The Australian Federal Police (AFP) is concerned that top secret information leaked to media organisations are at risk of being accessed by others, particularly "foreign actors".
According to the AFP's Deputy Commissioner Operations, Neil Gaughan, they're aware of top secret (TS) information that probably "sits within a couple of media organisations".
"The ability of their IT infrastructure to protect that information at the top secret level doesn't exist," Gaughan told the Parliamentary Joint Committee on Intelligence and Security (PJCIS) on Wednesday.
"If we have TS information sitting on an unclassified network within, say, a journalist's organisation, the ability for that to be compromised I think is quite high, and quite worrying."
The AFP has to consider all the information that a media organisation might possess, not just what they've published or intend to publish.
The AFP is not aware of any hacking events suffered by media organisations.
One of the "biggest concerns", however, is the AFP's reputation and trustworthiness in the eyes of its intelligence partners, both in Australia and internationally, Gaughan said.
If it's shown that the AFP can't protect information, there's an "extremely high" likelihood that it would affect the willingness of those agencies to provide information that could help prevent a national security problem, he said.
"My own personal experience is that in around about 2014 we had a very similar situation whereby information was leaked, and there were some threats made by a partner that if we didn't actually get our act together, the information flow would cut off. That's a pretty serious issue for us."
Investigating journalist "was just never in my mind": Home Affairs chief
One of the ongoing AFP investigations is into the leak to journalist Annika Smethurst of a document discussing potential Australian Signals Directorate (ASD) activities with Australia.
Smethurt's story was published in Sydney's The Sunday Telegraph under the headline Secret plan to spy on Aussies on April 29, 2018.
"Under the plan, emails, bank records, and text messages of Australians could be secretly accessed by digital spies without a trace, provided the Defence and Home Affairs ministers approved," she wrote.
Since then there has been a series of government denials, including by the Minister for Home Affairs, Peter Dutton, in June 2019.
According to Mike Pezzullo, Secretary of the Department of Home Affairs, the document was about "how we would conduct the cyberdefence of Australian critical infrastructure, down to the types of capabilities that we would use," not domestic surveillance.
Smethurst's home was raided by the AFP on June 4 this year.
In the same week, the AFP searched computers at the Australian Broadcasting Corporation (ABC) in relation to allegations of publishing classified material, namely the reported "hundreds of pages" of classified documents which led to the ABC's report from mid-2017 titled The Afghan Files.
While Pezzullo expressed his concerns to the committee that details from the Smethurst document had been made public, he said that he'd never thought the journalist might be investigated.
"That element of it not only had never come into my mind, therefore hadn't had the opportunity to leave my mind, it was just never in my mind... until Mr Gaughan told me that we're going into her premises," he said.
"The fact that they've got a suspect, as Mr Gaughan said, and the fact that they're, you know, closing in fills me with optimism that the law will be applied in this case."
The AFP refused to rule out prosecuting Smethurst.
Pezzullo said that the "changing nature of the media sector" may mean that "younger journalists" might not have the "grounded deep background" that journalists would have traditionally gained from "practitioners who can thoughtfully, carefully, and in a cautious way, explain what different classifications mean".
"There probably needs to be a re-connection of the government sector with the media sector," he said.
"I think there is something for this committee to think about, how to reestablish those connections, that doesn't necessarily require a legislative solution."
Press freedom inquiry to report in October
Wednesday's hearing was part of the PJCIS inquiry into "the impact of the exercise of law enforcement and intelligence powers on the freedom of the press".
The inquiry was launched following the controversial searches of journalists' computers in June this year. The AFP had issued search warrants as part of two separate investigations of leaks of classified material to the media.
The laws being reviewed include section 3F of the Crimes Act 1914 (Cth), which defines the rules for computer access warrants; the controversial encryption legislation that was passed in December 2018; and the laws that require agencies to obtain a so-called "journalist information warrant" before gaining access to their stored telecommunications data.
The Law Council of Australia has called for tighter restrictions on metadata access, including the need for warrants in all cases, not just when the subject is a journalist. However, Home Affairs Minister Peter Dutton says there's nothing to worry about.
Meanwhile, it was revealed in July that the AFP's ACT Policing branch had accessed metadata without proper authorisation more than 3,300 times during 2015 alone.
The PJCIS is expected to report back to Parliament by October 17.
- Home Affairs floats making telcos retain MAC addresses and port numbers
- Here we go again: PJCIS opens review of Australia's encryption laws
- Australian anti-corruption bodies should get encryption-busting powers: PJCIS
- Law Council wants warrants and crime threshold for metadata retention scheme
- Data retention costs Australian telcos upwards of AU$210 million to date
- OAIC still asking for information privacy amendments to data retention regime