The new Identify and Disrupt Bill allows almost limitless access to our online devices. What’s more, it passed with bipartisan approval.
Passing through both houses of parliament on 25 August, the Surveillance Legislation Amendment (Identify and Disrupt) Bill 2021 has gifted the Australian Federal Police (AFP) and the Australian Criminal Intelligence Commission (ACIC) with “extraordinary” powers to combat online crime.
The surveillance legislation has set up a three-tiered warrant system, allowing agents to hack into citizens’ online accounts, alter them, and take them over. These measures are preemptive, they can impact those not suspected of a crime and, as Dutton desired, the ASD can be called in to assist.
The Liberal top-heavy Parliamentary Joint Committee on Intelligence and Security released its review report in mid-August. It found that while measures to combat dark web crime were needed, enhanced safeguards were necessary to ensure these powers aren’t used for unintended purposes.
The PJCIS review made 33 recommendations. The government crossed off on 23 of them, including sunsetting the powers and strengthening warrant criteria, but it failed to raise the low threshold of criminal activity that warrants apply to. It was then rushed through with bipartisan approval.
“The new laws allow faceless federal agents to ‘target and destroy’ people, under what is officially called the Identify and Disrupt Bill,” Civil Liberties Australia (CLA) President Bill Rowlings told Sydney Criminal Lawyers. “This awful law multiplies tenfold the powers and reach of government intrusion.”
These “unrestricted” powers, Rowlings continued, mean citizens’ data is no longer safe on their own devices, as it purportedly allows access to any online account.
“Police have such an appalling record throughout Australia of planting evidence and wrongly locking up people for years and decades,” the liberties advocate stressed. “Why wouldn’t they plant more ‘evidence’ to suit themselves now they are permitted to do that officially?”
The details of the bill
The Identify and Disrupt Bill has inserted two new warrants into the Surveillance Devices Act 2004 (Cth), and a third takeover warrant was placed in the Crimes Act 1914 (Cth).
The first type is the data disruption warrant. It allows agents to disrupt data on a phone or computer by means of “adding, copying, deleting or altering” it, with the aim of “frustrating” a serious online offence. The undefined use of “frustrate” has raised eyebrows.
“It is anticipated that the Australian Signals Directorate (ASD) may provide assistance to the AFP and the ACIC in relation to data disruption,” advises the bill’s explanatory memorandum. The ASD is the nation’s international spying agency, which Dutton has been itching to turn on the people.
The second type is the network activity warrant, which facilitates the collection of data on criminal activity by infiltrating accounts. This data cannot be used as evidence in court, but it can be cited to trigger further investigative powers.
Both these warrants apply to a target computer, which is defined as “a particular computer”, “a computer on particular premises”, or “a computer associated with, used by or likely to be used by a person”. This means the devices of non-suspects can be the focus of a warrant.
AFP and ACIC agents can apply for a disruption or network warrant via the Administrative Appeals Tribunal. This is despite a push for the issuer to be a higher authority.
Then there’s the account takeover warrant, which allows for the covert and forced takeover of an account to gather evidence. The owner of an account can be locked out. This warrant requires a magistrate’s approval. And again, this power appears to capture the accounts of non-suspects.
Despite the government stating that the warrant system is for the targeting of “child abuse and exploitation, terrorism, the sale of illicit drugs, human trafficking, identity theft and fraud, assassinations, and the distribution of weapons”, they capture crimes of a less serious nature.
These warrants apply to a serious Commonwealth offence, which, as defined under section 15GE of the Crimes Act, is any federal crime that involves a maximum penalty of 3 years or more.
AFP and ACIC agents can also apply for an assistance order, which requires an individual to provide any information or assistance needed to access or disrupt data. Failure to comply is an offence, with the subject of the order liable to up to 10 years imprisonment and/or a $133,200 fine.
The bill allows agents to disrupt data on a phone or computer by means of “adding, copying, deleting or altering” it, with the aim of “frustrating” a serious online offence. The undefined use of “frustrate” has raised eyebrows.
The usual suspects
Current home affairs minister Karen Andrews cited the over 220 arrests carried out in June by the transnational crime investigation Operation Ironside, as a reason for the new measures to be rolled out and as proof that other corrosive surveillance state laws enacted in late 2018 are working.
At an 8 June press conference talking up the success of Ironside, Scott Morrison stated that there “is a series of pieces of legislation that we’ve been seeking to move through the parliament” that intelligence and law enforcement agencies need “to do their job”.
The Integrity and Disrupt Bill was one of them, and, obviously, more unprecedented powers are in the works.
“Undoubtedly – there is not the slightest question about it – these laws will be abused,” Rowlings maintained. “If what normally happens occurs, they will be used to target the poor, the homeless and the downtrodden.”
“The Mr Bigs of crime and criminality will escape scot-free.”