Australian police get go-ahead on spyware

A new law gives Australian police the power to install spyware and Trojans on suspected criminals' computers.
Written by Munir Kotadia, Contributor on
Australian police have been given the power to install spyware and Trojans on suspected criminals' computers under the new Surveillance Devices Act.

The Surveillance Devices Act allows both federal and state police to use key logging and tracking software when investigating offenses that carry a maximum sentence of three years, according to the Sydney Morning Herald.

Neil Campbell, national security manager of IT services company Dimension Data, said the laws needed updating because of confusion when dealing with new technologies. Campbell previously spent six years working with the Australian Federal Police computer crime team.

"If the police intercept SMS messages that have not yet been delivered, should that be classified as a telephone interception or as a regular search? Getting a search warrant is relatively easy--you need to show reasonable grounds that executing the search will provide evidence as to the commission of an offense. But getting an interception warrant is difficult," Campbell said.

Campbell noted that the police may find it difficult to install spyware onto a suspected criminal's computer, especially if the suspect is competent with IT security practices.

"It is going to be very hard to use spyware for monitoring the activities of a paranoid, tech-savvy criminal. How do they get it on the machine? Do they physically install it?" Campbell asked.

Adam Biviano, senior systems engineer at antivirus firm Trend Micro, said security tools have quite often been in conflict with monitoring techniques, and criminals have been using technologies such as encryption to make the monitoring of communications very difficult.

"Tech-savvy criminals will be watching for this kind of thing, especially if they know that law enforcement agencies are using these techniques," Biviano said. "They can look at process lists, what is using memory on their PC and what applications are running. If they know enough about their computer, they will be able to detect the (spyware) programs."

Munir Kotadia of ZDNet Australia reported from Sydney.

Editorial standards