Law Council of Australia is very concerned with some aspects of Minister for Home Affairs Peter Dutton's proposed amendments to the Australian Security and Intelligence Act 1975 (Cth) (ASIO Act)

"The Australian Security Intelligence Organisation Amendment Bill 2020 will modernise ASIO's powers and, in doing so, improve ASIO's capacity to respond to these threats [by]....lowering the minimum age of a questioning subject in relation to a terrorism matter from 16 to 14...empowering the Attorney-General to issue warrants, including orally....allow non-intrusive tracking devices, such as a device placed on a vehicle, or in a person's bag, to be authorised internally...." [Minister for Home Affairs & Liberal MP for Dickson Peter Dutton in House of Representatives Hansard, 13 May 2020]

Law Council of Australia, media release, 13 May 2020:

Statement on proposed amendments to the ASIO Act by Law Council President, Pauline Wright

The Law Council of Australia is very concerned with some aspects of the proposed amendments to the Australian Security and Intelligence Act 1975 (Cth) (ASIO Act) released today in parliament.

If adopted, the amendments would redesign the Australian Security and Intelligence Organisation’s (ASIO’s) compulsory questioning warrant regime and repeal its specific detention powers.

It would also make some significant changes to ASIO’s surveillance powers, including permitting warrantless (that is, internally authorised) surveillance in relation to the use of certain tracking devices.

The Law Council welcomes the repeal of the ASIO detention regime in relation to the investigation of terrorism, which is consistent with its longstanding policy position. However, the amendments propose a re-design of the use of questioning warrants and we are concerned that there may be very limited time to scrutinise the proposed laws, which are lengthy, complex and highly intrusive on individual rights.

The proposal to reduce the age of minors who may be subject to questioning from 16 to 14 years and the conferral of powers on police to apprehend and detain persons for the purpose of bringing them in for compulsory questioning also requires detailed scrutiny by the Law Council, amongst the many other amendments.

The Law Council is concerned that the government is now rushing the Bill, despite having had over two years to develop the re-designed questioning legislation since the PJCIS tabled its report in May 2018.

Now there is a sense of urgency given that ASIO’s current questioning powers are due to sunset in 7 September, and the amendments are set to commence by or before that date.

This is not a Bill to be hurried through.

The Law Council will need to carefully scrutinise the Bill and we look forward to providing a comprehensive submission to the inquiry. 

~~~~~~~~~~~~~~~~~

The Australian Security Intelligence Organisation Amendment Bill 2020 can be found here.

The Sydney Morning Herald, 14 May 2020:

With Federal Parliament flat out dealing with the social and economic fallout of the COVID-19 pandemic, now is hardly the right time for a government to introduce legislation giving ASIO the power to question 14-year-old children, interfere with the rights of legal advisers, and enable the tracking of individuals without the need for a warrant..... 

Dutton's law would allow ASIO to seek a warrant so it can question young people aged 14 to 18 if they are a target of an ASIO investigation into politically motivated violence: broad criteria to say the least. 

Then there is a serious attack on the fundamental right of a person, whether they be 14 or 40, to choose their own lawyer when they are subject to investigation by ASIO. The bill allows for a prescribed authority, which is a judge or Administrative Appeals member selected by the government, to stop a person ASIO is seeking to question from contacting their lawyer if "satisfied, based on circumstances relating to the lawyer, that, if the subject is permitted to contact the lawyer, a person involved in activity prejudicial to security may be alerted that the activity is being investigated, or that a record or other thing the subject may be requested to produce might be destroyed, damaged or altered". 

This power is sweeping and allows for hearsay "evidence" to be used. All ASIO would have to do is tell the judge or AAT member that it has heard from "sources" that the lawyer requested by the detainee is a security risk. 

But even if the lawyer passes muster and sits with his or her client, the ASIO officers doing the questioning can have the lawyer removed. The explanatory memorandum of the bill says that can happen, "if the lawyer's conduct is unduly disrupting questioning. This may be the case where, for example, a lawyer repeatedly interrupts questioning (other than to make reasonable requests for clarification or a break to provide advice), in a way that prevents or hinders questions being asked or answered." So if the ASIO officers are badgering or harassing a frightened 14-year-old, or asking questions that are completely irrelevant, they have carte blanche. 

As a lawyer, one hears and reads stories about colleagues in authoritarian states where such powers are given to and used by security agencies, but one never expected it in democratic Australia....

Morrison Government's new virus contact tracing app

On the evening of Sunday 26 April 2020 the Morrison Coalition Government released its COVID-19 contact tracing app "COVIDSafe" for download and installation on mobile phones by the Australia public.

The stated intention for the release of this app is to widely surveil the Australian population with the aim of tracing persons who have been in contact with confirmed COVID-19 cases.

This release did not come after the promised full disclosure of the app source code. Indeed this source code if or when it is finally released will be a redacted version.

It did not come backed by a full legislative framework which had been scrutinised by the Australian Parliament. 

It came with a ministerial determination which had been published at one minute before midnight on Saturday 25 April 2020 and a one page website containing two download links, a link to "Privacy policy" and another to "Help topics".

It also came after the unannounced release of the promised Privacy Impact Assessment sometime on 25 April 2020.

Despite being assured that no federal agency can access data collected by COVIDSafe, one federal agency the Digital Transformation Agency has official permission to access data in certain situations.

To effectively use the app on a mobile phone Bluetooth has to be activated and some phones will be required to run the app in the foreground, others may find it can be run in the background. Recharging may have to happen more often and some existing phone functions may not always perform well.

Every mobile phone user with this app "will receive daily notifications to ensure the COVIDSafe app is running".

Once installed the app can be automatically updated (including with additional app functions) without notification to the user, unless automatic updates have been blocked on Google Play or Apple App Store.

It is up to each citizen and permanent resident to make their own decision concerning the downloading of this app as use of the app is voluntary.

UPDATE

Despite the Morrison Government insisting that "the COVIDSafe app does not collect your location", according to Google Play this app has GPS and network based functions so a mobile phone's precise location can be identified.

Intelligence and Security Committee of the Australian Parliament declined to recommend passage of Minister for Home Affairs Dutton's identity matching services bill

The Guardian, 24 October 2019:

Mark Dreyfus, as the most senior Labor member on the committee, also commented on the bill: 

The Intelligence and Security Committee of the Parliament is declining to recommend the passage of the identity matching services bill. 

Instead, Labor and Liberal members of the committee are uniting to recommend that the identity matches services bill be completely redrafted and referred back to the Intelligence and Security Committee for further inquiry when it is reintroduced. 

In taking this step, I congratulate all members of the committee for putting the national interest first and sending a strong message about the value of this committee. 

The identity matching services bill purports to facilitate the exchange of identity information pursuant to the objective of an intergovernmental agreement reached by Coag [in] October 2017. 

But it includes none of the limitations or safeguards anticipated by that agreement. 

The bill includes almost no limitations or safeguards at all. 

As explained in the committee’s report, the identity matching services bill would authorise the Department of Home Affairs to create and maintain facilities for the sharing of facial images and other identity information between government agencies and in some cases, non government agencies entities. 

The bill would also authorised the Department of Home Affairs to develop and maintain to centralised facilities for the provision of what are called identity matching services. 

The first of these two facilities would be called an interoperability hub. 

The Hub would act as a router through which government agencies across Australia could request and transmit information as part of an identity matching service. 

The second would be a federated database of information contained in government identity documents. As discussed in the committee’s report, the potential implications of these two new facilities for the privacy of all Australians are profound. 

Those implications do not appear to have even been considered by the Minister for Home Affairs or by his department. 

While a bill provides for six different identity mentioned services, the service that elicited the most concerned from submitters to the committee’s inquiry is the face of identification service. 

That service would enable authorities across Australia to use huge databases of facial images to determine the identity of an unknown person. 

Using that service, a law enforcement agency could submit a facial image for matching against a database of facial images contained in a in government identification documents, such as a database containing every driver licence photo in Australia. 

In return, the agency would receive a small number of matching or near matching facial images from the database. The agency could then access biographical information associated with those images. 

The potential for such a service to be used for mass or blanket surveillance, such as CCTV being used to identify Australians going about their business in real time was raised by numerous submitters to the inquiry......

Mark Dreyfus: Like my colleagues on the committee, I do not believe that the government is proposing to engage in or to facilitate the mass surveillance of Australians. But I do accept that, given the near complete absence of legislated safeguards in the Identity-Matching Services Bill 2019, those concerns cannot simply be ignored. If there is no intention for the proposed identity-matching services to be used to engage in mass surveillance activities, the government should not object to amending the bill to ensure that those services cannot, as a matter of law, be used in that manner. 

Concerns were also raised about the proposed one-to-many identity-matching service being used to identify people who are engaging in protest activity. This does concern me. It was only this month that the Minister for Home Affairs, the minister responsible for this very bill, called for mandatory prison sentences for people who engage in protest activity; called for the same people to have their welfare payments cancelled; and also called for them to be photographed and publicly shamed. As presently drafted, this bill would not prohibit authorities from using the proposed face-matching services to identify individuals in a crowd who are engaging in lawful protest activity. That would be concerning in the best of times; it is particularly concerning in the light of the authoritarian disposition of the Minister for Home Affairs. 

A raft of other concerns was expressed about the Identity-Matching Services Bill, including in relation to this government’s abysmal record on cybersecurity. 

I do not propose to list all of the concerns here today, but I encourage everyone to read about them in the committee’s report. 

I would like to thank my colleagues on the committee, Labor and Liberal, for their work on this important report. It should not escape anyone watching these proceedings today that, by agreeing to the set of recommendations contained in this report, the Liberal members of the committee have placed the national interest first. For that, I would like to pay tribute to Senators Stoker, Fawcett and Abetz, and the members for Canning, Berowra and Goldstein. I would like to pay particular tribute and extend my thanks to the chair of the Intelligence and Security Committee, the member for Canning. I also thank the committee secretariat for their excellent work, both in this parliament and in the last parliament, which underpins this report.

Text of the Identity-matching Services Bill 2019 can be found here.

Parliamentary Joint Committee on Intelligence and Security, "Advisory report on the Identity-matching Services Bill 2019 and the Australian Passports Amendment (Identity-matching Services) Bill 2019" can be found here.

When it comes to human rights and civil liberties is it ever safe to trust the junkyard dog or its political masters?

On 18 July 2017, Prime Minister Malcolm Bligh Turnbull announced the establishment of a Home Affairs portfolio that would comprise immigration, border protection, domestic security and law enforcement agencies, as well as reforms to the Attorney-General’s oversight of Australia’s intelligence community and agencies in the Home Affairs portfolio.

 On 7 December 2017, the Prime Minister introduced the Home Affairs and Integrity Agencies Legislation Amendment Bill2017 into the House of Representatives.

This bill amends the Anti-Money Laundering and Counter-Terrorism Financing Act 2006, the Independent National Security Legislation Monitor Act 2010, the Inspector-General of Intelligence and Security Act 1986 and the Intelligence Services Act 2001.

The bill was referred to Parliamentary Joint Committee on Intelligence and Security which tabled its report and recommendations on 26 February 2018.

This new government department on steroids will be headed by millionaire former Queensland Police detective and far-right Liberal MP for Dickson, Peter Craig Dutton.

His 'front man' selling this change is Abbott protégé, former Secretary of the Department of Immigration and Border Protection and current Secretary of the new Department of Home Affairs, Michael Pezzullo. 

The question every Australian needs to ask themselves is, can this current federal government, the ministers responsible for and department heads managing this extremely powerful department, be trusted not to dismantle a raft of human and civil rights during the full departmental implementation.

It looks suspiciously as though former Australian attorney-general George Brandis does not think so - he is said to fear political overreach.

The Saturday Paper, 3-9 March 2018:

On Friday last week, former attorney-general George Brandis went to see Michael Pezzullo, the secretary of the new Department of Home Affairs.

The meeting was a scheduled consultation ahead of Brandis’s departure for London to take up his post as Australia’s new high commissioner. It was cordial, even friendly. But what the soon-to-be diplomat Brandis did not tell Pezzullo during the pre-posting briefing was that he had singled him out in a private farewell speech he had given to the Australian Security Intelligence Organisation on the eve of his retirement from parliament two weeks earlier.

As revealed in The Saturday Paper last week, the then senator Brandis used the ASIO speech to raise concerns about the power and scope of the new department and the ambitions of its secretary. Brandis effectively endorsed the private concerns of some within ASIO that the new security structure could expose the domestic spy agency to ministerial or bureaucratic pressure.

In a regular Senate estimates committee hearing this week, Pezzullo described his meeting with Brandis – on the day before The Saturday Paper article appeared – as Opposition senators asked him for assurances that ASIO would retain its statutory independence once it moves from the attorney-general’s portfolio to become part of Home Affairs.

“I had a very good discussion on Friday,” Pezzullo told the committee, of his meeting with Brandis.

“He’s seeking instructions and guidance on performing the role of high commissioner. None of those issues came up, so I find that of interest. If he has concerns, I’m sure that he would himself raise those publicly.”

Labor senator Murray Watt pressed: “So he raised them with ASIO but not with you?”

“I don’t know what he raised with ASIO,” Pezzullo responded. “… You should ask the former attorney-general if he’s willing to state any of those concerns … He’s a high commissioner now, so he may not choose to edify your question with a response, but that’s a matter for him. As I said, he didn’t raise any of those concerns with me when we met on Friday.”

The Saturday Paper contacted George Brandis but he had no comment.

“ANY SUGGESTION THAT WE IN THE PORTFOLIO ARE SOMEHOW EMBARKED ON THE SECRET DECONSTRUCTION OF THE SUPERVISORY CONTROLS WHICH ENVELOP AND CHECK EXECUTIVE POWER ARE NOTHING MORE THAN FLIGHTS OF CONSPIRATORIAL FANCY…”

Watt asked Pezzullo for assurance there would be no change to the longstanding provisions in the ASIO Act that kept the agency under its director-general’s control and not subject to instruction from the departmental secretary. The minister representing Home Affairs in the Senate, Communications Minister Mitch Fifield, said: “It is not proposed that there be a change to that effect.”

The new Department of Home Affairs takes in Immigration and Border Protection, the Australian Federal Police, the Australian Criminal Intelligence Commission, the Australian Transaction Reports and Analysis Centre, known as AUSTRAC, and ASIO.

ASIO does not move until legislation is passed to authorise the shift, and will retain its status as a statutory agency.

Pezzullo addressed the fears of those questioning his department’s reach. He said some commentary mischaracterised the arrangements as “being either a layer of overly bureaucratic oversight of otherwise well-functioning operational arrangements or, worse, a sinister concentration of executive power that will not be able to be supervised and checked”.

“Both of these criticisms are completely wrong,” he said.

Pezzullo had already described his plans, both to the committee and in a speech he made in October last year, in which he spoke of exploiting the in-built capabilities in digital technology to expand Australia’s capacity to detect criminal and terrorist activity in daily life online and on the so-called “dark web”.

But the language he used, referring to embedding “the state” invisibly in global networks “increasingly at super scale and at very high volumes”, left his audiences uncertain about exactly what he meant.

Watt asked if there would be increased surveillance of the Australian people. “Any surveillance of citizens is always strictly done in accordance with the laws passed by this parliament,” Pezzullo replied.

In his February 7 speech to ASIO, George Brandis described Pezzullo’s October remarks as an “urtext”, or blueprint, for a manifesto that would rewrite how Australia’s security apparatus operates.

Pezzullo hit back on Monday. “Any suggestion that we in the portfolio are somehow embarked on the secret deconstruction of the supervisory controls which envelop and check executive power are nothing more than flights of conspiratorial fancy that read into all relevant utterances the master blueprint of a new ideology of undemocratic surveillance and social control,” Pezzullo said.

As for day to day human resources, financial management and transparent accountable governance, media reports are not inspiring confidence in Messrs. Turnbull, Dutton and Pezzullo.

The Canberra Times, 2 March 2018:

Home Affairs head Mike Pezzullo was one of the first to front Senate estimates on Monday.

It's been up and running for only weeks, but his new department is part of one of the largest government portfolios.

Having brought several security agencies into its fold, and if legislation passes letting ASIO join, the Home Affairs portfolio will be home to 23,000 public servants. 

Mr Pezzullo was also quizzed on the investigation into Roman Quaedvlieg, the head of the Australian Border Force who has been on leave since May last year, following claims he helped his girlfriend - an ABF staff member - get a job at Sydney Airport.

It was revealed the Prime Minister's department has had a corruption watchdog's report into abuse of power allegations for at least five months while Mr Quaedvlieg has been on full pay earning hundreds of thousands of dollars.

AUSTRALIA CARD MARK II: no national digital ID number will mean no access to any Australian federal government services

“When signing up to the platform for the first time, users will be asked to provide their name, email address, and phone number, and verify their details via email or SMS. They will then be asked to provide information from three identity documents, which goes through the exchange to the identity provider for verification. The exchange receives encrypted details back which it passes on to the government service the user wants to reach, which then grants the user access.”  [IT News, 20 March 2015]

IT News, 8 February 2018:

The Department of Human Services looks set to become the federal government's exclusive manager of digital identities after being selected to build the identity provider solution that will be used for the Govpass platform.

The Govpass framework is a decentralised identity model that allows individuals to choose their identity provider - an organisation that issues identity documents, like Australia Post or the ATO - and access a range of public and private sector services through a single digital identity credential.

There is no limit on the number of identity providers outside of the Commonwealth that can be accredited for Govpass; Australia Post has already indicated it will seek to become the first non-government identity provider, using its Digital iD platform.

Several state and territory government agencies and private sector entities are also expected to become identity providers over time.

However, the federal government last year made the decision that only one identity provider would operate for the entire Commonwealth.

The Digital Transformation Agency revealed the decision following meetings with existing Commonwealth identity service providers, DHS and the ATO. Its rationale for the move was to focus security efforts in one place and avoid complex administrative structures.

iTnews revealed in October that the DTA was yet to make up its mind up on which of the two agencies would serve as the federal government’s sole identity provider for GovPass, even as testing of the new platform was taking place with the ATO’s new online tax file number application service.

Instead the DTA said it was working closely with the ATO and DHS on the “next steps” for the platform.

But in response to questions on notice from recent estimates hearings, DHS revealed it had been instructed to develop the federal government’s single identity provider platform, to be known as myGov IdP.

“The department was commissioned by the DTA to build the identity provider (IdP) for the whole-of-government,” it said.

“The myGov IdP will enable citizens to verify their identity online and use it to apply for government services.”

iTnews has made several attempts to clarify the statements with the DTA and DHS, but both refused to comment on the build and DHS’ apparent position as the single government identity provider.

The ATO similarly redirected questions about its involvement with Govpass, including whether it had also been asked by the DTA to build an identity provider solution, to the DTA.

Selecting DHS as the sole government identity provider would be an obvious choice for the DTA - the agency is the government’s current defacto whole-of-gov identity provider through the myGov digital services platform.

A private beta release of myGov IdP is currently planned for later this month.

Identity providers on Govpass will use the DTA-built identity exchange – and in turn the document verification service (DVS) and facial verification service (FVS) – to verify an individual’s credentials without revealing their identity to service providers.

[my yellow bolding]

Note: The Face Identification Service (FIS) is a one-to-many, image-based identification service that can match a photo of an unknown person against multiple government records to help establish their identity. FIS is also available to police, security services, Dept. of Immigration and Dept. of Foreign Affairs. [Australian Attorney-General's Department, October 2017]