NSW ICAC asks for decryption and disruption powers

NSW ICAC has called for the power to decrypt communications, take control of online accounts and alter and delete data. 

The public service watchdog’s submission to Home Affairs' review of the electronic surveillance framework called to be listed as an interception agency by the Surveillance Legislation Amendment (Identify and Disrupt) Act (SLAID Act) and the Telecommunications and Other Legislation Amendment (Assistance and Access) Act. 

The review’s discussion paper said it was aiming to streamline the “patchwork” of acts governing how and which law enforcement and security agencies can intercept and surveil communications “with a single, streamlined and technology-neutral Act.”

ICAC said in its submission that it is defined as an interception agency by the Telecommunications Interception and Access Act 1979 (the TIA Act), which enables it to access metadata. 

However, it cannot take control of a person’s online account, add, copy, delete or alter online material to disrupt criminal activity because it is excluded from the SLAID Act. 

ICAC also cannot access communications sent over end-to-end encrypted services by issuing "requests" for voluntary assistance, or "notices" for compulsory assistance, to service providers because it is excluded from the TOLA Act.

“The omission of the Commission from powers afforded to other agencies produces detrimental and perverse outcomes, benefiting those who engage in serious crime and corruption,” ICAC said. 

The review’s discussion paper mentioned five agencies whose surveillance and interception powers it was considering extending, but ICAC was not among them. 

Examples of agencies whose powers the review said it was already considering extending included state and territory corrective services who the review might be granted the power to "access telecommunications data, for the purposes of monitoring criminal offenders.”

And the Australian Border Force who the review said could receive “the power to use tracking devices to investigate border-related measures.”

ICAC’s submission also expressed opposition to a proposal to increase the reporting requirements related to using the TIA Act to access journalists’ information.

The TIA Act requires agencies to obtain a journalist information warrant before accessing this information.

The safeguard aims to prevent the power from discouraging whistleblowing and public interest journalism.  

“The Commission [ICAC] sees reporting requirements for journalist information warrants already burdensome on agencies.”