The Independent National Security Legislation Monitor report on Secrecy Offences – Review of Part 5.6 of the Criminal Code Act 1995 comments
There is some information that, in the wrong hands, could genuinely harm Australia’s national interests. Secrecy offences that criminalise unauthorised dealing with and communication of this type of information have a role to play in deterrence and punishment. This review considers whether the offences in Part 5.6 of the Criminal Code operate in a way that is effective, necessary, proportionate and consistent with Australia’s international obligations; and whether the offences contain sufficient safeguards.
There are problems with the current offences, and these need to be addressed. For example, there is significant uncertainty as well as conflict with rule of law principles because of the way a policy framework is used to define key elements of some offences. There are also problems with proportionality in penalising non-officials, particularly in relation to receiving or otherwise dealing with information. The recommendations of this review will ensure that information which is or is likely to be harmful to critical national interests remains protected but in a way that is clearer and more consistent with the rule of law and concepts of necessity and proportionality; and with Australia’s international obligations.
This report begins with an overview of the context in which Part 5.6 of the Criminal Code operates and key definitions (Chapter 1), the current threat environment (Chapter 2) and international obligations (Chapter 3). Chapter 4 then considers the main deemed harm offence, finding it uncertain, inconsistent with key rule of law principles and unreasonably broad. Recommendations 1−5 are made to address these concerns, the most important being the removal of reliance on security classification markings as an element of an offence. Harm-based and related offences for officials are analysed in Chapters 5−7. Recommendations 6, 7, 9 and 10 are directed at improving these, including by clarifying definitions and ensuring a cascading approach to penalties. Recommendation 11 sets out principles for a replacement general offence for officials. A key recommendation concerning offences for non-officials is removing ‘dealing with’ offences (Recommendation 8) along with refining the circumstances in which a disclosure offence occurs (Recommendation 12). While there is some scope to recast the defence for journalists as an exception, it is not recommended that a general public interest test or element be introduced (Recommendation 13). Safeguards in both policy and the legislation are discussed in Chapter 10, with some enhancements suggested (Recommendations 14 and 15).
In conducting this review, I consulted with a range of stakeholders, published a detailed Issues Paper, held individual and roundtable meetings, received 22 written submissions, held 2 days of public hearings, received 4 supplementary submissions and responses to questions on notice from 6 agencies. I was greatly assisted by considered submissions from non- government organisations, government agencies and academics as well as by counsel and INSLM staff. I thank all of those who have been involved in the review.
Deemed harm offences for Commonwealth officials
Deemed harm offences do not require proof of any actual harm or risk of harm. They should only be used for information that is always, or almost always, going to be harmful to a critical national interest if disclosed. The current deemed harm offence in s 122.1 of the Criminal Code applies to three broad categories of information: any information that has been classified as secret or top secret; any information obtained or made by or for one of Australia’s 6 main intelligence agencies or any foreign intelligence agency in connection with its functions; and any information about the operations, capabilities or technologies of, or methods or sources used by, any domestic or foreign law enforcement agency.
Security classified information
Relying on classification markings to guide how officials use, store and disseminate information is a longstanding and reasonable policy. However, seeking to incorporate a policy directly into the criminal law raises many legal issues.
Information is ‘security classified’ if it has a security classification applied ‘in accordance with’ a policy framework. There is real uncertainty about when a classification is applied ‘in accordance with’ the policy framework. Not all information marked ‘secret’ or ‘top secret’ will meet the legal test. It is likely that evidence will need to be led in a prosecution to establish that disclosure of the information would be expected to cause serious or grave damage to specified interests. The current policy framework lacks the precision expected for criminal law and parts appear inconsistent with the requirements in the Criminal Code. Training, record-keeping and review procedures are inadequate when it comes to making decisions that have such significant criminal law implications. These things may not be necessary for a policy that has only administrative consequences, but should be in place for decision-making that has such serious criminal law consequences.
Even if more certainty could be injected into classification decision making there are fundamental rule of law issues with having, as a core element of an offence, decisions made under a policy framework. This is because the executive can change policies at any time. It is also problematic that parts of the relevant policy framework are not publicly available. Furthermore, reliance on a policy document to frame a criminal offence may not be compliant with Australia’s international obligation that limits to the freedom of expression can only be imposed by law.
Removing classification markings as a physical element of the offences does not mean that they have no role to play whatsoever. A classification marking combined with evidence of an official’s training and experience in what those markings indicate, would go a long way towards establishing, as matter of fact, the required fault element of recklessness.
RECOMMENDATION 1: The offences in Part 5.6 should not rely on information being classified under a policy framework as an element of the offence.
Information about intelligence agencies
Disclosure of information about the core intelligence operations, capabilities, technologies, methods and sources of Australia’s 6 main intelligence agencies will almost always be harmful to the national interest. But it does not follow that all information to do with those agencies will always be harmful. This is particularly so for agencies whose functions have expanded beyond traditional intelligence functions and now include assisting other bodies – such as the Department of Home Affairs – with their functions; undertaking broad cybersecurity functions; or some commercial mapping. The same is true for routine administrative and corporate information. Disclosure of information about non-intelligence functions and administrative activities can result in harm in some circumstances but not with the degree of certainty that justifies a deemed harm offence. Where disclosures about these other activities cause harm or are likely to cause harm to security, defence or international relations, they will be covered by the harm-based offence in s 122.2 (Recommendation 6).
RECOMMENDATION 2: The deemed harm offences in s 122.1 should not apply to all information connected to an intelligence agency’s functions. Instead, deemed harm should be limited to intelligence information (as defined) and the operations, capabilities, technologies, methods and sources used to obtain or communicate that information.
For ASIS, ASD, AGO and DIO, ‘intelligence information’ should be defined by reference to the existing definition of ‘intelligence information’ in the Intelligence Services Act. For ASIO, it should cover information obtained for the purpose of security (as defined in the ASIO Act), as well as ASIO’s foreign intelligence function in s 17(1)(e) of that Act. For ONI, the definition of ‘intelligence information’ should be linked to ONI’s statutory intelligence functions in s 7(1)(c)(d)(e) and (g) of the ONI Act. The inclusion of DIO in this offence is contingent on Recommendation 5.
Law enforcement – electronic surveillance capabilities
Any intentional or reckless interference with the integrity of the criminal justice system or disclosures that would undermine law enforcement capabilities are serious and deserve some type of sanction. However, it does not follow that it is necessary and proportionate for all information relating to the operations, capabilities, technologies, methods or sources of any agency with a role in enforcing the criminal law to be covered by a broad 7−10-year deemed harm offence. This covers many agencies and a very large amount of information, not all of which is particularly sensitive.
This review recommends a cascading approach. The serious deemed harm offence in s 122.1 should apply to the technologies, capabilities and methods that support the extraordinary electronic surveillance powers that parliament has granted to a small number of agencies to combat serious crimes. These surveillance capabilities include remote computer access, telecommunications interception, network access and account takeover warrants. The specialised capabilities needed to use these powers require significant investment. They would take a long time to replace if compromised, and their loss would seriously undermine the ability to combat serious and organised crime. Other types of interference with the criminal justice system are dealt with in Recommendations 6 and 11.
RECOMMENDATION 3: The deemed harm offences in s 122.1 should not apply to all information relating to the operations, capabilities or technologies of, or methods or sources used by, a domestic or foreign law enforcement agency. Instead, the deemed harm offence should be limited to information that relates to the technologies, capabilities and methods used to exercise special electronic surveillance powers.
Overlapping offences for intelligence agency information
There is almost complete overlap between agency-specific secrecy offences for ASIS, ASD, AGO, DIO, ONI and ASIO and the general offence in s 122.1. Those agency-specific offences presently apply to any information made by or for the agency in connection with its functions. For the same reasons discussed in relation to Recommendation 2, this is excessively broad and these offences should be narrowed in the way proposed by Recommendation 2.
There is a good argument for repealing the agency-specific secrecy offences and instead relying on the Criminal Code. This would be consistent with the goal of reducing the overall number of secrecy offences. Some care in drafting would be required to ensure that all individuals presently covered by the offences (such as ASIS agents) would continue to be covered by the new offence and that new defences were not added without consideration of whether they were appropriate. The penalties are already similar.
Most of the intelligence agencies oppose moving their general secrecy offences into the Criminal Code, primarily because they consider additional defences should not be available. For example, Part 5.6 of the Criminal Code includes defences for lawyers who provide legal advice on offences against that Part and in relation to information that has been previously published. It may complicate the drafting in the Criminal Code for some defences not to be available to people who would otherwise fall into the definition of ‘Commonwealth official’ or persons otherwise performing work for the Commonwealth.
There are some very specific matters that apply to ASIS and ASIO that should be retained as specific offences in their own Acts. In particular, ASIS and ASIO staff and agents undertake covert intelligence collection activities that put them in positions of particular risk if their identities are disclosed.
ASIO’s new function of assessing and granting the highest level of security vetting clearances also presents a particular risk. This information should be covered in the ASIO Act for ASIO staff and affiliates. For other Commonwealth officials, disclosure of vetting information should be covered by the harm-based offences in ss 122.2 and 122.4.
Defence Intelligence Organisation needs statutory functions
Currently the Criminal Code and the IS Act both describe serious criminal offences by reference to DIO’s functions. Those functions are not set in legislation; they are set by a policy document, generated by the Department of Defence, that can be changed at any time. It is not appropriate for the scope of a serious criminal offence to be changeable in this way.
Setting out the functions of DIO in legislation or a disallowable legislative instrument would also provide for parliamentary oversight and clarity in the operation of the exceptions for DIO in the FOI Act, Privacy Act and the way DIO information is dealt with in the PID Act. If this recommendation is not accepted, I recommend that the IS Act be amended to repeal the secrecy offences for DIO and that s 122.1 of the Criminal Code not refer to DIO, as both offences are dependent on the scope of DIO’s functions. The disclosure of DIO information which is likely to harm security, defence or international relations would continue to be covered by the offence in s 122.2.
Harm-based offence for Commonwealth officials
The offence in s 122.2 is a 7-year (or 10-year in aggravating circumstances) harm-based offence. It applies when an official is reckless as to whether their conduct will cause harm, or is likely to cause harm, in a range of circumstances. The offence should be retained but requires increased clarity as to what is meant by ‘security’, ‘defence’ and ‘international relations’. There should be a cascading approach to law enforcement capabilities.
The offence in s 122.2 is a 7-year (or 10-year in aggravating circumstances) harm-based offence. It applies when an official is reckless as to whether their conduct will cause harm, or is likely to cause harm, in a range of circumstances. The offence should be retained but requires increased clarity as to what is meant by ‘security’, ‘defence’ and ‘international relations’. There should be a cascading approach to law enforcement capabilities.
‘Security’ should be defined in accordance with the definition in the ASIO Act. ‘Defence’ should be defined in a way that incorporates functions directly connected to the defence of Australia, such as those described in recommendation 2.3 of the October 2023 INSLM NSI Act Report. ‘International relations’ should cover diplomatic and military relations with foreign governments and international organisations, including bilateral and multilateral law enforcement and intelligence cooperation arrangements.
The offence in s 122.2 should penalise disclosures that could compromise the utility of powers exercised under warrants and authorisations granted to support the investigation of crime by any agency. This includes capabilities connected to statutory powers to access information or to search people, places or things − for example, sensitive forensic capabilities used to extract information from items seized under a search warrant. Other types of interference with the criminal justice system are dealt with in Recommendations 3 and 11.
RECOMMENDATION 4: If separate general ‘deemed harm’ offences are to be retained in the Intelligence Services Act 2001, the Australian Security Intelligence Organisation Act 1979 and the Office of National Intelligence Act 2018, those offences should be narrowed so that the scope of the deemed harm is no wider than that described in Recommendation 2, except that: for ASIS and ASIO existing specific offences relating totheidentityofcurrent and former staff, affiliates and agents should be retained. in the ASIO Act, the offence should include a category of information connected to the function of assessing and issuing Australia’s highest level of security clearance under Part IVA of that Act.
RECOMMENDATION 5: The functions of the Defence Intelligence Organisation should be set out in legislation or in a disallowable legislative instrument.
The offence in s 122.2 should penalise disclosures that could compromise the utility of powers exercised under warrants and authorisations granted to support the investigation of crime by any agency. This includes capabilities connected to statutory powers to access information or to search people, places or things − for example, sensitive forensic capabilities used to extract information from items seized under a search warrant. Other types of interference with the criminal justice system are dealt with in Recommendations 3 and 11.
RECOMMENDATION 6: The offence in s122.2 should apply to disclosures of information by officials where there is harm or likely harm to: security, defence or international relations (as defined) the utility of operational and technical capabilities and methods connected to statutory powers granted to any agency to access information or to search people, places or things (other than those covered by s 122.1) to combat crime AFP protective and custodial functions and proceeds of crime functions, or the health or safety of the Australian public or a section of the Australian public.
‘Dealing with’ offences
The ‘dealing with’ offences penalise conduct even when a person does not intend to disclose information. The definition of ‘deal’ is long and contains overlapping categories. A person deals with information if they receive or obtain it; collect it; possess it; make a record of it; copy it; alter it; conceal it; communicate it; publish it; or make it available. For the officials that the Commonwealth trusts to access the type of information covered by the revised ss 122.1 or 122.2, a ‘dealing with’ offence can be justified in most circumstances. With the exception of removing the initial receipt of information, this recommendation is intended to refine the definition and remove overlap, not to substantially alter the existing offence for officials.
RECOMMENDATION 7: The definition of ‘deal with’ for the purpose of Part 5.6 should be amended so that it excludes initial receipt and does not overlap with the disclosure offences. The remaining parts of the definition (collect, possess, record and copy) are broadly justified for officials, although some clarification in drafting is suggested.
Non-officials are in a different position from officials when it comes to assessing when criminal sanctions are justified. Non-officials do not have the same duty to protect Commonwealth information that officials do. A non-official who attempts a disclosure or commits other ancillary offences (such as inciting an official to make an unlawful disclosure) is already subject to other criminal offences. If they act on behalf of a foreign principal or for espionage, a range of criminal offences apply. Depending on the specific facts, it is possible that possession of stolen property offences may also apply.
Considering the position of non-officials compared to officials and the range of other existing offences, it is not proportionate to apply ‘dealing with’ offences to non-officials. Disclosure offences should continue to apply as per Recommendation 12.
Proper place of custody
There are offences that were intended to apply to officials who remove information from a ‘proper place of custody’. These offences are not operational because, in the almost 6 years since they were enacted, regulations to define ‘proper place of custody’ have never been made. The offences are not necessary and should be repealed.
Aggravating offences
Currently there are 4 circumstances in which an offence by an official under ss 122.1 or 122.2 becomes an aggravated offence. Most should be repealed, as they are uncertain or arbitrary or are part of the aggravating circumstances already considered as part of sentencing, including those associated with dishonesty, gravity and scale.
There are 2 circumstances where a penalty beyond the maximum of 7 years (for communicating) or 3 years (for dealing) is justified. The first is where an official holds the highest level of security clearance. Those with the highest level of clearance have qualitatively and quantitively different access to sensitive information than those with lower clearances or no clearance. There is also a particular harm to the Commonwealth and its relationship with foreign partners if there is a breach of trust by those granted the very highest level of security clearance. A higher maximum penalty can also be justified where a person acts with an intention or knowledge that their conduct will or is likely to cause harm.
RECOMMENDATION 8: The offence for ‘dealing with’ information by non-officials in s 122.4A(2) should be repealed.
RECOMMENDATION 9: The ‘proper place of custody’ offences in ss 122.1(3) and 122.2(3) should be repealed.
RECOMMENDATION 10: The maximum penalty for offences by officials under Part 5.6 should be increased only where, at the time the person received the information or committed the underlying offence, the person held the highest level of Australian Government security clearance; or where the person intended or knew their conduct would or was likely to cause a type of harm covered by the underlying offence.
General offence for Commonwealth officials
The general offence for officials in s 122.4 is due to sunset in December 2024. The Attorney- General’s Department has recommended it be replaced by a new general offence. Policy and drafting work is ongoing. This recommendation can provide only in-principle guidance.
RECOMMENDATION 11: Any general offence to replace s 122.4 should be consistent with the following principles: The new offence should apply to disclosures that prejudice the prevention, detection, investigation, prosecution or punishment of a criminal offence against a law of the Commonwealth. The offence should be harm-based and relate to essential public interests. However, if ‘deemed harm’ offences are to be incorporated, they should be limited to a very narrow category of information where significant harm to an essential public interest is always, or almost always, going to be the result. The offence should cover only disclosures that cannot be adequately dealt with by existing remedies including contractual and administrative remedies. Broad and uncertain language such as ‘functioning of government’ should be avoided. The offence should apply to current and former Commonwealth officials and others who perform work for a Commonwealth entity in relation to information acquired in the course of their duties. However, if the scope of the offence is to be broadened it should still be closely linked to some kind of contract, agreement or arrangement with the Commonwealth. The penalty for reckless conduct should be no more than 2 years imprisonment. If a primary justification for the new general offence is to replace specific existing offences then the offences to be repealed should be included in the legislative proposal in order to allow parliament to properly assess the necessity and proportionality of the new offence.
Offence for non-officials
The offence in s 122.4A applies to non-officials, including journalists. For the reasons applicable to Recommendation 1, using ‘classified information’ as an element of the offence creates significant uncertainty and real concerns with the rule of law. These are even more profound for non-officials. The remaining categories in the existing offence require revisions to bring them into line with other recommendations in this report and to ensure that the threshold for liability for non-officials is higher than for officials.
RECOMMENDATION 12: The offence in s 122.4A for communications by non-officials should be modified so that: classification markings do not form an element of the offence the current requirement that actual harm be established should be maintained and the offence apply to: causing serious damage to the security or defence of Australia, with those terms defined as per Recommendation 6 seriously undermining the utility of the technologies, capabilities and methods used to exercise special statutory powers (per Recommendations 3and4) seriously impeding the prevention, detection, investigation, prosecution or punishment of a criminal offence against a law of the Commonwealth prejudicing the health or safety of the Australian public or a section of the Australian public. the maximum penalty should be approximately half the maximum penalty for a comparable communication by an official. Action should be taken to ensure that ABC and SBS staff and contractors are not inadvertently covered by the offences for officials as persons ‘otherwise engaged to perform work for a Commonwealth entity’.
Journalism and public interest defences
Several non-government organisations made strong arguments as to why a public interest test should be added as an element of secrecy offences and/or that a general public interest defence should be added. There is merit in these arguments. However, it would be complex and uncertain in practice. There are likely to be many competing public interests at play, some of which may shift over time. A general public interest element or defence for officials would also undermine the parliamentary intention that there be specific statutory mechanisms for providing immunity to those who bring forward wrongdoing.
Concerns about ‘dealing with’ information by journalists, lawyers and civil society groups will be dealt with by Recommendation 8. However, if that recommendation is not accepted, additional changes to some defences will be needed.
The current defence for disclosures in the course of reporting news and current affairs should be retained. For a journalist to invoke the defence, they must adduce or point to evidence that, taken at its most favourable, suggests a reasonable possibility that they ‘reasonably believed that engaging in the conduct was in the public interest’. This is known as an ‘evidential burden’ and is not a high bar. Once it is discharged, the prosecution must prove beyond reasonable doubt that each element of the defence does not exist. In the full context of how criminal trials operate in Australia, this approach remains reasonable.
Nevertheless, there may be value in reframing the current ‘journalist defence’ as an exception rather than as a defence. Although the value would primarily be symbolic, it may make clearer that a reasonable belief that conduct is in the public interest is something that can be relied on by a journalist to avoid a conviction.
Role of the Attorney-General
The Attorney-General’s consent should be required for all prosecutions under Part 5.6. The consent requirement may not currently apply to a prosecution that proceeds summarily because consent is triggered by ‘commitment’ which occurs only for trial by indictment. Before any prosecution based on information being ‘security classified’ the Attorney- General must certify that it was appropriate that the information had a security classification. If Recommendation 1 is accepted and security classification is no longer an element of any offence then this requirement will fall away; otherwise, it should be retained.
RECOMMENDATION 13: A new general public interest defence or element should not be added in Part 5.6. However, consideration could be given to recasting the current defence for journalists as an exception rather than a defence.
RECOMMENDATION 14: The requirement that the Attorney-General’s consent be obtained for prosecution under Part 5.6 should be retained. The Attorney- General’s consent should be required regardless of whether the prosecution proceeds by way of committal or summary proceedings.
Prosecution Policy of the Commonwealth
The Prosecution Policy of the Commonwealth contains a non-exhaustive list of factors that the Commonwealth Director of Public Prosecutions (CDPP) is to take into account when considering the public interest in a prosecution. Prosecutions for secrecy offences can require consideration of the role of a free press including in exposing corruption or other wrongdoing by government officials. While the CDPP can already take this into account under the general concept of public interest, there is merit in explicitly including it in the list of public interest factors to be considered.
RECOMMENDATION 15: Consideration should be given to revising the Prosecution Policy of the Commonwealth to expressly include the public interest in a free and open press as one of the factors to be considered in any prosecution for a secrecy offence involving a journalist or news media organisation.