- Encrypted evidence of just about any crime is increasingly being stored on electronic systems in foreign, multiple or unknown jurisdictions.
- Older, established law enforcement and intelligence mechanisms can no longer keep pace. Major investigations run cold or result in failed prosecutions.
- The new Telecommunications Legislation Amendment (International Productions Orders) Act 2021 will bring Australia a step closer to securing a CLOUD Act agreement with the US government and will significantly speed up requests for police and intelligence agencies to obtain Australians’ telecommunications data that is held offshore in the USA.
The Telecommunications Legislation Amendment (International Productions Orders) Act 2021 (‘IPO Act’) received Royal Assent on 23 July 2021.
The IPO Act appends a new Schedule 1 to the Telecommunications (Interception and Access) Act 1979 (‘TIA Act’) which establishes a framework to allow for Australia to negotiate agreements with like-minded foreign governments for reciprocal cross-border access to communications data (referred to as outgoing and incoming international productions orders (‘IPO’s)).
An agreement (or Designated International Agreement ‘DIA’) made under these provisions would allow law enforcement and national intelligence agencies of participating countries to issue orders, through a designated authority, for the production of data directed to prescribed communications and technology companies in the other country’s jurisdiction. Domestically, the Act provides for relevant agencies to seek orders for domestic interception, stored communications or authorisations for access to telecommunications data (referred to as ‘outgoing’ and incoming production orders) (IPO Bill 2020 Explanatory Memorandum para 2-3).
The Act contains important safeguards for data protection and human rights, and provides for independent oversight by the Commonwealth Ombudsman (‘Ombudsman’) and the Inspector-General of Intelligence and Security.
In our evolving and changing technological landscape, the traditional phone as we know it has largely disappeared, and in its place is mobile and internet connectivity with the use of over the top application providers, social media messaging and voice over IP (Internet Protocol address) services. The majority of these applications and services are provided or offered by foreign providers with global operations such as Google, Facebook, Twitter, WhatsApp etc. It is not surprising that criminal, terrorist and organised criminal networks have been using internet enabled technology or encryption supported crime to facilitate or obfuscate criminal activity without having any technical skills or knowledge – it is that simple, thanks to the internet.
In my last article (‘Going dark: the unprecedented government measures to access encrypted data’ 52 Law Society of NSW Journal, Feb 2019, 74-77) I discussed how encryption was underpinning a wide range of crime typologies, such as cybercrime, terrorism and serious organised crime. The intentional hiding of data and communications in criminal activities is not surprisingly on the increase (see Dr Amanda Davies, Australian Institute of Policing, March 2021, 3). On the flip side, no one can deny the importance and benefits of strong encryption for the digital economy and digital privacy. It follows that evidence of just about any crime is being increasingly stored electronically on computer and device systems in foreign, multiple or unknown jurisdictions and additional measures are required to lawfully obtain such evidence in order to enable an effective criminal justice response and to uphold the rule of law.