Identify and Disrupt Bill
On Wednesday 25th August 2021, Parliament passed the Surveillance Legislation Amendment (Identify and Disrupt) Bill 2020, giving the Australian Federal Police (AFP), the Australian Criminal Intelligence Commission (ACIC)—and by extension, the Australian Signals Directorate the power to spy domestically.1 The bill creates three new warrants, with the purported purpose of targeting “serious and organised crime” that utilise “anonymising technologies” online.
The announcement of these warrants follows a $90 million injection of funding2 in the government’s already-existing and extensive surveillance and intelligence gathering capabilities, but according to the Department, these warrants are “needed to combat cyber-enabled serious and organised crime” and to “disrupt those who organise and engage in other criminal activities.”3
While the government claims the targets of this bill are organised criminals, the broadness of the new powers could be used to “identify and disrupt” activists, simply by virtue of the offences that are levelled against some types of civil and political activity.
The Bill provides three new warrants:
- Data Disruption Warrants, which allow the AFP and the ACIC (or another person on the law enforcement officer’s behalf) the ability to “add, copy, delete or alter” files on a computer or device, so as to “frustrate the commission of crime”4 where a law enforcement officer “reasonably suspects” that one or more “relevant offences” are “being, are about to be, or are likely to be” committed.5
- Network Activity Warrants, which “allow agencies to collect intelligence on serious criminal activity being conducted by criminal networks”6 by intercepting communications and using surveillance devices on computer networks. The AFP and the ACIC are permitted to do “any thing reasonably necessary to conceal”7 their access and modification to computers, allowing the warrant to be conducted covertly. This is available where there is a “reasonable suspicion” that monitoring the network activity of a “criminal network of individuals” is “relevant to the prevention, detection or frustration of one or more kinds of ‘relevant offences.’”8
- Account Takeover Warrants, which provide agencies with the ability to take control of a person’s online account “through the modification of data” for the purposes of “gathering evidence to further a criminal investigation.”9 This is available where there is a “reasonable suspicion” that one or more “relevant offences” are “being, are about to be, or are likely to be” committed; an investigation is either imminent or in progress, and taking control of the “target accounts” is “necessary for enabling evidence to be obtained.”10
What constitutes a “relevant offence” is broad, but purportedly means a “serious Commonwealth offence” or a “serious state offence” that has a “federal aspect.”11 “Seriousness” is characterised by an offence carrying a maximum sentence of three or more years’ imprisonment.12
MALS is concerned that this language captures offences with a “federal aspect” that have been levelled at activists in the past, and hence would trip off the low threshold to use such warrants against activists in order to identify and disrupt their activities.
For example, anti-war activists that have staged protests on the Pine Gap surveillance facility in Alice Springs13 over the past decades,14 would be subject to the warrants, because the actions took place on Commonwealth land (federal aspect) and the offences levelled at them attracted maximum sentences of seven years15 (serious offence).
Similar circumstances apply to anti-war groups that have protested on military bases16 or refugee activists who have protested in Parliament17 where Commonwealth land and/or property is an aspect of the charges brought against the activists, and the sentencing times are likewise.
Anti-mining and climate action groups would also be ‘eligible’ for identification and disruption with the bill, because they “oppose critical infrastructure projects”18 and may be considered a “criminal network of individuals”19 or, that they are an “electronically linked group of individuals”20 that have the potential to cause “substantial loss or damage to critical infrastructure or property”21 (emphasis added).
This means the scope of this bill is much more than meets the eye.
The warrants would be issued by a judge, an Administrative Appeals Tribunal (AAT) member, or in the case of an “Account Takeover Warrant,” a magistrate.22
Members of the AAT are appointed by the Governor-General, and work on a full-time or part-time basis for a term of up to seven years. Members may be reappointed,23 and are part of the government, not the judiciary.24 The tribunal has a history of government cronyism and stacking that makes the independence of the AAT questionable at best.25 The Government has rejected the recommendation to limit the power to issue warrants to judges,26 saying it would be a “departure from long-standing government policy.”27
MALS has been tracking the evolution of the bill and notes that a ‘sunset’ period of 5 years has been introduced, where the provisions for each warrant purportedly expire. But it is useful to note that as we’ve seen in the United States, “national security laws” face little-to-no political opposition and are often reauthorised successively, sometimes for many decades.28 This means sunsets are of little comfort, especially given the bipartisan support of this bill in Australia.
Likewise, we note there has been some “consideration” introduced to the bill for journalists and their sources,29 but that these protections are extremely weak as they hinge on the interpretation of the phrase ‘public interest’ which the Federal and High court have historically interpreted to be limiting.30 Legal practitioners also remain vulnerable. For example, if a lawyer or journalist assists a government whistleblower in a manner deemed to be ‘incitement’ it will be a relevant offence for the warrants under Section 11.4 of the Commonwealth Criminal Code Act.31
Concerns for Activists and Human Rights Defenders
So what does this have to do with activists and human rights defenders in Victoria?
Data Disruption Warrants
The bill states that the AFP and ACIC (or another person on the law enforcement officer’s behalf) will have the ability to “add, copy, delete or alter”32 files on a computer33 so as to “frustrate the commission of crime.” In an activist context, what this means is that police and intelligence agencies will have the ability to install malware on target computers and even whole computer networks34 and modify files—including the possibility of planting and manipulating evidence35 that can be used in a prosecution36 even though it is claimed the warrants are not “for the purpose of evidence-gathering”, according to the bill’s explanatory memorandum.37
The “frustration” element would also include preventing certain actions from taking place before they happen, much like predictive policing. For instance, taking the Pine Gap actions for example, this would mean that the participants of that action—as well as everyone they know—could become targets, and the content of their communications “deleted, altered, or added to” as the police see fit, so as to not only stop the action itself, but also provide opportunity for law enforcement to mount prosecutions against related persons using evidence that has been manufactured or embellished, for the purposes of disrupting these movements.
The prospect of police and intelligence agencies having the ability to admit evidence to a court that they have tampered with is extremely concerning, let alone the lacklustre checks on the powers of these provisions by external oversight. In the past, police have used parallel construction to conceal how unlawful investigations have started against Persons of Interest in precisely the same way, getting around the protections courts provide pertaining to the admissibility of evidence that is not obtained legally. This bill changes the scope of such evidence gathering methods to one that fundamentally enshrines these dubious methods of both collection and “chain of custody” with little to no recourse or accountability.
Network Activity Warrants
The purpose of this warrant is essentially comprehensive surveillance of a target—and everyone loosely connected to that target—carried out through the co-opting of their Internet-connected digital devices.
As mentioned above, these warrants could be deployed against all sorts of activist movements—groups undertaking direct action to stop climate change, anti-war groups or activists opposing military bases, those undertaking protest on Commonwealth land or in regards to Commonwealth “property,” etc. However, the language of the bill is still broad enough to capture other types of protest.
For example, Section 474.17 of the Criminal Code Act (Cth) makes any communication by Internet, text, or other electronic means vulnerable, because that section makes the use of “a carriage service” to “menace, harass, or offend” a crime under Commonwealth law. “Menacing, harassing, or offending” can be in either the content of the communication (what’s said or shown) or the use of the communication (organising or ‘inciting’ to act in some way).
This means this type of warrant has the potential to capture38 for example, animal rights activists, particularly those who may use hidden cameras to capture footage and that footage is then shared.39 Or, even more broadly, this warrant could provide police and intelligence agencies access to anyone’s communications even if they are only loosely connected to someone under investigation of a relevant Commonwealth offence. As explained by the Human Rights Law Centre, this is because (citations omitted):
An “electronically linked group of individuals” simply means any 2 or more people who use the same electronic service (including a website), or communicate with other individuals in the group electronically.
On a broad, but not unreasonable, interpretation of these definitions, the effect is that a person who visits the same website as a person engaging in conduct facilitating or constituting a relevant offence is in a “criminal network of individuals.” This is regardless of whether the website or communication bears any relation to the offence, or whether the individuals have any knowledge of, involvement in or connection to the offence.Human Rights Law Centre: Submission to the Parliamentary Joint Committee on Intelligence and Security
As the Centre explains, “if someone commits a relevant offence using WhatApp, then … every user of WhatsApp worldwide would be a member of that “criminal network of individuals.”
Recognising how much surveillance is already undertaken to track and repress activism, it is not too far a leap to see how such broadly defined warrants will add to this.
Account Take-over Warrants
This warrant provides agencies with the ability to take “covert and forced takeovers”40 of a person’s online account for the purposes of “gathering evidence to further a criminal investigation.”41 This includes accounts that are outside Australian jurisdiction, and those that operate on systems in other countries.
Any account takeover will be done covertly and “without consent of the account holder.”42
These warrants are authorised by a magistrate.43
Not surprisingly, some technology megacorporations have criticised this warrant, as their use would directly effect Internet communications, and compromise their products. Twitter labelled the warrant “antithetical to democracy”44 and Amazon is seeking legal indemnity regarding the exercising of them,45 stating that the warrants were “developed for a radically different purpose in law enforcement compared to the warrants currently available to law enforcement agencies.”
In an activist context, it’s unclear how this type of warrant could be used, but its broad scope, just like the others, allows for all sorts of possible adverse outcomes. For example, one could imagine one’s social media accounts being taken over by law enforcement agencies, and then law enforcement agents posing as activists for the purpose of entrapment or incitement of other activists, as seen in the United States.46
Where can I find out more?
The Identify and Disrupt Bill operates as part of an extensive suite of surveillance laws in Australia, including the Telecommunications and Other Legislation Amendment (Assistance and Access) Act 2018 (TOLA), and the Telecommunications (Interception and Access) Amendment (Data Retention) Act 2015 (the Mandatory Metadata Retention Scheme). All of these laws working in tandem create a powerful mass surveillance system in Australia. The Identify and Disrupt Bill adds to the extensive legal structure to now make it practically impossible to implement end-to-end encryption to protect information and communications. As AccessNow explains:
“Authorities could use the Technical Capability Notice under TOLA to compel a service provider to build the prescribed technical capability, including decryption, to assist the government and intelligence agencies. Thereafter, law enforcement may utilise warrants under the Identify and Disrupt Bill to gain access to all kinds of data. A combination of TOLA and the Identify and Disrupt Bill effectively brings any kind of information in existence within the reach of law enforcement in an entirely unnecessary and disproportionate manner, to the grave detriment of cybersecurity and users’ privacy.”
MALS opposes this Bill, not only for the reasons outlined above, but also for the fundamental lack of a compelling justification for creating such expansive, invasive, and secretive powers that add to an already extensive surveillance state in the first place.
To find out more, see:
- MALS 2021 Law Week Event: Activism, Surveillance, and Digital Security Awareness
- Submissions to the Parliamentary Inquiry including those of:
- Talk by Dr Monique Mann and Angus Murray for Electronic Frontiers Australia
Jordan Brown, Alec Miguel, Jennifer Keene-McCann
Melbourne Activist Legal Support