The government’s national security reform bill sticks fairly closely to the promised reform template but contains several issues that should be of concern.

Attorney-General George Brandis introduced the National Security Legislation Amendment Bill (No. 1) yesterday, the first of what will be at least two reform bills overhauling the powers of intelligence agencies and the telecommunications interception framework. As previously indicated by Brandis, the bill sticks closely to chapter four of the Joint Intelligence Committee’s national security reform report of last year, with a significant exception we’ll come to. We recently covered off the nature of the chapter four reforms. But there are three issues that deserve more consideration.

First, the bill goes beyond the JCIS report on the issue of “disruption” of computers. This is the proposal that the Australian Security Intelligence Organisation can plant malware on your PC/mobile device in order to more effectively monitor what you’re doing. Much of the bill is about updating ASIO’s powers to better tap computers, including the mildly controversial idea — endorsed by the committee — of allowing ASIO to go through other, third-party devices to access a targeted device. But disruption is the real issue of concern. Currently the ASIO Act prohibits ASIO adding, deleting or altering data on a computer targeted under a warrant. That would be replaced with a provision that allows those things if it “is necessary to do one or more of the things specified in the warrant” — something JCIS declined to endorse, believing the proposal needed more consideration.

Sign up for a FREE 21-day trial and get Crikey straight to your inbox

By submitting this form you are agreeing to Crikey's Terms and Conditions.

The ability to plant data on a target computer opens the way to a repeat of the notorious “Bundestrojaner” in Germany, where badly written malware designed to secretly relay data from a suspect’s computer led to both it and the IT system of German police being open to third parties. It also increases the risk of ASIO planting evidence on a target’s computer.

The additional sections of the bill not considered by JCIS are a “Snowden amendment” that would both dramatically increase the severity of the sentence for ASIO and other intelligence officers revealing information about intelligence agencies, and create a new offence of unauthorised removal or copying of documents by officers. These will significantly increase the potential risk of imprisonment that whistleblowers face. The sections are subject to the “public interest disclosure” provisions under current whistleblower laws, but those provisions for intelligence officials are very limited and plainly don’t address circumstances such as the most recent case of intelligence whistleblowing, where the Inspector-General of Intelligence and Security (IGIS) advised an Australian Secret Intelligence Service officer aware of the bugging of the East Timorese cabinet to seek legal advice, only for the IGIS to then claim no such advice had ever been given.

The third area of concern, which has already attracted criticism, is the provision relating to “special intelligence operations” (SIO) that prohibits anyone from disclosing information about an “special intelligence operations”, on pain of five years’ jail. There are no exceptions to this — not for journalists, or lawyers, or anyone else — which have prompted claims it’s intended to gag the media and whistleblowers from revealing embarrassing information about intelligence activities.

“What if agencies abuse the power and declare anything embarrassing to be a designated operation, preventing the exposure, say, of corruption, or illegal conduct?”

Well, it’s not really that, but there are some problems with it. “Special intelligence operations” are a new class of operations, considered by JCIS, where an undercover ASIO officer is in circumstances where they might have to commit, or participate in, a crime in order to continue to gather information. In that case, it can be declared an SIO and the officer can be granted immunity from prosecution, as long as the crime isn’t killing or seriously injuring someone, a sexual offence, or causes significant loss or damage to property. JCIS recommended that such a scheme be modelled on a similar scheme that the Australian Federal Police has in place for what the AFP calls “controlled operations”. Part IAB of the Crimes Act establishes the framework for controlled operations, and that includes a similar complete ban on disclosing information about controlled operations, albeit with a three-year jail term, not five years.

You can understand the logic of the prohibition: disclosing information about an operation where an officer is undercover places the officer at serious risk. But what if agencies abuse the power and declare anything embarrassing to be a designated operation, preventing the exposure, say, of corruption, or illegal conduct? The Crimes Act has a series of reporting requirements that require the AFP to report both to the Attorney-General and to the federal Ombudsman every six months on controlled operations, and the Ombudsman must report annually on controlled operations, with the report tabled in Parliament. The Australian Crime Commission has similar requirements for its operations. The Ombudsman has identified a number of concerns about the AFP’s controlled operations over successive reports, although the concerns mainly relate to record-keeping and disclosure rather than substantive breaches of requirements.

There are no such reporting safeguards in Brandis’ bill. The only independent reporting requirements is to the IGIS — whom we know is not a trustworthy watchdog on the intelligence community. In short, Brandis wants an even stronger penalty for disclosing information about ASIO’s special operations than apply for AFP officers, but with less oversight.

Even if you accept the logic that there should be an absolute prohibition on disclosure of this class of operation in order to protect officers, the lack of oversight and reporting requirements in Brandis’ bill is a matter of significant concern.

On the positive side, however, Brandis should be given credit for referring the bill to JCIS, and for agreeing to restore the Independent National Security Legislation Monitor — albeit at gunpoint, given both Labor and the Greens made it clear the bill wouldn’t be going anywhere without the INSLM being retrieved from the red tape bonfire. The Attorney-General has thus come close to fulfilling all the recommendations of chapter four. It will now be up to the JCIS to deal with the problems in Brandis’ bill.

This task will be helped by two significant additions to that committee yesterday. Opposition frontbenchers Penny Wong and Stephen Conroy have joined the committee, replacing Mark Bishop, who’s retired, and Joe Ludwig. Liberal Senator David Bushby is also coming onto the committee. In Wong, Conroy, John Faulkner, Tanya Plibersek and deputy chair Anthony Byrne, Labor’s JCIS contingent now is very strong. Pity Scott Ludlam, one of the best brains in Parliament on these issues, isn’t among them.