National Security Inquiry

Introduction
This wiki page was initially created to assist in allowing people to write submissions to the Australian Government's:

Inquiry into potential reforms of National Security Legislation "The Parliamentary Joint Committee on Intelligence and Security has commenced an inquiry into potential reforms of national security legislation. The inquiry was referred to the Committee by the Attorney-General." Now that submissions have closed this wiki page shall remain as an ongoing resource of material related to the issue.

In what Crikey’s Bernard Keane has rightfully called a “government wishlist of new surveillance powers”, the Joint Parliamentary Committee on Intelligence and Security (JPCIS) has asked for submissions on the Attorney-General’s Department’s discussion paper ‘Equipping Australia Against Emerging and Evolving Threats.’

The discussion paper suggests “a massive expansion of intelligence-gathering powers including data retention, the surveillance of Twitter accounts, forcing people to give up computer passwords, ASIO stop-and-search powers, government authority to direct telecommunications companies about infrastructure and the power for ASIO to plant or destroy information on computers.”

(original introduction text for this page:)


 * Submissions can be made by any individual or organisation. The best option for this inquiry is to email your submission to pjcis@aph.gov.au


 * This pdf: Making a Submission explains the process in more detail, but it can be enough just to send an email expressing your opposition. (one person's example)


 * The official page about the inquiry with more information on the process and the inquiry is here:


 * http://www.aph.gov.au/Parliamentary_Business/Committees/House_of_Representatives_Committees?url=pjcis/nsl2012/index.htm


 * Below are a number of resources, articles links and information which may assist in preparing your arguments/submission.

This wiki page is remains a work in process.

Pirate Party items
Senate Petition (Please sign it if you haven't already): http://pirateparty.org.au/natsecinquiry-petition/

Digital Flyer: http://pirateparty.org.au/media/promotional/natsecinquiry_poster.png

Print Flyer: http://pirateparty.org.au/media/promotional/natsecinquiry_poster.pdf

Related Links
Official Committee Link (Go here to make submission): http://www.aph.gov.au/Parliamentary_Business/Committees/House_of_Representatives_Committees?url=pjcis/nsl2012/index.htm

The Discussion Paper: http://www.aph.gov.au/Parliamentary_Business/Committees/House_of_Representatives_Committees?url=pjcis/nsl2012/additional/discussion%20paper.pdf

Contact Parliament/MP's: http://australia.gov.au/directories/contact-parliament

r/AUInternetAccess subreddit: https://pay.reddit.com/r/AUInternetAccess/

Twitter Hashtag: #natsecinquiry https://twitter.com/#!/search/%23natsecinquiry

Stop Big Brother: http://stopbigbrother.com.au/ (includes video and form fill out to send your opposition... not sure where to though?)

Freedom Not Fear: http://freedomnotfear.net/

Universal Declaration of Human Rights: http://www.un.org/en/documents/udhr/index.shtml#a12 (Note articles 12, 19 & 20)

Other groups flyers and/or related links
Green's submission template: http://greensmps.org.au/content/national-security-legislation-inquiry-submission

Ludlum's Flyer: http://scott-ludlam.greensmps.org.au/sites/default/files/natsecinquiry.pdf

Orwellian Coat of Arms: http://i.imgur.com/Fs9YV.jpg

AVAAZ Petition: https://secure.avaaz.org/en/internet_privacy_under_attack/?wZzYLab

GetUp Campaign page: http://www.getup.org.au/campaigns/privacy/protect-us-but-respect-us/your-privacy-at-risk

GetUp YouTube Video: http://www.youtube.com/watch?v=QAxZ-riGmyo

Flyers and Info from Somersetbean: http://somersetbean.blogspot.com.au/2012/08/total-surveillance-coming-soon-to.html

Orwellian Big Sister Roxon 1: http://i.imgur.com/cOeJN.jpg

Orwellian Big Sister Roxon 2: http://i.imgur.com/ubliS.jpg

Committee Hearings
http://www.aph.gov.au/Parliamentary_Business/Committees/House_of_Representatives_Committees?url=pjcis/nsl2012/hearings.htm


 * Melbourne: Wednesday 5 September 2012, 9.00am - 4.30pm
 * Program: Wednesday 5 September 2012 (PDF 65KB)
 * Transcript: Wednesday 5 September 2012 (parlinfo.aph.gov.au link)


 * Canberra: Friday 14 September 2012, 9.00am - 12.15pm
 * Program: Friday 14 September 2012 (PDF 59KB)
 * Transcript: Friday 14 September 2012 (not yet available)
 * Live stream: put http://webcast.aph.gov.au/livebroadcasting/asx1/hms975a.asx into VLC ***Concluded***
 * Chirpstory of @SimonWolfe's live tweets: http://chirpstory.com/li/22390

Relevant Acts

 * Telecommunications (Interception and Access) Act 1979
 * Telecommunications Act 1997
 * Australian Security Intelligence Organisation Act 1979
 * Intelligence Services Act 2001

Extra Video/Audio
RAP NEWS 15: Big Brother is WWWatching You: https://www.youtube.com/watch?v=o66FUc61MvU

Attorney-General's update on the inquiry into potential reforms to national security legislation: https://www.youtube.com/watch?v=R8_VHR_mtCQ

LATELINE: Phone, internet data could be kept for 2 years: http://www.abc.net.au/news/2012-09-04/phone-internet-data-could-be-kept-for-2-years/4243314

GetUp YouTube Video: http://www.youtube.com/watch?v=QAxZ-riGmyo

7:30 Report: Anonymous attack protests web laws, catches innocents: http://www.abc.net.au/7.30/content/2012/s3558603.htm

Other Links
These links are loosely related to the natsecinquiry in that they may be good examples of why aspects of the new proposals are a bad idea, or are more general overarching privacy/surveillance articles etc.

Notes on the Terms of Reference and Discussion paper
The notes are laid out based on the 6 page Terms of Reference (ToR) found here.

Notes from the discussion paper will follow the points in the ToR to make submission writing easier.

Areas of proposed changes

Introduction

(From the Discussion paper) Security services claim new powers are needed because:

They claim to have foiled 4 attacks on Australian soil since 2001.

Organised Crime.

To combat espionage from foreign powers.

Claims Law enforcement needs to keep up in a technological arms race.

"Australia’s telecommunications landscape continues to evolve, it is appropriate and timely to consider how best to manage risks to the data carried and stored on our telecommunications infrastructure to secure its availability and integrity in the long term."

Criticism

The current surveillance powers available to security agencies were able to foil four terrorist attacks since 2001. It would stand to reason that their current powers are adequate if they are able to stop terrorists already.

Deploying invasive surveillance measures to fight the so-called technological arms race with criminals results in the privacy and rights of Australian citizens to be eroded year after year. Whist some changes are necessary to adjust to the move of communications online, many measures that have been passed by the last two governments already overstep the boundaries of what is acceptable in a liberal democracy and what is proposed is the most serious assault on Australians' civil liberties to date.

Forcing ISP's to store everyone's browsing history, email data and social media histories is the largest emerging threat to the privacy of Australian citizens and businesses. Creating such a central repository will become a holy grail for criminal organisations who can use the very private data of Australians for blackmail, fraud and identity theft.

1. Relevant Acts:

a) Telecommunications (Interception and Access) Act 1979

b) Telecommunications Act 1997

c) Australian Security Intelligence Organisation Act 1979

d) Intelligence Services Act 2001

2. Consider effectiveness of proposals. The inquiry should ensure that Intelligence and Security agencies can adapt to changing technologies, can co-operate effectively and provide enhanced security to the tele-communications sector.

Criticism

The proposals in regard to dealing with 'the challenges of new and emerging technologies upon agencies’ capabilities' are all one way; the proposals strip citizens of their basic rights to grant more power to Intelligence agencies.

Enhancing the ability of security services to co-operate has merit. Issues may arise where, due to the differing responsibilities and vested powers of various agencies become a method to work around some of the checks and balances protecting Australians from undue surveillance.

3. The committee should have regard to:

a) The need to protect the privacy and civil rights of individuals, proportionate to national security

Criticism There is no demonstrated need for Intelligence agencies to gain wide-sweeping powers over the private information of Australian citizens. The powers requested, especially in the Areas of Consideration (2 years mandatory data retention and the loss of the right to remain silent in regards to decryption for E.G.) are contrary to any measure of civil liberties and are powers that are usually the hallmark of oppressive regimes.

Blanket data retention has a serious negative impact on the communications of citizens. Studies into the German data retention regime before it was declared illegal show a clear impact on communications of German citizens. A poll of 1000 German citizens showed that one in 19 people had refrained from making communication due to the data retention regime. This resulted in people not communicating on a range of issues where privacy is required for communications to occur, including victims of sexual assault, people communicating in confidence with their Lawyers, requesting counseling services, health services, confidential business negotiations, providing information to Journalists.

Fear of data leaks is justified with widespead loss of confidential data by the very organisations the proposed system plans to empower to manage the data. Recently ASIO and ISPs have both lost Australians' private data. Systematic abuses have occured with other government agencies in the past, such as the widespread abuse of customer data by Centrelink Staff. Data retention resulted in employees at the telco T-Mobile selling 17 million sets of private customer data including private phone numbers of politicians, business heads and celebrities.

b) Limit costs to ISPs and flow on effect to consumers

Criticism Mandatory data retention will be a costly exercise in over-collection of data that will result in consumers paying extra to their ISP's for Intelligence services having the right to pore over their personal information at leisure.

c) reduction of efficiency of law enforcement and intelligence due to changing technology

4. The committee needs to take into account a broad range of stakeholders, through public, in camera and classified hearings.

This will give rise to mistrust in the deliberations of PJCIS. If classified hearings are used to justify the proposed assault on Australians' civil liberties it will create mistrust in the Australian public who, according to the Sydney Morning Herald are almost united in their opposition to increased surveillance powers online.

5. Objectives PJCIS must report on 3 issues:

- Modernising lawful communications access for security services.

- Minimising risks to Australia's communications infrastructure by foreign powers.

- Enhancing operational capacity of Intelligence agencies.

Three 'layers' of proposals:

- A That the government wishes to progress.

- B That the government is considering progressing

- C That the government directly seeks the opinion of PJCIS

A The Government is wishing to progress the following proposals:
In the Telecommunications (Intercept and Access) Act 1979 (TIA)

''N.B. For some reason the TIA Act recommendations in the Discussion Paper are not split into the three categories of 'wishing to progress', 'considering' or 'seeking opinion'. Will base the sections off the details of the ToR.

Strengthening Privacy protections by considering the Acts

- Privacy objectives

- Proportionality tests for Warrants

- Mandatory record keeping

- Oversight

Criticism Whilst the ToR refers to strengthening privacy protections the discussion paper is singing a different tune.

The discussion paper implies due to the expansion of information people put online, there is a lower expectation of privacy. There is an expectation that data put on social media sites like Facebook will only be viewable by friends. People have control over what they share, and with whom. Allowing more widespread privacy invasion will create pressure for people to share less because they will not be able to know who could access the data.

It claims data retention is a cheap and effective crime fighting tool, citing the 2011 TIA report which stated:

"In 2010‐2011 there were 2441 arrests, 3168 prosecutions (2848 for serious offences) and 2034 convictions (1854 for serious offences) based on lawfully intercepted material.2 Law enforcement agencies made 91 arrests, 33 prosecutions and obtained 33 convictions based on evidence obtained under stored communications warrants.

The proposal to push surveillance costs onto ISPs may be good for the governments bottom line, it will push up prices for Australian citizens, effectively forcing them to pay for the privilege to be spied on.

The current threshold allowing access to telecommunications intercepts is crimes with punishment set at seven years in the TIA Act. The paper recommends reducing this to three years citing child exploitation crimes as justification (as the sentences are not long enough to allow intercepts). In other legislation regarding surveillance (E.G. Surveillance Devices Act) the three year minimum is already in place. We believe the seven year threshold should be applied to other Acts as it seems to be a fair limitation. With crimes involving child exploitation the law could be toughened, or if such a proposal causes that law to become unreasonably draconian, a specific exception made.

In the Australian Secret Intelligence Organisation 1979

5. a) Change definition of computer.

b) Grant the Attorney General the power to vary terms of a Warrant and to extend the maximum warrant from 90 days to 6 months.

Criticism Warrants require Judicial oversight as each investigation into an Australian citizen is an invasion of their privacy. Extending the length, or focus of a Warrant requires a competent Judicial Authority to make such grave decisions and should not be made lightly or as a matter of course, but only after sufficient justification is provided. (ASIO cont'd) 6. Modernise pay structure.

Intelligence Services Act 2001

Allow Defense Imagery and Geo-spacial Organisation to share data with approved organisations.

B Issues the Government is Considering Progressing
TIA Act 1979

8. Streamlining the Lawful access to communications regime to include a single Telecommunications Intercept (TI) Warrant.

Criticism There is some need to streamline the number of types of Warrants available to Intelligence services. The issue with a single wide ranging Warrant is the risk that any investigation resulting in privacy invasion may destroy a suspects privacy beyond any reasonable proportionality to what they are suspected of. If broader powers outlined below are granted, such as granting the ability to go through social media accounts there is opportunity for widespread abuse.

9. Modernising Industry Assistance Framework.

a. Implement detailed requirements for industry interception obligations

b. extend the regulatory regime to ancillary service providers not currently covered by the legislation

c. implement a three‐tiered industry participation model

Criticism Again there is a push from this paper to push surveillance costs onto service providers, which in turn pass these onto consumers.

'Ancillary providers' refer to social media platforms, news sites etc. This level of surveillance is severely invasive. Equivalent in the real world through executing a search warrant that includes opening mail and tapping phonecalls. Such access needs to be given the strictest oversight and only be engaged when serious crimes are committed. Broad-reaching 'fishing expeditions' need to be rejected. In the US Law enforcement have instigated such expeditions on Twitter Hashtags that have even caught Australian commenter tweets in the dragnet.

Australian Security Intelligence Organisation Act 1979

10. Amending the ASIO Act to create an authorised intelligence operations scheme. This will provide ASIO officers and human sources with protection from criminal and civil liability for certain conduct in the course of authorised intelligence operations.

The discussion paper states that this is the same powers as currently granted to Federal undercover agents, namely they are covered in the case they carry out a crime they are investigating, it clearly states they are not covered if they encourage the crime in any way, so entrapment concerns are allayed.

Criticism Just a general opposition to expansion of police powers in any form.

11. Amending the ASIO Act to modernise and streamline ASIO’s warrant provisions to:

a. Establish a named person warrant enabling ASIO to request a single warrant specifying multiple (existing) powers against a single target instead of requesting multiple warrants against a single target.

b. Align surveillance device provisions with the Surveillance Devices Act 2007

c. Enable the disruption of a target computer for the purposes of a computer access warrant

In Section 25a of the ASIO Act, ASIO is forbidden to do anything that "that adds, deletes or alters data or interferes with, interrupts, or obstructs the lawful use of the target computer by other persons." The proposal is to add the phrase "activity proportionate to what is necessary to execute the warrant."

d. Enable person searches to be undertaken independently of a premises search

I.E. Allow search warrants to be written targeting a suspect rather than a premises

e. Establish classes of persons able to execute warrants

ASIO currently needs to name officers carrying out an arrest, this would make it possible for the Director General to assign arrest powers to groups within ASIO rather than needing to list arresting officers on each warrant.

Criticism A 'named person Warrant,' when applied with other proposed powers in the discussion paper, could result in repeated harassment of a suspect for up to six months at a time.

Allowing disruption of computers for other users of a system would result in unnecessary loss of civilian data, for EG if servers containing information relating to a case are owned by a data storage company, multiple users would store data unknowingly on a server with people under investigation, which could then be seized or otherwise interrupted in the course of an investigation. This could cause untold economic disruption should critical information be inadvertently seized.

C Issues the Government is Expressly seeking the opinion of the PJCIS
Telecommunications (Interception and Access) Act 1979

14. Reforming the Lawful Access Regime

A expanding the basis of interception activities

Criticism This is not spelled out in any detail later, so there is not much to go on. With over 200,000 Warrants issued every year for telecommunication intercepts this power is already used too widely. Expanding the basis for which communications interceptions could be used would only increase this number by several orders of magnitude. The concept of innocent until proven guilty would be completely thrown out of the window as the entire population would be treated as suspects.

15 Modernising Industry Assistance Framework

A Establish an offence for failure to decrypt

B Institute industry response timelines

C tailored data retention periods for up to 2 years for parts of a data set, with specific timeframes taking into account agency priorities, and privacy and cost impacts

Critique A This is an assault on the right to remain silent. It is currently the right of a defendant to defend themselves including invoking the right to remain silent during questioning and it is up to the Law enforcement agency to prove guilt. Forcing a suspect to hand over security passwords etc. is forcing them to answer questions. This changes the very nature of the Judicial system and needs to be resisted.

This is a serious danger to journalists who must protect sources in order to uncover the corruption of the powerful, as well as other professionals where privacy is an important part of the relationship with the client, such as Lawyers and Doctors.

Critique C The mandatory collection of the Internet history, email contacts and social media posts and interactions is a gross invasion of the privacy of every Australian. There is a demonstrated chilling effect on the private communications of people subjected to such regimes (one in 19 Germans avoided searching for data due to the now abandoned surveillance regime established there, see above). The fear of this data being uncovered is justified due to the almost continuous stream of data breaches occuring among the major Telcos, including Telstra and AAPT. The scope for such personal information to be used for blackmail is as wide as the imagination.

The cost of storing the data would be massive and could effectively prohibit new start-ups from trying to enter the ISP market as the storage costs alone would make initial costs exorbitant. The added costs to existing ISPs and Telcos would be passed onto consumers adding yet one more pressure to the cost of living.

16. Amending the Telecommunications Act

Amending the Telecommunications Act to address security and resilience risks posed to the telecommunications sector. This would be achieved by:

A By instituting obligations on the Australian telecommunications industry to protect their networks from unauthorised interference

B By instituting obligations to provide Government with information on significant business and procurement decisions and network designs 10 Equipping Australia against emerging and evolving threats 2012

C Creating targeted powers for Government to mitigate and remediate security risks with the costs to be borne by providers

D Creating appropriate enforcement powers and pecuniary penalties

Criticism There needs to be serious penalties for failure to disclose data breaches. If peoples data gets compromised it is vital that they can take measures to defend their information from further exposure by changing passwords, backing up data, cancelling credit cards etc. This applies to any government agency handling private data as well as the private sphere.

17 Modernise and Streamline ASIO Arrest Warrants.

A Use of third party computers and communications in transit.

B Incidental Entry

C Use of force

D Evidentiary Certificates

Use of third party computers and communications in transit Criticism Accessing 3rd party computers to intercept communications could result in a multitude of problems for the third party. A private citizens' privacy is invaded by the secret police, the psychological effect of having ASIO agents using your computer for any reason would result in fear of discussing personal information openly and freely, and the operation of their computer is diminished by the installation of monitoring software. Businesses such as social media platforms would be required to give ASIO access to their data through terminals which would potentially also give the agent access to every other account on their system.

Allows ASIO officers to enter third party premises to execute a Warrant (either physical or computer Warrant).

Incidental Entry Criticism This needs to be done with the knowledge of the third party or it amounts to a serious invasion of their privacy.

Use of force Criticism The wording of this section makes it difficult to discern what is being proposed. If the specific power is intended to give ASIO agents the power to use necessary force to make an arrest, it is a reasonable clarification to make for arrests that occur after evidence is found during a search. If this power is intended for any other purpose it could amount to a permission to torture suspects.

Evidentiary Certificates Criticism An Evidentiary Cerificate gives an authorised officer the ability to represent another Officer in a legal matter, including cross-examination. This weakens the defendants ability to face justice as they would be unable to cross-examine their accusers, only a legalised representative of their accusers. Where this is already in place it needs to be repealed.

18 Amending the Intelligence Services Act 2001

A Grants Australian Secret Intelligence Service (ASIS) the power to investigate Australian Citizens who are suspected of espionage and counter-espionage for a foreign power.

B All foreign spy agencies (ASIS, Defense Imagery Geospacial Organisation (DIGO), and Defense Signals Directorate (DSD)) are to be granted the power to investigate Australian citizens when assisting ASIO.

C ASIS to be empowered to train informants in weapons and self defence.

Criticism Section 9 1A of the Intelligence Services Act gives the Minister permission to order investigations on Australian citizens when they have committed a crime with a minimum penalty of one year gaol. The wide array of crimes include activities as minor as Intellectual Property crimes and illegally broadcasting information. The definition of 'serious crime' would be laughable if it didnt mean that in conjunction with proposals in the Trans-Pacific Partnership Agreement which is currently under negotiation, that Intelligence Agencies vcould be ordered to chase the sale of generic medicines or pirated DVDs from overseas.

The powers granted to ASIS could be construed as being able to be used to investigate Journalist organisations like Wikileaks.

Giving ASIS the power to train informants and other non-agents is extremely troubling. This would give the organisation the mandate to train geurilla armies, insurgent forces and other organisations. Australian citizens would be horrified if it were discovered the government, through ASIS were waging dirty wars against foreign governments. Any move in this direction, such as this proposal, must be rejected in the strongest terms.