CHAPTER 2

Navigation: Previous Page | Contents | Next Page

CHAPTER 2 Conceptualising 'criminal intelligence'

2.1 On 17 May 2012, the Minister for Home Affairs and Minister for Justice, The Hon. Mr Jason Clare MP stated that '96 per cent of drug seizures come from intelligence from law enforcement agencies before the parcel or container even arrives in Australia'.[1] Recognised as an 'integral part of the fight against crime', criminal intelligence leads to seizures of illegal goods and arrests of criminals'.[2] Furthermore, criminal intelligence can:

...enhance national understanding about what criminal activities and illicit markets are impacting on Australia, who is committing these nationally significant crimes, and the nature of potential future threats.[3]

2.2 Effective and meaningful sharing of information across agencies and jurisdictions is critical to the production of useful, accurate and timely criminal intelligence which is the 'lifeblood of any effective response to serious and organised crime'.[4] However, challenges in relation to criminal intelligence came to prominence in 2008 when the National Security Statement expanded the concept of national security to include serious and organised crime for the first time. This expansion coincided with a growing body of evidence highlighting the need for greater consistency in information management arrangements across the Commonwealth and state and territory jurisdictions to address organised crime.[5]

2.3 The 2008 Review of Homeland and Border Security (which informed the 2008 National Security Statement) noted the following in relation to serious and organised crime:

The current arrangements for coordinating Commonwealth efforts and priorities are limited. There are some gaps in national efforts, such as limited sharing of police capabilities and case management databases, and more attention could be given to criminal intelligence collection and analysis. A strategic framework for Commonwealth efforts in relation to serious and organised crime should be developed for consideration by government.[6]

2.4 The 2008 National Security Statement echoed these concerns and identified the need for a national security framework which would provide for enhanced coordination across Commonwealth agencies.[7] Fragmentation across intelligence communities and siloing of intelligence into 'policing', 'national security' or 'private sector' intelligence were some of the challenges identified.[8] Following the security statement, Mr John Lawler, Chief Executive Officer (CEO) of the ACC, the 'national criminal intelligence agency', noted that 'we are aligning the ACC Board approved national criminal intelligence priorities with the broader national intelligence priorities'.[9]

2.5 In 2009 and 2010, a series of policy documents were developed to enable a comprehensive response to serious and organised crime of which the November 2009 Commonwealth Organised Crime Strategic Framework (OCSF) is the primary document. The OCSF outlines the key threats from organised crime and provides a framework for a whole of government response to address them. The ACC was involved in the development of the framework. According to the Attorney-General's Department (AGD), sharing intelligence is the 'central plank of the OCSF' and a vital part of the fight against organised crime.[10]

2.6 While much has been achieved in developing cooperative relationships, governance frameworks and information sharing arrangements between Commonwealth, state and territory agencies involved in the fight against serious and organised crime since the establishment of the ACC, serious issues and challenges remain. Evidence to the committee has highlighted a series of legislative, technological, conceptual, methodological and cultural impediments to achieving an integrated intelligence sharing system underpinned by a common agenda.

Definition of 'criminal intelligence'

2.7 The committee found that there is no commonly agreed definition of 'criminal intelligence'. The Australian Crime Commission Act 2002 (ACC Act) includes no definition of 'criminal intelligence'. While a 'healthy discussion persists' amongst practitioners and others about the role of intelligence and intelligence analysis, 'we seem no closer to identifying what intelligence means more broadly now, a decade on from 9/11'.[11]

2.8 Divergence in agreement and lack of clarity regarding a definition of criminal intelligence and what it entails has contributed to varying expectations about the purpose of criminal intelligence. This is reflected in the range of approaches to the gathering, use and sharing of information and intelligence across Commonwealth, state and territory jurisdictions. The committee set out to understand and compare information management systems and the processes applied by all involved agencies and the methodologies and approaches underpinning them. In pursuing this approach, the committee raised key questions about what distinguishes intelligence sharing from information sharing and the unique legislative, technological, resource or cultural challenges to sharing intelligence as opposed to sharing information.

2.9 In seeking to establish clarity about how information and intelligence is gathered, used and shared across Australian jurisdictions and the challenges and shortcomings in doing so, the committee found that many witnesses did not differentiate the challenges in sharing intelligence and sharing information.[12] Others highlighted the importance of a two-way flow of information and intelligence as explained by Mr Mark Burgess of the Police Federation of Australia (PFA): [13]

It works both ways. I use the example of a police officer who goes to what might generally be a minor incident but makes an intelligence report about that incident, perhaps relating to cars or individuals who were there. That little bit of information could perhaps link to a major investigation that is taking place—for example, a motor car outside a house that has not previously been linked to that location. That could help someone who is working on a major organised crime investigation at the level of the ACC, AFP or senior levels of police. So it does work both ways. The police and the agencies at the higher level will rely very heavily on information that will come in at the bottom level of police agencies and find its way up.[14]

Defining 'criminal intelligence' and its purpose

2.10 The committee established that there is broad agreement that criminal intelligence is information that is 'collected about crime and criminals and evaluated, analysed and disseminated'.[15] In practice, therefore, intelligence-led investigations are distinct from traditional policing to the extent that the former considers the wider pattern of criminal behaviour in order to pre-empt criminal activity, rather than react to it. Traditional policing has the latter focus on solving specific crimes.

2.11 The committee received evidence which asserted that intelligence is:

information that has been validated and value-added;[16]
information that has been analysed;[17] and
not evidence.[18]

2.12 Mr Ben McDevitt, the ACC's State Manager for Queensland explained that intelligence is usually an assessment rather than fact. As it is both unproven and often more complex than information or raw data, it requires more stringent protective security arrangements. The recently released Australian Criminal Intelligence Management Strategy which details the Australian Criminal Intelligence Model (ACIM) offers the following insight. It recognises 'criminal intelligence' as:

...insights and understanding obtained through analysis of available information and data on complex offending patterns, serious organised crime groups or syndicates and individuals involved in various types of criminal activity.[19]

2.13 While the process of intelligence gathering is different to that of information gathering, what distinguishes intelligence from information is the process of evaluation and analysis as articulated by the United Nations Office on Drugs and Crime:

INFORMATION + EVALUATION = INTELLIGENCE.[20]

2.14 As many stakeholders did not distinguish information from intelligence, the committee asked the ACC to provide a definition of intelligence as distinct from information. The ACC provided the following definition of information:

Information may be described as discrete pieces of data that may take the form of individual or collective numbers or text. When different types of allied information are synthesised they act as important building blocks in the intelligence process and are a critical precursor to an intelligence output (or product).[21]

2.15 In contrast with information, intelligence is defined by the ACC as both a process and an output (product):

As a process, intelligence involves the collection, processing, integration, evaluation, interpretation and analysis of available information. This process––typically referred to as the intelligence cycle––transforms information into insight or understanding using analysis, critical thinking and problem solving skills.
As an output, intelligence is obtained through the observation, investigation, analysis and understanding which is then developed into a product and disseminated to support different levels of decision-making, which can be strategic, operational or tactical.[22]

2.16 The ACC concluded that information is generally unprocessed, static and unique whereas intelligence is evaluated, dynamic, client focused and appropriately classified. In terms of an intelligence cycle and the interplay between information and intelligence, the ACC noted that:

Information comes from a breadth of sources that are unclassified and classified as the starting point from which intelligence advice is generated. Creating and delivering intelligence involves the application of the intelligence cycle and analytic techniques which value-add to the information. Intelligence must answer a key intelligence question and provide decision makers with an advantage.[23]

2.17 Intelligence is a complex concept because it can be described as advantage, insight or understanding on a current or future criminal threat, methodology, vulnerability or opportunity which is developed through the analysis of available information and provides direction for action. For this reason, its purpose can vary. It can target 'highest risk criminal targets and markets' as well as 'market and sector vulnerabilities open to exploitation by organised crime'.[24] More broadly, it can improve the 'quality of tactical, operational and strategic decisions involving infinite resources'.[25] In the realm of serious and organised crime, criminal intelligence is the 'edge by which law enforcement collectively seeks to maintain the upper hand in countering criminal enterprise'.[26] According to the ACC, all intelligence products 'must have a client driven intelligence question, or gap on an unknown emerging threat, that is being answered, and a purpose'.[27] At the same time, the extent to which criminal intelligence is used effectively is a reflection of various elements including how well the intelligence functional process is integrated into an agency's operations.[28]

Scope of information and complexity of the intelligence landscape

2.18 The scope, volume and breadth of information generated and shared across law enforcement and Commonwealth agencies is reflected in the following evidence to the committee:

1382 requests for disclosures from law enforcement agencies were received by the Australian Taxation Office (ATO) in 2011 which also provided 100 self-initiated disclosures to other agencies. The ATO is currently experiencing a 22 per cent increase in the number of requests from law enforcement agencies.[29]
451 039 information and intelligence products were uploaded onto the ACC managed national Australian Criminal Intelligence Database (ACID) during 2010–11. During the same period, there were 2775 active users of ACID who conducted nearly 560 000 searches for information.[30]
1.7 million individual searches of companies and corporate activity were conducted on the Australian Securities and Investments Commission (ASIC) database in 2010 by agencies including the Australian Prudential Regulation Authority (APRA), Australian Transaction Reports and Analysis Centre (AUSTRAC), ACC, Australian Customs and Border Protection Service (ACBPS), ATO, Commonwealth Director of Public Prosecutions (CDPP) and AFP.[31]
Over 200 million transactions were carried out on the AUSTRAC database by 40 agencies legislated to access AUSTRAC's holdings of financial information and intelligence through its online system. AUSTRAC also disseminates 1400 value-added intelligence products annually and manages approximately 46 agreements with international jurisdictions to exchange information.[32]
Approximately 74 per cent of AFP information reports were provided to the ACC.[33]
An average of 16 000 requests for information are received by the Queensland Police Service annually.[34]
200 000 information reports were transferred by the NSW Police Force to the ACC in 2010 creating over one million new entities on ACID.[35]
50 000 items of information and intelligence were provided to ACID by the Tasmania Police over eight months in 2012.[36]

2.19 These impressive statistics support the view that the level of cooperation and interoperability across the various jurisdictions and Commonwealth agencies is the 'best it has ever been in the history of law enforcement in this country'.[37] The volume of information alone demonstrates that Commonwealth, state and territory law enforcement agencies recognise the value of information sharing.[38] Further, recent initiatives to establish coordinating bodies, committees and groups to identify and work through challenges to information and intelligence sharing is testimony to a genuine willingness to improve intelligence sharing practices.[39]

Intelligence approaches, models, systems and expectations

2.20 The committee noted the substantial contribution of the ACC to the criminal intelligence context and growing commitment of Commonwealth, state and territory law enforcement agencies to gather and share intelligence. However, evidence to the committee also highlighted the extent to which the national criminal intelligence landscape remains a patchwork of models and systems. This has contributed to a context in which, as Mr Lawler explained:

...we are not always as well informed as the criminals we confront. It is true that we need to be smarter about how we share intelligence and more systematic and fulsome in that sharing process.[40]

2.21 The challenges for involved agencies in establishing an interoperable national criminal intelligence system are exemplified by the fact that criminal intelligence is currently stored in more than 30 systems operated by Australian law enforcement, policing, national security and other government agencies. These systems have limited interoperability.[41] Other challenges include the difficulties of working across different jurisdictions and legislative frameworks. Rather than have no meaning to organised criminal groups, geographical borders and state boundaries and differences in their respective legislation are exploited as loopholes.[42] At the same time, the wider population is becoming more transient, as evidenced in the Northern Territory where 50 per cent of the registered population do not reside permanently within the territory.[43] These issues demonstrate the need for a consistent criminal intelligence model, system and approach that can be applied and used across the country.

2.22 At the same time, greater sophistication of significant criminal activity has driven agencies such as ASIC and the ATO into playing an increasingly central role in the investigation and disruption of serious and organised crime. The primary customer of AUSTRAC intelligence, for example, is the ATO.[44] However, given the fluidity and rapidly changing intelligence landscape, ASIC argued that its ability to give and receive intelligence has 'overtaken our legislated ability to a certain extent'.[45]

2.23 The committee was informed that while a range of initiatives and measures have improved the ability of involved agencies to collaborate, information sharing between the ACC and other agencies has been a problem for a significant period of time.[46] It was argued that the current criminal intelligence model is 'largely based around goodwill, with agencies contributing where they feel it appropriate, based on their own decision-making'.[47] Even where concepts are universally agreed, such as with the establishment of a national DNA database, application across jurisdictions differs.[48] At the same time, the technology underpinning Australia's national criminal intelligence holdings or ACID and the Australian Law Enforcement Intelligence Network (or ALEIN) is out-of-date and may require, according to the ACC's CEO, 'potentially complete replacement'.[49]

2.24 The lack of a consistent, nationally recognised definition of 'criminal intelligence' has contributed to varying expectations, standards and approaches across jurisdictions which has resulted at times in the duplication of effort.[50] This situation coupled with limited interoperability across intelligence databases and systems, has created a patchwork of intelligence systems, approaches and models.

2.25 In order to meet the expectations of governments and communities regarding policing and community safety, better methods and interoperable systems to exchange information in a timely manner across all jurisdictions are needed.[51] Many stakeholders also recognise the need to address the siloing of intelligence brought about by the separation of policing from the national security, and serious and organised crime domains.

2.26 Mr Patrick Walsh emphasised the importance of a national intelligence model supported by national interoperable repositories of criminal intelligence:

If you do not have a system that can adapt as the criminal environment adapts so that we are able to collect this intelligence at the state, local and federal regulatory agencies, if you do not have that baseline of some of these emerging threats—wherever it is—then how do you know what the environment is going to look like tomorrow...how do you know whether that is the door we should be bashing down tomorrow. Or, we should not be bashing that door down; we should be looking over at this area of the criminal environment to see that something is coming over our heads, and we are not aware of it because we do not have the storage capacity to have that information and we do not have a way to easily retrieve and analyse that information in real-time. So, it is critical that we develop a national intelligence model, which is underpinned by good systems products, by good information products. We have never quite got there in Australia, with that.[52]

2.27 The extent to which the ability, desire and means to share criminal information, let alone intelligence are hamstrung by legislative restrictions, cultures, resource challenges and technological impediments is the subject of Chapter 4 of this report.

Navigation: Previous Page | Contents | Next Page