarly to technical assistance notices
and technical capability notices, except that compliance with a technical
assistance request is voluntary.[70] A provider that decides to comply with the request is not subject to civil
liability in relation to an 'act or thing' done in accordance with the
technical assistance request, or in good faith purportedly with the request.[71] In addition, the Director-General of the Australian Secret Intelligence Service
(ASIS) and the Director-General of the Australian Signals Directorate (ASD) may
also make a technical assistance request, as well as ASIO and interception
agencies. Further, the 'act or thing' specified in the technical assistance
request may 'be directed towards ensuring that the designated communications
provider is capable of giving help' to ASIO, ASD, ASIS or the interception
agency. In addition to seeking assistance in relation to the functions performed
or powers exercised for enforcing criminal laws, imposing pecuniary penalties
and assisting the enforcement of foreign criminal laws, technical assistance
requests can also be made to procure assistance with functions performed or
powers exercised in relation to 'the interests of Australia's national
security, the interests of Australia's foreign relations or the interests of
Australia's national economic well-being'.[72]
Listed acts or things
1.86
The 'acts or things' that may be specified in a technical assistance
notice, technical capability notice or technical assistance request include,
but are not limited to, 'listed acts or things'.[73] Listed acts or things include, for example:
- removing one or more forms of electronic protection;[74]
- installing, maintaining, testing or using software or equipment;[75]
- ensuring that information obtained in connection with the
execution of a warrant or authorisation is given in a particular format;[76]
- facilitating access to customer equipment, software or a service;[77] and
- assisting with the testing, modification, development or
maintenance of a technology or capability.[78]
1.87
It also includes an act or thing done to conceal the fact that any thing
has been done covertly.[79]
Limitations on technical assistance
notices and technical capability notices
1.88
The bill also provides that a technical assistance notice or technical
capability notice must not have the effect of requiring a provider to implement
or build a systemic weakness or a systemic vulnerability into a form of
electronic protection, or prevent a provider from rectifying such a weakness or
vulnerability.[80] This includes implementing or building a new decryption capability in relation
to a form of electronic protection, or one or more actions that would render
systemic methods of authentication or encryption less effective.[81]
1.89
Further, the bill provides that technical assistance notices and
technical capability notices have no effect to the extent that they would
require a provider to do a thing for which a warrant or authorisation under the Telecommunications (Interception and Access) Act 1979 (TIA Act), the Surveillance
Devices Act 2004 (SD Act), the Crimes Act 1914 (Crimes Act),
the Australian Security Intelligence Organisation Act 1979 (ASIO Act),
the Intelligence Services Act 2001 (IS Act) or equivalent State and
Territory laws would be required.[82]
Compatibility of the measures with
multiple rights
1.90
As acknowledged in the statement of compatibility, the technical
assistance notices and requests and technical capability notices engage and may
limit a number of human rights including the right to privacy, the right to
freedom of expression, and the right to an effective remedy. Each of these
rights is discussed further below.
Compatibility of the measures with
the rights to privacy and freedom of expression
1.91
The statement of compatibility identifies that the measures engage the
rights to privacy and freedom of expression, but states that they represent
permissible limitations on those rights.[83]
1.92
The right to privacy protects against arbitrary and unlawful
interference with an individual's privacy, and includes the right to respect
for private and confidential information, particularly the storing, use and
sharing of such information and the right to control the dissemination of information
about one's private life. As noted in the statement of compatibility, the
measures engage the right to privacy because, as a consequence of such notices,
'communications providers may facilitate law enforcement, security and
intelligence agencies' access to private communications and data where an
underlying warrant or authorisation is present'.[84]
1.93
The right to freedom of expression in article 19(2) of the International
Covenant on Civil and Political Rights (ICCPR) includes the freedom to seek, receive
and impart information and ideas of all kinds, either orally, in writing or
print, in the form of art, or through any other media of an individual's
choice. As acknowledged in the statement of compatibility, the measures may
engage the right to freedom of expression 'by indirectly making some people
more reluctant to use communications services' because:
It is plausible that a person may minimise their use of
communications services if they believe government agencies can ask providers
to facilitate access to communications carried through these service, for
example by removing forms of electronic protection applied to their
communications if they are capable of doing so.[85]
1.94
The right to freedom of expression, as the statement of compatibility
identifies,[86] may only be subject to restrictions provided by law that are necessary for the
protection of national security or of public order or of public health or
morals. The right to privacy may be subject to permissible limitations which
are provided by law and are not arbitrary. That is, for each of these rights,
the measures must pursue a legitimate objective and be rationally connected and
proportionate to achieving that objective.
Legitimate objective
1.95
The statement of compatibility states that 'the bill pursues the
legitimate objective of protecting national security and public order by
addressing crime and terrorism',[87] specifically referring to 'terrorism, espionage, acts of foreign interference
and serious and organised crime'.[88]
1.96
In general terms, protecting national security and public order is
capable of constituting a legitimate objective for the purposes of
international human rights law. However, a measure will only pursue a
legitimate objective (capable of justifying a proposed limitation on human
rights) where there is a reasoned and evidence-based explanation of why the
measure addresses a pressing or substantial concern, and does not simply seek
an outcome which is convenient or desirable. The statement of compatibility
does not identify a pressing and substantial concern to be addressed by the
relevant measures. However, the explanatory memorandum indicates that the
measures are directed towards addressing the 'challenges associated with
encrypted communications', explaining that:
Secure, encrypted communications are increasingly being used
by terrorist groups and organised criminals to avoid detection and disruption.
Over 90% of telecommunications information being lawfully intercepted by the
Australian Federal Police now uses some form of encryption...
The increasing use of encryption has significantly degraded
law enforcement and intelligence agencies’ ability to access communications and
collect intelligence, conduct investigations into organised crime, terrorism,
smuggling, sexual exploitation of children and other crimes, and detect
intrusions into Australian computer networks.[89]
1.97
The committee's usual expectation is that this information would be
included in the statement of compatibility to enable assessment of whether the
measures pursue a legitimate objective.[90] However, even taking this information into account, further information is
required to establish a pressing and substantial concern for the purposes of
international human rights law. For example, it is not clear from the information
provided why the measures are necessary, as opposed to desirable or convenient,
to address the majority of information legally intercepted by ASIO being encrypted.
It is also not clear whether the aspects of the measures that do not appear on
their face to relate to decryption address a pressing or substantial concern.
1.98
Further, as noted in the statement of compatibility, 'national security'
and 'public order' represent permissible grounds on which the right to freedom
of expression may be restricted.[91]
However, there are questions as to whether aspects of technical assistance
requests restrict the right on these grounds, insofar as a request may be given
in relation to the objective of 'the interest of Australia's foreign relations
or Australia's economic well-being'.[92] These grounds are broader than those on which the right to freedom of
expression can be validly restricted, and the statement of compatibility does
not address if they are relevant to a valid ground. Further information from the
minister as to how the power to request technical assistance in relation to the
performance of functions or exercise of powers in relation to the interest of
Australia's foreign relations or economic well-being relates to a permissible
ground on which the right to freedom of expression can be restricted would
assist with this analysis. This would also assist in determining whether this
aspect of the measure is rationally connected to its objective.
Rational connection
Power to give technical assistance notices or requests, or
technical capability notices
1.99
Empowering ASIO to obtain technical assistance in relation to the
performance of its functions or exercise of powers related to safeguarding
national security or crime appears to be rationally connected to the objectives
of the bill. So, too, does granting such powers to some interception agencies
such as the Australian Federal Police. However, the definition of
'interception agency' is very broad and includes state-based anti-corruption
agencies. It is not clear how empowering these agencies, which do not appear to
discharge functions relevant to safeguarding national security and addressing
the type of crime contemplated in the statement of compatibility,[93] is effective to achieve the objectives of the bill (namely, protecting national
security and public order). The statement of compatibility does not explicitly
address this issue. Further information from the minister – namely, how
granting each of the agencies that fall within the definition of 'interception
agency' the power to give technical assistance notices or requests, or
technical capability notices, is effective to achieve the objectives of the
bill – would assist in assessing whether the measures are rationally connected
to a legitimate objective.
'Acts or things' compelled by a technical assistance notice
or technical capability notice, or requested by a technical assistance request
1.100
A question arises as to whether all of the 'acts or things' that may be
specified in a technical assistance notice or request, or technical capability
notices, are rationally connected to the stated objectives of the measures. The
statement of compatibility provides an example, that 'a technical assistance
notice may ask a provider to decrypt information that would otherwise be
unintelligible if the provider has the ability to do so'.[94]
This appears to be rationally connected with the objectives of protecting
national security and public order in circumstances where 'encryption is
increasingly being used by terrorist groups and organised criminals'.[95] Other 'listed acts or things', such as ensuring information obtained in
connection with a warrant is given in a particular format,[96] also would appear to be an effective means to achieve the objectives of the
bill.
1.101
However, the statement of compatibility otherwise does not specifically
address how each of the listed acts or things a provider may be required to do
in compliance with a technical assistance notice or request, or technical
capability notice, is rationally connected to the objectives of the bill. It is
not clear, for example, how modifying a service provided by a provider,[97] or requiring a provider to install software,[98] would be effective to achieve the objectives of protecting national security
and public order by addressing crime and terrorism. In relation to technical
capability notices, the statement of compatibility states that capabilities
built as a result of acts or things done pursuant to a technical capability
notice 'may' assist agencies to access private communications for investigative
purposes,[99] but does not elaborate as to how. Further information from the minister as to
how each of the listed acts or things are rationally connected with the stated
objectives of the bill would assist for the purposes of this analysis.
1.102
Further, the 'acts or things' that a provider can be compelled or
requested to do is not limited to 'listed acts or things'.[100] As the list of acts or things that can be compelled or requested is
non-exhaustive, it is difficult to assess whether the measures as a whole are
rationally connected with the objectives of the bill. Further information from
the minister as to how requesting or compelling a provider to do any act or
thing beyond the 'listed acts or things' in the bill is effective to achieve
the objectives of the measures would assist with this analysis.
Proportionality
Power to give technical assistance notices or requests,
or technical capability notices
1.103
As to proportionality, measures that restrict the right to privacy and
freedom of expression must be no more extensive than is strictly necessary to
achieve their stated objective. While the statement of compatibility addresses
the features of the measures and relevant safeguards, it does not explain why
existing powers available under the warrant and authorisation scheme are
insufficient to address the stated objectives, and therefore why the measures
are strictly necessary. Nor does it consider whether the measures represent the
least rights restrictive approach, compared with, for example, amending the
relevant warrant and authorisation regimes.
1.104
While the stated objective of the measures is 'protecting national
security and public order by addressing crime and terrorism',[101] the proposed power to give technical assistance notices or requests, or
technical capability notices, is not limited in this way and may be broader in
scope. Specifically, the statement of compatibility does not explain why it is
necessary for the purposes of safeguarding national security and addressing
crime to seek assistance from providers in relation to 'enforcing laws that
attract a pecuniary penalty' or, in relation to technical assistance requests,
'the interests of Australia's foreign relations or the interests of Australia's
national economic well-being'.[102] The terms 'foreign relations' and 'national economic well-being' are not
defined in the bill, and could apply to a broad range of conduct not
necessarily involving crime and terrorism. This raises concerns that the
measures as framed may be overly broad with respect to its stated objectives.
1.105
The power to give a technical assistance notice or request is restricted
to senior executive staff in all agencies,[103] and the power to give a technical capability notice is restricted to the
Attorney-General.[104] The statement of compatibility concludes that 'accordingly, requests will only
be issued by persons with the appropriate seniority and expertise who are in a
position to effectively determine the proportionality, reasonableness,
practicability and technical feasibility of any request'.[105]
In relation to technical assistance notices and technical capability notices,
this may be a relevant safeguard for the purposes of proportionality in terms
of ensuring that the power is exercised in a way that is not arbitrary.
1.106
However, there are questions as to whether this is a relevant safeguard
in relation to technical assistance notice, the giving of which does not
require the Director-General or chief officer of an interception agency to
determine that it is proportionate, reasonable, practicable or technically
feasible. Given that technical assistance requests, if fulfilled by a provider,
would appear to impact rights in the same way as technical assistance notices
and technical capability notices, further information from the minister as to
safeguards relevant to the decision to issue technical assistance requests that
prevent the power from being exercised arbitrarily would be useful for the
purposes of this analysis.
1.107
In relation to safeguards to prevent the arbitrary exercise of the power
to issue technical capability notices, the statement of compatibility states
that 'prior to a notice being issued, there is a mandatory 28 day consultation
period with the relevant provider' and that 'this will ensure that the powers
are not exercised arbitrarily'.[106]
However, there are questions as to whether the mandatory 28 day consultation
period would function as a safeguard to prevent the power from being exercised
arbitrarily for the purposes of human rights law. This is because it appears
that the Attorney-General is not required to take into account any concerns
raised by the relevant provider, and in any event those concerns may not
necessarily be relevant to the impact a technical capability notice may have on
human rights.
1.108
Also relevant to proportionality is the extent to which the measure
interferes with other rights. In this respect, concerns arise from the extent
to which the measures can be used to obtain assistance from a provider with the
enforcement of criminal laws in force in a foreign country.[107]
The committee has previously raised concerns regarding the human rights
implications of Australia's mutual legal assistance scheme.[108] These concerns are relevant to the bill insofar as any requests for assistance
from foreign countries would be governed by Australia's mutual legal assistance
scheme. Further discussion of the interactions between the bill and the mutual
legal assistance scheme are discussed further below at [1.202]-[1.203].
1.109
Another relevant factor in assessing whether a measure is proportionate is
whether there is the possibility of oversight and the availability of review.[109] The power to give a technical assistance notice or request, or technical
capability notice, is not exercised by a judge, nor does a judge supervise its
application. Section 317ZFA provides a discretionary power to a court, in
relation to proceedings before it, to make such orders as the court considers
appropriate in relation to the disclosure, protection, storage, handling or
destruction of technical assistance information, if the court is satisfied that
it is in the public interest. The bill does not otherwise provide for court
involvement in the process of giving a technical assistance notice or request,
or technical capability notice. The bill additionally seeks to amend the Administrative
Decisions (Judicial Review) Act 1977 (ADJR Act) to exclude decisions under
Part 15 of the Telecommunications Act (which would include a decision to issue
a technical assistance notice or request, or technical capability notice) from
judicial review under the ADJR Act.[110]
In these circumstances, further information from the minister as the adequacy
of the safeguards in terms of oversight and review would assist in determining
the proportionality of the measures.
'Acts or things' compelled by a technical assistance notice
or technical capability notice, or requested by a technical assistance request
1.110
There are also concerns as to the proportionality of the measures as
they relate to the 'acts or things' the providers would be compelled to do in
compliance with a technical assistance notice or technical capability notice,
or could agree to do in relation to a technical assistance request. In this
respect, the statement of compatibility indicates that the limitation on human
rights ‘would not be arbitrary because a technical assistance request or notice
may only be issued for a specified list of acts or things'.[111] However, the language of the bill is broader, such that the acts or things that
may be specified in a technical assistance notice or request 'include (but are
not limited to) listed acts or things', and for the purposes of a technical
capability notice, 'listed help' may also include acts or things determined by
the minister in a legislative instrument.[112]
1.111
In terms of safeguards relating to the disclosure of private
information, it is relevant that section 317ZH provides that 'a provider cannot
be asked to provide the content of a communication or private
telecommunications data... without an existing warrant or authorisation' under
the TIA Act, SD Act, Crimes Act, ASIO Act, the IS Act and their state
and territory equivalents,[113] and that there is an express prohibition in section 317ZG on compelling a
provider to implement or build a systemic weakness or vulnerability into a form
of electronic protection,[114] also known as a 'back door'.[115] However, these safeguards appear to apply only to technical assistance notices
and technical capability notices, and not technical assistance requests.[116] There is also a question as to whether variations to technical assistance
notices or technical capability notices would be subject to this safeguard. To
assess the proportionality of these measures, further information from the
minister is required as to whether a technical assistance request (or variation
to a technical assistance notice or technical capability notice) could be used
to request or compel information to be provided for which a warrant would
ordinarily be required, or to request or compel a provider to build a 'back
door'.
1.112
In relation to whether section 317ZH provides a safeguard to protect the
disclosure of personal information, the section states that a notice has 'no
effect' to the extent it seeks to compel a provider to do an act or thing for
which a warrant would be required. While sections 317P and 317V prevent a
relevant decision maker from issuing a notice unless satisfied of certain
things (namely that the requirements it sets are reasonable and proportionate,
and compliance with the notice is practicable and technically feasible),[117] it appears that a decision maker can still issue a notice even if it seek to
compel a provider to do an act or thing for which a warrant would be required.
It therefore appears that it would be for the provider receiving the notice to
determine if the relevant notice seeks to compel the provider do an act or
thing for which a warrant is required. There are questions as to how a provider,
especially smaller or unsophisticated providers, are expected to know whether
or not what has been requested or compelled requires a warrant, and therefore
how to respond accordingly. Further information is required as to how this will
operate as a relevant safeguard, including whether it would be possible to
amend the decision-making criteria to state that a notice must not be issued
unless the decision-maker is satisfied it does not seek to compel a provider to
do an act or thing for which a warrant is required.
1.113
In any case, whether a warrant or authorisation scheme will function as
an effective safeguard turns upon the extent to which the warrant and authorisation
scheme constitutes a proportionate limitation on the right to privacy. In
relation to the warrant or authorisation powers under the TIA Act, as that Act
was legislated prior to the establishment of the committee, the scheme has
never been required to be subject to a foundational human rights compatibility
assessment in accordance with the terms of the Human Rights (Parliamentary
Scrutiny) Act 2011.[118] It is therefore difficult to assess whether the warrant or authorisation
scheme in the TIA Act would operate as a sufficient safeguard. The same concern
arises in relation to the warrant and authorisation scheme under the SD Act.
1.114
The committee has previously noted in relation to the TIA Act, however,
that while the warrant regime may assist to ensure that access to private
communications is sufficiently circumscribed, questions arise as to the
proportionality of the broad access that may be granted in relation to
'services' or 'devices' under the relevant chapters of the TIA Act.[119] This would be particularly relevant in the context of this bill given the broad
scope of 'acts or things' that may be done to 'services' or 'devices' pursuant
to a technical assistance notice. Further information from the minister in
relation to the human rights compatibility of the warrant and authorisation
scheme of the TIA Act insofar as it interacts with the bill would assist the
human rights assessment of the proposed measures.
1.115
In relation to the warrant or authorisation powers under other
legislative schemes referred to in the statement of compatibility, there are
also questions as to the extent to which the enabling legislation of
'interception agencies', such as state-based commissions charged with
investigating corruption and misconduct, functions as a sufficient safeguard,
given the broad investigative powers afforded to such bodies. Such investigative
powers are exercised pursuant to warrant and authorisation regimes which may
operate without judicial oversight.[120]
1.116
Further, while section 317ZG is intended to operate to prevent notices
from being used to compel providers to implement or build systemic weaknesses
or vulnerabilities, there are questions as to whether this functions as a
sufficient safeguard for the purposes of international human rights law. The
bill itself does not define systemic weakness or vulnerability and therefore
appears to leave this determination to the person that gives the notice. In
this respect the statement of compatibility provides that:
While systemic weaknesses cannot be built into services or
devices, a technical assistance notice can require the selective deployment of
a weaknesses [sic] or vulnerability in a particular service, device or software
on a case-by-case basis. Deployment of this kind is necessary to access
protected information of suspect individuals and gather intelligence or
evidence in the course of an investigation. This will ensure that the powers
achieve legitimate, national security and law enforcement objectives without
unduly jeopardising the legitimate privacy and information security interests
of innocent parties.[121]
1.117
The statement of compatibility does not elaborate as to how weaknesses
or vulnerabilities in a particular service, device or software can be
'selectively deployed' in a way that is limited to matters in relation to
individuals under investigation, and in a manner that will not unnecessarily
intrude into the private life of the person under investigation or third
persons. This raises concerns under international human rights law in
circumstances where it has been observed that the exploitation of a weakness or
vulnerability in encryption may weaken security systems more generally.[122] Further information from the minister as to how the scheme will be limited to
avoid broader effects on the users of a provider's service or device would
assist with the analysis of the proportionality of the measure.
Committee comment
1.118
The preceding analysis raises questions about the compatibility
of technical assistance notices, technical capability notices and technical
assistance requests with the rights to privacy and freedom of expression.
1.119
The committee therefore seeks the advice of the minister as to the
compatibility of the measures with these rights, including:
- an explanation of the pressing and substantial concern that
gives rise to the need for the measures (including how aspects of the measures
that do not on their face relate to decryption are directed towards addressing
the stated objective of the measures);
- whether the power to give a technical assistance
request in relation to 'the interests of Australia's foreign relations or the
interests of Australia's national economic well-being', relates to a
permissible ground on which the right to freedom of expression can be
restricted;
- whether granting each of the agencies that fall within the
definition of 'interception agency' the power to give technical assistance
notices or requests is rationally connected to (that is, effective to achieve) the
stated objectives of the measures;
- whether each of the listed acts or things specified in proposed
section 317E is rationally connected to (that is, effective to achieve) the
stated objectives of the measures;
- whether the measures are proportionate to the stated
objectives, including:
- why the current warrant and authorisation schemes are
insufficient to address the stated objectives of the bill, and whether the
measures therefore represent the least rights restrictive approach to
addressing the objectives of the bill;
- safeguards relevant to the decision to issue technical assistance
requests;
- safeguards in terms of oversight and review of the measures and whether
these are adequate for the purposes of ensuring the proportionality of the
measures;
- the human rights compatibility of the warrant and authorisation
scheme of the Telecommunications (Interception and Access) Act 1979 insofar
as it interacts with the measures;
-
the adequacy of the safeguards to ensure that notices and
requests will not be used to obtain personal information for which a warrant
would be required (including whether it would be possible to amend the
decision-making criteria to state that a notice must not be issued unless the
decision-maker is satisfied it does not seek to compel a provider to do an act
or thing for which a warrant is required);
-
whether a technical assistance request could be used to request a
provider to do a thing for which a warrant or authorisation under the Telecommunications
(Interception and Access) Act 1979, the Surveillance Devices Act 2004,
the Crimes Act 1914, the Australian Security Intelligence
Organisation Act 1979, the Intelligence Services Act 2001 or
equivalent State and Territory laws would be required, and if so, the relevant
safeguards that would apply;
- whether a technical assistance request could be used to request
or compel a provider to implement or build a systemic weakness or
vulnerability, and if so, the relevant safeguards that would apply;
- whether it would be feasible to amend sections 317ZG and 317ZH to
also apply to technical assistance requests, and to expressly refer to
variations to technical assistance notices and technical capability notices;
- whether it would be feasible to define 'systemic vulnerability'
and 'systemic weakness', and if not, whether the scheme will be sufficiently
circumscribed so as to avoid broader effects on the users of a provider's
service or device; and
- any other information relevant to determining the proportionality
of compatibility of the measures with the rights to privacy and expression.
Compatibility of the measures with the right to an effective remedy
1.120
Article 2(3) of the ICCPR protects the right to an effective remedy for
any violation of rights and freedoms recognised by the ICCPR, including the
right to have such a remedy determined by competent judicial, administrative or
legislative authorities or by any other competent authority provided for by the
legal system of the state. While limitations may be placed in particular
circumstances on the nature of the remedy provided (judicial or otherwise),
state parties must comply with the fundamental obligation to provide a remedy
that is effective.[123]
1.121
The statement of compatibility acknowledges that the bill may engage the
right to an effective remedy insofar as an individual's rights are infringed by
compliance with a notice, because the bill does not provide for merits review
of decision making and excludes judicial review under the ADJR Act.[124] The statement of compatibility suggests, however, that individuals will still
be entitled to an effective remedy as Australian courts will retain
jurisdiction for judicial review of a decision of an agency head to issue a
technical assistance notice or the Attorney-General's decision to issue a technical
capability notice (presumably by way of prerogative writ).[125] However, it is not clear how a natural person could pursue judicial review of a
decision to issue a technical assistance notice or technical capability notice in
circumstances where they may not be aware that a notice has been issued.[126] Further information from the minister as to how this ensures the right to an
effective remedy would assist with this analysis.
1.122
Technical assistance requests also engage the right to an effective
remedy because they provide immunity from civil liability for any act or thing
done by a provider in compliance with a technical assistance request. If the
act or thing involves a breach of human rights, this could raise concerns about
the availability of an effective remedy for victims in these circumstances.
However, the statement of compatibility does not address the right to an
effective remedy in relation to technical assistance requests and accordingly
no assessment was provided as to the compatibility of this measure with this
right.
Committee comment
1.123
The preceding analysis raises questions as to the compatibility
of technical assistance notices, technical capability notices and technical
assistance requests with the right to an effective remedy. In relation to
technical assistance notices and technical compatibility notices, this was not
fully addressed in the statement of compatibility. In relation to technical
assistance requests, this was not addressed at all in the statement of
compatibility.
1.124
The committee therefore seeks the advice of the minister as to the
compatibility of the measures with this right.
Computer access warrant scheme in the Surveillance Devices Act
1.125
The SD Act currently governs the use of optical surveillance devices,
listening devices, data surveillance devices and tracking devices by law
enforcement agencies. Schedule 2 of the bill introduces a computer access
warrant scheme into the SD Act, as well as several related and additional
orders and authorisations relating to accessing data held on computers. A
computer access warrant enables officers to search a computer[127] remotely or physically and access content on that computer.[128]
Computer access warrants
1.126
Proposed section 27A provides that computer access warrants can be
sought in a number of different circumstances, including:
- in relation to investigations into the commission of 'relevant
offences'[129] or where there has been a 'mutual assistance authorisation'[130] where the law enforcement officer suspects on reasonable grounds that access to
data[131] held in a computer[132] (the 'target computer')[133] is necessary in the course of that investigation for the purpose of enabling
evidence to be obtained of the commission of the relevant offences, or the
identity or location of the relevant offenders;
- where a recovery order[134] is in force and where the law enforcement officer suspects on reasonable
grounds that access to data held in a target computer may assist in the
location and safe recovery of the child to whom the recovery order relates;
- where an 'integrity authority'[135] is in effect authorising an integrity operation in relation to an offence
committed by a staff member of a target agency and the officer suspects on
reasonable grounds that access to data held in a target computer will assist
the conduct of the integrity operation in specified ways; and
- where a 'control order' is in force in relation to a person and
the officer suspects on reasonable grounds that access to data held in a target
computer to obtain information relating to the person would be likely to
substantially assist in specified matters, including determining whether the
control order or any succeeding control order has been or is being complied
with.
1.127
Proposed section 27C provides that a computer access warrant is issued
by an eligible Judge or a nominated AAT member (decision maker).[136] To issue a computer access warrant, the decision maker must be satisfied of
various matters including that there are reasonable grounds for the suspicion
founding the application for a warrant. The decision maker must also 'have
regard to' various other matters including the nature and gravity of the
alleged offence (where applicable), the extent to which the privacy of any person
is likely to be affected, the existence of any alternative means of obtaining
the evidence or information sought to be obtained, and the likely evidentiary
or intelligence value of evidence or information obtained.
1.128
A computer access warrant authorises specified things to be done in
relation to a target computer that the decision maker considers appropriate in
the circumstances, including:
- entering premises;
- using the target computer for the purpose of obtaining access to
data held on the target computer in order to determine whether the relevant
data is covered by the warrant;
- adding, copying, deleting or altering other data in the target
computer for certain purposes;
- using any other computer to access the relevant data (if, having
regard to other methods of obtaining access to the relevant data which are
likely to be as effective, it is reasonable to do so);
-
removing a computer or other thing from premises to do any thing
specified in the warrant;
-
intercepting a communication passing over a telecommunications
system, if the interception is for the purpose of doing any thing specified in
the warrant;[137] and
- any other thing reasonably incidental to any of the above.[138]
1.129
There are also concealment of access powers[139] and provisions which compel persons to provide assistance to law enforcement to
allow the officer to access data,[140] discussed in further detail below.
1.130
In addition to these matters, the computer access warrant must authorise
the use of any force against persons and things that is necessary and reasonable
to do the things specified in the warrant.[141] Orders can also be made that a person not be required to disclose information
in proceedings that would reveal details of computer access technologies or
methods in certain circumstances.[142]
Additional measures in relation to
computer access warrants for control orders
1.131
Proposed section 65A(2) in Schedule 2 of the bill provides that a person
is not criminally liable for any actions done under a control order access
warrant issued on the basis of an interim control order where the interim
control order is subsequently declared to be void. Further, if a court declares
an interim order is void, any information obtained under the control order
access warrant can be used, communicated or published if the person reasonably
believes that doing so is necessary for preventing or reducing the risk of the
commission of a terrorist act or serious harm to a person or property, or if
the person does so for certain purposes including in relation to a matter
arising under a preventative detention order.[143]
Emergency authorisation for access
to data held in a computer
1.132
Additionally, the bill seeks to amend the SD Act to provide that a law
enforcement officer may apply to an 'appropriate authorising officer'[144] for an emergency authorisation for access to data held in a target computer[145] in certain circumstances where the matters are of such urgency that access to
data held in the target computer is necessary, and it is not practicable in the
circumstances to apply for a computer access warrant.[146] The appropriate authorising officer may give the emergency authorisation if
satisfied of certain matters, including that there are reasonable grounds for
the suspicion founding the application.[147]
1.133
Within 48 hours after giving an emergency authorisation, the person who
gave the authorisation must apply to an eligible Judge or nominated AAT member
for approval of the giving of the emergency authorisation. The Judge or
eligible AAT member may give the approval if satisfied of certain matters.[148] In making this decision, the decision-maker considering the application must,
in particular, and 'being mindful of the intrusive nature of accessing data
held in a target computer',[149] consider several factors. These factors include the nature of the risk which
provided the basis for the emergency authorisation, the extent to which issuing
a computer access warrant would have helped reduce or avoid the risk, and the
extent to which law enforcement officers could have used alternative methods of
investigation to help reduce or avoid the risk.[150]
Compatibility of the measures with
the right to privacy
1.134
The measures in the new computer access warrant scheme in the SD Act
engage and limit a number of rights, in particular the right to privacy. The
relevant principles relating to the right to privacy are discussed above.
1.135
The statement of compatibility acknowledges that the new computer access
warrant scheme engages the right to privacy 'insofar as accessing a person's
personal information held in a computer is inherently privacy intrusive'.[151] It states that the measures pursue the following objective:
The measure is directed towards the legitimate purpose of
ensuring that law enforcement agencies have appropriate powers to investigate
serious crimes. Computer access is a valuable in the current digital
environment because it allows officers to access data held on a device in an
unencrypted state. The ability to execute computer access remotely limits
interference with property and limits the risk of harm to law enforcement officers.[152]
1.136
The statement of compatibility also states that the measures pursue the
objectives of protecting national security and public order, and that the
amendments address advances in technology which enable serious criminals to
conduct activities and communicate anonymously.[153] While this may be capable of constituting a legitimate objective for the
purposes of international human rights law, further information is required as
to the substantial and pressing concern each of the measures seeks to address. That
is, while the statement of compatibility states that advances in technology
have enabled criminals to conduct activities and communicate anonymously, more
information is needed to conclude that this creates a substantial and pressing
national security or public order concern, so as to give rise to a legitimate
objective justifying the limitation of human rights. Further, it is not clear
how some aspects of the computer access warrant regime, such as the proposed
use of force provision, are rationally connected to the achievement of any such
national security or public order objective.[154] Further information as to the substantial and pressing concern each of the
measures seeks to address, and how each of the measures is rationally connected
to the achievement of the relevant objectives, would assist with this analysis.
1.137
The statement of compatibility states that the measures include 'a range
of safeguards to ensure that the limitation on privacy is reasonable,
proportionate and necessary'.[155] These safeguards include, in relation to computer access warrants, that:
- a law enforcement officer must have reasonable grounds to suspect
that access to data held on a particular computer is necessary to investigate a
federal offence which carries a maximum penalty of at least three years
imprisonment;
- the chief officer of the law enforcement agency to which the
computer access warrant was issued must revoke the warrant if it is no longer
required to obtain evidence of the offence, and also has an obligation to
ensure that access to data is discontinued;
- a Judge or nominated AAT member is responsible for issuing a
computer access warrant, and in all cases, the Judge or AAT member must have
regard to the extent to which the privacy of any person is likely to be
affected and the existence of any alternative means of obtaining the evidence
or information sought to be obtained;
- a computer access warrant does not authorise activities likely to
cause material loss or damage to other persons lawfully using a computer,[156] except where necessary for concealment (discussed further below); and
- the chief officer of a law enforcement agency must report to the
Attorney-General on every computer access warrant issued, and agencies must
report annually on the number of warrants applied for and issued during the
year and the number of emergency authorisations.[157]
1.138
These safeguards are relevant to determining the proportionality of the
limitation on the right to privacy.
1.139
The statement of compatibility also identifies that there are
restrictions on the use of information obtained under a computer access warrant
in the SD Act, including offences relating to unauthorised disclosure. It also
notes that the use, recording and communication of information obtained in the
course of intercepting a communication in order to execute a computer access
warrant is also restricted, because where an agency wants to gain intercept
material for its own purpose, it must apply for, and be issued with, an
interception warrant under Chapter 2 of the TIA Act.[158]
1.140
However, as the committee has previously stated, the SD Act was
legislated prior to the establishment of the committee, and has therefore not
been subject to a foundational human rights compatibility assessment in
accordance with the Human Rights (Parliamentary Scrutiny) Act 2011. It
is difficult to assess the human rights compatibility of measures which extend
or amend the existing legislation, or make an assessment as to whether the
existing safeguards in the SD Act are sufficient, without the benefit of a
foundational human rights assessment.[159]
1.141
Further, a number of the measures raise concerns from the perspective of
proportionality that are not sufficiently addressed in the statement of
compatibility. In order to constitute a proportionate limitation on the right
to privacy, measures must only go so far as is strictly necessary to achieve
the stated objectives of the measures. However, computer access warrants
authorise a number of measures which may significantly interfere with a
person's privacy, including entering a premises, using a computer, adding or
deleting data to a computer, and removing a computer. In particular, computer
access warrants can authorise entering third party premises and using 'any
other computer' to access relevant data.[160] This is, of its nature, very intrusive and may occur in circumstances where the
owner of the third party computer or premises may not be suspected of
committing any criminal offence or any of the other bases on which a warrant
can be granted (such as being the subject of recovery order). While the use and
manipulation of data in another computer is subject to the requirement that it
be reasonable in the circumstances and that the relevant decision maker
consider other methods of obtaining access that are likely to be effective,[161] it is not clear these safeguards are sufficient in light of the very
substantial interference with the right to privacy associated with these
measures. This is particularly the case given the broad definition of computer,
such that many types of devices may be caught within the scope of these
measures, including mobile phones and communications devices which use
computers or computing technology as their functional basis (such as security
systems, internet protocol cameras and digital video recorders).[162] This raises concerns that the measure may not be sufficiently circumscribed to
constitute a proportionate limitation on the right to privacy.
1.142
Further, the statement of compatibility does not address the
proportionality of the emergency authorisations. As noted earlier, an emergency
authorisation allows access to data held in a target computer without a
computer access warrant in certain circumstances of urgency. While a Judge or
AAT member is required to approve the emergency authorisation, this is not required
until up to 48 hours after the authorisation is originally given, during which
time the data could be obtained. The statement of compatibility does not, for
example, provide any information as to the compatibility with the right to
privacy of the treatment of information where a decision maker does not
subsequently approve the emergency authorisation. The explanatory memorandum
states that in such circumstances the decision maker may make certain orders
(including issuing a computer access warrant for subsequent access) but that
the decision maker may not authorise the destruction of relevant information
because 'such information, while improperly obtained may still be required for
a permitted purpose such as an investigation'.[163] There would appear to be less rights restrictive approaches available,
including the destruction of information and obtaining a new warrant for an
investigation. Further information as to the proportionality of the emergency
authorisations, including whether such authorisations are sufficiently
circumscribed, are the least rights restrictive approach, and are accompanied
by adequate safeguards, would assist in determining the proportionality of
these measures.
Committee comment
1.143
The preceding analysis indicates that the proposed computer access
warrant scheme in Schedule 2 of the bill engages and limits the right to
privacy.
1.144
The committee therefore seeks the advice of minister as to the
compatibility of the measures with this right, including:
- having regard to the matters discussed in the preceding analysis,
whether there is reasoning or evidence that establishes that each of the
measures addresses a pressing or substantial concern, or whether the proposed
changes are otherwise aimed at achieving a legitimate objective;
- how the measures are effective to achieve (that is, rationally
connected to) the stated objective;
- whether the measures are a proportionate limitation on the right
to privacy, including:
-
whether the measures are sufficiently circumscribed (including in
relation to the proposed powers to be able to enter third party premises and
use third party computers);
- whether the emergency authorisations are proportionate, including
whether such authorisations are sufficiently circumscribed, are the least
rights restrictive approach, and are accompanied by adequate safeguards;
- whether the existing safeguards in the Surveillances Devices
Act 2004 are sufficient insofar as those safeguards interact with the
measures in the bill; and
- any other information relevant to determining the proportionality
of the measures in Schedule 2 of the bill.
Compatibility of the measures with
the right to a fair trial and fair hearing
1.145
As noted earlier, Schedule 2 of the bill also provides that information
relating to computer access technologies and methods may be prohibited from
disclosure in proceedings.[164] As noted in the statement of compatibility, this engages the right to a fair
trial and fair hearing because the result of this provision is 'that there may
be circumstances where a defendant will not have a chance to review material
that the relevant Judge has decided warrants capability protection'.[165]
1.146
The right to a fair trial in Article 14 of the ICCPR provides that in
the determination of any criminal charge against a person, that person shall be
entitled to certain minimum guarantees including the right to be informed of
the charge and to understand the nature of the cause of the charge, and to have
adequate time and facilities to prepare a defence. Limitations on the right to
a fair trial are permissible where the measures pursue a legitimate objective
and are rationally connected with and proportionate to that objective.
1.147
The statement of compatibility describes the objective of the measure as
follows:
Preventing the release of sensitive operational information
into the public domain is essential for the protection of the public and for
national security. Releasing such information has inevitable harmful
consequences for the ability of law enforcement to conduct future operations.[166]
1.148
In general, these objectives are capable of being legitimate objectives
for the purposes of international human rights law. However, while such
objectives may be legitimate in relation to public disclosure of
sensitive information, it is not clear whether it is legitimate to preclude a
defendant from accessing such information which may be relevant to their case.
In this respect it is also not clear how precluding a defendant from reviewing
such material is rationally connected to this objective.
1.149
In relation to proportionality, the statement of compatibility states:
To the extent the right to a fair trial is limited, the
limitation is necessary and proportionate. Safeguards include that the
presiding officer of the proceeding must make a determination whether the
disclosure of the information is necessary for the fair trial of the defendant.
It is anticipated that agencies will use computer access powers to gather such
material as is necessary to enable other powers to collect evidentiary
material, where it is possible to do so. For example, an agency may use a
computer access power to gather such intelligence as to enable the application
for search warrants under the Crimes Act to be made for a number of suspects.
The Crimes Act search warrant would collect such evidence as would be presented
in a relevant proceeding. Section 47A does not engage with the right to be
informed in detail, in a language the defendant understands, as it only takes
effect after charges have been laid.[167]
1.150
These are relevant safeguards and assist with the proportionality of the
measure. However, further information as to whether there may be other less
rights restrictive means available (such as allowing for disclosure to a
defendant subject to certain conditions, or allowing for disclosure to a
defendant's legal counsel), would assist in determining the proportionality of
the measure.
Committee comment
1.151
The preceding analysis indicates that the power to prohibit disclosure
of information relating to computer access technologies and methods engages and
limits the right to a fair trial and fair hearing.
1.152
The committee seeks the further advice of the minister in relation to
the compatibility of the measures with this right, including:
- whether precluding a defendant from accessing information as a
consequence of proposed section 47A pursues a legitimate objective;
- whether this measure is rationally connected to (that is,
effective to achieve) the stated objective; and
- whether the measure is proportionate (including whether there are
other less rights restrictive measures available).
Compatibility of the use of force
power with multiple rights
1.153
As noted earlier, the 'use of force' provisions in proposed section
27E(6) of the SD Act require computer access warrants to authorise the use of
any force against persons and things that is necessary and reasonable to do the
things specified in the warrant and, if the warrant authorises entering
premises, state whether entry is authorised to be made at any time of the day or
night or during stated hours of the day or night.
1.154
Use of force provisions engage multiple human rights. The provisions
engage the right to privacy insofar as using force to enter a premises can
interfere with a person's right to a private life. Empowering authorised
persons to use force against persons may also engage and limit the right to
life, as force may be used in a manner that could lead to a loss of life. Empowering
persons to use force against other persons may engage the rights to freedom
from torture, cruel, inhuman and degrading treatment or punishment, as force
may be used in such a way that causes pain (physical or mental) in such a way
that it amounts to a violation of these rights.
1.155
The statement of compatibility does not acknowledge that the use of
force provisions engage any of these rights. In relation to the right to
privacy and the right to life, limitations may be permissible if it is
demonstrated that the measure addresses a legitimate objective, is rationally
connected to that objective and is a proportionate means of achieving that
objective. The prohibition on torture, cruel, inhuman and degrading treatment
or punishment is absolute and can never be justified in any circumstances,
regardless of the objective sought to be achieved. Further information from the
Minister would therefore assist in determining the compatibility of the use of
force provision with these rights.
Committee comment
1.156
The use of force provisions in proposed section 27E(6) of the Surveillance
Devices Act 2004 engage and may limit the right to privacy and the
right to life. They may also engage the prohibition on torture, cruel, inhuman
and degrading treatment or punishment.
1.157
In relation to the right to privacy and right to life, the
committee seeks the advice of the minister as to the compatibility of the use
of force provisions with these rights, including:
- whether the measure is aimed at achieving a legitimate objective
for the purposes of human rights law;
- how the measure is effective to achieve (that is, rationally
connected to) that objective; and
- whether the limitation is a proportionate measure to achieve the
stated objective.
1.158
In relation to the prohibition on torture, cruel, inhuman and degrading
treatment or punishment, the committee seeks the advice of the minister as to
the compatibility of the measures with this right, including any safeguards in
place governing the use of force, and any monitoring or oversight in relation
to the use of force.
Compatibility of the computer
access warrants relating to control orders with multiple rights
1.159
The committee has previously considered that the control orders regime
engages a number of human rights, including the right to equality and
non-discrimination, the right to liberty, the right to freedom of movement, the
right to a fair trial and fair hearing, the right to privacy, the right to
freedom of expression, the right to freedom of association, the right to
protection of the family, the right to work, the right to social security and
an adequate standard of living, and the rights of children.[168]
To the extent that computer access warrants can be used against persons subject
to a control order (including for determining whether a control order has been
complied with), several of these rights may also be engaged, in particular the
right to privacy.
1.160
Human rights, in particular the right to an effective remedy, may also
be engaged in relation to the provisions of the bill that preclude criminal
liability for persons who exercised powers relating to the control order
computer access warrant if the control order is declared void, as well as the
provision which allows for the use of information obtained under the warrant
even if the order is declared void.[169] Further, in relation to the ability to use such information even if the control
order is declared void, insofar as the information obtained can be used in
relation to a matter arising under a preventative detention order,[170] the committee's analysis of the human rights compatibility of the preventative
detention order regime is also relevant.[171]
1.161
The statement of compatibility does not acknowledge the human rights
implications of these measures. Further information in relation to these
matters would assist in assessing whether the measures are compatible with
human rights.
Committee comment
1.162 The preceding analysis indicates that computer access warrants
relating to control orders engage multiple human rights. The statement of
compatibility does not provide an assessment of whether these measures are
compatible with human rights.
1.163 The committee therefore seeks the advice of the minister as to the
compatibility of this measure with human rights, including whether the measures
pursue a legitimate objective, and are rationally connected and proportionate
to that objective.
Concealment of access powers
1.164
Schedule 2 of the bill also seeks to amend the ASIO Act and the SD Act
to introduce new concealment of access powers. These powers would authorise
doing any thing reasonably necessary to conceal the fact that any thing has
been done to a computer. This can include authorisation to do any of the
following:
- enter premises where the computer is reasonably believed to be,
or enter any other premises for the purposes of gaining entry to or exiting the
premises where the computer is reasonably believed to be;
- remove the computer or any other thing from any place where it is
situated and return the computer or thing to that place;
- where it is reasonable in all the circumstances to do so: use any
other computer or a communication in transit to conceal access; and if
necessary to achieve that purpose – add, copy, delete or alter data in the
computer or the communication in transit; and
-
intercept a communication.[172]
1.165
The bill also provides authorisation to exercise these concealment
powers with or without a warrant. In particular, the powers can be exercised at
any time a computer access warrant is in force, or within 28 days after it
ceases to be in force.[173]
However, if it is not possible to exercise the concealment powers within the
28-day period after the warrant ceases to be in force, the bill authorises the
exercise of the powers 'at the earliest time after the 28-day period at which
it is reasonably practicable'.[174]
Compatibility of the measures with
the right to privacy
1.166
The relevant principles relating to the right to privacy are summarised
above. As acknowledged in the statement of compatibility, the concealment of
access powers engage and limit the right to privacy by enabling officers to
access devices, which hold personal information, for the purposes of
concealment.[175]
1.167
The statement of compatibility states that the measures pursue the
objective of protecting the rights and freedoms of individuals by providing
ASIO with the tools it requires to keep Australians safe.[176] It also provides the following information as to the rationale for introducing
the measures:
The amendments are necessary to address situations where ASIO
no longer has access to the computer at the time the warrant expires but needs
to undertake concealment activities. Concealment activities are crucial to
ensure that a person does not become aware they are the subject of an
investigation, the investigation does not become compromised and sensitive
agency capabilities are not revealed.
ASIO cannot always reliably predict whether, or when, it will
be able to safely retrieve its devices without compromising a covert security
intelligence operation. For example, a person may unexpectedly relocate their
computer or device prior to the expiry of the warrant, precluding ASIO from
taking the necessary steps to conceal the fact that it had accessed the device
under warrant until the computer or device is available to be access again.
Once the warrant has expired ASIO may not be able to obtain a
further computer access warrant to undertake retrieval and concealment
activities, as retrieving and concealing would (by definition) not necessarily
meet the statutory threshold of ‘substantially assisting the collection of
intelligence’.[177]
1.168
While this is capable of giving rise to a legitimate objective, further
information is required to determine whether this objective is legitimate in
the context of these specific measures. It is not clear from the information
provided, for example, how concealment of access powers pursue the objective of
'keeping Australians safe'. Further information is also required in order to
determine whether this objective applies to the proposed powers under the SD
Act and, if not, the legitimate objective of the concealment of access powers
under that Act. This information would also assist in determining whether the
measures are rationally connected to the objectives sought.
1.169
In relation to proportionality, the statement of compatibility provides
the following information:
The requirement that the concealment activities be performed
‘at the earliest time after than 28-day period at which it is reasonably
practicable to do so’ acknowledges that this authority should not extend
indefinitely, circumscribing it to operational need.
The authority conferred by the amendments can only be
exercised by the Director-General, or a person or class of persons approved by
the Director-General in writing. This item provides a safeguard against the
arbitrary exercise of the range of activities permitted by the new subsection.[178]
1.170
While these are relevant safeguards, there remain questions as to the
proportionality of the measures. In particular, the powers to conceal access
under the bill are extensive, and include entering premises of third parties
and using the computers of third parties to conceal the fact that a thing has
been done under a warrant. This raises concerns that the measures may be overly
broad and more extensive than is strictly necessary to achieve the objectives
of the measures.
1.171
The power to conceal access 'at the earliest time after the 28-day
period [after the warrant expires] at which it is reasonably practicable'
raises additional concerns in relation to proportionality. While the statement
of compatibility states that the requirement to exercise the power as early as
reasonably practicable means that the authority should not extend indefinitely,
'reasonably practicable' is not defined and the provision is not subject to any
express time limits. Therefore while as a matter of practice the authority may
not extend indefinitely, on the face of the bill the authority could do so if
it were not reasonably practicable to exercise the power within a particular
timeframe. It appears possible that the authority could be in force for a
substantial period of time. This raises concerns as to whether the measures are
sufficiently circumscribed. There also appear to be other, less rights
restrictive, options available, including requiring further authorisation and
supervision from a court following the expiry of the warrant or 28 day period,
or defining 'reasonably practicable' by reference to a specific time limit.
Further information in relation to these matters would assist in determining
the proportionality of the measures.
Committee comment
1.172
The preceding analysis indicates that concealment of access powers in
the proposed amendments to the Surveillance Devices Act 2004 and the Australian
Security Intelligence Organisation Act 1979 engage and limit the right to
privacy.
1.173
The committee seeks the advice of the minister as to the compatibility
of the measure with this right, including:
- whether the proposed concealment access powers in each of the Surveillance
Devices Act 2004 and Australian Security Intelligence Organisation Act
1979 pursue a legitimate objective (including reasoning and evidence to how
the measures address a pressing and substantial concern);
- whether the proposed concealment access powers are effective to
achieve (that is, are rationally connected to) the stated objective; and
- whether the proposed concealment access powers are proportionate
(including whether the measures are sufficiently circumscribed and whether
there are other less rights restrictive measures available).
Powers to compel persons to assist officers to access data and devices
1.174
Schedule 2 of the bill also seeks to introduce a new provision into the
SD Act relating to 'assistance orders', under which a law enforcement officer
may apply to a decision maker for an order requiring certain persons (such as
the owner of a computer or an employee of the owner of a computer)[179] to provide any information or assistance that is reasonable and necessary to
allow the officer to access data that is held in a computer that is the subject
of a computer access warrant or emergency authorisation.[180] Assistance orders can also be made to copy data held in the computer to a data
storage device, or convert data held in the computer or data storage device
into documentary form or another intelligible form.
1.175
Schedules 3 and 4 similarly seek to amend the Crimes Act and Customs Act
respectively to compel assistance from a person with accessing a device that
has been seized under warrant, by making it an offence not to comply with an
order to assist where the person is capable of compliance.[181]
The offence is punishable by imprisonment for 5 years or 300 penalty units or
both, or 10 years or 600 units or both if the offence to which the relevant
warrant relates is a serious offence or a serious terrorism offence.[182]
1.176
Schedule 5 seeks to empower the Attorney-General to make an order
requiring a specified person to provide assistance that is reasonable and
necessary to ASIO in order to gain access to data on a device subject to an
ASIO warrant, upon request by the Director-General of ASIO. A person that does
not comply with an order is liable to a maximum of five years' imprisonment.
Compatibility of the measures with
the right to privacy
1.177
The statement of compatibility acknowledges that these measures engage
and limit the right to privacy, insofar as it enables certain law enforcement
officers and agencies, the Australian Border Force and ASIO to access private
communications and other information on a person's device.[183]
1.178
The stated objective for the measures is the protection of national
security and public order.[184] In relation to the proposed introduction of the measure into the Crimes Act in
Schedule 3, the statement of compatibility explains why the measure is
necessary to achieve its objectives:
The power to compel assistance is critical to Australia's
national security and ensures that law enforcement has the tools necessary to
protect Australians. The power for law enforcement to be able to access
portable technology devices is necessary and proportionate to achieving the
legitimate objectives of protecting national security and public order.[185]
1.179
The statement of compatibility further states that the language of the
current provisions is limited because the current provisions 'do not envision
people carrying smartphones in their pockets' and the measure seeks to resolve
this gap as 'inability to access information held on devices may impede
legitimate investigations and prosecutions'.[186] The statement of compatibility indicates that the proposed provisions in
Schedule 5 empowering the Attorney-General to make an assistance order is
'directed towards the legitimate objective of ensuring that ASIO can give
effect to warrants which authorise access to a device' as 'ASIO's inability to
access a device can frustrate operations to protect national security'.[187]
1.180
As previously noted, protecting national security and public order is
capable of constituting a legitimate objective for the purposes of
international human rights law. However, further information is needed to
establish why the power to compel assistance in relation to each of the
measures is 'critical' to Australia's national security, in particular, why the
current capabilities, technology and powers available are insufficient to
achieve the objectives to which the measures are addressed. Given the serious
consequences for non-compliance with an assistance order, and its potential
impact on the privacy of third parties, further information from the minister
as to the pressing and substantial concern the measure seeks to address would
assist with this analysis.
1.181
Compelling persons to provide assistance to access data and devices
pursuant to a warrant appears to be rationally connected to (that is, effective
to achieve) the objectives of protecting national security and public order.
1.182
In relation to the proportionality of the measure for the purposes of
the Customs Act, the statement of compatibility provides that 'the requirement
for a magistrate to authorise warrants provides an important safeguard for
person-based search warrants' and notes that to grant an order the magistrate
has to be satisfied of several matters set out in the legislation.[188] This is an important safeguard and is relevant to the proportionality of that
measure.
1.183
In relation to safeguards available under the ASIO Act for the proposed
measures in Schedule 5, the statement of compatibility provides that
'legislative safeguards ensure any limitation on the right to privacy is
reasonable and proportionate'.[189] However, the statement of compatibility does not elaborate as to how these
purported safeguards will ensure that an assistance order does not limit the
right to privacy beyond the extent which is strictly necessary for the purposes
of protecting national security and public order. Similarly there is limited
information provided as to the safeguards available in relation to the proposed
assistance order provisions in the SD Act and the Crimes Act.
1.184
There are also concerns as to whether the measures are sufficiently
circumscribed. The provisions may compel assistance from a broad range of
persons. For example under the proposed amendments to the SD Act, persons who
may be required to provide assistance include employees of the owner of the
computer, a person engaged under a contract for services by the owner of the
computer, a person who uses or has used the computer, or a person who is or was
a system administrator for the computer.[190] While those persons can only be compelled to assist where the person has
relevant knowledge of the computer or the measure applied to protect data held
in the computer, 'relevant knowledge' is not defined. In any event, the
measures nonetheless may involve a significant interference with a person's
privacy. This is of particular concern since penalties for non-compliance with
the provisions are significant: for example, the offence for non-compliance
with an assistance order in Schedule 2 is punishable by imprisonment for 10
years or 600 penalty units or both,[191] and imprisonment of 5 to 10 years or 300 to 600 penalty units or both in
relation to the provisions in Schedules 3 and 4.[192]
Committee comment
1.185
The preceding analysis indicates the assistance order provisions in
Schedules 2, 3, 4 and 5 engage and limit the right to privacy.
1.186
The committee therefore seeks the further advice of the minister as to the
compatibility of the measures with this right, in particular:
- the pressing and substantial concern that the measures seek to
address; and
- whether the measures are a proportionate limitation on the right
to privacy (including whether the measures are sufficiently circumscribed and
accompanied by adequate safeguards).
Interception of communications under ASIO computer access warrants
1.187
Schedule 2 of the bill also seeks to amend the ASIO Act to introduce new
powers associated with the warrant scheme under the ASIO Act to gain access to
computers (an 'ASIO computer access warrant'[193]).
1.188
Section 33(1) of the ASIO Act currently provides that ASIO computer
access warrants do not authorise the interception of a communication passing
over a telecommunications system operated by a carrier or carriage service
provider. In order to intercept communications, ASIO is currently required to
obtain a telecommunications service warrant under the TIA Act.[194]
1.189
The bill seeks to amend the ASIO Act to repeal section 33 and to expand
the operation of ASIO computer access warrants to allow ASIO to intercept a
communication passing over a telecommunications system, if the interception is
for the purpose of doing anything specified in the ASIO computer access
warrant.[195]
As a consequence, ASIO will no longer be required to obtain the
second warrant under the TIA Act for this purpose.
Compatibility of the measures with
the right to privacy
1.190
The relevant principles relating to the right to privacy are summarised
above. As acknowledged in the statement of compatibility, the interception of
communications under ASIO computer access warrants engages the right to privacy
because interception (including interception to enable remote access to a
computer) is 'inherently privacy intrusive'.[196] However the statement of compatibility states that the measures are compatible
with the right to privacy as the limitation is reasonable, necessary and
proportionate.[197]
1.191
The statement of compatibility states that the objective of this measure
is for 'ASIO to have effective powers to execute its statutory function to
protect national security'.[198] It further states:
The current arrangements cause administrative inefficiency by
requiring ASIO to prepare two warrant applications, addressing different legal
standards, for the purpose of executing a single computer access warrant. The
process requires the Attorney-General to consider each application separately
and in accordance with each separate criterion.
The amendments will mean ASIO will be able to obtain a single
computer access warrant, which authorises an officer to undertake all
activities that are required to give effect to that warrant. The amendments
enhance the operational efficiency of ASIO to collect intelligence in
Australia’s interest.[199]
1.192
To be capable of justifying a proposed limitation on human rights, a
legitimate objective must address a pressing or substantial concern and not
simply seek an outcome regarded as desirable or convenient. The stated
justification for limiting the right to privacy in the statement of
compatibility – namely, to enhance the operational effectiveness of ASIO and
address an 'administrative inefficiency' caused by needing to obtain two
warrants – does not appear to constitute a pressing and substantial concern for
the purposes of international human rights law. Further information as to the
legitimate objective of the measure would be helpful in this regard, and would
also assist in determining whether the measure is rationally connected to this
objective.
1.193
As to proportionality, the statement of compatibility states that the
new interception powers are proportionate on the following basis:
The power is proportionate because the new provisions tightly
constrain the purposes for which ASIO may use information intercepted under
this provision. ASIO can only use intercepted information in order to execute
the computer access warrant. In order for ASIO to use intercepted information
for its own intelligence value, ASIO must obtain an interception warrant under
the TIA Act.
Consistent with the existing provisions in the ASIO Act,
computer access warrants are subject to strict tests and must be signed by the
Attorney-General. The Attorney-General may only issue a warrant if he or she is
satisfied that there are reasonable grounds for believing that access to data
held in a computer will substantially assist the collection of intelligence in
respect of matter that is important in relation to security.
1.194
There are safeguards in the bill that assist with the proportionality of
the measure. This includes safeguards to be introduced into the TIA Act,
including:
- prohibitions on ASIO, the Inspector-General of Intelligence and
Security and the Director-General of Security using the computer access
intercept information in connection with the performance of those organisations'
functions;[200]
- prohibitions on disclosing information to staff members of
certain agencies except for limited purposes of testing and development;[201] and
- a prohibition on giving ASIO computer access intercept evidence
in an exempt proceeding, except in certain circumstances.[202]
1.195
However, there remain concerns in relation to the proportionality of the
measure. In particular, by expanding the operation of ASIO computer access
warrants to allow ASIO to intercept a communication passing over a
telecommunications system, the bill appears to, in effect, lower the threshold
for obtaining a warrant to intercept such communications. This is because,
under the current regime, the threshold for obtaining the second warrant under
the TIA Act is that the Attorney-General has be satisfied that:
- the telecommunications service is being or is likely
to be:
- i. used by a person engaged
in, or reasonably suspected by the Director‑General of Security of being
engaged in, or of being likely to engage in, activities prejudicial to
security; or
- ia. the means by which a
person receives or sends a communication from or to another person who is
engaged in, or reasonably suspected by the Director‑General of Security
of being engaged in, or of being likely to engage in, such activities; or
- ii. used for purposes
prejudicial to security; and
- the interception by the Organisation of
communications made to or from the telecommunications service will, or is
likely to, assist the Organisation in carrying out its function of obtaining intelligence
relating to security.[203]
1.196
In contrast, the threshold for obtaining an ASIO computer access warrant
under the ASIO Act is that the Attorney-General is satisfied that there are
reasonable grounds for believing that access 'will substantially assist the
collection of intelligence' in respect of a matter that is important in
relation to national security.[204] This test appears to be a lower threshold for obtaining the warrant. This
appears to be acknowledged in the explanatory memorandum to the bill, which
states that currently in some circumstances ASIO can obtain a computer access
warrant (as currently defined) but cannot contain a telecommunications
interception warrant.[205] Based on the information provided, however, it is not clear why the lower
threshold in the ASIO Act, as opposed to the higher threshold in the TIA Act,
was adopted for the amended ASIO computer access warrants. In this respect, a
possible less rights restrictive approach would be to apply the higher
threshold under the TIA Act.
Committee comment
1.197
The preceding analysis indicates the proposed amendments to ASIO
computer access warrants to allow ASIO to intercept a communication passing
over a telecommunications system engage and limit the right to privacy.
1.198
The committee therefore seeks the advice of the minister as to
the compatibility of the measures with this right, including:
- whether the proposed amendments to ASIO computer access warrants
to allow ASIO to intercept a communication passing over a telecommunications
system pursue a legitimate objective (including reasoning and evidence to how
the measures address a pressing and substantial concern);
- whether the measure are effective to achieve (that is, are
rationally connected to) the stated objective; and
- whether the measures are proportionate (including whether there
are other less rights restrictive measures available).
Assistance to foreign countries in relation to data held in computers
1.199
Schedule 2 of the bill also seeks to amend the Mutual Assistance in
Criminal Matters Act 1987 (MA Act) to provide that the Attorney-General
may, in the Attorney-General's discretion, authorise an 'eligible law
enforcement officer'[206] to apply for a computer access warrant under the SD Act if the Attorney-General
is satisfied that:
- an investigation, or investigative proceeding,
relating to a criminal matter involving an offence against the law of a foreign
country (the requesting country) that is punishable by a maximum penalty
of imprisonment for 3 years or more, imprisonment for life or the death penalty
has commenced in the requesting country; and
- the requesting country requests the Attorney-General
to arrange for access to data held in a computer[207] (the target computer); and
- the requesting country has given appropriate
undertakings in relation to:
- ensuring that data obtained as
a result of access under the warrant will only be used for the purpose for
which it is communicated to the requesting country; and
- the destruction of a document
or other thing containing data obtained as a result of access under the
warrant; and
- any other matter the
Attorney-General considers appropriate.[208]
1.200
The 'target computer' may be a particular computer, a computer on
particular premises, or a computer associated with, used by or likely to be used
by, a person (whose identity may or may not be known).[209]
1.201
The bill also amends the definition of 'protected information' in the MA
Act to incorporate the proposed new definition of 'protected information' in
the SD Act, which states that any information (other than general computer
access intercept information) obtained from access to data under either the new
computer access warrant or emergency authorisation for access to data held in a
computer is 'protected information'.[210] The effect of this, according to the explanatory memorandum, is that where
information is obtained in response to a computer access warrant for a domestic
investigation, the Attorney-General may authorise the provision of that
information to a foreign country in response to a mutual assistance request,
subject to existing restrictions under section 13A of the MA Act.[211]
Compatibility of the measure with
multiple rights
1.202
The committee has previously raised concerns regarding the human
rights implications of Australia's mutual legal assistance scheme in relation
to the right to liberty, right to life, prohibition against torture and cruel,
inhuman and degrading treatment, the right to a fair hearing, right to equality
and non-discrimination and the right to an effective remedy.[212]
1.203
For example, concerns regarding the right to life arise because the MA
Act allows the Australian government to give assistance to a foreign country to
help it investigate an offence or gather evidence in order to prosecute. The MA
Act provides that a request by a foreign country for assistance under the Act
must be refused if the offence is one in respect of which the death penalty may
be imposed. However, the MA Act qualifies this by saying that this prohibition
will not apply if 'the Attorney‐General is of the opinion, having regard
to the 'special circumstances' of the case, that the assistance requested
should be granted’.[213] In relation to the present bill, then, providing assistance in the form of a
computer access warrant may engage and limit the right to life to the extent it
may lead to an individual in another country being tried and convicted of a
criminal offence that carries the death penalty.[214]
1.204
The statement of compatibility does not acknowledge that the amendments
to the MA Act introduced in Schedule 2 of the bill may engage multiple human
rights and therefore does not provide an analysis of whether any limitation on
these rights is permissible.[215] In accordance with the committee's Guidance Note 1, the committee's
usual expectation where a measure may limit a human right is that the
accompanying statement of compatibility explain how the measure supports a
legitimate objective and how it is rationally connected to, and proportionate
to achieve, its legitimate objective.
Committee comment
1.205
The committee has previously stated that the Mutual Assistance in
Criminal Matters Act 1987 would benefit from a full review of the human
rights compatibility of the legislation, as it raises human rights concerns in
relation to the right to liberty, right to life, prohibition against torture
and cruel, inhuman and degrading treatment, the right to a fair hearing, right
to equality and non-discrimination and the right to an effective remedy.
1.206
The statement of compatibility does not acknowledge that any human
rights are engaged by the amendments to the Mutual Assistance in Criminal Matters
Act 1987 introduced in Schedule 2 of the bill. The committee therefore
seeks the advice of the Minister on the compatibility of the amendments to that
Act with these human rights.
Power for law enforcement and Australian Border Force to access computers
remotely
1.207
Schedules 3 and 4 of the bill seek to empower law enforcement agencies
and the Australian Border Force to remotely access a computer on premises the
subject of a warrant obtained pursuant to the Crimes Act and Customs Act
1901 (Customs Act), respectively.[216]
1.208
The proposed amendments provide that, for the purposes of obtaining
access to data (relevant data) held in a computer or device on premises subject
to a warrant, an officer executing the warrant (executing officer) may use any
other computer to determine if the relevant data is evidential material of the
kind specified in the warrant. In doing so, an executing officer may also copy
the relevant data, or add, copy, delete or alter other data where necessary to
use the computer or device for the purposes of the warrant.
1.209
The proposed amendments to the Crimes Act additionally seek to empower
law enforcement agencies to use a computer found during a search authorised
under the warrant (warrant computer), or telecommunications facility, or any
other electronic equipment, for the purpose of obtaining access to
'account-based data'[217] of a living or deceased person who is/was the owner or lessee of the warrant
computer, or who uses or has used the warrant computer,[218] to determine if it is evidential material of a kind specified in the warrant.
Compatibility of the measures with
the right to privacy
1.210
The statement of compatibility notes that the measure engages the right
to privacy by enabling law enforcement agencies and Australian Border Force 'to
access private communications and other information on a device using a range
of methods'.[219] However, it states that the restriction is necessary and proportionate to
achieve the legitimate objective of 'protecting national security and public
order' by providing law enforcement and Australian Border Force with 'the tools
they require to investigate criminal activity and protect Australian's [sic]
national security in a modern context'.[220] The statement of compatibility states further that 'currently... to use [the
power to access data electronically] an officer must be physically located at
the warrant premises' and that 'these amendments will allow [officers] to
access data without having to be physically present'.[221] While protecting national security and public order is capable of constituting
a legitimate objective, as noted earlier in order to justify a restriction on
human rights, the measure must address a pressing and substantial concern, not
just an outcome regarded as desirable and convenient. In this respect it is not
clear whether introducing the measures so executing officers do not have to
attend warrant premises in person addresses a pressing and substantial concern.
1.211
The power to access data held in a computer or device on premises the
subject of a warrant under the Crimes Act or Customs Act appears to be
rationally connected with the objective of protecting national security and
public order.
1.212
As to proportionality, the statement of compatibility provides that 'the
bill includes limitations to ensure the power is proportionate and does not
impact other users of communications services, including joint account
holders',[222] namely:
The addition, deletion or alteration of data is not
authorised when those actions are likely to interfere with communications in
transit or the lawful use by other persons of a computer, unless specified in
the warrant. The addition, deletion or alteration of data is also not
authorised when those actions are likely to cause other material loss or damage
to other persons lawfully using a computer.[223]
1.213
This is capable of constituting a relevant safeguard, but questions
remain as to the extent to which the safeguard will be effective. While the
addition, deletion or alteration of data is not authorised if it will
materially interfere with, interrupt or obstruct the lawful use by other
persons of a computer, it will be authorised if it is necessary to do one or
more of the things specified in the warrant.[224] Given that a computer or device on warrant premises is accessed for the broad
purposes of obtaining evidential material of the kind described in the warrant,
it appears that there could be a large number of circumstances in which adding,
deleting or altering data such as to interfere with the lawful use of that
computer by a third person could be justified as necessary to do one or more
things for the purposes of the warrant.
1.214
This raises concerns in the context of the proposed warrants under the
Crimes Act, which allow access to account-based information. This measure could
affect not just joint account holders, as the statement of compatibility notes,
but could also potentially affect any person who has used that computer, for
example to access their bank account through online banking. Further
information from the minister as to how the safeguard will operate to limit the
impact on third parties would be useful for the purposes of this analysis.
1.215
The statement of compatibility provides that the interference with
privacy is 'not arbitrary' as it is 'authorised under domestic law'.[225] However, the exercise of a power prescribed by law can still be arbitrary if it
is not necessary or if it is not sufficiently circumscribed in light of its
objectives. Here, it is relevant that the power to access relevant data
remotely can only be exercised if it is 'reasonable in all the circumstances to
do so' having regard to 'other methods (if any) of obtaining access to the
relevant data which are likely to be as effective'.[226]
1.216
This goes some way towards ensuring that the limitation on rights
occasioned by remote access to data occurs only when it is strictly necessary.
However, it is not required that other less rights restrictive means must be
pursued first if available, just that they be considered before exercising the
power. In addition, other than the availability of alternative means, no
definition or guidance is provided as to when it will be 'reasonable in all the
circumstances' to access data remotely, thereby appearing to leave interpretation
of this standard to the executing officer. Therefore, it is unclear whether
this will function as an effective safeguard to ensure that the power is only
exercised when necessary such that the limitation on rights occasioned by the
measure is proportionate to its objectives.
1.217
As currently framed, the power is such that it could be exercised in a
broad range of circumstances, including potentially where it was simply more
convenient to access information remotely than to attend warrant premises.
Further information from the minister as to how safeguards will ensure that the
measure is only used where necessary, such as any relevant guidelines that may
assist executing officers in determining whether it is ‘reasonable in all the
circumstances’ to access data remotely, would assist with this analysis.
Committee comment
1.218
The preceding analysis raises questions as to the compatibility of the proposed
power of law enforcement and Australian Border Force to access computers
remotely with the right to privacy.
1.219
The committee therefore seeks the advice of the minister as to the
compatibility of the measures with this right, including:
- the pressing and substantial concern which the measures seek
to address;
- how the proposed safeguards will be effective to limit the
impact on the right to privacy of third parties who are lawful users of the
computer or device subject to the warrant; and
- any relevant guidelines that may apply to the exercise of the
power to access data remotely.
Power for Australian Border Force to search persons who may have computers
or devices under the Customs Act
1.220
Proposed section 199A of the Customs Act in Schedule 4 of the bill
empowers a judicial officer to issue a warrant authorising an ordinary search
or a frisk search of a person where there are reasonable grounds to suspect the
person has in their possession, or will in the next 72 hours have in their
possession, any computer, or data storage device, that is evidential material.[227]
Compatibility of the measure with
the right to privacy
1.221
The statement of compatibility acknowledges that the measure engages the
right to privacy but concludes that 'the interference is proportionate and
necessary to meet legitimate objectives'.[228] The statement of compatibility states that:
While the nature of searching a person in order to gain
access to a device is inherently intrusive, it is not arbitrary as it is a
targeted law enforcement tool designed to assist the [Australian Border Force]
to effectively investigate crimes in the current technological environment. The
power has the legitimate objective of protecting national security and public
order.[229]
1.222
Protecting national security and public order are capable of
constituting a legitimate objective for the purposes of international human
rights law, where there is a pressing or substantial concern to which the
measure responds. While this is not explicitly identified, the statement of
compatibility provides that 'under existing laws, the [Australian Border Force]
could obtain a judicial warrant to search premises' but 'the amendments
recognise that information is often stored on devices, held physically by
persons, and that an inability to access the information may impede legitimate
investigation and prosecutions'.[230] Given that the device would be subject to the warrant but for it being on a
person, and given the prevalence of portable devices, such as smartphones, it
would appear this is a pressing and substantial concern which the measure seeks
to address. The measure also appears to be rationally connected to the objective.
1.223
In relation to proportionality, as noted by the statement of
compatibility, the requirement for a judicial officer to authorise warrants,
and the time limit of seven days for executing the warrant, are capable of
functioning as relevant safeguards.[231] In relation to whether the warrant power is sufficiently circumscribed, the
matters that are authorised by a search warrant relating to a person are
largely identical to those authorised in relation to the proposed powers to access
computers remotely under the Crimes Act and the Customs Act.[232] Therefore, the analysis and concerns raised above at [1.212]-[1.213] and [1.215]-[1.217]
also apply in relation to the measure. That is, whether the safeguards will
ensure that the power is only exercised when necessary, and in a manner that
will limit its impact on third parties, such that the limitation on rights
occasioned by the measure is proportionate to its objectives.
Committee comment
1.224
The preceding analysis raises questions as to the compatibility of the power
for Australian Border Force to search persons who may have computers or devices
under the Customs Act 1901 with the right to privacy.
1.225
The committee therefore seeks the advice of the minister as to the
proportionality of the limitation on this right, including whether the proposed
safeguards will be effective to limit the impact on the right to privacy of
third parties who are lawful users of the computer or device subject to the
warrant.
Amendments to the Crimes Act and Customs Act which allow electronic devices
moved under warrant to be kept for analysis for 30 days
1.226
Schedules 3 and 4 of the bill seek to amend the Crimes Act and Customs
Act respectively to extend the time period for which devices moved under
warrant can be kept for analysis to 30 days, from the current period of 14 days
permitted under the Crimes Act,[233] and 72 hours under the Customs Act.[234]
Compatibility of the measure with the right to privacy
1.227
The statement of compatibility states that 'moving a person's computer
or data storage device engages the right to privacy, as it may restrict a
person's access to person information'[235] but that it is 'a proportionate and necessary measure to achieve the legitimate
objective of protecting national security and public order'.[236]
1.228
The statement of compatibility does not identify the pressing and
substantial concern which the measure seeks to address, but states that
extending the timeframe to 30 days will ensure Australian Border Force can
'fulfil its statutory functions with forensic best practice'.[237] The statement of compatibility also indicates that extended timeframes will
allow law enforcement agencies 'adequate time to conduct the lengthy and
intricate forensic processes necessary to determine whether there is evidential
material in the electronic advice'.[238] Further information from the minister as to how these matters constitute a
pressing and substantial concern, including what constitutes 'forensic best
practice' and information as to how current timeframes are inadequate or
insufficient, would assist with assessing whether the measure pursues a
legitimate objective and is rationally connected to that objective.
1.229
As to proportionality, limited information is provided in the statement
of compatibility. It is not clear, for example, whether extending the time
period to 30 days represents the least rights restrictive approach, or whether
the same objectives could be achieved by, for example, extending the time
period for less than 30 days, or extending the number of times an extension can
be sought and the time period of those extensions. The statement of
compatibility does not identify any safeguards to ensure the measure does not
limit the right to privacy any more than necessary, nor does it consider the
impact that, for example, holding a person's computer or mobile phone for a
month, as opposed to three days or two weeks, may have on other rights.[239] It is also not clear from the bill or acts it seeks to amend whether there are
processes in place to ensure that devices are returned expeditiously if it is
determined that they do not contain evidential material relevant to the warrant
before the end of the period for which the device may be lawfully held.
Therefore, further information from the minister as to the relevant safeguards
that apply to ensure that warrant property is only held as long as necessary to
achieve the objectives of the bill would assist in determining the
proportionality of the measure.
Committee comment
1.230
The preceding analysis raises questions as to the compatibility of the amendments
to the Crimes Act 1914 and Customs Act 1901 which allow
electronic devices moved under warrant to be kept for analysis for 30 days with
the right to privacy.
1.231
The committee therefore seeks the advice of the minister as to the
compatibility of the measure with this right, including:
- the pressing and substantial concern which the measure seeks
to address (including how existing timeframes are inadequate for determining
whether the device moved from warrant premises and kept for analysis contains
evidential material of the type listed in the warrant);
- how extending the timeframes for which a device moved under a
warrant can be held for analysis is rationally connected with (that is,
effective to achieve) the objectives of the measure; and
- whether the measure represents a proportionate limitation on
the right to privacy (including whether the measure represents the least rights
restrictive approach to ensuring law enforcement and Australian Border Force
have adequate time to determine if the device contains evidential material of
the kind specified in the warrant, and any processes in place to ensure the
devices are returned expeditiously).
Release from civil liability for providing voluntary assistance to ASIO
1.232
Schedule 5 of the bill amends the ASIO Act to release from civil liability,
any person who voluntarily engages in conduct in accordance with a request from
the Director-General of ASIO, for or in relation to that conduct.[240]
Compatibility of the measure with
the right to an effective remedy
1.233
The bill does not define 'conduct' (except insofar as it specifies some
conduct which will not attract immunity from civil liability),[241] so it is difficult to assess what rights this measure may engage and limit, and
whether those limitations are legitimate for the purposes of international
human rights law. However, in general releasing a person from civil liability
in relation to conduct engages the right to an effective remedy, insofar as an
individual whose rights are violated by that conduct cannot pursue a civil
remedy against the person. This raises concerns given that 'conduct' is not
defined in the bill and therefore could potentially encompass a wide range of
acts that could impact individual rights, relevantly limited only by the
requirement that it not be an offence.[242] However, the statement of compatibility does not address the right to an
effective remedy in relation to the measure, and accordingly no assessment was
provided as to the compatibility of this measure with this right.
Committee comment
1.234
The preceding analysis raises questions as to the compatibility of
providing voluntary assistance to ASIO with the right to an effective remedy.
1.235
The committee therefore seeks the advice of the minister as to the
compatibility of the measure with this right.
Bills not raising human rights concerns
1.236
Of the bills introduced into the Parliament between 17 and 20 September,
the following did not raise human rights concerns (this may be because the bill
does not engage or promotes human rights, and/or permissibly limits human
rights):
- Aviation Transport Security Amendment Bill 2018
- Corporations Amendment (Strengthening Protections for Employee
Entitlements) Bill 2018
- Criminal Code Amendment (Food Contamination) Bill 2018
- Customs Amendment (Collecting Tobacco Duties at the Border) Bill
2018
- Customs Amendment (Peru-Australia Free Trade Agreement
Implementation) Bill 2018
- Customs Amendment (Product Specific Rule Modernisation) Bill 2018
- Customs Tariff Amendment (Peru-Australia Free Trade Agreement
Implementation) Bill 2018
- Excise Tariff Amendment (Collecting Tobacco Duties at
Manufacture) Bill 2018
- Higher Education Support (Charges) Bill 2018
- Higher Education Support Amendment (Cost Recovery) Bill 2018
- Higher Education Support Amendment (VET FEE-HELP Student
Protection) Bill 2018
- Income Tax (Managed Investment Trust Withholding Tax) Amendment
Bill 2018
- Income Tax Rates Amendment (Sovereign Entities) Bill 2018
- Maritime Legislation Amendment Bill 2018
- Treasury Laws Amendment (2018 Measures No. 5) Bill 2018
- Treasury Laws Amendment (Black Economy Taskforce Measures No. 2)
Bill 2018
- Treasury Laws Amendment (Design and Distribution Obligations and
Product Intervention Powers) Bill 2018
- Treasury Laws Amendment (Gift Cards) Bill 2018
- Treasury Laws Amendment (Making Sure Foreign Investors Pay Their
Fair Share of Tax in Australia and Other Measures) Bill 2018
- Treasury Laws Amendment (Making Sure Multinationals Pay Their
Fair Share of Tax in Australia and Other Measures) Bill 2018
- Veterans’ Affairs Legislation Amendment (Omnibus) Bill 2018
Navigation: Previous Page | Contents | Next Page