2.1
In undertaking its review of the administration of the Australian Intelligence Community (AIC) for the 2017–18 financial year, the Committee asked agencies to provide submissions addressing the following aspects of their agency:
strategic direction and priorities;
changes (if any) to the structure of the organisation;
legislative changes that have impacted on administration of the agency;
involvement (if any) in litigation matters;
human resource management, including:
staffing numbers and demographic information;
recruitment and retention strategies;
staff departure and separation rates;
workplace diversity statistics and initiatives;
training and development;
individual performance management;
staff feedback, complaints and investigations; and
accommodation and facilities;
changes to the distribution of staff;
information and communications technology initiatives;
organisational performance evaluation and accountability; and
public relations and/or public reporting, including requests for public access to records.
2.2
Additionally, the Committee asked each agency to report on certain aspects of their administration that are specific to their agency.
2.3
In their submissions, agencies outlined significant developments and the relevant aspects of their administration for the 2017–18 reporting period. The majority of the evidence received was classified, so has not been authorised for publication. The Committee scrutinised all material provided and followed up on several issues with additional written questions and classified hearings.
2.4
This chapter reports the Committee’s findings on the administration of the agencies. In some areas, the discussion is necessarily general due to security needs.
Legislative changes
2.5
During the reporting period, the Committee conducted inquiries into several bills that affected the operations of the AIC agencies, particularly ASIO.
2.6
Where applicable, agencies commented in their submissions on the extent to which these bills and other legislative changes had impacted on their agency’s administration.
ASIO
2.7
Four bills which significantly impacted ASIO and its operations were passed by the Australian Parliament during the reporting period, including:
the National Security Legislation Amendment (Espionage and Foreign Interference) Act 2018;
the Foreign Influence and Transparency Scheme Act 2018;
the Security of Critical Infrastructure Act 2018; and
the Telecommunications and Other Legislation Amendment Act 2017.
2.8
ASIO reported that it has been consulting with the Department of Home Affairs, the Australian Federal Police (AFP), the Attorney-General’s Department and other AIC agencies in relation to the new legislation. It noted that the legislation has created a number of new offences and that this has resulted in increased demand from ASIO staff for the advice and support of legal officers with regard to ‘operational activities, the protection of ASIO’s capabilities from unnecessary compromise and the management of legal proceedings’.
ASD
2.9
ASD remained part of the Department of Defence during the reporting period, but undertook significant preparation ahead of its largest transformation since it was originally established as the Defence Signals Bureau in the aftermath of the Second World War. On 18 July 2017, the then Prime Minister, the Hon Malcolm Turnbull MP announced that the Australian Government would implement the 2017 Independent Intelligence Review recommendation to transform ASD into a separate statutory agency within the Defence portfolio. As already noted, the passage of the Intelligence Services Amendment (Establishment of the Australian Signals Directorate) Act 2018 amended the Intelligence Services Act 2001 (IS Act) to bring the Australian Cyber Security Centre into ASD and establish it as statutory agency from 1 July 2018.
2.10
ASD reported that preparations included several recruitment processes to identify individuals for senior leadership positions within the new agency to support and lead transition work. Mr Mike Burgess was appointed the new Director of ASD and Lieutenant General John Frewen as the Principal Deputy Director of ASD.
ONA
2.11
There were no legislative changes that affected the administration of ONA during the reporting period. However, ONA reported that ‘extensive work’ was undertaken on drafting the Office of National Intelligence Bill to facilitate ONA’s transformation into the Office of National Intelligence (ONI) with an expanded remit including leadership of the National Intelligence Community (NIC). As already noted, the Office of National Intelligence Act 2018 subsequently passed on 20 December 2018, outside of the period being considered as part of this review.
DIO
2.12
DIO’s operations were not subject to any major legislative changes during the reporting period, but it did participate in consultation for the Review of the Legal Framework Governing the National Security Community being conducted by Mr Dennis Richardson AO at the direction of the
Attorney-General (known as the Richardson Review).
AGO
2.13
AGO noted the impact of the Defence Legislation Amendment (2017 Measures No. 1) Act 2017 on the agency’s enabling legislation. The Act amended the IS Act, the Navigation Act 2012 and the Telecommunications Act 1997 to transfer hydrographic, meteorological and oceanographic functions from the Royal Australian Navy to the AGO.
ASIS
2.14
ASIS did not draw the Committee’s attention to any major legislative changes impacting its operations during the reporting period. Although, it did note work underway to seek amendments to the use of force provisions in the IS Act, ‘to enable ASIS to perform its functions as safely and effectively as possible’. The resulting Intelligence Services Amendment Act 2018 was passed on 5 December 2018, outside of the period being considered as part of this review.
Litigation
2.15
ASIO’s involvement in litigation and other legal matters continued ‘at a high tempo’ during 2017–18. Matters included terrorism and other prosecutions; civil lawsuits; and judicial and merit reviews of security assessments. It provided evidence to prosecutions, and responded to subpoenas and disclosure requests. Specifically, during the reporting period:
ASIO managed 15 adverse security assessment reviews before the Security Division of the Administrative Appeals Tribunal (AAT);
two further security assessments were reviewed in the Federal Court of Australia and the High Court of Australia; and
ASIO contributed to the prosecution of individuals on terrorism offences in Queensland, South Australia, Victoria and New South Wales by identifying concerning activities and through the use of intelligence and evidence.
2.16
ASIS reported that continues to be engaged in a number of litigation matters, the most high-profile of which is the case relating to the former staff member known as Witness K.
2.17
ONI noted that it was involved in one legal matter during the reporting period. DIO, AGO and ASD were not party to any litigation matters during the reporting period.
Use of ASIO’s special powers
2.18
ASIO reports each year on its special powers under the Australian Security Intelligence Organisation Act 1979 (ASIO Act) and the Telecommunications (Interception and Access) Act 1979 (TIA Act) to use specific methods of investigation, which include telecommunications interception and access; use of surveillance devices; entry and search of premises; computer access; and the examination of postal and delivery service articles.
2.19
The Attorney-General issues all warrants for ASIO to employ its special powers, other than questioning warrants and questioning and detention warrants which are issued by a prescribed authority (usually a retired judge). Warrant requests are made by the Director-General of Security, and are usually independently reviewed by the Attorney-General’s Department, before consideration and possible approval by the Attorney-General.
2.20
In seeking a warrant, ASIO must comply with guidelines issued by the Attorney-General and, following the issue of a warrant, report back to the Attorney-General on the extent to which the warrant assisted ASIO to perform its functions.
2.21
The number of warrants approved by the Attorney-General is classified and cannot be reported by the Committee. However, following increases in 2013–14 and 2014–15, and a small reduction in 2015–16, the number of warrants or authorisations for ASIO to exercise its special powers remained stable during the 2016–17 and 2017–18 reporting periods (returning to similar levels as 2014–15).
Strategic direction, priorities and organisational structure
2.22
The Committee requested intelligence agencies to report on their organisation’s strategic direction and priorities, as well as any changes to organisational structure. A summary is provided below.
ASIO
2.23
According to ASIO, the 2017–18 reporting period was a time of ‘unprecedented change’ presenting a number of challenges for its operations. It suggested that the current security environment is complex, technology is rapidly evolving, community expectations around privacy and security are shifting, and there have been ‘overlapping peaks’ in its counter-terrorism and counter-espionage programs.
2.24
ASIO responded to these challenges by commissioning Mr David Thodey AO to review the agency’s technology with a view to strategically positioning its operations for the future. The resulting report A digital transformation of Australian Security Intelligence Organisation (January 2018), recommended that ASIO ‘fundamentally overhaul its technology and operating model and develop one that is more able to thrive in the contemporary security and technology environment’.
2.25
As of 13 September 2019, the report remained under consideration by the Australian Government. However in preparation for a Government response, ASIO has established an Enterprise Transformation Office ‘to drive this program of major transformational change’. The Enterprise Transformation Office has begun foundational work, including the development of a strategic plan for 2018–2023, funded from a combination of existing resources and a proportion of the 2018–19 funding measure entitled ‘National Security Agencies additional resourcing’.
2.26
ASIO acknowledged that transforming its technology and operating model will require ‘significant new financial investment’.
ASIS
2.27
In December 2017, Major General (RETD) Paul Symon AO was appointed the 14th Director-General of ASIS. Since his appointment, Mr Symon has overseen a number of review and reform initiatives aimed at ensuring ASIS continues to thrive in the future. Strategic planning, workforce and training initiatives, and technological programs are being progressed.
ONA
2.28
In December 2017, Mr Nick Warner AO PSM was appointed Director-General of ONA. Under Mr Warner’s leadership, ONA continued working with the Department of Prime Minister and Cabinet to implement the recommendations of the 2017 Independent Intelligence Review that relate directly to ONA, including its transition to ONI and its expanded mandate to lead efforts to forge a ‘truly’ national intelligence enterprise. ONA provided a corporate plan to the Prime Minister in August 2017 covering the period from 2017–2021.
2.29
ONA also reported that it supported and led several classified government initiatives during the reporting period.
ASD
2.30
As already noted, on 28 March 2018, the Australian Parliament passed legislation transforming ASD into an independent statutory agency with effect from 1 July 2018. ASD described the activities it undertook during the reporting period to prepare for this transition. It progressed machinery of government changes to consolidate the ‘cyber workforces’ of several agencies within ASD, it established new enterprise management arrangements, and a new organisational structure was designed and implemented to position ASD to deliver the Australian Government’s ambitions for the new statutory agency.
2.31
ASD also highlighted its new corporate plan which defines the strategic objectives of the statutory agency, including:
providing intelligence that protects and advances Australia’s national interests;
fostering national cyber security resilience;
supporting military operations and protecting Defence personnel;
countering cyber-enabled threats, crime and terrorism; and
providing advice and expertise to government, law enforcement, business and the community.
DIO
2.32
DIO noted that its strategic priorities are set by its leadership team consisting of its Director, Deputy Director, Branch Heads, Director Corporate Strategy and Accountability, and Director Executive. DIO reported that in 2017–2018, the leadership team met weekly to consider organisational planning and analytic issues.
2.33
DIO informed the Committee that during the reporting period it commenced several review and strategic projects aimed at continuing to build and refine its capabilities and services. The details of these projects are classified and cannot be included in this report.
AGO
2.34
AGO reported that it continued work to consolidate Defence geospatial functions within AGO and invest in geospatial-related capabilities in line with the recommendations of Defence’s First Principles Review. The First Principles Review was commissioned in August 2014 to ensure Defence remains fit for purpose and able to deliver on its strategic priorities using minimal resources. A final report was released by the Minister for Defence in April 2015. AGO noted that it is implementing several projects aimed at expanding its customer base and enhancing sovereign imagery capabilities to meet Australian Government and Defence requirements.
Human Resource management and demographics
2.35
The Committee asked the intelligence agencies to provide an update on human resource management and demographics issues, including:
staffing numbers and demographic information;
recruitment and retention strategies;
staff departures and separation rates;
workplace diversity statistics and initiatives;
training and development;
individual performance management;
staff feedback, complaints and investigations (including public interest disclosures and any code of conduct, fraud, or bullying/harassment-related investigations); and
accommodation and facilities, including all locations within Australia were staff are present and any current or planned changes to accommodation arrangements.
2.36
Information provided to the Committee regarding the staffing and management arrangements of each agency was mostly classified. However, where possible, these issues are discussed below.
Staff numbers and demographics
2.37
As at 30 June 2018, ASIO employed 1,980 staff (1,814.9 full time equivalent/FTE), reflecting 1.1 per cent growth from a year earlier (1,931 staff or 1,794.3 FTE). Staff comprised 60 Senior Executive Service (SES) Officers, up from 53 the year before; 608 ASIO Executive Officers levels 1, 2 and 3, up from 550 the year before; and 1,312 other staff, down from 1,328 the year before. Male employees outnumbered female employees with 1,078 of the former and 902 of the latter. A total of 333 staff came from a non-English speaking background, 10 identified as Aboriginal and Torres Strait Islander and 20 staff had a disability. The age of employees varied with 67 staff aged 24 years or under, 555 aged between 25 and 34 years, 651 staff aged between 35 and 44 years, 435 aged between 45 and 54 years and 272 staff aged above 55 years. Approximately three quarters of ASIO’s workforce was located in Canberra.
2.38
ONA reported that it had 191 employees (including the Director-General) as of 30 June 2018, an increase of 26 employees from the previous year. Its workforce comprised 178 ongoing staff and 13 non-ongoing staff. A total of 31 employees worked part-time hours (including six casual employees) and 90 employees (approximately 50 per cent) were women, seven of which are at the SES level.
2.39
ONA noted that during the reporting period it established a new organisational structure and staffing profile to support its transition to ONI and the corresponding expansion of its remit.
2.40
Staffing demographics information provided by ASIS, ASD, DIO and AGO were assigned classifications or Dissemination Limiting Markers, and cannot be published in this report. However, broadly speaking, after a slight decrease in the number of ASD staff in the 2015–16 reporting period, the total number of staff in ASD has increased across the 2016–17 and 2017–18 reporting periods. Likewise, ASIS experienced a decrease in staff during the 2014–15 reporting period, followed by a steady increase in the number of employees since then. A slight increase in staff during the 2017–18 reporting period puts DIO’s workforce at the largest it’s been since 2015–16. A similar observation can be made about AGO’s workforce.
Recruitment and retention strategies
2.41
ASIO achieved a net growth of 49 ongoing staff during 2017–18. It conducted 80 recruitment processes during the reporting period, including bulk recruitment, role-specific recruitment and career fairs. It received 9,643 applicants, six per cent of whom were found suitable. Comparatively, in the 2016–17 reporting period, ASIO undertook 48 recruitment activities and received 10,211 applicants, six per cent of which were found suitable.
2.42
ASIO is investing resources into analysing the recruitment pipeline including recruitment, vetting, cognitive assessments and inducting new employees—with a view to streamlining its processes. It also reported that it has commenced a ‘functional review’ to determine which of its operations could be decentralised to regional offices to enable it to recruit from new talent pools, and provide broader career options for the current workforce. ASIO currently offers secondments to and from federal, state and territory government agencies, international counterparts and other bodies.
2.43
ONA reported that its Workforce Management Committee informs its recruitment and workforce planning activities. During the reporting period, all its recruitment was considered in the context of required organisational growth, budgeted average staffing level targets and strategic priorities.
2.44
ONA’s retention strategies included offering secondments, temporary transfers, coaching, training, promotion activities and flexible work arrangements. ONA hosted five graduates from the Department of Defence for an external rotation and maintains a similar arrangement for Department of Foreign Affairs and Trade graduates.
2.45
ASD noted that it has commenced a range of outreach programs and collaborations with partners across the cyber security community to implement new Science Technology Engineering and Maths (STEM) programs and cyber security initiatives with students from primary school to tertiary education.
2.46
ASD conducted 77 recruitment processes and hired 300 ongoing employees during the reporting period—mostly from the private sector—a significant increase from 187 recruits made during 2016–17. Of these recruits, 58 were graduates who completed a 12 month training program funded by the Department of Defence before being transferred to ASD.
2.47
ASD noted that it would develop a suite of strategies to attract and retain staff following its transformation into an independent statutory authority on 1 July 2018.
2.48
ASIS informed the Committee that it used bulk recruitment activities to fill vacancies across a variety of employment streams.
2.49
DIO recruited more employees this reporting period than in 2016–17 or in 2015–16. Similarly, AGO conducted more recruitment rounds during the reporting period than in previous years.
Separation rates
2.50
ASIO reported a separation rate of 5.05 per cent, down from 5.26 per cent during the previous year. The average tenure of all separating ASIO employees (including contractors) was four years versus 11 years average tenure for separating ongoing ASIO employees.
2.51
During the reporting period ONA’s separation rate was eight per cent, significantly lower than the 15 per cent recorded for the previous year. Of the 16 employees which left ONA, 10 resigned, four transferred to another agency and two retired.
2.52
ASD reported that its separation rate has remained fairly stable since 2016.
2.53
ASIS did not report its employee separation rate to the Committee.
2.54
Both DIO and AGO’s employee separation rates were slightly lower this reporting period than in the previous reporting period. AGO noted that it has strategies in place to assist with staff retention.
Training and development
2.55
All agencies described the training and development initiatives pursued during the reporting period, encompassing both corporate and operational activities.
ASIO
2.56
ASIO demonstrated that it continues to offer its workforce access to varied training and development opportunities designed to position staff to contribute to its enterprise transition program.
2.57
During the reporting period, ASIO approved or conducted 135 training courses (down from 146 the year before), attended by 1,367 staff. It also allocated $316,413 to enable 137 staff to participate in study programs and a further $159,050 to 13 domestic and two international development opportunities attended by 15 SES officers.
2.58
Select ASIO officers participated in the organisation’s year-long Intelligence Development Program which offers specialist training streams for Intelligence Officers and Intelligence Analysts. The Intelligence Analysts stream was introduced in 2017 after a pilot program the year before. It offers a dedicated training program and career progression to individuals seeking to specialise in intelligence analysis, or individuals who fail to complete the Intelligence Officer stream.
2.59
ASIO highlighted its efforts to improve the technological understanding of its senior executives to equip them to respond to challenges and take advantages of the opportunities offered by new technologies. It also noted a range of entry-level training programs, including a Future Technologists Graduate Program, the Information and Communications Technology Traineeship, the Surveillance Officer Traineeship and a Graduate Lawyer Program.
2.60
Lastly, ASIO reported that it is working with ONA to shift the National Centre for Intelligence Training and Education (NCITE) to ONA in preparation for its transition to ONI. The NCITE is communally funded by the AIC and, until the formation of ONI, had been hosted by ASIO on behalf of the AIC.
ONA
2.61
ONA’s total expenditure on learning and development was significantly higher for 2017–18 than the previous year. Staff had access to a broader range of courses aimed at supporting ONA’s transition into ONI, for example ‘leading through change’ workshops for staff at all levels and ‘presentation and briefing skills training’ to prepare analysts to engage with a wider clientele.
2.62
During the reporting period, four ‘high performing’ EL2 employees were selected to attend the Australian Public Service Commissions’ Career Development Assessment Centre. Study leave and financial assistance of approximately $48,000 was provided to employees through ONA’s study assistance.
2.63
ONA also informed the Committee that it has begun examining the skills profile across intelligence agencies to identify gaps in expertise and training so that as it transitions to ONI it can support the development of the national intelligence community:
… what we’re trying to do is work with the community as a whole to come up with a framework for learning and development across the community to look at the skills gap, to look at what a future leadership model looks like and where we can leverage training… one of the things we’re doing at the moment is coming up with a learning and development draft road map that we’re talking to the agencies about and hoping to put in place…
2.64
ONA noted that the national intelligence community could look at enhancing leadership through shared learning, development and mobility programs.
ASIS
2.65
The Committee heard that ASIS provided its staff with a broad range of corporate and operational training during the reporting period. The details of this training are classified and cannot be included in the report.
Defence Intelligence Agencies
2.66
ASD reported that the majority of its workforce maintained proficiency in mandatory general training provided by the Department of Defence, including: work health and safety; workplace behaviour; fraud and integrity awareness; and security awareness. DIO and AGO also noted staff participation in these programs. AGO reported that staff proficiency in these courses had increased since the last reporting period, whereas DIO staff proficiency had risen or fallen depending on the course.
2.67
DIO and AGO informed the Committee that their staff had access to specialist training and courses offered to the NIC more broadly.
2.68
ASD highlighted the leadership training offered to its APS 5 and 6 officers, as well as executive level staff. It offered courses aimed at developing skills and knowledge in line with the Defence Leadership Framework. Select executive level staff were also selected to participate in a ‘leading for reform program’ designed to equip them with the skills to successfully manage staff through periods of reform and improvement.
2.69
ASD also offers employees access to a range of specialist training which supports it capabilities. The details of these courses are classified.
Individual performance management
2.70
All agencies reported on their arrangements for managing the performance of their employees.
2.71
ASIO advised the Committee that, following reform of performance management policies and processes in 2015–16 and 2016–17, it achieved 100 per cent compliance for employee participation in the performance cycle in 2017–18. ASIO noted that it will now focus on strengthening the quality of employee-manager discussions through training, coaching and early intervention.
2.72
The Committee heard that all ONA employees are expected to participate in its performance development framework program.
2.73
The performance of the Defence Intelligence Agencies’ APS employees is formally assessed twice a year, as part of the Defence Performance Feedback Assessment and Development Scheme, which informs performance progression payments. ASD reported that incomplete performance progression statistics were available for the reporting period, but of the 1,179 employees which had their performance evaluated, 177 employees were denied progression. Of those, four had not completed mandatory training and the remaining employees were ineligible because they were on leave or probation, were new starters or trainees, or had recently been promoted. The overwhelming majority of DIO and AGO staff had their progression approved. Those who were denied, failed to progress for similar reasons as ASD staff.
2.74
ASIS updated the Committee on work to refine its performance management tools and support services.
Workplace diversity
2.75
Agencies provided information on the diversity of their workforces.
ASIS
2.76
ASIS updated the Committee on strategies which have been underway across reporting periods to increase diversity of its workforce and promote a more inclusive and equitable workplace.
ASIO
2.77
ASIO reported that 46 per cent of its staff are women, up from 45 per cent the previous year and 44 per cent the year before that. Just under half of its SES employees are women. A total of 18 per cent of all employees are from non-English speaking backgrounds, one per cent identify as Aboriginal or Torres Strait Islander and one per cent have reported that they have a disability.
2.78
The percentage of ASIO staff from a non-English speaking background has remained constant during the last two reporting periods after a two percent increase in 2016–17. The percentage of employees identifying as Aboriginal or Torres Strait Islander or who report having a disability, has remained stable across the last three reporting periods.
DIO
2.79
DIO reported that it has not achieved gender parity in its workforce with less than half of employees at the APS 5, EL1, EL2 and SES levels being women. Female employees outnumbered male employees only at the APS 3 and APS 4 levels. It noted that it is working to increase the diversity of its workforce, using strategies such as affirmative measure recruitment and including disability access into future building works. However, diversity figures have remained stable over time.
AGO
2.80
AGO informed the Committee that women comprise just under 40 per cent of its APS staff and approximately 20 per cent of its ADF staff. Its overall percentage of female staff increased by approximately four percentage points between the current and previous reporting periods, after remaining steady for several years. AGO credited Defence’s diversity and inclusion strategy 2012–2017 for the increase in women, as well as a rise in the number of women participating in the AGO graduate program. The percentage of employees from culturally and linguistically diverse backgrounds has decreased slightly across the last three reporting periods.
ASD
2.81
ASD reported that the percentage of female and male employees in its workforce has remained relatively stable across the last two reporting periods, despite an increase in overall staffing levels. Age demographics across the organisation have also remained consistent across the organisation since 2015–16, with employees under 40 years of age comprising 59 per cent of the workforce. A total of 36 percent of ASD’s workforce is aged between 25 and 34 years, 19 per cent are 50-plus years of age and seven per cent are aged less than 25 years.
2.82
The proportion of ASD’s workforce comprised of culturally and linguistically diverse employees has remained stable across the last three reporting periods.
2.83
ASD noted that diversity and inclusion will be integrated into all aspects of its employee lifecycle and planning from the end of 2019 onwards.
ONA
2.84
ONA advised that it has met self-established gender stretch targets during the last two years, increasing the number of women it employs at both the SES and EL2 level. However, it also noted that further work is required to achieve gender parity, particularly in its analyst cohort. ONA has three staff (of a total of 191 staff) that identify as Indigenous.
2.85
ONA will continue initiatives such as mentoring programs and online unconscious bias training. It is also working on a new Inclusion Strategy to outline its vision for workplace inclusion and projects for achieving this vision. The strategy will include a disability employment target.
Language skills
2.86
ONA submitted that maintaining staff proficiency in foreign languages is important to its capabilities. As of 30 June 2018, 28 ONA employees were accredited in one or more foreign languages and were receiving a proficiency allowance. Approximately eight per cent of ONA’s total training budget was spent on language training.
2.87
ASIO disclosed that it allocated $271,361 to its language skills development program during the 2017–18 reporting period. Its expenditure on language programs has reduced across the last three reporting periods. A total of 32 staff participated in the program this reporting period, down from 34 the previous year. ASIO also delivered a range of language courses and seminars internally and across the intelligence community.
2.88
Further information in relation to intelligence agencies language skills cannot be published due to classifications or Dissemination Limiting Markers.
Staff feedback and complaints
ASIO
2.89
ASIO informed the Committee of the outcome of its biannual staff survey, most recently conducted in June 2017 with approximately 62 per cent staff participation. Results were positive with around 91 per cent of staff indicating job satisfaction and improvements recorded in ‘key areas’ since the last survey. The survey did indicate areas which would benefit from attention, such as career management processes.
2.90
The Committee also received an update on the work of the ASIO Ombudsman, ‘an external service provider who works to resolve staff issues or concerns impartially and informally, through advice, consultation and mediation’. During the reporting period the ASIO Ombudsman met regularly with ASIO’s senior management and staff representatives and provided support to employees and line managers, including:
providing advice in response to three informal contacts from staff;
undertaking two preliminary reviews of investigative matters;
responding to three policy queries;
undertaking health checks on two business areas; and
undertaking two code of conduct investigations.
2.91
ASIO advised that it received one public interest disclosure report during 2017–18 (compared to four reports received the year before). The matter was referred to ASIO’s Human Resource Branch and the ASIO Ombudsman was not involved in this matter.
2.92
ASIO drew the attention of the Committee to its network of Harassment and Discrimination Advisers. The network is comprised of 31 volunteers who provide staff members with information and an impartial support on issues of discrimination, harassment, bullying and other forms of inappropriate behaviour. ASIO reported that Harassment and Discrimination Advisers reported fewer incidents this year than in the two previous reporting periods.
ASD
2.93
ASD noted that it received six recorded complaints of unacceptable behaviour during the reporting period, up from three made during 2016–17. All were substantiated and resolved through informal means. ASD also processed four alleged breaches of the APS Code of Conduct, three of which were resolved through management action, termination or resignation and one which remained ongoing at the end of the reporting period.
2.94
The Committee also heard that one public interest disclosure was investigated in relation to ASD. ASD actioned all three recommendations made in the associated final report.
ONA
2.95
ONA advised that it received no unacceptable behaviour complaints during 2017–18 and it did not conduct any investigations into breaches under the APS Code of Conduct or any disclosures under the Public Interest Disclosure Act 2013. It noted that it launched a new unacceptable workplace behaviour policy and conducted staff education sessions.
DIO and AGO
2.96
The number of complaints received by DIO and AGO remained very low during the 2017–18 reporting period and neither organisation received allegations of APS Code of Conduct breaches. DIO and AGO staff also have access to several external avenues of complaint, including public interest disclosures. Neither organisation reported any instances of these avenues having been used during the reporting period.
ASIS
2.97
ASIS offers both internal and external channels which enable employees to raise complaints or seek advice. For example, external channels include the IGIS and disclosures under the Public Interest Disclosure Act 2013.
Complaints to the Inspector-General of Intelligence and Security
2.98
Under the Inspector-General of Intelligence and Security Act 1986, the IGIS may receive and inquire into complaints in respect of actions taken by intelligence agencies, including in relation to disclosures under the Public Interest Disclosure Act 2013.
2.99
During the 2017–18 reporting period, the IGIS received seven complaints and public interest disclosures in relation to DIO, AGO and ASD, primarily concerning employment matters such as recruitment and security clearances. All complaints were investigated and no evidence of illegality or impropriety was found.
2.100
In relation to ASIO, the IGIS received 279 complaints about security assessments for visa and citizenship applications, a 10 per cent increase on the previous year. The IGIS reported:
Unlike previous years when complaints were primarily concerned about delay in assessments relating to business or work visas, the largest number of complaints received during 2017-18 concerned citizenship applications (37 per cent in 2017-18 compared to 5 per cent in 2016-17).
2.101
The Committee discussed these complaints in further detail with both the IGIS and ASIO in a private hearing.
2.102
The IGIS also informed the Committee that it received 28 other complaints about ASIO—including four public interest disclosures—which covered a wide range of allegations, such as:
ASIO’s conduct of interviews with members of the public;
delays in returning goods seized under warrant;
delays in releasing information under the Archives Act 1983; and
2.103
All 28 complaints were investigated by the IGIS, resulting in ASIO returning seized items to two complainants and three complainants being granted employment-related security clearances.
2.104
The Committee heard that the IGIS received four complaints in relation to ASIS, including two public interest disclosures. One complaint took the form of an anonymous disclosure concerning maladministration, which provided insufficient information to be investigated—it was considered as part of IGIS’s inspection program. The remaining three complaints concerned employment or recruitment related matters. Of these, one complaint was considered immature as ASIS had offered the complainant an opportunity to express concerns through an internal avenue which had not been taken up.
2.105
The IGIS did not report any complaints having been made in relation to ONA.
2.106
The inspection and inquiry-related activities of the IGIS during the reporting period are summarised later in this chapter.
Accommodation
2.107
Agencies updated the Committee on accommodation arrangements. Most advice was either classified or given Dissemination Limiting Markers so cannot be discussed in this report.
2.108
During the reporting period, ASIS conducted business-as-usual accommodation related project works.
2.109
DIO reported that it conducted some refurbishment works on its accommodation. AGO noted various building works. ONA did not report any building works; rather it provided an overview of its accommodation arrangements. The Committee heard that ASIO’s property portfolio is large and complex.
2.110
ASD highlighted the successful relocation of the Australian Cyber Security Centre (ACSC) into a new facility at the Brindabella Business Park in Canberra. The $38.78 million new facility has been progressively occupied from late 2017 and has the capacity to accommodate 685 employees. According to ASD, the new facility enables ‘24/7 cyber security operations, workforce growth and greater engagement between government, industry and academia’. It was officially opened on 16 August 2018 by the then Prime Minister, the Hon Malcolm Turnbull MP.
2.111
ASD also updated the Committee on its R5/6 Infrastructure Upgrade Project for ASD’s headquarters. The 75.4 million project encompasses upgrades to emergency power generation capabilities, the extension and upgrade of the building foyer, security systems, cooling systems, fire protection systems, and on-site water storage. Building works commenced in March 2018 and are expected to be completed in June 2020.
Security matters
2.112
Security functions within the AIC agencies encompass physical, technical, administrative, ICT and personnel security. The Committee’s review of security matters included security procedures and policies, training, security breaches, e-security arrangements, physical security arrangements and security clearances.
2.113
Much of the evidence on security matters was classified. However, the Committee heard that agencies pursued various measures to enhance security during 2017–18, including:
reviewing and updating security policies and procedures to reflect changing government, intelligence community and risk environment;
undertaking physical and e-security audits and event logging;
reducing security vetting times through the allocation of additional resources;
promoting strong security culture through advice to staff, security issue briefings and encouragement to self-report breaches;
regular engagement and support with staff deployed overseas;
improving destruction and sanitisation processes for ICT hardware
regular reviews of staff clearances; and
offering foundational and refresher staff security training.
2.114
ASIO reported that it contributed to the update of the Protective Security Policy Framework (PSPF), led by the Attorney-General in 2018. It also coordinated AIC efforts to maintain related security policy.
Security breaches
2.115
Agencies informed the Committee of the number and nature of security breaches recorded during the reporting period and any action taken as a result. The details of security breaches are classified and cannot be included in this report. However, the Committee did discuss the breaches with agencies at a private hearing and is satisfied that they have not compromised national security classified material.
Security clearances
2.116
Employees across the AIC are required to secure and maintain an appropriate security clearance to perform their roles. The Committee invited agencies to provide an update on current procedures, timelines, delays and outsourcing arrangements associated with security clearances. Agencies reported on these matters in their submissions and in classified evidence to the Committee.
2.117
The Department of Defence provided an overview of the Australian Government Security and Vetting Agency’s (AGSVA) strategies to improve security clearance processing times, encompassing:
the prioritisation of different types of security clearances;
the replacement of the e-vetting security system with a modern alternative; and
adjustments to resourcing and staffing.
2.118
Defence noted that during the reporting period, AGSVA has significantly reduced security clearance processing times well ahead of the timeframe originally projected and the average processing time for a new positive vetting clearance now meets the benchmarked timeframe.
2.119
The Committee heard that DIO, AGO and ASD continued to work with AGSVA on positive vetting clearances and all three noted that the prioritisation of these clearances has allowed for strategic positions to be filled in a more expedient manner.
2.120
ONA, ASIS and ASIO conduct their own security vetting processes.
2.121
ONA advised the Committee that the timeframes for processing different categories of security clearances have varied this reporting period compared to previous years as the agency increases its workforce. It also noted that will adjust its approach to processing clearances to enable continuous improvement to its risk-management capability.
2.122
ASIS provided an overview of processing times for initial security clearances versus revalidation processes. It also reported on strategies to improve security clearance processing times and risk mitigation in relation to the clearances held by its workforce.
2.123
ASIO reported that in 2017–18 it completed 32,153 personnel security assessments, an increase of over 18 per cent from 2016–17. It received more than 3,000 requests for positive vetting clearances, an increase of 43 per cent from the previous year. This significant growth in demand for positive vetting clearances meant that ASIO was not able to process top secret positive vetting clearances within the timeframes agreed with AGSVA. However, it was able to meet AGSVA timeframes for negative vetting one and two security clearances.
Oversight, accountability and performance evaluation
2.124
The Committee requested that agency submissions address performance management and accountability, including any outcomes relevant to administration and expenditure for the reporting period.
2.125
There are a number of internal and external oversight and accountability mechanisms in place for each of the intelligence agencies to provide assurance to the Australian public of the legality and propriety of their activities. These mechanisms include:
Ministerial and Parliamentary accountability;
for ASIO, the Independent Reviewer of Adverse Security Assessments.
2.126
Agencies also regularly undertake, or are subject to, formal evaluations of their performance.
Ministerial authorisations and section 13B notices
2.127
Section 8 of the IS Act requires AGO, ASD and ASIS to obtain ministerial authorisation in order to undertake an activity for the purpose of producing intelligence on an Australian person or an activity that will, or is likely to, have a direct effect on an Australian person. The Minister specifies, in the form of a written direction, circumstances in which agencies must seek authorisation before undertaking other activities or classes of activities.
2.128
The Committee asked the relevant agencies to report on the number of ministerial authorisations issued (including class authorisations) and the number of activities undertaken under a ministerial authorisation, categorised by type.
2.129
AGO, ASD and ASIS provided information about the number of ministerial authorisations issued during the reporting period. Compared to the previous reporting period, ASD reported a slight increase in ministerial authorisations, AGO reported a slight increase in ministerial authorisations, and ASIS reported a slight increase in ministerial authorisations.
2.130
Section 13B of the IS Act enables ASIS to support ASIO by undertaking an activity or series of activities to produce intelligence on an Australian person or class of Australian persons without ministerial authorisation. ASIS reported on the number of section 13B notices received from ASIO in the three years to 2017–18. The number of section 13B notices is classified and cannot be reported by the Committee. However, across the three reporting periods the number of ministerial authorisations has decreased.
Performance evaluation
2.131
ONA collects qualitative and quantitative data to assess the quality of its work through:
engagement with the offices of the Prime Minister, ministers, and their departments;
feedback acquired through an annual survey of senior customers;
internal and IGIS reviews; and
analysing its reporting output data against the National Intelligence Priorities.
2.132
ONA also explained that it maps its intended results and performance measures against its Portfolio Budget Statement programs and activities.
2.133
ASIO establishes performance objectives for the forthcoming year in its corporate plan, in line with the requirements of the Public Governance, Performance and Accountability Act 2013. It monitors its performance against these objectives throughout the year and includes an assessment of whether objectives were met in an annual performance statement included in its annual report.
2.134
ASIO asserted that the effectiveness of its performance in 2017–18 was confirmed by stakeholder responses to its 2018 annual stakeholder survey. The survey was conducted by an independent reviewer who conducted 74 interviews with senior stakeholders from 65 federal, state and territory government bodies, industry and academia. The survey demonstrated that ASIO continues to be highly regarded as an ‘effective partner, offering high-quality and largely unique services’ and is perceived as a ‘highly creditable organisation’. Findings also noted that federal and state government and law enforcement found ASIO counter-terrorism advice to be of ‘high quality and very influential’ in efforts to disrupt terrorism. They also noted ASIO’s assistance to ensure the success of the protective security elements of the Gold Coast 2018 Commonwealth Games.
2.135
ASIO did identify two areas where its performance requires improvement. It assessed that it has ‘substantially achieved’ its objectives under measure 2(b) of its corporate plan, ‘national security partner agencies use our advice to disrupt and defend against harmful espionage, foreign interference and malicious insiders’. ASIO noted that it made this assessment in recognition that it has ‘performed well in most of the activities that contribute to this measure’, but is yet to achieve the benchmark timeframes for completing positive vetting security clearances. ASIO attributed increased processing times for positive vetting security clearances to increased demand for top secret positive vetting clearance staff.
2.136
ASIO also determined that it had ‘partially achieved’ performance measure 2(c) of its corporate plan, ‘we collect foreign intelligence in Australia that advances Australia’s national security interests’. ASIO suggested that increased demand for security intelligence had limited its ability to dedicate resources to collecting foreign intelligence in Australia:
… while our stakeholders valued our contributions in this area, we could not meet all of their requests to collect foreign intelligence.
2.137
ASD informed the Committee that it has established the ASD Audit and Risk Committee (ASDARC) as ‘a business improvement and assurance tool’. The ASDARC will improve enterprise-level risk management and will provide independent advice to the Director-General.
2.138
ASIS has both internal and external measures in place to assist it to evaluate its performance. DIO also described its performance management and evaluation processes.
Inspector-General of Intelligence and Security
2.139
The IGIS is an independent statutory office holder with responsibility for reviewing the activities of the AIC agencies. Throughout the reporting period, the Hon Margaret Stone occupied the position of IGIS.
2.140
The IGIS describes her purpose as:
… to provide assurance that each intelligence agency acts legally and with propriety, complies with ministerial guidelines and directives, and acts consistently with human rights.
2.141
The IGIS undertakes ongoing inspection and monitoring activities to identify where intelligence agencies have deviated from these standards and where remedial actions may be required. She has the power to inquiry into an agency’s activities, ‘either at her own motion, at the request of the responsible Minister, or in response to a complaint about an agency’s activities’.
2.142
The IGIS described her approach to this work as:
independent and impartial in the selection of matters for inspection or inquiry;
astute and informed of the security environment and each agencies’ operational approach;
measured in responding to errors and breaches made in a complex operating environment;
open about oversight activities to the extent permitted; and
influential in promoting a culture of compliance and leading improvements to agencies’ processes.
2.143
The role of the IGIS may expand in future as a result of the 2017 Independent Intelligence Review, described in chapter one of this report. Recommendation 23 of the review suggested that the enabling legislation of the Parliamentary Joint Committee on Intelligence and Security (PJCIS) should be amended to provide for:
… a provision enabling the PJCIS to request the Inspector-General of Intelligence and Security (IGIS) to conduct an inquiry into the legality and propriety of particular operational activities of the National Intelligence Community (NIC) agencies, and to provide a report to the PJCIS, Prime Minister and the responsible Minister…
2.144
However, the recommendation remained unimplemented at the conclusion of the 2017–18 reporting period.
2.145
The Committee sought a submission from the IGIS on any issues of administration and expenditure arising during the IGIS’s inspection and inquiry activities. The IGIS appeared at a private hearing, during which the Committee sought additional information on inquiries and other inspections conducted during the reporting period.
2.146
Agencies also informed the Committee about their interaction with the IGIS and her office throughout the reporting period.
Resourcing
2.147
During the reporting period, the IGIS began the ‘very substantial task’ of preparing for the extension of its remit as a result of the 2017 Independent Intelligence Review. The review recommended that the jurisdiction of the IGIS be extended to include oversight of the intelligence functions of the Department of Home Affairs, the Australian Federal Police (AFP), the Australian Criminal Intelligence Commission (ACIC), and the Australian Transaction and Reports Analysis Centre (AUSTRAC). Legislation to affect this change was still in drafting as of December 2018.
2.148
The IGIS reported that additional funding was allocated in the 2018–19 Federal Budget to expand her office to 55 employees and to relocate to new premises able to accommodate a larger workforce. As a result the office almost doubled in size since the previous reporting period and now comprises 27 staff.
2.149
The IGIS submitted that the expansion of her office has required significant internal recruitment and training resources, and the completion of ‘high level’ security clearance for new staff by AGSVA. She also noted that relocating involved the construction of a new high security facility and new ICT systems.
Major inquiries
2.150
The IGIS advised the Committee that she commenced two major inquiries into intelligence agency activities in 2017–18:
an inquiry into ASD reported breaches of section 7 of the Telecommunications (Interception and Access) Act 1979 (TIA Act); and
an inquiry into ASIO’s conduct and the details around a multi-faceted, multi-agency foreign intelligence operation led by ASIO in 2017.
2.151
The IGIS launched her inquiry into ASD on 30 May 2018 at the request of the then Minister for Defence. The inquiry is specifically examining the timeliness and adequacy of reporting by ASD to the IGIS and the Minister for Defence.
2.152
In its December 2018 submission to the Committee, the IGIS noted that it was drafting a report on its findings which it intended to share with ASD for procedural fairness, before providing a final report to the Minister for Defence and possibly the Attorney-General. The IGIS noted that the inquiry into ASD left fewer resources for other inspections of Defence-related activities.
2.153
The Committee discussed the IGIS’s inquiry and the circumstances giving rise to the reported breaches with representatives of ASD during a private hearing.
2.154
The IGIS commenced her inquiry into ASIO in February 2018, pursuant to section 8(1) of the Inspector-General of Intelligence and Security Act 1986 which establishes the Inspector-General’s authority to inquire into a range of ASIO functions. At the time of submission, the IGIS reported that the inquiry was ongoing and a final report will be provided to the Minister for Home Affairs.
Agency inspections
2.155
The IGIS continued its program of routine and targeted inspections during 2017–18. Inspections examined whether intelligence agencies acted in accordance with their statutory functions, complied with guidelines issued by the responsible Minister and their internal policies and procedures.
2.156
The IGIS reported that inspections focussed on the activities on ASIO, ASIS, AGO and ASD as the ‘intrusive powers and investigative techniques’ of these agencies means their intelligence collection activities are at risk of impacting the privacy of Australians. The IGIS explained that inspections have to be targeted in this manner due to the size disparity between the Office of the IGIS and intelligence agencies:
The size of the office compared to the size of the agencies the office oversees, combined with the breadth and complexity of the operations of intelligence agencies, means that the office has to be well informed to target our inspections activities to the areas of highest potential risk.
2.157
The IGIS provided an overview of inspection activities in an unclassified submission to the inquiry. Additional information was published in the Office of the IGIS annual report for 2017–18. Both documents highlighted IGIS concerns with ASIO record keeping and compliance matters.
ASIO record keeping and compliance matters
2.158
The IGIS submission asserted that ASIO record keeping is frequently inadequate and makes it difficult for compliance to be assessed:
ASIO inspections also frequently gave rise to concerns about inconsistent or inadequate record keeping and referencing. This meant that at times it was difficult for the office to assess compliance with legislative requirements, internal policies and procedures.
2.159
The IGIS also noted that ASIO maintains a decentralised compliance framework and asserted that ‘ASIO’s approach to compliance is inconsistent’. The IGIS contrasted ASIO’s decentralised approach with the internal compliance units maintained by ASIS, DIO, AGO and ASD which perform a ‘key role in training [each organisations’] staff about legal and policy requirements, and investigating, reporting and remediating instances of non-compliance’.
2.160
The IGIS also referred to several specific record keeping and compliance issues within ASIO operations identified through inspections in 2017–18, including:
non-compliance with legislative reporting requirements under section 17 of the TIA Act which requires ASIO to furnish the Attorney-General with a report describing how a warrant assisted it to carry out its functions;
the possible inappropriate use of telecommunications service warrants under section 9 of the TIA Act where ‘named person’ warrants under section 9(A) of the TIA Act may have been more appropriate;
the omission of ASIO to provide its Minister with the information necessary for them to annually consider revoking certificates withholding notices of adverse security assessments from the subjects of those assessment, as required by section 38(7) of the Australian Security Intelligence Organisation Act 1979 (ASIO Act); and
breaches of section 7 of the TIA Act which caused the interception of services to and from a communications service without proper warrant authorisation.
2.161
The IGIS expanded on these issues in its annual report and reflected that:
Deficiencies in record keeping were evident in almost all areas inspected in ASIO during the reporting period.
2.162
However, the IGIS acknowledged that ASIO did commence several measures to improve record keeping during the reporting period. It also noted that ASIO’s senior leadership have committed to making further improvements.
2.163
ASIO reiterated its commitment to addressing these issues in its submission to the Committee:
Consistent with our commitment to acting with legality and propriety, we are taking steps to address areas identified by the IGIS in 2017-18 as requiring improvement and further attention.
2.164
The Committee discussed these matters further with both the IGIS and ASIO during a private hearing. ASIO representatives informed the Committee that it undertook an internal review of compliance towards the end of 2017 which resulted in the establishment of a ‘centralised compliance function’ in the first half of 2019. ASIO representatives also noted that policies have been streamlined to simplify the sources of advice available to its staff and staff are now required to complete mandatory training every few years to ensure their understanding of policy is current.
2.165
ASIO representatives also addressed the other record keeping and compliance matters raised by the IGIS submission, explaining the circumstances informing each issue and outlining changes in practice to avoid further issues.
2.166
The IGIS informed the Committee that her office continues to liaise with ASIO in relation to record keeping and compliance matters:
We’ve continued to engage with ASIO in relation to our concerns in these areas, and I’m pleased to report that progress has been made. In particular, ASIO has recently established a centralised compliance team, assisted by a recommendation to this effect arising from our recent inquiry. It will take time before we see an improvement across the board, but I’m optimistic that there will be a reduction in the types of concerns we reported in our submission.
Independent Reviewer of Adverse Security Assessments
2.167
ASIO furnishes security assessments of individuals to Commonwealth agencies in accordance with the ASIO Act. A security assessment may be adverse, qualified or non-prejudicial.
2.168
The Independent Review of Adverse Security Assessments conducts reviews of ASIO adverse security assessments (ASA) furnished to the Department of Home Affairs on non-citizens who remain in immigration detention and have been found by the department to:
be owed protection obligations under international law; and
be ineligible for a permanent protection visa or who have had their permanent protection visa cancelled because they are the subject of an ASA.
2.169
Mr Robert Cornall AO continued serving as the Independent Reviewer throughout the reporting period and was reappointed for a further two years in March 2019.
2.170
The Independent Reviewer performs the functions outlined by examining:
all information ASIO relied on in making an ASA, as well as any other relevant material, such as submissions or representations made by the subject of an ASA; and
the overall security environment, which is informed by ASIO’s assessment of security threats and any changes to the circumstances or ideology of the individual subject to an ASA during their time in detention.
2.171
The Independent Reviewer may examine an ASA after it is issued and every 12 months for its duration.
2.172
ASIO advised the Committee that no matters fell within the Independent Reviewer’s terms of reference during the reporting period and no matters were referred for review. It also noted that ASIO undertakes internal reviews of ASAs of its own volition and these reviews have resulted in ‘a number of adverse assessments being replaced with a qualified or non-prejudicial assessment’. ASIO submitted that, as a result, those cases no longer come within the Independent Reviewer’s terms of reference.
Independent National Security Legislation Monitor
2.173
The Independent National Security Legislation Monitor (INSLM) is appointed under the Independent National Security Legislation Monitor Act 2010 on a part time basis for a term of up to three years. Dr James Renwick CSC SC was appointed as the INSLM by the Prime Minister in early 2017 and will serve until 30 June 2020.
2.174
It is the INSLM’s responsibility to:
… independently [review] the operation, effectiveness and implications of national security and counter-terrorism laws; and considers whether the laws contain appropriate protections for individual rights, remain proportionate to terrorism or national security threats, and remain necessary.
2.175
The INSLM tabled the following reports during 2017–18:
Independent National Security Legislation Monitor Annual Report 2017–2018, completed 2 April 2019;
Review of Division 3A of Part IAA of the Crimes Act 1914: Stop, Search and Seize Powers, completed 5 March 2018;
Section 119.2 and 119.3 of the Criminal Code: Declared Areas, completed 5 March 2018; and
Review of Divisions 104 and 105 of the Criminal Code (including the interoperability of Divisions 104 and 105A) Control Orders and Preventative Detention Orders, completed 5 March 2018.
2.176
The INSLM continued his ongoing review of the prosecution and sentencing of children for Commonwealth terrorism offences, referred by the then Prime Minister, the Hon Malcolm Turnbull MP in late 2017.
2.177
As already noted, an unclassified version of the Independent Intelligence Review final report was released by the Prime Minister in July 2017. The report included recommendation 23, which seeks to strengthen the operation of the PJCIS by recommending that its enabling legislation be amended to provide for:
… provisions enabling the PJCIS to request a briefing from the Independent National Security Legislation Monitor (the Monitor), to ask the Monitor to provide the PJCIS with a report on matters referred by the PJCIS, and for the Monitor to provide the PJCIS with the outcome of the Monitor’s inquiries into existing legislation at the same time as the Monitor provides such reports to the responsible Minister…
2.178
This recommendation remained unimplemented at the conclusion of the reporting period.
Public relations
2.179
The Committee requested agencies address public relations and public reporting in their submissions, including requests for public access to records.
2.180
ASIO noted that its Director-General of Security and Deputy Director-Generals are publically identified ASIO Officers and undertake public appearances on the agency’s behalf through media responses, public speeches, appearances at parliamentary hearings, public seminars and conferences. For example, on 3 May 2018, the Director-General of Security participated in the University of New South Wales’ Meet the CEO Interviews.
2.181
ONA highlighted their website as its conduit for public relations. During the reporting period it attracted 51,973 views from 31,768 visitors, an increase of 10.36 per cent and 14.24 per cent respectively from the 2016–17 reporting period. ONA also contributed to several publically release reports and responded to Senate Orders and parliamentary questions.
2.182
ASD noted that throughout the reporting period, media requests relating to ASD continued to be coordinated through the Department of Defence’s Ministerial and Executive Coordination and Communications Division. A total of 39 media queries were responded to relating to ICT contracts, intelligence leaks, cyber security incidents, strategic arms control and the Australian Cyber Security Centre.
2.183
ASD also highlighted its public relations role as ‘the Commonwealth technical authority on cyber and information security’. In this capacity, ASD works to raise awareness of information security issues. For example, in April 2018, ASD led the Australian Cyber Security Centre Conference which incorporated two days of presentations, workshops and training from over 100 speakers and 75 sponsors and exhibits, and was attended by 1,600 delegates from Australia and overseas.
2.184
ASIS does not have a public relations function. However, Mr Symon, Director-General of ASIS did inform the Committee that he provided his first public interview ever when he appeared on Allan Gyngell AO FAIIA and Darren Lim’s podcast Australia in the World. Mr Symon’s noted that he may provide further public interviews in future.
2.185
DIO reported that it did not undertake any media liaison activities or public engagements during the reporting period. However, it did publish its Defence Economic Trends in the Asia-Pacific 2017 on its website.
2.186
AGO advised that it responded to four media requests during the reporting period.
Requests for access to public records
2.187
ASIO and ASIS are exempt from the Freedom of Information Act 1982, but are subject to the release of records under the Archives Act 1983 (Archives Act), which enables the public to access Commonwealth records during an ‘open period’. Pursuant to section 40 of the Archives Act, any member of the public can request access to government records once they fall within the open period. In accordance with changes to the Archives Act implemented on 1 January 2011, the open period is currently transitioning from 30 years to 20 years. The open period currently encompasses all records created before 1996.
2.188
The Archives Act operates on the basis that as much information should be released as possible. Most records within the open period are eligible for public access and 98 per cent are wholly released. Very small percentages (less than .25 per cent) are wholly withheld because they consist of exempt information, as defined in section 33 of the Archive Act.
2.189
Under section 43 of the Archives Act, applicants for records may launch an appeal with the Administrative Appeals Tribunal (AAT) if their application is not processed within 90 days, or if the material they requested is found to be exempt. Under section 42 of the Archives Act, applicants can also request the National Archives of Australia to review a decision regarding the release of documents, known as ‘internal reconsideration’.
2.190
According to ASIO, 345 applications were made for access to its records during the reporting period and 310 requests were completed. Each request resulted in the examination of thousands of pages of material. This is down from 484 applications in 2016–17 and 473 applications in 2015–16. No new applications to the AAT were launched and seven internal reconsiderations occurred, with the National Archives upholding ASIO’s decisions in each case.
2.191
ASIS advised that it responds to requests for access to records under the Archives Act. The number of requests and the volume of material involved varies from year to year.
2.192
ONA informed the Committee that is received slightly fewer requests to access records under the Archives Act in 2017–18 than during the previous reporting period. It also noted that it is cooperating with other agencies to release records as part of larger projects.
2.193
DIO reported that it received 46 ‘referrals to examine classified information’ during the reporting period and that it processed and completed 25 of these requests. DIO also noted it diverted resources from processing routine requests in order to identify and provide relevant records to an Australian War Memorial project compiling an official history of Australian operations in Iraq and Afghanistan and Peacekeeping Operations in East-Timor. DIO also engaged ADF reserve personnel to assist with the increased workload and, by mid-2018, had provided 1,796 documents to the history project.
2.194
ASD advised that it reviews all requests made under the Archives Act for records containing ‘signals intelligence and cyber security material’. During the reporting period it received requests for 13 records, three of which were later cancelled and five which were completed. These requests resulted in two records being released without redactions, five released with redactions and one record being exempted from release. ASD reported that it is still examining the remaining records, some in consultation with foreign governments.
2.195
ASD also updated the Committee on the outcomes of 26 requests outstanding from the 2016–17 reporting period. It reported that two requests were cancelled, three were released without redactions, five were released with redactions and one was exempt from release. The remaining requests are still being processed.
2.196
ASD also noted that two requests outstanding from the 2015–16 reporting period were completed and records were released with no redactions.
2.197
The Committee heard that a significant proportion of the requests for records received by some intelligence agencies originated from a small number of applicants, not necessarily based in Australia. Indeed, one agency reported that it has spent over $1.5 million since 2011 processing requests and defending appeals in the AAT and court relating to a single applicant. The Committee heard estimates that across intelligence agencies, the Australian Government spent over $1 million solely on legal costs relating to this same applicant.
2.198
The Committee was informed that appeals processes relating to decisions taken not to release records have not typically resulted in the release of additional information. To date, the AAT has upheld intelligence agencies determinations that specific types of information are too sensitive to be released without risking significant damage to Australia’s security, defence or international relations. It was suggested to the Committee that the current process of compiling and reviewing relevant records, and deciding whether to release them, and then defending appeals against these decisions is time consuming, resource intensive, expensive and results in the release of very little, if any, new information. Further, the Committee was provided with evidence that additional, more serious consequences can arise from this process.
2.199
Possible reforms to the Archives Act were suggested to address these issues, including the introduction of:
a class-based exemption for particular types of intelligence, for example, documents produced by foreign intelligence agencies; and
longer ‘closed access’ periods for sensitive information relating to national security.
2.200
The Committee was also made aware that some feedback in relation to these issues has been provided to the ongoing review of the legal framework governing the national intelligence community, being led by Mr Dennis Richardson AO. The review is expected to deliver a report detailing its findings and recommending reforms to the Australian Government by the end of 2019.
Committee comment
2.201
The Committee has reviewed the administration of the six intelligence agencies for the 2017–18 financial year and is generally satisfied that they are overseeing their administrative functions effectively.
2.202
It was clear to the Committee that agencies remain cognisant of the evolving security and technological environment in which they operate. To varying degrees, all agencies reported that they are examining and reforming their strategic priorities, technical capabilities and organisational structures to ensure they remain relevant and highly effective into the future. ONA and ASD are preparing to transition to new roles within the intelligence community as a result of the recommendations of the 2017 Independent Intelligence Review. ASIO has adjusted to a new portfolio and additional legislation; the Department of Defence is consolidating its geospatial functions within AGO and maintaining DIO’s capabilities; and ASIS is pursuing several reform activities.
2.203
The national intelligence community is expanding with all agencies reporting larger workforces and slightly lower separation rates. Some agencies noted plans for further recruitment. The Committee would like to see agencies leverage these opportunities to continue their focus on increasing the diversity of their workforces.
2.204
Adequate accommodation is presenting a challenge for several agencies. However, the Committee is satisfied that work is underway to address these issues.
2.205
Workforce training and development remains a shared focus across agencies. The Committee is pleased to note that ONA has begun work to profile skills gaps and the learning and development needs across the intelligence community as it transitions to ONI and takes up its enterprise management mandate.
2.206
In the Committee’s view community-wide training and development programs have the potential to increase understanding and connections between agencies, enhance staff mobility, reinforce fundamental skills and capabilities, and deliver cost efficiencies. The Committee considers ONA’s focus on leadership training timely, as multiple agencies negotiate significant periods of transition.
2.207
The Committee would like to see the Australian Government support training and development programs across the national intelligence community as the broader recommendations of the 2017 Independent Intelligence Review are implemented. It believes that ONI, with its expanded, enterprise-wide remit will be well placed to oversee such programs.
2.208
The Committee recommends that the Australian Government ensure that the Office of National Intelligence is adequately resourced to facilitate national intelligence community-wide learning and development programs with a focus on:
fostering a shared understanding of the community and increased staff mobility across agencies; and
strengthening fundamental skills and capabilities.
2.209
The Committee was also pleased to receive evidence that security clearance processing times have decreased since the last reporting period and are projected to continue to improve, despite ongoing recruitment amongst agencies.
2.210
The Committee considers it appropriate that the Office of the IGIS almost doubled in size during the reporting period and has plans for further recruitment, new premises and modern ICT systems. The Committee is satisfied that the IGIS will be well positioned to oversight the intelligence functions of the Department of Home Affairs, the AFP, ACIC and AUSTRAC when legislation expanding its remit is introduced and passed by the Australian Parliament.
2.211
The Committee received a detailed briefing from the IGIS covering her inquiry and inspection activities throughout the reporting period. It was concerned to hear of ASIO’s ongoing record keeping and compliance issues, but heartened to hear a firm commitment from ASIO’s senior leadership to address these issues, including through the implementation of a centralised compliance function. The Committee will re-examine these matters, and seek further briefings from the IGIS, during its review of administration and expenditure for the 2018–2019 financial year.
2.212
All six intelligence agencies undertook some public relations activities throughout the reporting period, albeit in a necessarily limited capacity. Of particular note was the first public interview of a Director-General of ASIS with Mr Symon’s participation in a podcast. While the Committee appreciates the need for agencies to maintain a low profile, it equally believes they have an important role to play in increasing community understanding of security matters and initiatives being pursued to counter violent extremism and foreign influence. It commends agencies for pursuing public engagement to the extent that it is appropriate.
2.213
At the Committee’s request, each agency provided data about the number of requests for access to records under the Archives Act received and processed during the reporting period. The Committee was disquieted to hear of disproportional impact a small number of applicants are having on agencies’ resources by requesting significant volumes of information and appealing decisions with the AAT and the court system.
2.214
The Committee supports the increased transparency which accompanies public access to historical records. However, it is also mindful that transparency must be balanced with preserving the confidentiality of sensitive information and with the efficient use of public resources.
2.215
In the Committee’s view, the current resourcing impact of the Archives Act on intelligence agencies is both undesirable and unsustainable. As are the more serious risks arising from agencies defending a decision not to release sensitive material within the AAT or the court system.
2.216
The Committee is aware that these matters may be addressed through the ongoing review of the legal framework governing the national intelligence community. However, until such time, the Committee will continue to consult with intelligence agencies during its annual review of their administration and expenditure to consider possible reforms to the Archives Act with a view to ensuring:
that agencies are appropriately resourced to manage requests made under the Archives Act; and
that the provisions of the Archives Act strike the right balance between promoting transparency and protecting sensitive information with national security implications.