Government surveillance bill passed by Parliament

On 25 August 2021 Federal Parliament passed the Surveillance Legislation Amendment (Identify and Disrupt) Bill 2021 (Bill).  The Bill modifies various acts, including the Surveillance Devices Act 2004 (Cth) (SDA) and the Crimes Act 1914 (Cth) (CA), to enhance the law enforcement powers of the Australian Federal Police and the Australian Criminal Intelligence Commission in respect of serious online crime.[1]  The Bill introduces three (3) new warrants:

  • data disruption warrants;
  • network activity warrants; and
  • account takeover warrants.

Data disruption warrants

A data disruption warrant enables certain law enforcement officers to, through various means, obtain access to relevant data and subsequently disrupt it.[2]  A law enforcement officer of the Australian Federal Police (AFP) or the Australian Crime Commission (ACC), or another person on the law enforcement officer’s behalf, may apply for a data disruption warrant.[3]  However, such law enforcement officer must suspect, on reasonable grounds, that:

  • one or more relevant offences of a particular kind have been, are being, are about to be, or are likely to be, committed;[4]
  • those offences involve, or are likely to involve, data held in a computer (target computer);[5] and
  • disruption of data held in the target computer is likely to substantially assist in frustrating the commission of one or more relevant offences that:
    • involve, or are likely to involve, data held in the target computer;[6] and
    • are of the same kind as the relevant offences referred to in above.[7]

There are appropriate safeguards against frivolous applications for data disruption warrants.  Applications for a data disruption warrant must be endorsed by an endorsing officer and must be heard by an Administrative Appeals Tribunal Member of Judge.[8]  Such safeguards should ensure data disruption warrants are only made in respect of ‘relevant offences’, including offences punishable by a maximum term of imprisonment of three (3) years or more.[9]  Warrants will be discontinued upon achieving their purpose.[10]

An eligible Judge or nominated AAT member will issue a data disruption warrant if they are satisfied that:

  • there are reasonable grounds for the suspicion founding the application for the warrant;[11] and
  • the disruption of data authorised by the warrant is reasonably necessary and proportionate, having regard to various supplied offences referred to in paragraph 27KA(1)(c).[12]

Network activity warrants

Network activity warrants are utilised to access data stored within a target computer used by a criminal network of individuals (CNI).[13]  A CNI is broadly defined to include a group of users of the same electronic service to, amongst other things, engage in conduct constituting a relevant offence.[14]  The chief officer of the AFP or the ACC may apply for the issue of a network activity warrant where they suspect on reasonable grounds that:

  • a group of individuals is a CNI;[15] and
  • access to data held in a computer (target computer) that is, from time to time, used, or is likely to be used, by any of the individuals in the group will substantially assist in the collection of intelligence that:
    • relates to the group or to any of the individuals in the group;[16] and
    • is relevant to the prevention, detection or frustration of one or more kinds of relevant offences.[17]

The same safeguards discussed above in respect of data disruption warrants apply in respect of network activity warrants – including that such applications are heard by an eligible judge or AAT member.[18]

Account takeover warrants

An account takeover warrant authorises the AFP or the ACC to take control of one or more online accounts.  A law enforcement officer may apply to a magistrate for the issue of an account takeover warrant if the law enforcement officer suspects on reasonable grounds that:

  • one or more relevant offences have been, are being, are about to be, or are likely to be, committed;[19] and
  • an investigation into those offences is being, will be, or is likely to be, conducted;[20] and
  • taking control of one or more online accounts (target accounts) is necessary, in the course of that investigation, for the purpose of enabling evidence to be obtained of the commission of those offences.[21]

In deciding whether to grant an account takeover warrant, the Magistrate must have regard to, amongst other things:

  • the nature and gravity of the alleged relevant offence;[22]
  • the existence of alternative means of obtaining the evidence sought;[23]
  • the extent to which the privacy of any person is likely to be affected;[24] and
  • the likely evidentiary value of any evidence sought to be obtained.[25]

Takeaways

The Bill will add three (3) new types of warrants to either the Surveillance Devices Act 2004 (Cth) or Crimes Act 1914 (Cth).  The ability for certain law enforcement officers to obtain data disruption and network activity warrants will be added to the Surveillance Devices Act 2004 (Cth).  Before issue, the Court must be satisfied that there is a reasonable suspicion to justify the application of the warrant and the alleged disruption is reasonably sufficient in consideration of certain provided offences.  In addition, the ability for certain law enforcement officers to apply for account takeover warrants will be added to the Crimes Act 1914 (Cth).  Magistrates must also consider various factors such as the gravity of the alleged offence, extent of the affect to the person’s privacy, existence of alternate means and likely evidentiary value of information sought.  Practically, the amendment makes it possible for all of a business’ information to be accessible, subject to a warrant, by various government agencies if the criteria discussed above are met.

Links and further references

Related articles

De-encryption laws to make tech giants cooperate with law enforcement

The importance of evidence and ubiquity

Legislation

Crimes Act 1914 (Cth)

Surveillance Devices Act 2004 (Cth)

Other materials

Revised Explanatory Memorandum

Surveillance Legislation Amendment (Identify and Disrupt) Bill 2021

Further information

If you need advice on your obligations under the Interactive Gambling Act 2001 (Cth) as a Gambling Service, contact us for a confidential and obligation free and discussion:

Malcolm BurrowsMalcolm Burrows B.Bus.,MBA.,LL.B.,LL.M.,MQLS.
Legal Practice Director
Telephone: (07) 3221 0013 (Preferred)
Mobile: 0419 726 535
e: mburrows@dundaslawyers.com.au

Disclaimer

This article contains general commentary only.  You should not rely on the commentary as legal advice.  Specific legal advice should be obtained to ascertain how the law applies to your particular circumstances.

[1] Revised Explanatory Memorandum to the Surveillance Legislation Amendment (Identify and Disrupt) Bill 2021 [1].

[2] Surveillance Legislation Amendment (Identify and Disrupt) Bill 2021 sch 1 s 13.

[3] Surveillance Legislation Amendment (Identify and Disrupt) Bill 2021 sch 1 s 13.

[4] Surveillance Legislation Amendment (Identify and Disrupt) Bill 2021 sch 1 s 13.

[5] Surveillance Legislation Amendment (Identify and Disrupt) Bill 2021 sch 1 s 13.

[6] Surveillance Legislation Amendment (Identify and Disrupt) Bill 2021 sch 1 s 13.

[7] Surveillance Legislation Amendment (Identify and Disrupt) Bill 2021 sch 1 s 13.

[8] Surveillance Legislation Amendment (Identify and Disrupt) Bill 2021 sch 1 s 13.

[9] Surveillance Devices Act 2004 (Cth) s 6.

[10] Surveillance Legislation Amendment (Identify and Disrupt) Bill 2021 sch 1 s 13.

[11] Surveillance Legislation Amendment (Identify and Disrupt) Bill 2021 sch 1 s 13.

[12] Surveillance Legislation Amendment (Identify and Disrupt) Bill 2021 sch 1 s 13.

[13] Surveillance Legislation Amendment (Identify and Disrupt) Bill 2021 sch 2 s 13.

[14] Surveillance Legislation Amendment (Identify and Disrupt) Bill 2021 sch 2 s 13.

[15] Surveillance Legislation Amendment (Identify and Disrupt) Bill 2021 sch 2 s 13.

[16] Surveillance Legislation Amendment (Identify and Disrupt) Bill 2021 sch 2 s 13.

[17] Surveillance Legislation Amendment (Identify and Disrupt) Bill 2021 sch 2 s 13.

[18] Surveillance Legislation Amendment (Identify and Disrupt) Bill 2021 sch 2 s 13.

[19] Surveillance Legislation Amendment (Identify and Disrupt) Bill 2021 sch 3 s 4.

[20] Surveillance Legislation Amendment (Identify and Disrupt) Bill 2021 sch 3 s 4.

[21] Surveillance Legislation Amendment (Identify and Disrupt) Bill 2021 sch 3 s 4.

[22] Surveillance Legislation Amendment (Identify and Disrupt) Bill 2021 sch 3 s 4.

[23] Surveillance Legislation Amendment (Identify and Disrupt) Bill 2021 sch 3 s 4.

[24] Surveillance Legislation Amendment (Identify and Disrupt) Bill 2021 sch 3 s 4.

[25] Surveillance Legislation Amendment (Identify and Disrupt) Bill 2021 sch 3 s 4.

 

Send this to a friend