The Australian government has put forward its Surveillance Legislation Amendment (Identify and Disrupt) Bill 2020 that would hand the Australian Federal Police (AFP) and the Australian Criminal Intelligence Commission (ACIC) three new warrants for dealing with online crime.
The first warrant is a data disruption warrant, which according to the Bill's explanatory memorandum is intended to be used to prevent "continuation of criminal activity by participants, and be the safest and most expedient option where those participants are in unknown locations or acting under anonymous or false identities".
The second is a network activity warrant that would allow the AFP and ACIC to collect intelligence from devices that are used, or likely to be used, by those subject to the warrant.
"This means that data does not have to be stored on the devices, but can be temporarily linked, stored, or transited through them," the memorandum states.
"This will ensure data that is unknown or unknowable at the time the warrant is issued can be discovered, including data held on devices that have disconnected from the network once the criminal activity has been carried out."
The last warrant is an account takeover warrant that will allow the agencies to take control of an account for the purposes of locking a person out of the account.
"Any other activities, such as accessing data on the account, gathering evidence, or performing undercover activities such as taking on a false identity, must be performed under a separate warrant or authorisation," the memorandum said.
"Those actions are not authorised by an account takeover warrant. The account takeover warrant is designed to support existing powers, such as computer access and controlled operations, and is not designed to be used in isolation."
Agencies would need to report twice a year to the Commonwealth Ombudsman and the Minister for Home Affairs on the use of takeover warrants.
If the Bill is passed, the first two warrants will be able to be issued by the Administrative Appeals Tribunal (ATT) or a suitable judge, while the takeover warrant would need approval by a magistrate.
Citing the use of network activity warrants as an intelligence tool, the Inspector-General of Intelligence and Security will also be responsible for overseeing those warrants instead of the Commonwealth Ombudsman. Disclosing information on those warrants could incur two years jail, while disclosing information that harms an investigation or endangers a person is a 10-year offence.
The Bill also introduces assistance orders to go some way to fulfilling the misplaced fears many had over dragooning when the Telecommunications and Other Legislation Amendment (Assistance and Access) Act 2018 was introduced.
Agencies will be able to ask an AAT member or judge to force a specified person to help them.
"This item ensures that should the AFP or the ACIC be issued a data disruption warrant, they will be able to compel assistance in accessing devices, accessing and disrupting data, copying data, and converting documents," the memorandum states.
"The intent of this provision is not to allow law enforcement to compel assistance from industry, but rather from a person with knowledge of a computer to assist in disrupting data (such as a person who uses the computer)."
However, in a subsequent example, the memorandum points out that people who are not the subject of a warrant could receive an assistance order as well.
"The AFP or the ACIC may have been issued a data disruption warrant for the purposes of targeting a user of a child exploitation forum hosted on a web service. In the course of executing the warrant, they become aware of a system administrator who has knowledge of how to access the forum but is not necessarily involved in the conduct on the forum," the memorandum explains.
"The AFP or the ACIC could use this knowledge by obtaining an assistance order under new section 64B and compelling the administrator to assist them by providing access. This assistance could then be used to facilitate disruption activities such as a data modification."
Failing to comply with an assistance order is punishable by a maximum of 10 years in jail.
In its opening, the memorandum said existing powers are not suitable for use on targets who are "actively seeking to obscure their identity and the scope of their activities".
"Cyber-enabled serious and organised crime, often enabled by the dark web and other anonymising technologies, such as bespoke encrypted devices for criminal use, present a direct challenge to community safety and the rule of law," the memorandum says.
"Many anonymising technologies and criminal methodologies can be combined for cumulative effect, meaning it is technically difficult, and time and resource intensive, for law enforcement to take effective action.
"Just as online criminals are constantly changing their operations and reacting to new environments, the law must adapt in order to give law enforcement agencies effective powers of response."
The Bill was introduced to Parliament on Thursday by Minister for Home Affairs Peter Dutton.