- 5 network automation startups to watch
- 4 Security Controls Keeping Up with the Evolution of IT Environments
- ICO Warns of Festive Mobile Phone Privacy Snafu
- La colaboración entre Seguridad y FinOps puede generar beneficios ocultos en la nube
- El papel del CIO en 2024: una retrospectiva del año en clave TI
Australia Passes Identify and Disrupt Bill
A coalition bill that grants the police more powers to spy on criminal suspects online has been passed by the Australian government.
The Surveillance Legislation Amendment (Identify and Disrupt) bill has created three new types of warrants that enable the Australian Federal Police (AFP) and Australian Criminal Intelligence Commission (ACIC) to modify and delete data belonging to cybercriminal suspects and take over their accounts.
Using the new data disruption warrants, the AFP and the ACIC can prevent serious offenses from being committed online by modifying, adding, copying or deleting data. Network activity warrants allow the agencies to gather intelligence on criminal activity being carried out by cyber-criminal networks, while account takeover warrants can be used to take control of a suspect’s online account.
An eligible judge or a nominated member of the administrative appeals tribunal (AAT) can issue the data disruption and network activity warrants. However, the account takeover warrants must come from a magistrate who is satisfied that there are reasonable grounds that such a step is required to collect evidence relating to a relevant offense.
On Tuesday, Labor MP Andrew Giles told the lower house that the bill had gained the support of the opposition because “the cyber-capabilities of criminal networks have expanded, and we know that they are using the dark web and anonymizing technology to facilitate serious crime, which is creating significant challenges for law enforcement.”
The Greens flagged that the new powers go against a central recommendation of the Richardson review of the legal framework for Australia’s intelligence community. Richardson found that “law enforcement agencies should not be given specific cyber-disruption powers.”
Recommendations to improve safeguards and oversight concerning the new powers were made earlier this month by the parliamentary joint committee on intelligence and security (PJCIS), though not all of them were implemented.
The committee can review the bill after four years, and the Independent National Security Legislation Monitor will review the bill in 2024.
Kieran Pender, senior lawyer at the Human Rights Law Centre, told Guardian Australia that the new powers granted to the AFP and ACIC under the bill “are unprecedented and extraordinarily intrusive.”