have been given the power to install spyware and Trojans on suspected
criminals' computers under the new Surveillance Devices Act.
The Surveillance Devices Act allows both federal and state police to
use key logging and tracking software when investigating offenses that
carry a maximum sentence of three years, according to the Sydney
Neil Campbell, national security manager of IT services company
Dimension Data, said the laws needed updating because of confusion when
dealing with new technologies. Campbell previously spent six years
working with the Australian Federal Police computer crime team.
"If the police intercept SMS messages that have not yet been delivered,
should that be classified as a telephone interception or as a regular
search? Getting a search warrant is relatively easy--you need to show
reasonable grounds that executing the search will provide evidence as
to the commission of an offense. But getting an interception warrant is
difficult," Campbell said.
Campbell noted that the police may find it difficult to install spyware onto a suspected criminal's computer, especially if the suspect is competent with IT security practices.
"It is going to be very hard to use spyware for monitoring the
activities of a paranoid, tech-savvy criminal. How do they get it on
the machine? Do they physically install it?" Campbell asked.
Adam Biviano, senior systems engineer at antivirus firm Trend Micro,
said security tools have quite often been in conflict with monitoring
techniques, and criminals have been using technologies such as
encryption to make the monitoring of communications very difficult.
"Tech-savvy criminals will be watching for this kind of thing,
especially if they know that law enforcement agencies are using these
techniques," Biviano said. "They can look at process lists, what is
using memory on their PC and what applications are running. If they
know enough about their computer, they will be able to detect the
Munir Kotadia of ZDNet Australia reported from Sydney.