Technology, in particular the internet and digital modes of communication, knits together the very fabric of our lives, our lifestyles, how we work and do business. It is fair to say that for the foreseeable future, we will continue to embrace the lifestyle and cultural conveniences that have developed with the evolution of these modern technologies. But the rapid evolution of technology and uptake within society has outpaced the existing legislative framework by a significant margin.
Against this backdrop, there is a growing realisation in Government that retrofitting law to suit culture is no longer a sustainable solution. So, it is timely and appropriate for the Government to pursue action to replace the existing patchwork of laws with a unified, technology-neutral, legislative framework, as announced by the Department of Home Affairs in the discussion paper titled ‘Reform of Australia’s electronic surveillance framework’, published on 6 December 2021 (the Discussion Paper).
This is the most significant reform to Australia’s national security laws in more than four decades. The discussion paper: the Comprehensive Review of the NIC Legal Framework) (the Richardson Review), found that the existing electronic surveillance legislative framework is no longer fit for purpose.
The Review recommended the repeal of the Telecommunications (Interception and Access) Act 1979, Surveillance Devices Act 2004, and parts of the Australian Security Intelligence Organisation Act 1979 and replace them with a single, consolidated, technology-neutral, Act (see recommendation 75).
These findings are not unexpected when considering the point in time when the original legislation was first conceived. Specifically, it was designed around Government ownership of telecommunications networks and to protect the privacy of fixed line phone calls and telegrams. Circuit-switched carrier networks were typical, and Voice over Internet Protocol (VOIP) and Over-the-Top (OTT) message applications, including social media, were not yet sprouting in our consciousness.
Interestingly, the Discussion Paper identifies that the new laws could apply to a much broader range of information beyond that which falls within the current scope of the Telecommunications (Interception and Access) Act 1979. This could result in OTT and Unified Communications providers being subject to similar requirements for interception and data retention as traditional carriers.
Further, the Discussion Paper suggests that the new laws could apply to a much broader range of information beyond the conventional “communications” that fall within the current scope of the Telecommunications (Interception and Access) Act 1979.
For example, cloud-hosted data including electronic documents stored using Google Drive or Dropbox, data generated by IoT devices like smart vehicles or home appliances, draft or unsent emails and instant messages and information from the use of non-messaging smartphone applications.
A significant issue to highlight is that the Discussion Paper considers extending additional surveillance powers to agencies including:
- The Australian Transaction Reports and Analysis Centre.
- The Australian Taxation Office
- Australian Border Force
- Australian Criminal Intelligence Commission
- State and Territory corrective service agencies
The devil will be in the drafting, and it remains to be seen just how far these powers will extend and which agencies will be permitted to wield them.
Consideration should also be given to the proliferation of encrypted apps such as Signal, Telegram among others (not to mention blockchain and related technology) that are designed to be difficult (if not impossible) to access, resulting in communications on these platforms by default requiring more intrusive means to intercept.
These apps are commonly used as collective social concern increases concerning how personal data is accessed and used by government, big tech, social media, and e-commerce platforms.
An ever-increasing percentage of the population are concerned about protecting their data and identities and accordingly are turning to encrypted apps for their communications. In other words, it must not be assumed that the use of encrypted apps is limited only to bad actors.
Threats to national security
Potential threats to national security are often transnational, with affiliate groups communicating on encrypted apps across multiple jurisdictions. This creates cross-border complexities for sovereignty and when and under what circumstances searches under warrant can take place, if at all. There is a direct corollary between enhanced state surveillance and democratic and social cost. It is all too easy for civil liberties to be eroded in the name of national security, leading to loss of social cohesion and trust in Government. These reforms present an opportunity to get the balance right. Specifically, given the protection of human rights and related freedoms underpins the rationale for national security legislation, it, therefore, follows that those human rights should be at the centre of these reforms.
In line with the Richardson Review’s recommendations, the Discussion Paper promises to ensure that Australia’s surveillance laws are technology-neutral and relevant to both current and future technologies. However, it remains to be seen how the drafting of the new legislative framework will capture and balance the appropriate and measured surveillance of bad actors whilst ensuring the broader remit of reform; that the legislative framework is rendered fit for purpose now and in the future. To address this, the Government has indicated that it is looking to countries who have successfully undertaken a reform of this nature, specifically the Five Eyes nations.
The extent of the impact of these reforms on Government agencies, Industry and citizens is yet to be assessed. However, in a recent ASPI Webinar: Reforming Australia’s electronic surveillance when asked, Home Affairs Secretary Michael Pezzullo remarked that if citizens are not involved with criminal activity, they should feel an elevated level of confidence that their online interactions will not fall within the scope of the new legislative framework. However, it is essential to understand that there is no ‘one size fits all’ method to reforms of this nature and the Government will need to ensure that the draft legislation is appropriately customised to suit Australia’s unique circumstances.
We note that the consultation process has only just commenced; submissions on the discussion paper have been sought and an exposure draft of the legislation is touted for release for public comment in late 2022. At Synergy Law we will keep a watching brief on these reforms as they unfold, to provide our feedback through the public consultation sessions on the exposure draft when it is released.
Synergy Law is a Synergy Group legal offering, specialising in Government law and legal advisory services. Synergy Law also looks to opportunities Government can ‘lean into’ future legal issues such as cyber security, infrastructure security, emerging energy resources, climate law, ICT and technology, data sharing and information law, to support Government operations becoming ‘future ready’. If you would like to know more, reach out to Melanie Hutchinson (email@example.com) and Bobbi Campbell (firstname.lastname@example.org).