The government’s proposed new powers for law enforcement agencies could harm the privacy of people who are not criminals, according to the Office of the Australian Information Commissioner.
The Parliamentary Joint Committee on Intelligence and Security is currently reviewing the Surveillance Legislation Amendment (Identify and Disrupt) Bill 2020, which aims to grant greater powers to the Australian Federal Police and the Australian Criminal Intelligence Commission.
Under the proposed amendments, both agencies will be granted a warrant to access data on computers and perform “disruption activities” to combat crime. They will also receive warrants to collect intelligence on online criminal networks, and to take over a person’s online account for the purposes of gathering evidence of criminal activity.
In a submission to the committee this week, Australian information commissioner and privacy commissioner Angelene Falk has warned that the proposed powers are “wide-ranging and coercive in nature”, and could allow agencies to undertake a range of concerning activities.
This includes intercepting communications, surveilling devices, and authorising “the concealment of certain activities done under these warrants”.
“These powers may adversely impact the privacy of a large number of individuals, including individuals not suspected of involvement in criminal activity, and must therefore be subject to a careful and critical assessment of their necessity, reasonableness and proportionality,” Falk wrote.
“Further, given the privacy impact of these law enforcement powers on a broad range of individuals and networks, they should be accompanied by appropriate privacy safeguards.”
The OAIC has made seven recommendations proposing amendments to the bill, to ensure that impacts on individuals’ privacy are reasonable, necessary and proportionate.
Recommendations included narrowing the definition of a ‘criminal network of individuals’, requiring law enforcement agencies to destroy information where an authorisation has been subsequently denied, and the use of external warrant approval mechanisms rather than internal.
Bolstering law enforcement capabilities is a key initiative under the government’s new cyber security strategy.
The government is also looking to grant agencies the power to “take direct action” against cyber attacks and obtain information from critical infrastructure entities if it is deemed to be in the national interest.