Chapter 6
Looking at the agencies
Monitoring and inspections menu: Introduction | Telecommunications interceptions | Stored communications | Surveillance devices | Controlled operations | Own motion investigations | Benefits of compliance audit
introduction
The Ombudsman's responsibility for inspecting the records of law enforcement and other enforcement agencies, and reporting on those inspections, expanded significantly in 2008–09 in terms of the number of agencies inspected and reports produced. Our role requires the inspection of records related to:
- telecommunications interceptions by the Australian Federal Police (AFP), the Australian Crime Commission (ACC) and the Australian Commission for Law Enforcement Integrity (ACLEI)
- access to stored communications by Commonwealth law enforcement agencies (the AFP, the ACC, ACLEI), other enforcement agencies (such as the Australian Customs and Border Protection Service) and state agencies, including state law enforcement agencies
- use of surveillance devices by the AFP, the ACC and ACLEI, and by state and territory law enforcement agencies under Commonwealth legislation
- controlled (covert) operations undertaken by the AFP, the ACC and ACLEI.
During 2008–09 we carried out 30 inspections, a 60% increase on the number of inspections carried out in the previous financial year. We inspected the records of 15 different agencies, compared to five in 2007–08. The increase was predominantly due to increased access to stored communications by agencies, as described later.
As for 2007–08, changes made to the Telecommunications (Interception and Access) Act 1979 (TIA Act) in 2006, which permitted access to stored communications, required inspection of a number of enforcement agencies for the first time. Indications at this stage are that the number of agencies utilising these provisions, and therefore the number of records to be inspected, will continue to grow.
Across all regimes, it was pleasing to note the attention given by agencies to improving compliance with statutory requirements and enhancing recordkeeping and administrative practices in general. All agencies inspected showed a willingness to implement our recommendations and improve practices.
Particular note should be made of the overall improvement in compliance by the ACC and the AFP in their recordkeeping for telecommunications interceptions and in the use of surveillance devices. Both organisations have put considerable effort into training and policy development relating to compliance, which seems to be having a positive effect. In particular, the efforts of the ACC to implement an agency–wide compliance strategy are commendable.
Definitions
Telecommunications interception is the recording of telephone conversations or other transmissions passing over a telecommunications network. Interceptions occur under warrant for the purposes of obtaining information relevant to an investigation.
Stored communications typically refers to emails and text messages, but may include images or video, which are electronically stored by a telecommunications carrier or internet service provider. For example, an SMS message is stored by a carrier and sent when the intended recipient is able to take the message. Stored communications access occurs under warrant for the purposes of obtaining information relevant to an investigation.
Surveillance devices are typically listening devices, cameras and tracking devices used to gather information relating to criminal investigations and the location and safe recovery of children. The use of these devices will, in most circumstances, require the issue of a warrant.
A controlled operation is a covert operation carried out by law enforcement officers under the Crimes Act 1914 (Crimes Act) for the purpose of obtaining evidence that may lead to the prosecution of a person for a serious offence. The operation may result in law enforcement officers engaging in conduct that would constitute an offence unless authorised by a controlled operations certificate.
TopTelecommunications interceptions
Under the TIA Act, the Ombudsman is required to inspect the records of the AFP, the ACC and ACLEI twice a year to ensure their records comply with the requirements of the Act. We provide a report on each inspection to the agency involved, and present an annual report to the Attorney–General on the results of inspections carried out each financial year. We presented reports on the results of inspections of the AFP and the ACC undertaken in 2007–08 to the Attorney–General in September 2008.
We carried out two inspections each of AFP and ACC records in 2008–09. ACLEI did not have any relevant activity requiring inspection of records. We concluded that there was general compliance by the AFP and the ACC with the detailed recordkeeping requirements of the TIA Act. However, we made several recommendations after each inspection to improve recordkeeping and administration. Each agency accepted the recommendations. They have since implemented a further range of measures and initiatives to improve recordkeeping.
We note that agencies continue to develop their capacity to intercept data and to keep pace with the changing technological aspects of telecommunications interceptions. This aspect of the regime is expected to feature more heavily in future years, especially with the increasing use of voice over internet protocol communications.
Stored communications
Under Chapter 3 of the TIA Act, the Ombudsman is required to inspect the records of enforcement agencies in relation to their access to stored communications, to ensure the records comply with the relevant provisions of the Act. During the year we carried out 17 inspections of stored communications records—two each of the AFP and the Australian Customs and Border Protection Service; and one each of the ACC, Australian Securities and Investments Commission, Corruption and Crime Commission of Western Australia, New South Wales (NSW) Crime Commission, NSW Police, NSW Police Integrity Commission, Northern Territory Police, Queensland Police, South Australia Police, Tasmania Police, Victoria Police, Victoria Police (Ethical Standards Division) and the Western Australia Police.
The stored communications regime covers lower threshold offences than for telecommunications interceptions, and access to the scheme is therefore broader and the 'checks and balances' more limited. An example of the less restrictive manner in which the regime was implemented is shown in the definition of 'enforcement agency', which includes any agency that may impose a pecuniary penalty. Not surprisingly, increasing numbers of agencies take advantage of this facility to investigate crime and gather intelligence, placing a considerable burden on the resources of the Ombudsman's office.
The most concerning feature of the inspections we carried out in 2008–09 was that a number of purported stored communications warrants had been signed by persons not appointed to be issuing authorities under the TIA Act. Otherwise there was generally a satisfactory level of compliance by each agency. Discussions are still continuing with the agencies to ensure that access to stored communications is lawful and occurs in compliance with the TIA Act. We also continue to hold discussions with the Attorney–General's Department in relation to the interpretation of a number of provisions relating to stored communications and the effect that these provisions have on carriers and agencies.
Surveillance devices
Under the Surveillance Devices Act 2004 (SD Act), the Ombudsman is required to inspect the records of the AFP, the ACC and ACLEI each year to ensure their records comply with the requirements of the Act. In 2005 we commenced a program of two inspections each year of AFP and ACC records to coincide with the Ombudsman's bi–annual requirement to report to the Attorney–General. We conducted two inspections each of the AFP and the ACC during 2008–09. ACLEI did not have any relevant activity requiring inspection of records. As the NSW Police had utilised provisions in the SD Act, we also inspected its records.
We provided reports to the Attorney–General in August 2008 and March 2009 for tabling in Parliament. These reports contained the results of inspections finalised during the preceding six–month periods (January to June and July to December, respectively).
Overall there was a significant improvement in the agencies' level of compliance, and they were assessed as being compliant with the SD Act. The areas where improvement could be made varied and no single issue stood out.
Controlled operations
The Ombudsman has an oversight role in ensuring that controlled operations are approved, that records are maintained in accordance with Part 1AB of the Crimes Act, and that information supplied by agencies about controlled operations in quarterly and annual reports to the Attorney–General and Ombudsman is adequate.
During the year we conducted four inspections of controlled operations records—two each at the AFP and the ACC. We concluded that both agencies are generally compliant with the legislative requirements and provide comprehensive information in their formal reports. We provided reports on the inspections to both agencies. An annual report for 2007–08 was presented to Parliament in September 2008.
The quarterly reports are required to contain information on the conduct of completed controlled operations, including details on the handling and possession of illicit goods. In previous years our focus has been on whether the information is reported in a timely manner and any dealings in illicit goods are within the bounds of the authority of a controlled operations certificate. During 2008–09 we took a broader view of our role in relation to the handling and possession of illicit goods, and have commenced testing the accuracy of the reported information. In general, we have found that the records presented for inspection have been more limited than we require, and we are working with the agencies to identify appropriate records and source documentation.
Own motion investigations
During 2008–09 we undertook two own motion investigations of the ACC's use of 'examination' powers under the Australian Crime Commission Act 2002.
The first investigation focused on the issuing of summonses and notices under the Act. We published a report Australian Crime Commission: Use of certain powers under Division 2, Part II of the Australian Crime Commission Act 2002 in August 2008 (Report No. 10/2008) and provided a copy to the Parliamentary Joint Committee on the Australian Crime Commission as part of its inquiry into the Australian Crime Commission Amendment Act 2007.
The committee released its report in September 2008. It noted the Ombudsman's contribution and made two recommendations relating to Ombudsman oversight of the ACC's examinations process. The Attorney–General's Department is currently preparing a government response in consultation with this office and the ACC.
In light of the committee's proposal on the Ombudsman's oversight function, we conducted a further investigation to gain a better understanding of the examinations process. We considered the wider powers available to the ACC in relation to examinations and reviewed records relating to the use of these powers. The findings of that investigation have not been published.
Benefits of compliance audit
Those agencies that are regularly inspected by this office now show a high level of compliance with legislative provisions. While it was common some years ago (and occurred last year) to find incidents of powers being used without warrant or other gross breaches of the legislation, this year there were few breaches of the legislation. Although problems persist and there is still room for improvement, agency practices have improved noticeably.
Such an improvement demonstrates the value of compliance audit as an oversight mechanism. While compliance audits do not purport to address the merits of the use of certain powers in individual cases, the audits improve the manner in which individual cases are brought before relevant authorities. As a result there is improved compliance at a systemic level. In short, compliance audits are a valuable exercise in accountability. The case study Agency reporting improvements illustrates how such improvements are made.
Agency reporting improvements
Section 49 of the Surveillance Devices Act requires the chief officer of an agency to send reports to the Minister (the Attorney–General) in relation to each warrant, emergency authorisation and tracking device authorisation issued or given, as soon as practicable after the warrant or authorisation ceases to be in force. Each report must contain certain information and copies of any instruments related to the warrant or authorisation.
In previous years we have been critical of errors and omissions in the reports provided under s 49 of the Act. Problems included incorrect dates recorded for the use of surveillance devices, failure to identify the people who installed devices, incorrect identification of the devices used, and failure to provide details of the premises in which devices were installed. The most persistent problem was a failure to send the reports at all, or within at least three months of each warrant or authorisation expiring.
With few exceptions, in past years we also found the recordkeeping relating to s 49 reports to be very poor. Complete signed copies of reports, as sent to the Attorney–General, could rarely be found on file, and there was little in the way of dispatch and receipt notes. Although there is no legislative requirement for such records to be kept, it is good administrative practice, and we made a number of recommendations relating to administration, rather than compliance.
It was pleasing to see this year that these administrative practices have largely been adopted by agencies and the recordkeeping relating to s 49 reports has improved significantly. Not surprisingly, a corresponding improvement has been noted in the accuracy and timeliness of the reports, and a significantly improved level of compliance achieved.
Previous
page | Next page—Chapter 7–Helping people, improving government