1. Introduction

There are six intelligence agencies in Australia that comprise the Australian Intelligence Community (AIC):
Australian Geospatial-Intelligence Organisation (AGO),
Australian Security Intelligence Organisation (ASIO),
Australian Secret Intelligence Service (ASIS),
Australian Signals Directorate (ASD),
Defence Intelligence Organisation (DIO), and
Office of National Assessments (ONA).
Together, AGO, ASD and DIO are known as the Defence Intelligence Agencies (DIAs).1
The AIC operates within a strict oversight and accountability framework, which balances the need for public accountability with the need for agency operations and other sensitive information held within agencies to remain classified to protect Australia’s national security.
Within this oversight framework, the intelligence agencies have limited public reporting responsibilities because of the need to protect certain information about the agencies’ work. ASIO is the only intelligence agency that produces an annual unclassified report to Parliament.
Notwithstanding the need to keep certain information confidential, there are several levels of oversight to ensure that intelligence agencies are held accountable to the Australian Government, to the Parliament and through it to the Australian public. This oversight includes:
the Inspector-General of Intelligence and Security (IGIS), who provides independent assurance that the AIC agencies conduct their activities within the law, behave with propriety and comply with ministerial guidelines and directives,2 and
parliamentary oversight, including oversight of administration and expenditure by the Parliamentary Joint Committee on Intelligence and Security.

Role of the Committee

The Committee was established pursuant to section 28 of the Intelligence Services Act 2001 (the IS Act). Its functions include an obligation to review the administration and expenditure of each of the intelligence agencies, including their annual financial statements.3
This important oversight role is carried out in circumstances where the transparency and public accountability of the intelligence agencies must be balanced with the need to protect national security.
The Committee is privy to detailed, largely classified, information about the administration and expenditure of agencies. Each agency provides information on its administration and expenditure to the Committee in the form of written submissions, by appearing to give evidence in private (classified) hearings, and by providing private briefings to the Committee, at its request. Much of the evidence received by the Committee must remain confidential, due to its classified nature.
The Committee has only a limited role in these reviews in advising what level of resources is appropriate for each agency to protect Australians from risks to national security. Similarly, the Committee has no role in determining what the national security priorities should be.4
Rather, the Committee has responsibility to analyse the evidence put before it and report to the Parliament (and through it, to the Australian community) on any changes to administration and expenditure, or any other issues which the Committee identifies, that may affect the agency’s ability to continue to meet its objectives.

Conduct of the inquiry

The Committee commenced its inquiry on 12 October 2016.
Submissions were sought and received from the six intelligence agencies, the Auditor-General for Australia and the IGIS. A list of submissions, including several supplementary submissions received in response to questions from the Committee, is at Appendix A.
The majority of submissions received were classified by the respective agencies. Accordingly, these submissions have not been authorised for publication and are not publicly available. However, unclassified excerpts from these submissions are used in this report.
Unclassified submissions from ASIO, ONA, the Department of Defence and the IGIS are available on the Committee’s website.
ASIO additionally provided the Committee with copies of its classified Corporate Plan 2016–17 to 2019–20, unclassified ASIO Annual Report 201516, and Appendix H to its classified Annual Report 2015–16 concerning authorisations for telecommunications data pursuant to paragraphs 94(2A)(c)–(j) of the Australian Security Intelligence Organisation Act 1979 (ASIO Act).5
Private (classified) hearings were held on 22, 23, 29 and 30 March 2017 with representatives of the six intelligence agencies and the IGIS. Appendix B lists the witnesses who appeared before the Committee. Transcripts of these hearings are classified and are not publicly available. However, unclassified aspects of the transcripts are referred to in this report.
The Committee also received private briefings during the reporting period on Australia’s new National Threat Advisory System and on an Australian National Audit Office audit report on the central administration of security vetting.6
The report is divided into three chapters. Chapter 2 discusses administration of the intelligence agencies. The expenditure and financial position of the intelligence agencies are discussed in Chapter 3.

The security environment in 2015–16

In its submission, ASIO updated the Committee on the security environment in 2015–16 and the outlook for the years ahead.
ASIO outlined security challenges in the following key areas:
terrorism, including onshore terrorist attacks and disruptions, and global terrorist attacks,
communal violence and violent protest,
espionage, foreign interference and malicious insiders, and
border integrity.7


ASIO reported that Australia’s National Terrorism Threat Level had remained at PROBABLE throughout the reporting period, meaning that ‘credible intelligence, assessed to represent a plausible scenario, indicates an intention and capability to conduct terrorist attacks in Australia’.8 ASIO advised that, while the range of factors leading to the National Terrorism Threat Level being initially raised in September 2014 had evolved (and some had deteriorated), their ‘cumulative impact’ remained significant and so the Threat Level had remained elevated. ASIO noted that during the year, one terrorist attack was conducted in Australia and three terrorist plots were disrupted.9
ASIO informed the Committee that
[t]he principal terrorist threat in Australia emanates from the small number of Australia-based individuals who remain committed to anti-Western violent Sunni Islamist extremist ideology. This group presents a direct threat as well as a secondary threat due to their ability to influence others.10
Particular risks identified by ASIO included:
Some extremists turning their attention to onshore attack-planning after the cancellation of their Australian passports, preventing them from travelling to join terrorist groups in the conflict zones in Syria and Iraq.
Returnees from the conflict in Syria and Iraq. While the ‘vast majority’ of the around 40 returnees from the conflict are ‘not of security concern’, ASIO advised that ‘in the longer term, the small number ASIO is concerned about will be joined by others returning from the conflict who have trained and fought with [Islamic State in Iraq and the Levant (ISIL)], and other groups of concern in the region’.
Recruitment and radicalisation by Australia-based extremists.11
ASIO added that the ‘changing nature of terrorism provides challenges to the early identification and detection of threats’. While large-scale attacks were still occurring around the world, including attacks coordinated by multiple people, there had been a ‘trend towards simpler attacks’, which ‘can require minimal preparation and be perpetrated by lone actors’.12
In relation to international terrorism, ASIO advised that the predominant threat emanated from ISIL and al-Qa’ida:
Both have an international following and global reach, and both leverage this to promote an anti-Western, violent Sunni Islamist extremist ideology. They conduct attacks against Western interests, religious minorities and secular interests, and also exhort adherents to take unilateral action. Regional threats come from a range of entities affiliated with, and inspired by, these two groups. These include the South-East Asia-based Abu Sayyaf Group (ASG), Africa-based Boko Haram, al-Shabaab and al-Qa’ida in the Islamic Mahgreb (al-Qa’ida-IM), and the Asia-based Taliban.13
ASIO added that the conflict in Syria and Iraq was central to the global resurgence of Islamist extremist terrorism, and noted that ISIL was increasing its influence in South Asia, South-East Asia, and Africa. The security environment had also worsened in Europe and in Turkey.14

Communal violence and violent protest

ASIO noted that while Sunni Islamist extremism was the pre-eminent terrorist threat facing Australia, ‘other groups continue to engage in politically motivated violence and the promotion of communal violence’:
Members of these groups are diverse and have differing agendas, including extreme right-wing and extreme left-wing ideologies. A few small subsets of these groups are willing to use violence to further their own interests. While their activities are concerning, they remain a small part of their broader movements and their activities are presently unlikely to lead to wide-scale violence or pose a threat to social cohesion.15
ASIO explained that while violence at protests was rare, ‘social discourse around anti-Islam and anti-migration issues’ had increased, with public protests for and against becoming more frequent and providing more opportunities for convergence between ideological adversaries. Sporadic violence at protests during the year had ‘mostly comprised small-scale clashes between right-wing and left-wing opponents at anti-Islam protests or protesters targeting police maintaining public order’.16
ASIO added that other groups with overseas separatist agendas were ‘represented in Australia’, but that ‘their membership is small and their influence is limited’.17

Espionage, foreign interference and malicious insiders

ASIO reported that espionage and foreign interference targeting Australian interests ‘remains pervasive and enduring’, and that it had observed ‘increased targeting of Australian interests in Australia and abroad through a variety of methods against an array of sectors’. ASIO further explained:
A range of countries continue to conduct espionage against Australia’s vital national interests, including our defence capabilities and economic intent. Economic espionage is driven by Australia’s role as a global commodity supplier, potential joint venture partner, market competitor, and our advances in scientific research. Inappropriate and untoward foreign interference in Australia aims to shape the actions of decision-makers and public opinion in order to achieve an outcome favourable to foreign interests.18
ASIO’s submission also outlined the threat of cyber espionage:
Cyber espionage can have a significant impact on Australia’s national security, economic prosperity, sovereignty and international reputation. Foreign state-sponsored adversaries are targeting the networks of the Australian Government, industry and individuals to achieve intelligence requirements relating to economic advantage, foreign policy, defence and security information, science and technology. The range, scale and sophistication of state actors engaged in hostile cyber espionage activity against Australian Government and private sector systems continues to increase, as does the threat from malicious insiders. An increasing number of countries are pursuing a cyber espionage program as this offers returns for relatively low cost and plausible deniability. The continued evolution of technology increases the sophistication and complexity of attacks, while rendering the capability increasingly accessible.19
ASIO noted that ‘understanding and degrading’ espionage and foreign interference was ‘among the most challenging types of intelligence work’. It cautioned, however, that undetected espionage can have ‘long-term implications, undermining our society and way of life’.20
ASIO also highlighted its work across government to prevent breaches of security caused by either self-motivated or recruited ‘malicious insiders’.21

Border integrity

ASIO reported that the people-smuggling environment remained similar to the previous two reporting periods, with ‘significant reduction in planned and actual illegal maritime ventures to Australia’. However,
people smugglers motivated by financial gain sustained their attempts to recruit potential illegal immigrants actively by marketing misinformation about Australia’s border policy, political situation and other events as indicators that Australia’s border policy would be relaxed.22

  • 1
    Department of Defence, Submission 3, p. 1.
  • 2
  • 3
    See section 29 of the Intelligence Services Act 2001 (IS Act).
  • 4
    Reviewing the intelligence gathering and assessment priorities of agencies is expressly prohibited under paragraph 29(3)(a) of the IS Act.
  • 5
    Under amendments to the IS Act enacted through the passage of the Telecommunications (Interception and Access) Amendment (Data Retention) Act 2015, it is a function of the Committee to, subject to certain restrictions, review any matter that relates to the retained data activities of ASIO and is included, under paragraph 94(2A)(c)–(j) of the ASIO Act, in a report referred to in subsection 94(1) of that Act. See IS Act, paragraph 29(1)(bd).
  • 6
    See Australian National Audit Office, Report No. 45 of 2014–2015, Central Administration of Security Vetting, 9 June 2015.
  • 7
    ASIO, Submission 8, pp. 3–9.
  • 8
    The National Terrorism Threat Level was raised from MEDIUM to HIGH in September 2014. Following implementation of the new National Threat Advisory System in November 2015, the equivalent level of PROBABLE was allocated.
  • 9
    ASIO, Submission 8, p. 3.
  • 10
    ASIO, Submission 8, p. 4.
  • 11
    ASIO, Submission 8, p. 4.
  • 12
    ASIO, Submission 8, p. 4.
  • 13
    ASIO, Submission 8, p. 4.
  • 14
    ASIO, Submission 8, p. 5.
  • 15
    ASIO, Submission 8, p. 8.
  • 16
    ASIO, Submission 8, p. 8.
  • 17
    ASIO, Submission 8, p. 8.
  • 18
    ASIO, Submission 8, p. 8.
  • 19
    ASIO, Submission 8, p. 8.
  • 20
    ASIO, Submission 8, p. 9.
  • 21
    ASIO, Submission 8, p. 9. ‘Malicious insiders’ was defined as ‘potential, current or former government employees who have privileged access to information, techniques, technology, assets or premises who deliberately compromise their privileged position [and] breach their duty to maintain the appropriate security conferred upon them by the nature of this access’.
  • 22
    ASIO, Submission 8, p. 9.

 |  Contents  |