Internet Jobs

Electronic surveillance law reform a step in the right direction

Electronic surveillance law reform a step in the right direction
Written by publisher team

The framework governing electronic surveillance by Australia’s policing and intelligence agencies is undergoing major reforms. There have long been calls for such an overhaul given the significant changes in the way we communicate since the first of these laws was passed in 1979. However, developing a new, concise, ‘streamlined’ and ‘future-proofed’ act that lets security Agencies do their jobs without excessively compromising Australians’ right to privacy is a task complicated by the equal compelling prioritisation of the security concerns of federal agencies and the privacy concerns of civil society.

In December last year, the Department of Home Affairs invited public submissions on a discussion paper about the planned operational reforms at a granular, level. The paper shows a genuine commitment to regulating agency powers and actions in accordance with both sides of this argument. But while government agencies and industry are engaged at a detailed, operational level with how the reforms will work in practice, the civil-society debate remains overwhelmingly a high-level conceptual discussion about security and what a rights-based approach looks like in theory.

The public only really appreciates the overarching themes and values ​​of security and privacy and the prospect of Orwellian state power. This is likely (at least in part) because getting across the former Australian Security Intelligence Organization chief Dennis Richardson’s 2020 review of the legal framework of the national intelligence community, the government’s response and the Department of Home Affairs paperwork on it means wading through a whopping 1,485 pages combined—and each document requires significant sectoral knowledge and time to fully understand.

The three acts set to be repealed and replaced are the Telecommunications (Interception and Access) Act 1979parts of the Australian Security Intelligence Organization Act 1979 and the more recent Surveillance Devices Act 2004.

Technological advancements have made communication faster, cheaper, more convenient and in some cases more private. But in doing so, it has also made policing more difficult, particularly due to the popular use of encryption and anonymisation software.

The current laws have not proven adaptable to the new operational and legal challenges resulting from these iterative advancements and the ways criminals have exploited new technology. A host of quick-fix attempts through amendments has succeeded only in creating a ‘patchwork of overlapping, and at times inconsistent and incompatible parts,’ according to Home Affairs’ discussion paper.

This makes it difficult for law enforcement to frustrate and prosecute organized violent crime activities like drug trafficking, child sexual exploitation, and the recruitment, financing and organization of violent attacks. With an archaic legal framework supporting operations, it’s become hard to deliver security outcomes without compromising civil liberties.

As a result, Richardson’s review recommended that the relevant laws be scrapped and replaced with an entirely new, fit-for-purpose act.

This imperative is the result of three key developments since the laws were passed: how we communicated, how the associated industry and infrastructure works, and how organized crime is, for want of a better word, organised.

First, telecommunications has completely transformed since the original laws were passed. Communication is no longer unprotected, point-to-point and with clear endpoints. The internet and over-the-top messaging services such as WhatsApp and Signal, which provide communications services over data and may encrypt those communications, have reduced the ability of security agencies to legally monitor criminal activity under the current framework.

End-to-end encryption of the entire communications channel and anonymisation software that hides the user’s identity have made policing more difficult. Even if law enforcement agencies can legally ‘tap the line’, they can’t see the content, and even if they can see the content or see that two devices are communicating, they can’t necessarily identify the individuals communicating.

For a long time, the telecommunications infrastructure that this data runs across hasn’t been fully government owned and controlled. The physical components and electronic layers of communication are now likely to have multiple owners. Whereas a telephone company used to have all your records, you can now use your mobile phone to connect to wi-fi and then to an application providing over-the-top messaging services.

Private industry now contributes to decision-making and regulation, bringing necessary considerations about market forces and consumer confidence. The government understands the importance of this contribution and wants it to continue, which means that industry also plays an active role in the legal, and implementation aspects of this national security issue.

Telecommunications has evolved from fixed-line telephones to smartphones, and communication over the internet (and all the hidden infrastructure that makes it work) has become more complex. As part of the reform process, industry providers are rightly being engaged on the implementation issues most pressing for them, generally regarding compliance costs, feasibility and the administrative burden for companies and government agencies. But the expectations the public has of industry responses to these reforms are complicated by the fact that Australians are now both citizens with a right to privacy and clients willing to pay money. We may choose providers based on the privacy and the security they can offer.

Transnational and serious organized crime groups have exploited the privacy and ease of communications that technology can provide within and between criminal groups in Australia and internationally. Through these new ways of communicating, organized crime has been able to leverage the increasing interconnectedness of nations’ imported and societies at a global level elevate its business models from regional to global in terms of supply chains and target markets.

The development of a new act is a step in the right direction for both these interests, because it will line up this conversation and the legislation with the current technology and threat landscape.

Tricky questions about how to balance security and liberty in practice remain in developing the new law and the Telecommunications and Other Legislation Amendment (Assistance and Access) Act 2018 that is pending review.

We should keep, as a guiding principle, the need to hold online law enforcement to a rights-based standard that is equal to or even higher than the standard for offline work due to the heightened capacity for insecurity and abuse by other actors in the online world.

About the author

publisher team