Place of section 35P in context -
There is much in the objections in principle to making it a criminal offence for journalists (and others) to publish information relating to activities by or on behalf of ASIO. At first sight, it seems anomalous to do so where illegality is authorised. However, the focus on section 35P skews the argument. The real questions are whether the SIO scheme reflected in Division 4 of Part III is appropriate; if so, whether a secrecy provision is appropriate as part of the scheme; and if so, whether the form of section 35P is appropriate.
Is an SIO scheme appropriate? -
An SIO scheme of the kind reflected in Division 4 of Part III is appropriate both from the point of view of ASIO and the public. The width of the anti-terrorism laws is such that little covert use of human sources could occur without a breach of the law. There could be a temptation for ASIO personnel to do ‘whatever it takes’ to secure the nation, which could involve cutting corners or more serious breaches. The controversy over methods of interrogation by various international intelligence agencies is one illustration. Division 4 of Part III provides some clear boundaries and, within those boundaries, provides safeguards against abuse. Authorisation is by the Minister rather than ASIO personnel. Certain illegal conduct, described in section 35K(1)(d) and (e), cannot be authorised (broadly, conduct cannot constitute entrapment, cause death or serious injury, constitute torture, involve the commission of a sexual offence or cause significant loss of or damage to property). There are various reporting and oversight requirements, including that the Director-General of ASIO must notify the IGIS (the IGIS has a specific oversight function27) as soon as practicable after an SIO authority is granted, and must give six-monthly reports to the Minister and the IGIS on SIOs that are in force. Those reports must include whether an SIO has caused the death of or serious injury to any person, or involved the commission of a sexual offence against any person, or resulted in loss of or damage to property.
-
During this inquiry, I have had the benefit of private hearings about the practical operation of the SIO scheme. I am satisfied that it is necessary and proportionate to the present threat to security and that the procedures in force (both statutory and administrative) are appropriate safeguards against abuse, which is not to say that the possibility of abuse can be discounted entirely. This scheme protects those authorised to act illegally. That makes unauthorised activity less likely and not defensible if it occurs. This should protect the public from ad hoc illegality, whether or not it is authorised or tolerated by the ASIO hierarchy. It is a significant advance on the pre-existing situation.
Is a secrecy provision appropriate? -
While there are general secrecy provisions in the ASIO Act, a tailored secrecy provision as part of a self-contained scheme of this kind is not inappropriate, particularly as the process for authorisation goes beyond ASIO personnel.
Is section 35P an appropriate secrecy provision? -
The justification for section 35P in the Explanatory Memorandum to the NSLAB (No 1) 2014 is as follows (emphasis added, a fuller extract of the explanation of section 35P is set out in Appendix B28):
569. New section 35P creates two offences in relation to the unauthorised disclosure of information relating to an SIO. These offences are necessary to protect persons participating in an SIO and to ensure the integrity of operations, by creating a deterrent to unauthorised disclosures, which may place at risk the safety of participants or the effective conduct of the operation.
…
573. The offence in subsection (1) does not require proof of intent to cause harm, or any proof of resultant harm from the disclosure. This is because the wrongdoing to which it is directed is the harm inherent in the disclosure of highly sensitive intelligence information. The disclosure of the very existence of an SIO—which is intended to remain covert—is, by its very nature, likely to cause harm to security interests. Given the necessarily covert nature of SIOs, disclosure of the existence of such an operation automatically creates a significant risk that the operation may be frustrated or compromised, and that the safety of its participants or persons associated with them, such as family members, may be jeopardised. Once such information is disclosed, there is limited recourse available to address these significant risks. This harm is not contingent on a person’s malicious intention in making a disclosure, except that it may be aggravated by any such malice. As such, the offence in subsection (1) gives effect to the strong need for a deterrent to such behaviour.
-
My examination of the operation of the SIO scheme in practice confirms that risks of the kind outlined are real in relation to certain (perhaps most) kinds of intelligence operations with certain (perhaps most) kinds of authorised illegal behaviour. It does not follow that the same risks will be inherent in relation to all information relating to all SIOs for all time. The rationale for the width of the section depends on harm, of the kind outlined, being implicit in any disclosure of any information about an SIO at any time. That is simply not sustainable. It may be accepted that information about an SIO may seem innocuous, but may be significant if combined with other information that is known: the ‘mosaic’ effect. That does not deny that some information about an SIO will have no, or no continuing, operational significance. It is one thing to enforce an implication of harm in relation to insiders bound by a duty of confidence and with knowledge (or the means of knowledge) about an SIO. It is quite another to apply that implication to third parties who are not so bound and who do not have such knowledge.
-
The fundamental question is whether third parties should be bound by the broad prohibitions of external disclosures effected by section 35P in the same way as insiders (assuming ‘disclose’ has the wide meaning contended by the authorities). The section makes no distinction, either in culpability or penalty. There is no ‘harm’ requirement in the basic offence. That is contrary to the reasoned position of the ALRC, the Gibbs Committee and the Commission of Inquiry into ASIS.29 For example, the Gibbs Committee recommended that, in the case of a disclosure relating to the intelligence and security services, the prosecution would not have to prove damage, but would have to prove damage if the disclosure was made by a person who was not a member or ex-member of those services. In the latter regard, the Gibbs Committee stated:
31.25 Undoubtedly, a member of the intelligence and security services stands in a special position and it is not unreasonable, in the opinion of the Review Committee, that he or she should be subject to a lifelong duty of secrecy as regards information obtained by virtue of his or her position. Subject to the very important proviso that satisfactory procedures are established by which complaints or allegations by such a person as to illegality, misconduct or improper activities of those services or persons employed in them are received, investigated and dealt with (see Chapter 32), the Review Committee is satisfied that disclosures by such persons should be prohibited by criminal sanctions without proof of harm.
-
The principal differences between insiders and outsiders lie in the means of knowledge about an SIO and the obligations of confidentiality owed by insiders. An outsider has no direct means of knowledge and owes no duty of confidence. Unless good cause is shown, it is not acceptable that an outsider, without any duty of confidentiality, should have to risk criminal conviction for publication made without any or any reliable knowledge of the existence or nature of an SIO.
Share with your friends: |