01 June 2015

Online Blocking under s 313

The House of Representatives Standing Committee on Infrastructure and Communications (Communications Committee) has released its report into the use by government agencies of section 313 of the Telecommunications Act 1997 (Cth).

The report states that "Government agencies need to have the power to disrupt illegal online services". 

The Committee examined the use of s.313 by government agencies in the disruption of illegal online services, including the widely-reported inadvertent blocking in 2013 of a mere 250,000 websites by ASIC in 2013. Section 313
provides Australian government agencies (including state government agencies) with the ability to obtain assistance from the telecommunications industry when upholding Australian laws. Amongst other things, it enables government agencies to request Internet Service Providers (ISPs) to provide such help as is reasonably necessary to disrupt the operation of illegal online services by blocking access to websites. Requests for assistance are not covered by warrants or court orders but rather the broader obligation of industry to comply with the law. This gives ISPs some flexibility in their response. ...
Section 313 deals with the obligations of carriers and carriage service providers. Subsections 1 and 2 deal with preventing the use of telecommunications networks in the commission of offences. Subsections 3 and 4 concern the giving of assistance to government agencies. Subsections 5 and 6 provide protection for carriers and carriage service providers, and their employees, from liability for actions undertaken under s.313. Subsection 7 refers to the giving of help under certain circumstances. ....
With regard to the disruption of illegal online services, subsection 3 is the operative provision. It states:
(3) A carrier or carriage service provider must, in connection with:
(a) the operation by the carrier or provider of telecommunications networks or facilities; or
(b) the supply by the carrier or provider of carriage services;
give officers and authorities of the Commonwealth and of the States and Territories such help as is reasonably necessary for the following purposes:
(c) enforcing the criminal law and laws imposing pecuniary penalties;
(ca) assisting the enforcement of the criminal laws in force in a foreign country;
(d) protecting the public revenue;
(e) safeguarding national security.
The report comments
In March 2013, the Australian Securities and Investments Commission (ASIC) used powers available under

s.313 of the Telecommunications Act 1997 to disrupt websites perpetrating financial fraud against Australians. This action led to the inadvertent disruption of a number of online services and raised questions regarding the transparency and accountability of the use of s.313 by government agencies to disrupt illegal online services.
In particular, concerns were raised that website owners and users were generally unaware that:
  • an illegal online service had been disrupted; 
  • why it had been disrupted; 
  • who requested the action taken; and 
  • who could be contacted to appeal the decision.
The Committee was asked to consider:
(a) which government agencies should be permitted to make requests pursuant to section 313 to disrupt online services potentially in breach of Australian law from providing these services to Australians
(b) what level of authority should such agencies have in order to make such a request
(c) the characteristics of illegal or potentially illegal online services which should be subject to such requests, and
(d) what are the most appropriate transparency and accountability measures that should accompany such requests, taking into account the nature of the online service being dealt with, and what is the best/appropriate method for implementing such measures:
a. Legislation
b. Regulations, or
c. Government policy.
The Committee received 21 submissions from organisations, government agencies and individuals (including one from myself) but essentially channelled the Australian Federal Police.

Its report recommends the adoption of guidelines for use by government agencies, which will include:
  • the development of agency-specific internal policies consistent with the guidelines; 
  • clearly defined authorisations for website disruption at a senior level; 
  • defining activities subject to disruption; 
  • industry and stakeholder consultation; 
  • use of stop pages to identify the requesting agency, reason for disruption, agency contact, and avenue for review; 
  • public announcements, where appropriate; 
  • review and appeal processes; and 
  • reporting arrangements. 
The Committee also recommends that all agencies using s.313 have "the necessary level of technical expertise to carry out such activity, or procedures for drawing on the expertise of other agencies".