Confused? You are not alone. The following piece details the bizarre world of spy laws in Australia and new plans for more consolidated control.

UNIVERSAL SURVEILLANCE LAW?

The legislative framework that governs Australia’s intelligence community is “unnecessarily complex”. It leads to “unclear and confusing laws” for the intelligence officers who have to interpret and follow them.

These are the words of the federal government, who will look to introduce a new universal surveillance act to centralise electronic activities by law enforcement and public agencies.

In a unique case of ‘problem, reaction, solution’, authorities are hoping to get a grip on the uncontrollable and unaccountable string of surveillance laws.. by introducing a new one?

This is the recommendation found in the final report of the Comprehensive review of the legal framework of the National Intelligence Community, which was concluded in December 2019 — although the government didn’t publish it until a year later.

That review, conducted by former diplomat, public servant, and one-time ASIO chief Dennis Richardson, recommended that as far as electronic surveillance goes, Australia needs a new electronic surveillance act.

Comprehensive indeed: Even the unclassified version runs to more than 1,300 pages.

At first, it sounded like this was going to be a good thing..

As Richardson noted, when the core Telecommunications (Interception and Access) Act 1979 (TIA Act) was originally passed, it was just 19 pages long. But by the end of 2019, it had blown out to 411 pages.

“The TIA Act itself rests on outdated technological assumptions, and has become complex to the point of being opaque. We are not the first review to recommend its reform,” Richardson wrote.

He added: “Technological change and convergence has resulted in telecommunications interception, covert access to stored communications and computers, and the use of optical and listening devices… becoming functionally equivalent.”

This all sounded fine. Could we about to see common sense OPPOSE how much this has grown?

No. Quite the opposite.

Richardson then goes on to say these activities are subject to “inconsistent limits, controls and safeguards” across the TIA Act, the Surveillance Devices Act 2004, and the Australian Security Intelligence Organisation Act 1979.

Richardson would go on to make dozens of recommendations for how a new act should work to centralise these powers and solve this ‘clutter’, with 203 recommendations in total.

Sound confusing? This is a common occurrence in the surveillance state of Australia.

It took an entire year for the government to respond, in part due to the COVID-19 pandemic’s impact on business, but eventually, in its formal response of December 2020, it agreed that such a reform was needed.

“The central area for reform is a new electronic surveillance Act, which will be a new landmark in Australia’s national intelligence legislation,” the government wrote.

“A new electronic surveillance Act will be generational in its impact. This legislation will require careful and detailed consideration, with extensive public consultation, to establish a framework that will support Australia’s intelligence collection and law enforcement agencies in the years to come.”

But it’ll take time. Five years and $100 million, according to the Richardson review.

“A new Electronic Surveillance Act will take two-three years of very detailed work and drafting before being considered by Parliament, after which there will need to be a good two year implementation period to update IT systems, adjust procedures, and retrain staff,” Richardson wrote.

That’s down to.. “the complexity of issues at play, the multitude of interested stakeholders at the Commonwealth, state and territory level and the controversy which attaches to what are, arguably, the most intrusive powers of the state“.

So, Richardson even agrees these type of powers are the most “intrusive” around, but recommends more be introduced? None the less, on a federal, centralised level?

What a world we live in.

Not to mention that state governments and individual agencies are continuing, on a day-by-day basis, to introduce more and more ad-hoc laws to spy on the average citizen.

This doesn’t look to be slowing down any time soon.

2021: IT’S STILL ALL ABOUT AD-HOC

Despite knowing about Richardson’s recommendations for a year, the government is still faffing about with a fat sack of ad hoc laws, most of which continue to be controversial.

Chief among them is the Telecommunications and Other Legislation Amendment (Assistance and Access) Act 2018, usually referred to as the TOLA Act or the AA Act.

The TOLA Act introduced that complicated regime with clumsy and confusing definitions through which intelligence and law enforcement agencies gained the ability to request or demand assistance from communications providers — all very broadly defined — to access encrypted communications.

A year later, the Labor opposition introduced its Telecommunications Amendment (Repairing Assistance and Access) Bill 2019, which goes part of the way to tidying up the mess, but in the view of your correspondent not far enough.

That Bill has yet to go anywhere, mostly because the Parliamentary Joint Committee on Intelligence and Security (PJCIS) was scheduled to conduct a review anyway.

PJCIS asked Australia’s then-Independent National Security Legislation Monitor (INSLM) Dr James Renwick to take a look.

His recommendations, made in a 316-page report [PDF], included setting up an independent body to oversee the approval of TOLA Act activities, rather than agencies approving them themselves without judicial oversight.

PJCIS was supposed to complete its review by September 30, 2020, but there’s been no sign of it yet.

PJCIS is well behind schedule most of its other work too.

The committee’s review of Australia’s mandatory telecommunications data retention regime was due to report by 13 April 2020 but that report didn’t appear until October 28.

Who are these people? What a mess.

One of its recommendations was that the Department of Home Affairs “prepare national guidelines on the operation of the mandatory data retention scheme by enforcement agencies recommendations”. Because currently there aren’t any.

The recommended timeframe was a leisurely 18 months.

PJCIS is also reviewing the Telecommunications Legislation Amendment (International Production Orders) Bill 2020, which is all about exchanging telecommunications data with other countries.

There’s no sign of that report either, and no deadline has been given.

There’s yet another PJCIS review into the Telecommunications Sector Security Reforms (TSSR), which were all about “a regulatory framework to manage the national security risks of espionage, sabotage and foreign interference to Australia’s telecommunications networks and facilities”.

Submissions to that review closed on 27 November 2020. No public hearings have been held yet, and once more there’s no deadline for the committee to report.

The Communications Alliance is worried about the potential for confusion because telcos’ requirements under TSSR overlap with those in the Security Legislation Amendment (Critical Infrastructure) Bill 2020 which was introduced in December 2020.

There is, of course, another PJCIS review to deal with that, with a reporting deadline of April 11.

Finally, there’s the brand new Surveillance Legislation Amendment (Identify and Disrupt) Bill 2020 introduced in — you guessed it — December 2020.

This new law would hand a trio of new computer warrants to the Australian Federal Police and the Australian Criminal Intelligence Commission: A data disruption warrant, a network activity warrant, and an account takeover warrant.

There’s a PJCIS review into that Bill too, but again, no deadline for the committee to report.

Then there’s the Identity-matching Services Bill 2019, which was all about sharing biometrics between federal and state agencies, which was so bad that PJCIS recommended a complete redraft.

We’ve yet to see any progress on that.

How is the average citizen meant to keep up with this?

Importantly, how are we to believe that a new central piece of surveillance legislation is someone meant to overwrite all of this unaccounted power that is being passed everywhere? This is their own doing.

THE GOVERNMENT’S OWN MAKING

In hindsight, it’s easy to see why Australia’s intelligence legislation is in such a mess: For nearly 20 years now, politicians on both sides have rushed through a series of ad hoc laws without proper oversight.

From the time of the terrorist attacks in the US on 11 September 2001, through to 1 August 2019, “Parliament passed more than 124 Acts amending the legislative framework for the NIC, making more than 14,500 individual amendments i.e. inclusive of the minor and technical,” Richardson wrote.

That’s more than one new act every eight weeks and it’s fair to say that politics has often trumped good governance.

In December 2018, for example, despite all its bold speeches against the proposed TOLA Act, Labor caved in and passed it anyway.

“Let’s just make Australians safer over Christmas,” then-Labor leader Bill Shorten said.

“It’s all about putting people first.”

It was a decision for which they were subsequently roasted, and rightly so.

Laws, like puppies, aren’t just for Christmas.

10 years ago, when Labor was in government, the controversial Cybercrime Legislation Amendment Bill 2011, which was meant to being Australia into line with the Council of Europe Convention on Cybercrime, was found to be seriously flawed by the Joint Select Committee on Cyber-Safety.

The House of Representatives ignored nearly all of those recommendations. Instead, MPs rushed to correct a fatal flaw that would have seen the new law fail to achieve its stated purpose.

The current backlog of surveillance legislation, somehow simultaneously both rushed and delayed, seems unlikely to break from this pattern.

The Minister for Home Affairs, Peter Dutton, and his sprawling department seem either disinclined to, or incapable of, organising themselves in a way that provides both thoughtfully drafted legislation in a timely manner, and meaningful timeframes for public consultation.

JUDGES OUT OF THE WARRANT PROCESS?

Also concerning is Richardson’s recommendation to not strengthen judicial oversight of intelligence activities, but to lessen it.

“Recommendation 30: Ministers should continue to authorise ASIO and Intelligence Services Act agency activities. These authorisations should not also be subject to judicial or other independent authorisation,” he wrote.

The government agreed.

“Ministerial authorisations, together with IGIS [Inspector-General of Intelligence and Security] oversight, provide appropriate protections and accountability for intelligence warrants and authorisations, and should continue without additional judicial or other authorisation,” they wrote.

The Law Council of Australia has expressed “grave concern” about this.

“This would reinforce Australia’s status as a major outlier within the Five Eyes Alliance,” wrote Pauline Wright, the Law Council’s president.

“The United States, United Kingdom, Canada, and New Zealand all have judicial authorisation requirements for their intrusive intelligence collection-powers,” she wrote.

“For the public to have trust and confidence in covert activities it is essential the utmost independence and rigour applies when granting authorisations. Judicial authorisation is essential to creating and maintaining that state of trust.”

The Australian government’s says their challenge this year will be to ‘unravel’ this tangle of laws.

However, as we have detailed, the ‘solution’ looks to be far worse than the ‘problem’.

That’s even if the problem — unaccounted, ad-hoc laws — even goes away in the process.

Which is also highly unlikely.

Don’t fall for the propaganda, ladies and gentlemen.