Secrecy Offences Review public hearing 25 March – Opening Remarks

Introduction

1. My name is Jake Blight and I am the Independent National Security Legislation Monitor, or the INSLM. This is a public hearing conducted under s21 of the INSLM Act as part of my review into the secrecy offences in Part 5.6 of the Commonwealth Criminal Code Act 1995. This hearing is being live streamed and a transcript will be available on the INSLM website in due course.
2. I wish to acknowledge the Ngunnawal people as traditional custodians of the land this hearing is on and recognise any other First Nations people or families with connection to the lands of the ACT and region. I acknowledge and respect their continuing culture and the contribution they make to the life of this city and this region. I would also like to acknowledge and welcome Aboriginal and Torres Strait Islander people who may be attending today’s hearing. As this is a hearing about law and law reform I also wish to acknowledge that Aboriginal and Torres Strait Islanders people have had, and continue to have, systems of law on these lands for tens of thousands of years.
3. Sitting with me are my Principal Adviser Mark Mooney, Senior Adviser Kimberley Elliot and Counsel Assisting, Anthony Hall. I would also like to acknowledge the other INSLM staff who have worked hard to get us to this point.
4. Like all INSLM Reviews the purpose of my work is to provide an independent assessment of the operation, effectiveness and implications of the relevant law and whether it contains appropriate safeguards for the rights of individuals, remains proportionate and necessary to the threat and whether it is compliant with Australia’s international obligations. Consistent with the role of a law reform body like INSLM the output of this work will be a report, which might contain recommendations for change, and which is provided to the Attorney-General and tabled in Parliament.

Background –

5. Secrecy offences have an important role to play in protecting national security and other critical national interests. There is some information which in the wrong hands could genuinely harm those interests. The challenge is in enabling harmful disclosures to be prosecuted, but in a way that is proportionate and so that the law does not criminalise disclosures which are not harmful and that the offences are consistent with rule of law principles including that the law should be certain and knowable. Secrecy must always be balanced against the need for government to be accountable.
6. This isn’t the first review of secrecy laws to grapple with this difficult balance. There have been several others including an important Australian Law Reform Commission review in 2009. There was also a recent Departmental review by the Attorney-General’s Department that looked across over 800 secrecy provisions in the Commonwealth statute books and recommended 12 principles to reduce the overall number of offences and support a consistent approach to framing secrecy laws: these are laudable goals and sound principles.
7. However, this is the first time that there has been an in-depth and independent review of the serious secrecy offences in Part 5.6 of the Criminal Code since they were enacted in 2018. Most of these offences are targeted at national security and related information – an area that the Independent National Security Legislation Monitor is uniquely positioned to examine – this is why INSLM exists as a specialist review body and why I have the power to obtain and examine all relevant information, regardless of security classification.
8. I released an 80-page issues paper in January (plus a 25 page annex). Since then I have met with many stakeholders and convened three round table discussions: with leading academics in the field, with civil society groups and with intelligence agencies. I have received 20 submissions, running to around 300 pages plus correspondence from the Inspector-General of Intelligence and Security and National Archives.
9. These are very valuable and I have read them all carefully and will continue to have regard to these submissions as the review progresses. I particularly want to thank the volunteer or largely volunteer groups who have given up their time to contribute to this review including those from civil liberties groups, law council volunteers, individual journalists and academics.
10. The submissions to this review express a wide range of opinions on the offences.
11. Some submitters, including Civil Liberties Australia, say that there is a growing culture of excessive secrecy in government. Some say the offences are largely fine as they are or could be made a little clearer. Many say they have significant concerns with the provisions.
12. Several submissions, including by law and media groups, make the point that secrecy offences have to be considered alongside whistleblower protections. It is fair to say that not all feel that current whistleblower protections are adequate. These are important issues, but my jurisdiction for this review is only the secrecy offences themselves. All I will say is that an effective scheme of protections for whistleblowers is relevant to the overall operation and proportionality of secrecy offences and I look forward to the progress of other reviews looking at these protections.

The current offences

13. Part 5.6 of the Criminal Code is complex. There are four key provisions, which together contain 11 offences, 8 of which can also be aggravated offences. There are 11 individual defences and 20 or more definitions that need to be referred to when reading the provisions. Unusually, in Part 5.6 two policy documents – the protective security policy framework and the DIO mandate form part of the boundaries of some of the criminal offences. That raises a range of legal complexities.
14. For the next few minutes, I am going to provide a bare outline of the offences and highlight some of the key issues raised in submissions and put forward some of my preliminary views on possible ways to address them. These issues and proposals form the basis of many of the questions I will ask in this hearing. Copies of submissions and the original issues paper are available on the INSLM website.
15. In essence there are four main offences, three for ‘Officials’ and one for ‘people external to government’ – which includes journalists, academics and civil liberties groups. The offences cover both disclosing and ‘dealing with’ information. 

Deemed harm offence

16. The offence in s 122.1 (which I’ll call ‘offence #1’) is a deemed harm offence that applies to government officials who disclose or deal with so-called ‘inherently harmful information’. Deemed harm means that the prosecution doesn’t have to prove that harm was caused for there to be an offence – harm or risk of harm, which is normally part of a criminal offence, is just taken to be true if the information falls into a certain category.
17. It is a very serious offence, the maximum penalty is 7 years imprisonment. Though this becomes 10 years in aggravating circumstances including where the official has a security clearance, which is presumably almost always the case for officials who have access to this type of information.
18. There are three broad categories of information currently covered by offence # 1: anything classified as Secret or Top Secret by the government; anything made or obtained by or for an intelligence agency; and information relating to law enforcement operations and capabilities.
19. It is fair to say that, at this stage, I have a lot of concerns with this offence. My concerns can be grouped into concerns about breadth of what is deemed to always be harmful and concerns about the use of policy documents in defining elements of an offence.
20. I reiterate what I said earlier – there is undoubtedly information which if disclosed can cause harm. My concern is that the way offence #1 is presently framed may be too broad and too uncertain: this review is exploring whether there may be a better path to protecting truly harmful information and one which is more consistent with long established legal principles.

Security classified information

21. The first part of offence #1 imposes criminal liability based on a security classification applied by an official under a ‘policy framework’. No doubt many documents which are properly classified as Secret or Top Secret really could cause harm if mishandled or disclosed. Though it is possible to imagine that information might at least occasionally be over classified or not remain as classified as it once was.
22. As a matter of legal interpretation and policy, there appears to be some difference of opinion in submission on what is, or should be, required to be proved in regard to the physical element of a classification. Some suggest the Crown has to prove that every classification was applied, as the Act says, “in accordance with” the policy framework – which could be even more complex than a traditional harm base offence that requires leading evidence to show harm or risk of harm–particularly for Top Secret documents where exceptionally grave harm to the national interest is a criteria for proper classification. On the other hand, some seem to be saying that all that is and should be required is that the document has the stamp of Secret or Top Secret on it and the Court shouldn’t be able to go behind that. As the Law Council, Human Rights Commission and others have said it is hard to see how the latter approach could meet the test of necessity and proportionality.
23. Either way, there is a real issue of principle with using a policy document and administrative decisions made by officials interpreting that policy as a physical element of a criminal offence. I am interested in exploring the extent to which harm from the disclosure of properly security classified materials could be dealt with in a harm-based offence. On such an approach classification marker may still be relevant to showing the mental element (recklessness) on the part of Commonwealth officials. History tells us that the Crown has been able to prove harm or risk of harm in plenty of national security related matters, and I don’t have reason to doubt the ability of prosecutors to do so for a secrecy offence that requires showing harm or risk of harm, doing so may actually be easier and less complex than proving that a document was and remains properly classified. Litigating any matter involving highly sensitive material has always been, and will remain, complex to balance in a system founded on open justice. Adducing such evidence in a proper way is what the NSI Act is intended to facilitate. 

Any information relating to an intelligence agency 

24. The second broad category of information deemed to always be harmful by offence #1 is any information that was obtained by, or made by or on behalf any of six of Australia’s intelligence agencies or any foreign intelligence agency. Any information - that is a huge category.
25. It covers things that most would agree should be covered by a serious offence, like the covert surveillance technologies used by ASIO or ASD and the secret intelligence provided to ASIS by overseas partners. But any information (true or otherwise) made by or on behalf of Australian or foreign intelligence agencies – that means everything including non-intelligence functions and administrative matters: a report about a bullying or sexual harassment allegation, a payment receipt issued by agency confirming the purchase or stationary or a media communications strategy for an intelligence agency developed by a consultant.
26. There is definitely an argument that some disclosures about these things may be harmful at least in some circumstances. But the question in relation to this first offence is not whether an offence may be appropriate, it is whether all information about six intelligence agencies should automatically be covered by a 7-10 year deemed harm offence. Most reviews have said that deemed harm offences, particularly serious deemed harm offences, should be reserved for the narrowest category – things that are actually inherently or always harmful.
27. My preliminary view is that the strongest argument for a class of information which might be justified as inherently harmful is that which relates to core intelligence gathering functions. For ASD, AGO and ASIS and possibly DIO this could be described as things that relate to the operations, capabilities, methods or sources used to obtain or disseminate intelligence information a term already defined in the Intelligence Services Act. A similar thing could be said in relation to ASIO for security intelligence, and perhaps its new vetting function. It may be that this argument is strongest in the case of disclosures by current and former intelligence officials themselves – those who have voluntarily taken on these specialised and trusted roles within government.

Law enforcement information

28. The third broad category of information covered by the current offence #1 is any information that relates to the operations, capabilities, technologies, methods or sources of any domestic or foreign ‘law enforcement agency’. Similar issues arise with the breadth of the information covered here – some may well be harmful at some point in time but it doesn’t follow that all necessarily will be at all times. In addition to the breadth of information covered another issue with this offence is that law enforcement agency isn’t defined. Its ordinary meaning arguably extends to any agency involved in enforcing the criminal law – that is a very large number of Commonwealth and possibly even State agencies. The Tax office, Centrelink, The Great Barrier Reef Marine Park Authority. They all do important work – but the question for this review is whether it is really necessary and proportionate for everything relating to operations of all such bodies to be covered by a 7 or 10 year deemed harm offence?

Serious harm offence

29. The second offence (s 122.2) also applies to Commonwealth officials. It is also a 7+3 – that is, up to a 10 year offence where there are aggravating circumstances. This offence can be broadly summarised as requiring that there be harm or risk of harm to law enforcement, international relations, the health or safety of the Australian public or the security or defence of Australia.
30. I do have some concerns with this offence, though they are not as extensive as my concerns with offence #1. There are some issues with how the categories are expressed and whether they do, or should, align with the categories recommended by the ALRC in 2009.
31. At the very least, it seems like clearer definitions of security, international relations and Defence may be needed. I also have questions around whether ‘interfere’ (as opposed to prejudice or impede) is too low a standard for a 7+3 year offence and whether the same offence should cover prejudice to every type of criminal investigation or if the 7+3 year offence should be reserved for prejudice to investigations or capabilities relating to serious crime.

General offence

32. The third offence (s 122.4) currently applies to officials who breach a duty imposed by another law not to disclose information. That offence is due to sunset later this year and the recent AGD Review proposed that there be a new general offence capable of replacing many other offences scattered through the statute books.
33. Several submissions flagged concerns about the breadth of the new offence, as originally proposed. The AGD submission to this review suggests that further policy thinking is being done on the scope of the proposed new offence: it refers to the scope of the proposed offence as being possibly limited to ‘harms caused by the improper disclosure of sensitive personal or commercial information that is entrusted to government, or harm to the administration of government caused by the disclosure of certain ‘confidential information’. I look forward to exploring what this new proposal may look like and whether it addresses concerns raised in submissions.

Offence for non-officials

34. The fourth offence, in s 122.4A, applies to people who are not Commonwealth officials - including journalists, civil society groups and academics. Perhaps unsurprisingly, it has been the subject of some quite detailed submissions by media organisations and other non-government groups.
35. It has long been acknowledged that the criminal law should treat differently disclosures by the Commonwealth’s own staff and contractors and those who do not have such a relationship with the Commonwealth – ordinary citizens. This type of differentiation between people with different responsibilities is not uncommon in criminal law, even where the ultimate harm is the same.
36. One of the issues with this offence is that like offence #1 it relies in part on whether information is classified by government as secret or top secret–- in other words deemed harm based on a decision made under a policy - the same concerns as I have already described apply here, perhaps even more so for non-officials.
37. A second issue that has been raised is whether the mental element for this offence should be increased to intention or knowledge of the harm or likely harm, rather than recklessness.
38. A third issue with this offence is the extent to which it criminalises the receipt of information. There is some debate in the submissions about what is required to intentionally receive a document or information, and some quite compelling examples of how the current offence impacts journalists and civil society groups in a practical way. I am, at this stage of the review, minded to agree that – at the very least – merely ‘receiving’ should be removed from the offence. Intentionally retaining without reasonable cause may be a different thing.
39. There have been several submissions on whether the current defence for journalists in s 122.5(6) is adequate, in light of the special position of journalists and their relationship with sources. I am conscious that the Parliament has very recently passed the Counter-Terrorism Legislation Amendment (Prohibited Hate Symbols and Other Measures) Act 2023 (banning amongst other things the display of Nazi symbols). Under that Act there are exemptions as well as defences for journalists and others, and I will be interested to explore whether recasting the journalist defence in 5.6 as an exemption makes any practical difference to the AFP and in investigating and prosecuting offences, and whether it would make a practical difference to journalists and civil society groups who may seek to rely on those exemptions or defences.

The review so far and what comes next

40. That was just a quick overview of what, as I said, are complex offences. Offences which clearly raise many issues to be explored in this review. I reiterate what I said at the start: I accept that there is some information which in the wrong hands could genuinely harm national interests. There are many layers of administrative measures to protect that information, but the criminal law also has some role to play. The challenge is in ensuring that harmful disclosures can be prosecuted, but that the law is proportionate, clear and certain. We need to balance the protection of critical information with the need to ensure the law is limited to restricting only what it is truly necessary and in the public interest to restrict - doing so is not only essential to meeting our international human rights obligations it can also aid accountability and promote trust in intelligence and law enforcement agencies by ensuring that their powers and protections do not go beyond what is truly necessary. These agencies do important work and we must always be careful that laws relating to them do not undermined the very democracy we want them to protect – a democracy supported by freedom of communications including a free press.
41. We are now at the start of two days of public hearings. I will consider whether additional private hearing days are necessary. I have some follow-up written questions for some submitters who have not been called to give evidence. There may also be questions on notice from today. Where possible responses these will be published on my website. There will also be a short window for supplementary submissions.
42. My aim – if it is possible- is to complete this inquiry and provide a report to the Attorney-General in May. INSLM reports must be tabled within 30 calendar days or 15 sitting days.
43. In closing, I once again thank all submitters and witnesses and my staff and counsel. I now welcome the first witness, Mr Burgess the Director-General of Security.