Home | Databases | WorldLII | Search | Feedback Alternative Law Journal

Hume, David; Williams, George --- "Who's Listening? Intercepting the Telephone Calls, Emails and SMS's of Innocent People" [2006] AltLawJl 50; (2006) 31(4) Alternative Law Journal 211

WHO’S LISTENING?
Intercepting the telephone calls, emails and SMS’s of innocent people

DAVID HUME and GEORGE WILLIAMS^[*]

In 2006 a new Act commenced that grants the Commonwealth government new powers to intercept the telecommunications of innocent people and to authorise the interception of ‘stored communications’, such as emails and SMS’s.^[1]

The Telecommunications (Interception) Amendment Act 2006 (Cth) (‘the Amendment Act’), which amended the Telecommunications (Interception and Access) Act 1979 (Cth) (‘TIA Act’), is but one new measure amongst many introduced by the government as part of its ongoing ‘war on terror’. Since September 11, there has been considerable public debate about expanded powers for ASIO, control orders, preventative detention without charge and the ban on seditious speech.^[2] By contrast, the Amendment Act was passed with relatively little attention or scrutiny. This is unfortunate because the Amendment Act, no less than other anti-terror measures, substantially affects fundamental freedoms.

This article seeks to remedy the paucity of public debate on this major change to our law. We first outline the state of the law prior to the Amendment Act to determine whether change was warranted. In the second and third sections, we examine the government’s new powers with respect to non-suspects and stored communications. In the fourth section, we outline the deficiencies in the legislative process. Ultimately, we argue that while the Amendment Act is directed at a legitimate problem of public policy, it significantly overreaches in dealing with the issue.

Were new telecommunication interception powers justified?

Responding to the threat of terrorism requires appropriate legal tools. Where existing legal mechanisms are incapable of effectively meeting new threats, it may be necessary to enact new legislation and to grant new powers. In the case of intercepting communications, it was arguable that the law granted the government sufficient power to achieve the purpose of combating threats to national security prior to the enactment of the Amendment Act.

Under s 46(1) of the TIA Act, judges could authorise the interception of communications to and from a telecommunications service if, amongst other things, ‘there are reasonable grounds for suspecting that a particular person … is likely to use the service’ and the information obtained is likely to assist the investigation of an offence ‘in which the person is involved’.^[3] This provision was applied by the Full Federal Court in Flanagan v Commissioner of Australian Federal Police (1996) 134 ALR 495. In that case, the Australian Federal Police (AFP) was investigating Mr Flanagan and to assist with the investigation applied for and were granted a warrant over a telephone service subscribed to by Mr Flanagan’s wife (who was not a suspect in the investigation). As a result of this warrant, the AFP intercepted many extraneous communications between Mrs Flanagan and others. Mr Flanagan argued that the warrant was invalid.

Justices Beaumont, Ryan and Lindgren held that s 46(1) authorised the warrant as it was sufficient if some, but not all, communications from the service would be likely to assist in the investigation.^[4] They said that: ‘if warrants were confined to authorising the interception of communications to which the particular person could be identified at the outset as a party, they would lose much of their efficacy’.^[5] In other words, the relevance of a communication can only be assessed after it has been intercepted.

Flanagan was the only case to directly consider whether s 46(1) extended to intercepting the communications of non-suspects. If the judges were correct s 46(1) already allowed such interception. Following Flanagan, however, investigating agencies did not use s 46(1) to intercept communications of non-suspects.^[6] This was apparently due to uncertainty over the extent to which Flanagan authorised such intercepts, particularly in circumstances where the suspect only rarely used the telecommunications service.^[7]

The Court was correct in Flanagan when it recognised that there may be circumstances where the interception of communications by non-suspects is incidental to the interception of communications by suspects. This will be so where, for example, the suspect can only be tracked through another person. In those circumstances, there is a sufficient public policy justification to intrude into the non-suspect’s right to privacy.

Since the law was perceived as being unclear in its scope but a legitimate policy end existed, there was arguably a need, as the government maintained, for new legislation governing interception powers. While we acknowledge this, it must also be recognised that telecommunications interception legislation has a substantial capacity to undermine important privacy and other rights. As a consequence, any legislation on the topic must be proportionate to its object. It must be strictly confined to its task and go no further than can be justified in meeting that goal. It is important to precisely identify the policy end sought to be achieved. Identifying this frames what is proportionate to achieving that object. The end which the new interception provisions serve is to facilitate investigations of people who are already suspects. This is shown by the fact that the legislation stipulates the existence of a suspect as the precondition for its operation. Any wider end (such as to facilitate the investigation of anyone) would plainly be far too broad and could not be justified.

This matches the findings of the government-commissioned Blunn Review of the Regulation of Access to Telecommunications.^[8] Blunn accepted that there are circumstances which warrant the interception of communications by non-suspects. These ‘non-suspects’ are typically called ‘B-parties’; although, since that terminology might imply some level of complicity in the suspected crime, it is probably more correct to call them ‘non-suspects’.

Blunn acknowledged the ‘privacy implications’ of his conclusion and stated that what ‘must be prevented is using B-Party intercepts as “fishing expeditions”’.^[9] Blunn recommended that important safeguards be implemented in respect of such intercepts. These safeguards included requirements:

• to establish that the information cannot be obtained by another means

• that privacy implications and the gravity of the alleged offence be considered in issuing warrants

• that warrants be for limited periods

• that the destruction of irrelevant material

be supervised.

Blunn’s first and most important recommendation was that ‘any agency requesting such a warrant must establish to the satisfaction of the issuing authority evidence to support their belief that the information likely to be obtained from the intercept is material to the investigation’.^[10]

For Blunn, therefore, it was essential that the issuing authority establish that information obtained be material to the particular investigation afoot.

Listening in to innocent people

Following its amendment, the TIA Act explicitly authorises the interception of the communications of non-suspects. The Amendment Act made additions to ss 9 and 46 of the TIA Act. Both of these sections authorise the issuing of warrants with respect to the telecommunications service of non-suspects.

Section 9 applies where a person is suspected of being involved in activities which are prejudicial to security. It allows the Attorney General to issue warrants on the application of the Director General of ASIO. Section 9(1), relevantly, now allows the Attorney General to issue a warrant in respect of a telecommunications service on application by the Director General where:

(a) the telecommunications service is being or is likely to be:
(i) used by a person engaged in, or reasonably suspected by the Director-General of Security of being engaged in, or of being likely to engage in, activities prejudicial to security; or
(ii) the means by which a person receives or sends a communication from or to another person who is engaged in, or reasonably suspected by the
Director-General of Security of being engaged in,
or of being likely to engage in, such activities; or
(ii) used for purposes prejudicial to security; and
(b) the interception by the Organisation of communications made to or from the telecommunications service will, or is likely to, assist the Organisation in carrying out its function of obtaining intelligence relating to security …

Section 46 is much broader than s 9. It applies where a person is suspected of committing ordinary offences of a relatively serious nature. It allows nominated judges and AAT members to issue warrants on the application of government agencies. Section 46(1), relevantly, now allows those issuing officers to issue a warrant on application by an agency where:

(c) there are reasonable grounds for suspecting that a particular person is using, or is likely to use, the service; and
(d) information that would be likely to be obtained by intercepting under a warrant communications made to or from the service would be likely to assist in connection with the investigation by the agency of a class 2 offence, or class 2 offences, in which:
(i) the particular person is involved; or
(ii) another person is involved with whom the particular person is likely to communicate using the service …

These provisions have the potential to be incredibly intrusive since they authorise the government to collect and pore over all the communications between the non-suspect and anyone with whom the non-suspect communicates, including family, friends, lawyers, doctors and so on. Collecting information within that broad scope may be necessary given that agencies cannot determine whether communications are relevant to the investigation until the communication has taken place. That said, it is precisely that fact which emphasises the importance of the power being limited by appropriate safeguards. Further, the gatekeeper under s 9 is not an independent judicial or other officer, but the Attorney General, whose conduct may be affected by political imperatives.^[11]

The powers in ss 9 and 46 are problematic for five reasons. First, the legislation does not restrict the purposes to which the information collected under warrant can be put. There are very few restrictions on using the information as evidence. This contrasts with the provisions in the Anti-Terrorism Act (No 2) 2005 (Cth) allowing compulsory appropriation of information of documents about terror suspects from third parties. These provisions specifically limit the use to which evidence from the documents can be put. They provide that the documents cannot be used in evidence against the party who provides them^[12] and may allow for legal professional privilege.^[13] Under the TIA Act, the collected information can be used to initiate investigations or prosecutions against people entirely unrelated to the original suspect using information that under other laws would be protected from such use. The non-suspect and other innocent parties run a real risk of being the subject of criminal investigation merely because they happened to talk to someone who was a suspect (or talked to someone who talked to a suspect). That means that there may only be an accidental relationship between the circumstances which justified the original warrant and any consequent investigation. Such accidental relationship should be insufficient to justify abrogating an individual’s right to privacy.

Second, under s 9 there is no requirement that there be evidence of a nexus between non-suspects’ communications and the activities prejudicial to national security which triggered the warrant. All that must be shown is that: the non-suspect is likely to communicate with a person who is likely to engage in activities prejudicial to security; and intercepting the non-suspect’s communications is likely to assist in obtaining intelligence related to security. It is therefore sufficient to gain a warrant to show that intercepting the non-suspect’s communications to or from anyone may assist in obtaining any intelligence related to security. We argued above that the purpose which justifies abrogating the non-suspect’s right to privacy is the purpose of obtaining information assisting the investigation of the particular activities prejudicial to security which triggered the warrant. Section 9 authorises investigations that have no relationship to that purpose. Instead, it authorises ASIO to conduct ‘fishing expeditions’ — which is precisely the conduct the Blunn Report warned against.^[14]

Third, the burden which ASIO must satisfy under

s 9 is both low and vague. Once it is shown that the person involved in activities prejudicial to security communicates with the non-suspect, ASIO only need satisfy the burden that the interception would be ‘likely to assist’ in obtaining intelligence related to security. ‘Likely to assist’ is a low threshold. Further, ‘relating to security’ is broad and vague. This is particularly so since ‘security’ has the same wide meaning as that given in s 4 of the Australian Security Intelligence Organisation Act 1979 (Cth). Under that Act, ‘security’ means protecting the people of the Commonwealth, States and Territories from: espionage, sabotage, politically motivated violence, promotion of communal violence, attacks on Australia’s defence system or acts of foreign interference. Additionally, it includes carrying out responsibilities to another country in relation to any of those matters. Each part of this definition is uncertain in scope. Particularly where the test is ‘relating to security’, there is the potential for arbitrary and excessive use of the interception power.

Fourth, the burden under s 46(1) is similarly easy to satisfy. Under s 46, there is no requirement that it be established that the evidence will be obtained from the communications between the non-suspect and the person suspected of being involved in the offence. It would be sufficient, for instance, if the non-suspect sometimes communicated with the suspect and intercepting communications between the non-suspect and any third party would, in some way, assist in investigating the suspect. This means that the threshold which the agency must satisfy to obtain the warrant is not necessarily related to the purpose which motivated the legislature authorising the intrusive powers in the first place — that is, to acquire information about the suspect.

Finally, the government has no obligation to tell people that it has intercepted their communications. This is even the case once the need to intercept the person’s communications has passed, or if telling the person would not prejudice the investigation. The TIA Act grants civil remedies to people if their communications have been illegally intercepted.^[15] People should have some kind of remedy if their right to privacy has been improperly breached. However, they cannot make use of the remedies where they are unaware of their rights having been breached. Interception must be covert; but it should not continue to be covert when there is no reason for it to be so.

Logging in to emails and SMS’s

As well as the powers to intercept non-suspects’ telecommunications, the Amendment Act introduced a new regime allowing the government to intercept ‘stored communications’; that is, communications which have been sent across a telecommunications system and are accessible to the intended recipient. They include communications such as emails, SMS’s and voicemail.

The stored communications regime is separate from the interception regime. In particular, it is significantly easier for enforcement agencies to access stored communications than to intercept communications in real-time. There are three important differences. First, a very broad range of agencies can apply for stored communications warrants, whereas interception warrants are only available to criminal investigation agencies and ASIO. Stored communications warrants are available to all agencies responsible for administering pecuniary penalty or protection of public revenue laws, including the Australian Taxation Office, Australian Securities and Investments Commission and Australian Customs Service.^[16] Second, the group of people who can issue a warrant is much broader for stored communications. Ordinary interception warrants, under s 46, can only be issued by a select group of judges and AAT members. Stored communications warrants can be issued by those people, as well as any other Commonwealth, State or Territory judge or magistrate.^[17] Third, stored communications warrants are available for a very broad range of offences.^[18] A stored communications warrant may be available for any offence which is punishable by three years imprisonment or 180 penalty units ($19 800). Additionally, stored communications warrants can be obtained for civil proceedings which would render the person liable to a pecuniary penalty of 180 penalty units. Once a stored communications warrant is accessed, it can be used to investigate matters which are punishable by one year imprisonment or 60 penalty units ($6600).^[19]

The TIA Act establishes an entirely different regime for accessing stored communications. The policy justification is unclear and unstated. It might be because there is some relevant distinction between real-time and stored communications which means that the latter should be accessible more readily by investigating agencies. However the Blunn Report, Explanatory Memorandum and Hansard Debates do not clarify what this distinction is. Indeed, the Blunn Report seemed to recommend that there should be little distinction between the protections on accessing stored communications and those for other telecommunications interceptions. Blunn stated that ‘the basic concepts of any [stored communications] scheme should … be similar to those of the Interception Act’.^[20]

There are at least two potential distinctions which might be drawn between stored communications and other telecommunications. First, it might be said that stored communications are equivalent to physical documents; thus the warrant regime should be similar to the regime governing other search warrants. If this is the justification, then stored communications warrants should be subject to the same safeguards as ordinary search warrants. In particular, ordinarily the person who is the subject of a search warrant is notified of its issuance and has the opportunity to challenge it. Further, documents which are collected are subject to privilege.

Second, it might be said that stored communications are in some other way less worthy of protection than real-time communications. This argument would depend on the premise that what is said in an email or an SMS is in some way less private than what is said by telephone. The problem with this justification is that it does not accord with modern experience. People today, and particularly young people, can reserve their most private conversations for emails and SMS’s. In contrast, phone conversations and particularly mobile phone conversations may occur in public and be less confidential. It is nonsensical that our conversations be treated differently merely because they are via email or SMS, rather than telephone.

In the absence of a clear policy justification, distinguishing in the law between the protection offered to stored and real-time communications is indefensible. If no legitimate difference exists between the forms of communication and their entitlement to privacy, then they should receive the same safeguards.

Listening to the democratic process

We noted earlier that there was little public debate about the Amendment Act. This absence of public debate was in part the consequence of the government rushing the law through Parliament. In August 2005, the government-commissioned Blunn Report. In early 2006, the Telecommunications (Interception) Amendment Bill 2006 was drafted and tabled in Parliament. After parliamentary debate, the Bill was referred to the Senate Legal and Constitutional Committee on 1 March 2006. The Committee invited submissions from the public, giving interested people just 12 days to review and prepare a submission on a 90-page Bill which it had taken the government six months to write. Unsurprisingly, the Committee received only 24 public submissions, many from government agencies whose powers were to be increased and who had already made submissions to the Blunn Report.^[21] The Committee held only one public hearing.^[22]

The Committee was required to report by Monday, 27 March. Despite the limited opportunity for public comment, the Coalition and Labor Senators wrote a joint report recommending significant amendments to introduce new safeguards. Most of these safeguards strengthened protections in relation to non-suspects and the stored communications regime. The Committee noted that some provisions of the legislation were ‘far too vague’.^[23] The Committee’s recommendations included that:

• a far stronger nexus between the evidence sought to be obtained and the obtainment of that evidence from the telecommunications service be required

• certain particularly confidential material be exempted from use

• limits on the use and derivative use of material

be enacted

• strict supervision of destruction of irrelevant material be instituted

• the range of authorities who could apply for stored communications warrants be limited.^[24]

These recommended protections correlate with the concerns we raised above. In relation to B-party intercepts, the bipartisan committee report concluded that ‘the invasion of privacy of innocent parties who become the subject of surveillance merely by reason of association is very significant’.^[25]

The Bill came on for debate in the Senate the day after the Committee’s report was tabled, giving no real time to read and digest the 65-page document. The Senate passed the law two days later with some minor amendments. One set of amendments strengthened the agencies’ obligations to report the number and nature of interceptions.^[26] That set of amendments is laudable and demonstrates that the reporting requirements, as they stood, made it very difficult for the government to hold agencies accountable for the use of the incredibly broad powers in the Act. However, other amendments were made, which were not sourced in the Senate report. Some of these amendments may actually have widened the reach of the law. For example, s 5E(1), which outlines the definition of ‘serious contravention’ was amended. The definition of ‘serious contravention’ is important as warrants may only be issued where a serious contravention is suspected. Previously, the Bill provided that a serious contravention was one which would, if proven, render the person committing the contravention liable to pay a certain pecuniary penalty. Following the amendments, the Bill read that a serious contravention was one which could, if established, render the person liable to that penalty. ‘Would’ is stronger than ‘could’ and ‘proven’ (which imports connotations of the criminal burden of proof) is stronger than ‘established’ (which does not import those connotations).

The House of Representatives then passed the Bill on the same day as the Senate made the amendments. All up, the government ensured the Bill was passed within four days of the Senate Report and incorporated virtually none of the safeguards on issuing warrants recommended by it. The government apparently acknowledged in Parliament that the Bill might not have struck the right balance between security and protecting privacy. As Commonwealth Attorney General Phillip Ruddock said in the House of Representatives:

The government will continue to consider in detail the committee report and the recommendations as part of its ongoing commitment to ensuring the regime achieves an appropriate balance. If there are further amendments that are thought to be appropriate following the consideration of the committee report, we will propose further amendments in the spring session of parliament.

Therefore, instead of amending the Bill, or reopening it for public comment, the government promised to review the operation of the Act after an unspecified period of time.^[27]

This abridged, incomplete legislative process is part of a worrying trend of enacting questionable anti-terror legislation. For instance, in 2005 the government enacted new sedition provisions in the Anti-Terrorism Act (No 2) 2005 (Cth),^[28] before sending those provisions off for review by the Australian Law Reform Commission.^[29] Like the sedition provisions, the Amendment Act is an example of law being enacted after a truncated and inadequate process of public and parliamentary debate where the law is known, by virtue of a Senate committee report by both government and Labor members, to be flawed.

In both cases the suggestion that the law will be reviewed at some later time is no substitute for enacting a well-drafted law. Such law-making undermines the democratic process and raises the possibility that people will be prosecuted or have their rights undermined by legislation which the government knew was problematic at the time of its enactment. One of the purposes of the democratic process is to ensure that bad policy, or the poor implementation of policy, is fixed before it becomes law. This will be frustrated if the government does not listen to participants in the democratic process, such as bipartisan Senate Committees. Involving people constructively is important when legislation undermines rights, especially where it undermines those rights secretly.

Conclusion

Protecting the community from acts of terrorism and investigating serious crime are important goals. However, in developing a legal response we should not forget the freedoms we are trying to protect. We should ensure that if the government gains intrusive new powers over our privacy they are balanced and go no further than is required. In this article, we have argued that the Amendment Act went too far. It grants more power than is necessary and contains too few safeguards. Moreover, the government rushed the law through Parliament without listening to the advice of its own members on a Senate Committee. We can only hope the government will honour its promise and review the TIA Act. At that time, we hope that it will face stronger scrutiny from the media and the public.

^[*] DAVID HUME is a Social Justice Intern, Gilbert + Tobin Centre of Public Law, University of New South Wales.

GEORGE WILLIAMS is Anthony Mason Professor and Director, Gilbert + Tobin Centre of Public Law, Faculty of Law, University of New South Wales; Barrister, New South Wales Bar.

© 2006 David Hume and George Williams

^[1] Although the Act commenced on 3 May 2006, the primary provisions of the Act discussed in this article commenced on 13 June 2006. See Telecommunications (Interception) Amendment Act 2006 (Cth) s 2.

^[2] See generally Andrew Lynch and George Williams, What Price Security? Taking Stock of Australia’s Anti-Terror Laws (2006).

^[3] Telecommunications (Interception and Access) Act 1979 (Cth) s 46(1), prior to amendment by the Telecommunications (Interception) Amendment Act 2006 (Cth).

^[4] Flanagan v Commissioner of Australian Federal Police (1996) 134 ALR 495, 542.

^[5] Ibid.

^[6] Anthony Blunn, Report of the Review of the Regulation of Access to Telecommunications (August 2005) 75 (‘Blunn Report’).

^[7] Ibid 76.

^[8] Ibid.

^[9] Ibid.

^[10] Ibid.

^[11] It should be noted that the Attorney General is also the ‘gatekeeper’ for the issuing of warrants under the Australian Security Intelligence Organisation Act 1979 (Cth) div 2.

^[12] Crimes Act 1914 (Cth) s 3ZQR(2).

^[13] Crimes Act 1914 (Cth) s 3ZQR(4).

^[14] Blunn Report, above n 6, 76.

^[15] Telecommunications (Interception and Access) Act 1979 (Cth) s 107A.

^[16] Telecommunications (Interception and Access) Act 1979 (Cth) s 110 (allowing ‘enforcement agencies’ to apply for stored communications warrants); 5 (definition of ‘enforcement agency’); Telecommunications Act 1997 (Cth) s 282 (definition of ‘enforcement agency’).

^[17] Telecommunications (Interception and Access) Act 1979 (Cth)s 6DB.

^[18] Telecommunications (Interception and Access) Act 1979 (Cth)s 5E.

^[19] Telecommunications (Interception and Access) Act 1979 (Cth)s 139.

^[20] Blunn Report, above n 6, 32.

^[21] Senate Legal and Constitutional Legislation Committee, Provisions of the Telecommunications (Interception) Amendment Bill 2006 (March 2006) 67–9.

^[22] The authors made a submission to this process and the second author appeared at the public hearing in Sydney.

^[23] Senate Legal and Constitutional Legislation Committee, Provisions of the Telecommunications (Interception) Amendment Bill 2006 (March 2006) 34.

^[24] Ibid ix.

^[25] Ibid 32.

^[26] Telecommunications (Interception) Amendment Bill 2006 (Cth) sch 3, cll 11–16.

^[27] Commonwealth, Parliamentary Debates, Senate, 28 March 2006, 77 (Senator Ellison, Minister for Justice and Customs).

^[28] Criminal Code Act 1995 (Cth) div 80, as amended by Anti-Terrorism Act (No 2) 2005 (Cth) sch 7.

^[29] Australian Law Reform Commission, Fighting Words: A Review of Sedition Laws in Australia, Report 104, (2006).