ASIO and you The following article was published in "The Guardian", newspaper of the Communist Party of Australia in its issue of Wednesday, September 29th, 1999. Contact address: 65 Campbell Street, Surry Hills. Sydney. 2010 Australia. Phone: (612) 9212 6855 Fax: (612) 9281 5795. Email: <[EMAIL PROTECTED]> Webpage: http://www.zipworld.com.au/~cpa Subscription rates on request. ****************************** So you thought that the Australian Security Intelligence Organisation was sneaky, invasive, contemptuous of civil liberties and riddled with right-wingers eager to carry out the wishes of the most reactionary government? Wait till you see the new version! Legislation currently before Federal parliament would see the existing powers of ASIO greatly expanded, with a particular emphasis on the use of computer technology. ASIO is currently exempt from many of the requirements of other government organisations. For example, decisions currently made by the Minister responsible for ASIO, including a decision to issue a warrant for search or surveillance, are not subject to judicial review. ASIO documents, and those originating in ASIO, cannot be obtained under Freedom of Information legislation. The Human Rights and Equal Opportunities Commission cannot investigate complaints against ASIO concerning violations of human rights, and ASIO is exempt from the provisions of the Privacy Act 1988(2). Under Australian law it is doubtful whether a court case could be successfully mounted to determine whether ASIO had complied with the legal or constitutional law in a particular case, and the organisation has little accountability other than to the government of the day. So does the new legislation correct these defects? Not on your life! The proponents of the new ASIO Bill claim that the amended legislation is necessary in order to curb white-collar crime and terrorism. However, the legislation continues to give ASIO the potential to invade the homes of individuals and also the offices and operations of any organisation out of favour with the government of the day - including trade unions, peace groups, political parties, churches and community organisations. It would extend the current provisions for breaking into homes or offices and tapping phones. It would allow intelligence personnel to hack into computer systems, not only to gain information but to actually change the information held in the system. Under the proposed legislation any encryption code used to maintain privacy could legally be broken by ASIO, which would also be empowered to place tracking devices on people and cars. And ASIO would gain all of these new powers with even fewer constraints on it than currently exist. There has been some speculation that the amended law is necessary in order to deal with the potential problems of terrorist activities during the Olympic games. However, the Director General of ASIO recently told the parliamentary committee dealing with the amendments that security checking for the Olympics "doesn't involve ASIO in a new area of activity, it just means that we have more work to do in a compressed period of time". Although part of the new legislation dealing with communication between State and Federal authorities would take effect before the Games, and would terminate the following December, the Government has denied that the legislation as a whole is intended specifically for the Games. So most of it is intended as a permanent measure, not as a temporary expedient. Encryption: you can't keep a secret, can you? One of the most controversial areas of the new legislation concerns the use of encryption technology by computer users to forestall unauthorised access to such information. The 1996 Walsh report on encryption, prepared by a former deputy Director-general of ASIO, recommended that ASIO should have the authority to gain "real time access to the voice and data communications of their subjects of investigation". This would require the cracking of encryption codes. These codes allow a computer user to maintain privacy about the information on their system, and of course can be used for good or ill. The report recommended that there should be full public discussion on encryption, and on the report itself. However, the Government subsequently refused to release it. Although the report appears to recognise that encryption technology is developing fast, and that major legislation at this time would probably be premature, the Government has now incorporated clauses dealing with the control of encryption in the legislation. The amendments allow ASIO to access data relevant to security, print copies and remove them from the premises, make copies and alter, add or delete data. This may be done either by entering the premises or by using electronic means (``remote access'') to a target's computer. Although a section of the legislation purports to protect lawful use and users, this would be difficult to establish in practice. The new law would allow ASIO to add, delete or alter computer data. Part of the amendments state that the Act does not authorise interference with the lawful use of computers. However, as one commentator noted, "How will `accidental' interference be avoided by ASIO when data is being manipulated by remote access? How will it be detected by lawful users who suffer computer malfunction as a result?" Encryption systems are available in Australia, but the Government is determined to keep available encryption systems within the range where they can crack the codes, both here and overseas. In 1991 the small Australian company Nexus Solutions developed a very powerful encryption system for ensuring the privacy of medical records. Permission to export the system to the World Health Organisation (WHO) was subsequently denied by the Defence Signals Directorate, unless the company underwent an accreditation test with one of three nominated companies. Nexus was warned verbally to deal only with one American company in order to maximise the chances of accreditation, but a condition of that company's accreditation process was that Nexus would surrender the code to them. The WHO deal was effectively thwarted. One justification given for the new measures is that they would allow for the surveillance of criminal or terrorist activities. However, they would also allow ASIO access to confidential information about legitimate transactions, taxation information, medical records etc. Moreover, organised crime in particular has the resources to hire the best brains in the business to gain the latest encryption technology. The result of the Government trying to keep the available technology within a range that they can crack is that organised crime will continue to enjoy secrecy, but ASIO will be able to penetrate the records of trade unions, left-wing political parties, peace groups and community organisations. Tax confidentiality: your business is ASIO's business The new legislation would give ASIO access to taxation records without a warrant. The existing warrant process provides a check (in theory at least) against invasion of privacy. However, not only would this disappear, but according to the official explanation, "The amendments will give ASIO officers similar access to taxation information as law enforcement agencies now have ... [and] ... will allow ASIO officers to record and divulge or communicate the information in specified circumstances to law enforcement agencies and the Inspector-General of Intelligence and Security or one of his officers in specified circumstances." According to other sources, this would also include the Inspector General of Intelligence Services and legal practitioners in defined circumstances. That's an awful lot of people who could legitimately end up knowing your business. The Taxation Department routinely promises that tax matters will be treated with confidentiality, but the amendment threatens to effectively blow away tax confidentiality altogether. Warrant provisions loosened - or abandoned altogether Under current legislation, a warrant must be obtained prior to certain action being carried out by ASIO. The warrant process is supposed to ensure that infringement of privacy and civil rights by ASIO is justified, and is minimised. For action of lesser infringement of those rights approval may be given by the Attorney General, or by the Director-general of ASIO. However, under the new legislation the warrant process would be weakened with regard to the preservation of civil rights. As recommended in the Walsh Report, ASIO would be authorised to use tracking devices and to re-enter premises to maintain, replace or remove the devices under the proposed legislation. ASIO personnel would be able to re-enter premises after the warrant has expired, using "reasonable force", if necessary, to recover the device. No warrant process would be necessary for collection of foreign intelligence within Australia if the amendments become law. Under the new legislation reports on ASIO inspections may be made to either the Minister responsible or the head of the relevant agency. Ministerial oversight of many inspections may therefore be lost. Privatisation One intriguing aspect of the present privatisation process concerns ASIO's ability to intercept articles being delivered. Any interception of Australia Post items currently requires a warrant. However, private firms now handle an increasing amount of items delivered in Australia. Under the new legislation interception of items carried by private firms would not require a warrant. The Government would like to see Australia Post privatised, and if they achieve this, all items delivered would be fair game for ASIO interception. No warrant, no worries! One tantalising area of the amendments concerns the recovery of costs by ASIO "for the giving of advice or the provision of services by the organisation to the persons at their request". In other circumstances the introduction of "cost recovery" provisions for government organisations has foreshadowed their privatisation, in whole or in part, and has resulted in a blurring of the lines between a government and private organisation. This clause appears to deal, in effect, with the sale of information or services by ASIO. Who are these "persons", their customers? One government document notes that costs can already be recovered from Commonwealth agencies, but there is no clear definition of who the "persons" referred to in these amendments might be. Just how circumspect would ASIO be under the new legislation? The amendments don't say. Could right-wing organisations, for example, purchase lists of known members of politically opposed parties? Surely not, you say. But who knows? With regard to this clause political activist and former MLC Joan Coxsedge commented: "If money enters the equation, then surely ASIO is moving into a completely new area." Some provisions of the amendments relate to special arrangements between ASIO and state authorities for the duration of the Olympics, for example the vetting of visa applications. The current law enables any applicant who receives an adverse report from ASIO to appeal. However, in the amendment as proposed, it may well be a state authority which is issuing the adverse report on which rejection is based. In such cases it is not guaranteed that the applicant would have any appeal rights at all. The amended legislation would give ASIO considerably increased new powers, and would exacerbate rather than rectify the shortcomings of the current legislation. So you thought you were probably free from ASIO worming its way into your private life? Think again! -- Leftlink - Australia's Broad Left Mailing List mailto:[EMAIL PROTECTED] http://www.alexia.net.au/~www/mhutton/index.html Sponsored by Melbourne's New International Bookshop Subscribe: mailto:[EMAIL PROTECTED]?Body=subscribe%20leftlink Unsubscribe: mailto:[EMAIL PROTECTED]?Body=unsubscribe%20leftlink