Aust state not alone in police hacking laws

Other jurisdictions besides New South Wales are proposing legislation to allow police to quietly hack into suspects' computers remotely, an Australian cybercrime analyst says.

Proposed state legislation that would allow NSW Police to quietly hack into suspects' computers remotely reflected similar moves in other jurisdictions, a notable Australian cybercrime analyst said Thursday.

The NSW Parliament on Wednesday was debating an amendment to the Law Enforcement (Powers and Responsibilities) Act 2002, which proposes to allow NSW Police, with a special warrant issued by a Supreme Court judge, to remotely access a suspect's computers for between seven to 28 days, depending on the seriousness of the alleged offence.

Australian Federal Police officer, Nigel Phair, who spoke to ZDNet Asia's sister site ZDNet Australia as a cybercrime analyst and author, said it was about time state governments introduced police hacking powers. Phair said the Bill would merely bring NSW legislation and police search powers up-to-date with trends in crime.

"From a Commonwealth perspective, it has had the Cybercrime Act since 2001. It's good that it gets acknowledged by the NSW Parliament. These laws keep on needing to be refreshed as technology and crime changes," Phair said Wednesday.

Phair speculated on whether the Bill could have an impact on other states' approach to the issue of covert search powers. "Will the Commonwealth take them up and will other states mirror them?" he asked.

Queensland had in fact recently introduced legislation along some similar lines, giving the state's police the ability to apply for a warrant to intercept telecommunications. The new powers were introduced this February under the Telecommunications Interception Bill 2009.

"Queensland law enforcement agencies do not have direct access to telecommunications interception powers. It is desirable that they should have such access," the Bill's explanatory notes state.

Queensland Premier Anna Bligh, at the Bill's introduction on Feb. 10, acknowledged the "intrusiveness" of the Bill but highlighted that it would appoint a Public Interest Monitor (PIM) in Queensland to test the validity of such warrant applications.

Queensland-based criminal defence lawyer Jim Coburn, a partner at law firm Ryan and Bosscher Lawyers, has said the Bill gave Queensland Police "sweeping" powers, which would allow them to snoop everything from private emails to Facebook".

"The new legislation in effect means police can seek the power to tap everything — every modern form of communication that passes over a telecommunications system," he wrote in a recent opinion piece.

As for the Public Interest Monitor, Coburn said it was a farce. "The reality is that the Public Interest Monitor role is essentially nothing more than a public relations gesture. The legislation does not give the PIM any real powers to prevent police launching fishing expeditions in the hope of catching someone on a crime," he wrote.

Victoria meanwhile had introduced a similar law that came into effect in December last year. Outgoing Victorian Police Commissioner Christine Nixon gave her reasons for the law prior to its introduction.

"Currently, named person warrants can relate to either telecommunications services (for example, telephone numbers) being used by a particular person or a particular telecommunications device (for example, telephone handset)," she said. "The Bill proposes the existing device-based named person warrant regime be extended to authorise the interception of communications made by multiple telecommunications devices," Nixon wrote.

Victoria's Privacy Commissioner Helen Versey objected to the Bill for its loose definitions.

"The vague nature of these items may result in the ability for monitoring of any communication across any telecommunications device without any requirement to show necessity or cause for such monitoring prior to obtaining a warrant," she said.