Security / Cybercrime
Last Updated: 10 Apr 2004
This section contains information about legislation and regulatory proposals, and related parliamentary and government inquiries, intended to protect security or deal with "cybercrime" and other computer-related crime which also unreasonably infringe or threaten Internet users' privacy and/or other civil liberties.
- Inquiry into recent trends in practices and methods of cybercrime, Joint Committee on the Australian Crime Commission, 2003/2004
- Big Brother ISP Cybercrime Code Condemned, 19 Aug 2003
- Liberty under threat? EFA Statement, 16 Sep 2001
- Cybercrime Acts / Computer Crime Acts, 2001
- Council of Europe (CoE) Cybercrime Convention, 2001
- Inquiry into the Law Enforcement Implications of New Technology, Joint Committee on The National Crime Authority, 2001
- Review of the Australian Security Intelligence Organization (ASIO) Legislation Amendment Bill 1999, Parliamentary Joint Committee, 1999
The Parliamentary Joint Committee on the Australian Crime Commission conducted an inquiry into recent trends in practices and methods of cybercrime in 2003 and issued its report in March 2004.
EFA sent a submission in April 2003 and also presented oral testimony during a Committee hearing on 21 July 2003. During the Committee's public hearings in mid July 2003, a former member of the National Crime Authority advocated prohibiting free email accounts and requiring 100 point ID checks to obtain an Internet access account. EFA sent a supplementary submission to the inquiry opposing such proposals on 6 August 2003.
19 Aug 2003: The Internet Industry Association's (IIA) proposed Cybercrime Code of Practice for ISPs would result in massive invasion of Internet users' privacy. The IIA is acting like Big Brother - they want ISPs to log and record everything Internet users do online. EFA sent a submission to IIA recommending the Code be abandoned. See: EFA's Media Release and EFA's Submission to IIA.
The Commonwealth Cybercrime Bill 2001 was approved by the Parliament with minor amendments on 27 September 2001. The legislation was an overbroad knee-jerk reaction to then recent well-publicised virus attacks, and has the potential to criminalise innocent behaviour such as possession of security software. It also introduced an alarming law enforcement provision requiring release of encryption keys or decryption of data, contrary to the common law privilege against self-incrimination.
The Cth Bill implemented section 4.2 of the Model Criminal Code (MCC) and all Australian State and Territory Governments were understood to be intending to implement the computer related offences of the Australian Model Criminal Code (refer Chapter 4 - Damage and Computer Offences).
For more information, see EFA's Cybercrime / Computer Crime Legislation page.
CoE Cybercrime Convention, final, 23 November 2001.
- EFA joined other members of the Global Internet Liberty Campaign (GILC) in urging the Council of Europe to reconsider the treaty on Cyber Crime which threatens civil liberties:
- Global Internet Liberty Campaign Member Letter on Council of Europe Convention on Cyber-Crime, 18 October 2000.
- Global Internet Liberty Campaign Member Letter on Council of Europe Convention on Cyber-Crime Version 24.2, 12 December 2000.
The Parliamentary Joint Committee on The National Crime Authority commenced an inquiry into the law enforcement implications of new technology in June 2000 and issued its report in August 2001.
EFA is very concerned about proposals put forward by several law enforcement agencies for legislation to require Australian ISPs to retain transaction logs of all user activities.
The Committee's inquiry had particular reference to:
- whether use of new technology by law enforcement agencies is adequately catered for by Commonwealth, State and Territory legislation;
- the extent to which electronic commerce facilitates the laundering of the proceeds of crime; and
- whether international law enforcement cooperation is adequate to meet the challenges of new technology.
For further information, see:
- EFA submission to the Committee - April 2001
- Other submissions to the Committee
- Report of the Committee (PDF 1.2MB) - 27 August 2001
The Committee recommended (extracts from the Report):
Recommendation 1: That the Government give consideration to the range of offences prescribed under sections 5(1) and 5D of the Telecommunications (Interception) Act 1979 in the context of contemporary technological developments (para. 1.41).
Recommendation 2: That the Government make TI-related foreign intelligence warrants available to law enforcement agencies (para. 1.41).
Recommendation 3: That the Commonwealth consult with the Standing Committee of Attorneys-General whether regulation of the use of TI could be delegated to the States and Territories within a continuing context of broad-based mirror legislation (para. 1.55).
Recommendation 4: That the Government give particular consideration to the appropriate level of regulation of Internet Service Providers to ensure their cooperation with law enforcement (para. 1.73).
Recommendation 5: That the Government ensure that the integrity of the TI Act is not undermined by emerging technology (para. 1.79).
Recommendation 6: That, in conjunction with the States, the Government introduce comprehensive national electronic surveillance legislation, with particular emphasis on the inclusion of appropriate privacy provisions (para. 1.116).
Recommendation 7: That the Australian Government place on the agenda of the Standing Committee of Attorneys-General the need for a comprehensive and fundamental review of the operations of legislative provisions that may inadvertently and unnecessarily restrict the capacity of law enforcement to exchange intelligence and operational information (para. 1.124).
Recommendation 8: That the Commonwealth Ombudsman's jurisdiction over the use by Commonwealth law enforcement agencies of telecommunications interception be expanded to include the use of any electronic surveillance device (para. 1.158).
Recommendation 9: That a national cyber-forensic facility be established (para. 2.145).
In 1999, a hastily-convened Parliamentary Committee reviewed a Bill providing increased powers to the Australian Security Intelligence Organisation (ASIO). The Parliament Library Bills Digest No. 172 provides an overview of the Bill.
- EFA submission to Parliamentary Joint Committee on Review of the Australian Security Intelligence Organization (ASIO) Legislation Amendment Bill 1999 - April 1999
- "...Overall the Bill provides for a significant increase in ASIO's powers, and a corresponding decrease in the rights of Australians. The balance between individual rights and the security concerns of the state is shifted in favour of the latter. ..."
Legislation granting ASIO authority, among other things, to hack into citizens' computers and covertly add, delete or alter data (defined as including both information and computer programs) was enacted in 2000. (Amendment to spying laws, James Norman, The Age, 20 June 2000)