Inside Story

How reactive law-making will limit the accountability of ASIO

The Coalition’s new security legislation shows that it hasn’t learnt the lessons of twelve years of terrorism law-making, write Jessie Blackbourn and Nicola McGarrity

Jessie Blackbourn & Nicola Mcgarrity 24 July 2014 1619 words

Attorney-general George Brandis (right) and the director-general of security, David Irvine, discussing the National Security Legislation Amendment Bill during a media conference last Wednesday.
Lukas Coch/ AAP Image

When attorney-general George Brandis announced new national security legislation last week, Australia entered a new phase of anti-terrorism law-making.

As its title suggests, the National Security Legislation Amendment Bill (No. 1) is just the start of a new legislative push. The attorney-general has signalled his intention to introduce further measures in the spring parliamentary session. His remarks suggest that future bills could expand the already extremely broad criteria used to ban terrorist organisations; change the rules for the admission of foreign evidence in domestic terrorism trials; and withdraw Australian citizenship from dual citizens who present a risk to national security. The government may even introduce the controversial requirement that all telecommunications providers retain potentially useful data (a move that Australia’s top spies have supported).

Some of the measures in last week’s bill are necessary and even overdue, given that existing laws have fallen behind advances in communications technology. But the devil is in the detail, and it’s there that can be found measures which can’t be justified on the grounds of simplification, streamlining or updating.

Four in particular deserve highlighting. One would allow the Australian Security Intelligence Organisation, or ASIO, to spy on a number of computers – including a whole computer network – under a single computer-access warrant. Another would give immunity from criminal and civil liability to ASIO officers working undercover. A third measure would expand the power of Australia’s foreign intelligence organisation (the Australian Secret Intelligence Service) to collect intelligence on citizens overseas. And the fourth would broaden the secrecy offences applying to ASIO employees and contractors and increase penalties.

These new measures are a reaction to two significant events overseas: the conflict in Syria and Iraq, and the mass disclosures of US intelligence by the likes of Julian Assange and Edward Snowden. Reactive anti-terrorism law-making has, in the past, proven to be less than ideal. The last major anti-terrorism initiative was the introduction of control orders and preventative detention orders in late 2005 in response to the 7 July London bombings. In the nearly ten years since then, only two control orders, and not a single preventative detention order, have been made.

This is far from the only instance of reactive law-making in Australia. The first raft of anti-terrorism laws was introduced into federal parliament six months after the 11 September 2001 terrorist attacks. Some of the measures in those laws were undoubtedly necessary – a legislative definition of “terrorism” and dedicated criminal offences, in particular – but their hasty enactment, combined with parliament’s inexperience in responding to terrorism, has resulted in laws that have often infringed basic civil liberties.

Last week’s bill raises doubts about whether parliament has learnt anything from twelve years of legislating against terrorism. Adopting the omnibus approach, which has been a feature of anti-terrorism laws in Australia and overseas, the legislation purports to implement more than forty recommendations made by the Parliamentary Joint Committee on Intelligence and Security in 2013. This kind of law-making is far from optimal. For parliament or the public to scrutinise such legislation and debate its provisions in a meaningful way is virtually impossible.

Omnibus legislation also creates the opportunity for the government to bury controversial measures beneath a mass of banal and technical provisions, which is precisely what it has done in this bill. The Defence Imagery and Geospatial Organisation is renamed the Australian Geospatial-Intelligence Organisation and the Defence Signals Directorate becomes the Australian Signals Directorate. Alongside this housekeeping sit measures that not only cloak intelligence agencies in an even thicker veil of secrecy but also violate fundamental human rights, including freedom of expression.

The bill includes a broad new offence covering the disclosure of any information relating to a special intelligence operation. A maximum penalty of ten years’ imprisonment applies regardless of whether the person has prior knowledge that a special intelligence operation has been authorised (which is unlikely, given that authorisation is itself kept secret) or intends to damage the operation in some way.

ASIO employees have long been subject to special rules regarding the confidentiality of official information. This bill goes further, introducing new offences of unauthorised “dealing” with a record, covering a broad range of conduct such as copying, retaining or removing. A penalty of up to three years’ imprisonment applies regardless of whether the information has been made available to any other person, or whether the ASIO employee intended to make it available. The bill also substantially increases to ten years’ imprisonment the maximum penalty for any unauthorised communication of information by a member of the intelligence and security agencies. Previously the maximum penalty was just two years. According to the bill’s explanatory memorandum, the present maximum “is disproportionate to the significant, adverse consequences that the unauthorised disclosure of highly classified information can have on a country’s reputation, intelligence-sharing relationships and intelligence-gathering capabilities.” Precisely why is unclear.

It is central to the rule of law that legislation should be drafted in unambiguous language. This is especially so where it may lead to the deprivation of a person’s liberty or where an exercise of powers may substantially interfere with the right to privacy. Some of the measures in the bill are anything but clear. In particular, ASIO is empowered to access any or all of the computers on a network under a single computer-access warrant. The danger here lies in the absence of any definition of a “computer network,” which could include every computer on a university or public service network, and might also include any computer connected to a cloud network, such as Skype or Dropbox. Taken to its logical extreme, it might extend to any computer that is connected to the world wide web.

We might expect that this undoubtedly significant expansion of ASIO’s powers would be accompanied by a corresponding increase in safeguards, but this doesn’t appear to be the case. It seems that ASIO will be able to access all the computers on a network where there “are reasonable grounds for believing that access by the Organisation… will substantially assist the collection of intelligence in… respect of a matter… that is important in relation to security.” It is not necessary for the ASIO officer seeking the warrant to satisfy a minimal intrusion test, for example, by demonstrating why accessing a single computer rather than the whole network would be insufficient.

Far from strengthening the accountability framework, the bill limits external oversight of ASIO’s powers. The new special intelligence operation regime, which concentrates power in the hands of the director-general of intelligence and security, is a good illustration. An ASIO officer may apply to him or her “for an authority to conduct a special intelligence operation.” If granted, the operation could be authorised for a period of up to twelve months with no apparent restriction on rolling authorisations.

This scheme mimics – but significantly exceeds – the longstanding controlled-operations scheme that regulates law enforcement agencies. Under the Crimes Act, officers of these agencies may be authorised to conduct a controlled operation for up to three months, with possible renewal by the Administrative Appeals Tribunal, in three-month increments, up to a total of no more than two years. According to the explanatory memorandum, “appropriate modifications have been made to reflect the difference” between law enforcement and intelligence operations. But no real explanation is given as to why ASIO officers should be exempt from safeguards regarded as appropriate in the law enforcement context.

It is not only the content of the bill that suggests the federal government has failed to learn from history. The process for enacting the bill is also flawed. The Parliamentary Joint Committee on Intelligence and Security has been given less than two months to report on the bill, with only two weeks allowed for public submissions. This is not nearly enough time for detailed analysis of such complex and controversial anti-terrorism measures. An argument that the substance of the bill was considered – and ultimately approved – by the same committee only a year ago is misleading. During that inquiry, committee members were very critical of the broadbrush approach taken by the then Labor government. “The lack of any draft legislation or detail about some of the potential reforms was a major limitation,” they wrote, restricting their ability to consider “the merit of the reforms” and reducing the opportunity “for interested stakeholders to effectively respond to the terms of reference.”

Nor is the legislation subject to a sunset clause. Once enacted, the only hope for additional scrutiny is post-enactment review by the office of the Independent National Security Legislation Monitor. That office currently sits empty and, earlier this year, the government even made an attempt to abolish it altogether. Although it was given a reprieve, the reality is that despite the efforts of the former monitor, Bret Walker SC, this office ultimately has very little practical influence. No government has yet seen fit to respond formally to any of its recommendations.

The bill demonstrates all the characteristics of the bad anti-terrorism law-making of the past. It is a reaction to external events not justified by any obvious gaps in the current national security legislative regime. It is likely to secure bipartisan support, and thus will not be subjected to rigorous oversight during the parliamentary process. It imposes serious restrictions on traditional rights and liberties without increasing safeguards. It leaves key concepts undefined, raising questions about its real scope. And on top of all of this, it will be permanent. •