KAREN MID­DLE­TON

Grow­ing sus­pi­cion over the gov­ern­ment’s se­cu­rity and in­tel­li­gence pow­ers has seen the heads of two pow­er­ful agen­cies be­gin a charm of­fen­sive to try to win back pub­lic trust. Karen Mid­dle­ton re­ports.

The Saturday Paper - - Front Page -

Aus­tralia’s se­cu­rity and in­tel­li­gence agen­cies are on a drive to im­prove pub­lic trust as they seek more in­tru­sive pow­ers, with the head of the pow­er­ful Home Af­fairs Depart­ment, Mike Pez­zullo, declar­ing the so­cial con­tract they have with the pub­lic has been dam­aged and needs to be re­drawn.

Fol­low­ing a pub­lic speech in which he warned mem­bers of Aus­tralia’s se­cu­rity com­mu­nity they must be ex­tremely care­ful not to overuse their ca­pa­bil­i­ties, Pez­zullo told The Satur­day Pa­per this week that trust in se­cu­rity agen­cies had suf­fered in the past decade fol­low­ing the dam­ag­ing leaks of clas­si­fied in­for­ma­tion by United States gov­ern­ment whistle­blow­ers Ed­ward Snow­den,

Chelsea Manning and oth­ers.

While con­demn­ing the leaks and de­scrib­ing Snow­den’s ac­tions in par­tic­u­lar as “trea­sonous” – even sug­gest­ing for­eign gov­ern­ments may have “played” him – Pez­zullo says they ex­posed the ex­tent to which spy agen­cies world­wide were mon­i­tor­ing cit­i­zens and gath­er­ing data. And that came as a shock to some.

The leaks forced gov­ern­ments to ex­plain and jus­tify their ac­tions and, in some cases, mod­ify their prac­tices.

Un­til those leaks ex­posed the ex­tent of gov­ern­ment cy­ber op­er­a­tions, in­tel­li­gence agen­cies had an un­writ­ten deal with the gen­eral pop­u­la­tion that they could op­er­ate in se­cret – with ap­pro­pri­ate over­sight – be­cause they were act­ing in the na­tional in­ter­est.

“The tra­di­tional bar­gain up un­til about a decade ago was ‘we’re not go­ing to talk about any of this, but you can pre­sume that we’re keep­ing you safe’,” Pez­zullo says.

“[Peo­ple] by and large ac­cepted it. The tech­niques are so se­cret, the sources are so se­cret, there are agents’ lives at risk, the na­ture of our very spe­cial ca­pa­bil­ity, say, for cryp­tog­ra­phy, is so sen­si­tive that we can’t even hint at how we do it. And so, peo­ple had a sense, partly through pop­u­lar cul­ture – you saw your Bond movies or what­ever – that … all of this has been done in our name and it seems to be all okay and we’re safe. I think what changed [with] the dis­clo­sures of a decade or so ago … The cit­i­zenry in the West, at least, started to say, ‘Oh, there’s quite a lot ac­tu­ally, there’s a lot col­lected.’”

In a separate speech to the Aus­tralian Strate­gic Pol­icy In­sti­tute on Mon­day night, one of the chiefs among Aus­tralia’s in­tel­li­gence col­lec­tors, the di­rec­tor-gen­eral of the nor­mally highly se­cre­tive Aus­tralian Sig­nals Di­rec­torate, Mike Burgess, de­fended his spy agency’s ac­tiv­i­ties, say­ing it had “come out of the shad­ows” this year.

“And that’s the way I in­tend it to stay,” said Burgess, not­ing that ASD had sent out its first tweet this week, in­clud­ing a wry one-liner: “Hi in­ter­net, ASD here. Long time lis­tener, first time caller.”

Burgess out­lined ASD’s now­ex­panded statu­tory role in both the mil­i­tary and civil­ian do­mains: to gather in­tel­li­gence, ad­vise de­fence, law en­force­ment and busi­ness on cy­ber threats and pro­tect against – and in some cases dis­rupt – those threats.

He re­jected sug­ges­tions in news re­ports ear­lier this year that it would be spy­ing on its own cit­i­zens but did not rule out spy­ing on those sus­pected of plan­ning or com­mit­ting of­fences, say­ing ASD had no in­ter­est in “ev­ery­day Aus­tralians”.

Burgess made a case for ASD’s re­cently ex­panded pow­ers.

“Of­fence in­forms de­fence and de­fence in­forms of­fence,” he said – a phrase he would re­peat twice more dur­ing the speech. “Or, to put it an­other way, to best catch a thief, you will need to think like one – or per­haps, be one.”

Pez­zullo, in his speech on

Oc­to­ber 25 to the Aus­tralian Na­tional Univer­sity na­tional se­cu­rity col­lege’s Women in Na­tional Se­cu­rity con­fer­ence, con­ceded that the se­cu­rity com­mu­nity was “not good at mount­ing the ar­gu­ment” for what it does and re­lied too heav­ily on the fact that its prac­tices were se­cret and would be ob­scured from pub­lic view.

“Too many of us have grown up with the in­stinct of ‘whack a clas­si­fi­ca­tion on it, put a code word on it and no one needs to know’,” Pez­zullo said last week.

“I’m sorry. Democ­racy is ac­tu­ally be­ing tested, col­leagues. Our li­cence to op­er­ate is be­ing chal­lenged.”

This week, in an­other speech and sub­se­quent in­ter­view with The Satur­day Pa­per, Pez­zullo said the huge in­ter­net com­pa­nies that col­lect mas­sive amounts of data and then use or sell it for profit – and whose plat­forms have been hi­jacked in dis­in­for­ma­tion cam­paigns – were also con­tribut­ing to pub­lic sus­pi­cion.

“Whether you’re in the pri­vate sec­tor or the pub­lic sec­tor, this ques­tion of the li­cence to op­er­ate – and what are the terms and con­di­tions around the li­cence to op­er­ate, what is the na­ture of that con­tract – has to be, I would go so far as to say, rethought,” Pez­zullo says.

Now they all have to bet­ter ex­plain – and be ac­count­able for – what they do.

And in a sec­ond speech in as many weeks, to fel­low pub­lic ser­vants on Tues­day through the In­sti­tute of Pub­lic Ad­min­is­tra­tion Aus­tralia, he warned that on­line “con­nect­ed­ness” had been rev­o­lu­tion­ary with its seem­ingly lim­it­less reach but was also “nar­row­ing our hori­zons of in­ter­est” by let­ting cor­po­ra­tions re­strict what users see.

He said that made it a po­ten­tial threat to democ­racy.

“We should not de­lude our­selves,” Pez­zullo told his au­di­ence. “In the dig­i­tal age, the ‘truth’ is still me­di­ated – by al­go­rithms, for­eign in­ter­fer­ence, mar­ket re­search, dis­in­for­ma­tion and so much more. We are not see­ing, as the dig­i­tal in­dus­trial com­plex would have it, the un­medi­ated ex­pres­sion of the pop­u­lar will, free of the taint of ‘power’. Rather, our shared sense of what is true is be­ing un­der­mined and power is be­ing re­framed un­der a ve­neer of ‘free­dom’ – but with­out the ap­pa­ra­tus of rep­re­sen­ta­tion and the me­di­a­tion of power which al­lows the lat­ter to be held to ac­count.”

Pez­zullo’s dou­ble-headed pitch, com­bin­ing self-re­flec­tion on over­reach with warnings about threats posed by the com­pa­nies that so many peo­ple trust with their sen­si­tive in­for­ma­tion, co­in­cides with the se­cu­rity agen­cies’ con­tro­ver­sial bid for greater pow­ers to ac­cess the en­crypted data these com­pa­nies hold and oversee.

Ac­cess would be tar­geted and would in­volve war­rants.

Leg­is­la­tion aimed at giv­ing the agen­cies the au­thor­ity to ac­cess cer­tain en­crypted in­for­ma­tion is cur­rently be­fore the se­cu­rity watch­dog, the par­lia­men­tary joint stand­ing com­mit­tee on in­tel­li­gence and se­cu­rity.

The par­lia­men­tary in­quiry has at­tracted dozens of sub­mis­sions, many of which – in­clud­ing one from the Law Coun­cil of Aus­tralia – sug­gest the power it would give the agen­cies goes too far.

The Law Coun­cil warns it con­tains no ac­knowl­edge­ment that in­di­vid­u­als and busi­nesses are en­ti­tled to rea­son­ably ex­pect com­mu­ni­ca­tions are con­fi­den­tial and could un­der­mine Aus­tralia’s rep­u­ta­tion as a se­cure place to do busi­ness.

Oth­ers, in­clud­ing the big tech com­pa­nies, have warned that cre­at­ing ways of ac­cess­ing en­crypted data could ex­pose their sys­tems to hack­ing.

Pez­zullo is con­fi­dent that is­sue is re­solv­able.

“If there’s a dif­fer­ent way to write that pro­vi­sion which still keeps the idea, that’s a mat­ter for the com­mit­tee,” says Pez­zullo. “We’re not go­ing to preempt that.”

But he says the lan­guage of over­reach is sim­plis­tic.

“This is to as­sist the in­ter­cep­tion of con­tent that can al­ready be ac­cessed, ex­cept it’s dark,” he says, mean­ing the ba­sic meta­data can al­ready be ac­cessed legally but not the mes­sages’ en­crypted con­tents. “So, you’ve got to have a war­rant, the AFP has got to have a sus­pect, ASIO’s got to have a per­son of in­ter­est.”

And the agen­cies’ ac­tiv­i­ties are sub­ject to over­sight.

Pez­zullo seeks to re­as­sure the doubters. “Gen­er­ally speak­ing, I mean, laws have been passed and you can as­sume that elected rep­re­sen­ta­tives who are in touch with com­mu­nity at­ti­tudes would not be pass­ing those laws if they felt that there was a, you know, a ve­he­ment op­po­si­tion,” he says.

“But the con­cern about safe­guards, the con­cerns about trans­parency – who’s go­ing to mon­i­tor folks in our po­si­tions – I think that dis­cus­sion has been shift­ing for about 10 years.”

De­fend­ing the proper use of

se­cu­rity pow­ers, Pez­zullo told the ANU con­fer­ence last week that Aus­tralian agen­cies were scrupu­lous and were ac­count­able. Any breaches of their rules, he said, paled in com­par­i­son with the un­reg­u­lated prac­tices in non-demo­cratic regimes.

“On oc­ca­sions, our mis­use of that li­cence … is not egre­gious and cer­tainly noth­ing on the scale of how some oth­ers mis­use their li­cence to op­er­ate, be­cause they just write their own li­cence,” said Pez­zullo.

“So, we shouldn’t flag­el­late our­selves over it – our poor in­stinc­tive re­ac­tions to how to mount the ar­gu­ment about our li­cence is the one thing in our vo­ca­tion I think we need to do a lot of work on.”

But the In­spec­tor-Gen­eral of In­tel­li­gence and Se­cu­rity (IGIS), who over­sees 10 in­tel­li­gence agen­cies – up from six, with this year’s re­struc­tur­ing of the se­cu­rity ar­chi­tec­ture and cre­ation of the Depart­ment of Home Af­fairs – has found fur­ther work is re­quired in their prac­tices, too.

In her re­cently pub­lished yearly re­port, Mar­garet Stone, the cur­rent

IGIS, listed a series of breaches in which the Aus­tralian Se­cu­rity In­tel­li­gence Or­gan­i­sa­tion (ASIO) in par­tic­u­lar had failed to com­ply with re­quire­ments, in­clud­ing sloppy ad­min­is­tra­tion, in­com­plete in­for­ma­tion supplied to min­is­ters, in­cor­rect tar­get­ing of phone in­ter­cepts and stor­age of data.

She said she was sat­is­fied prob­lems had been rec­ti­fied but raised con­cerns about re­peated mis­takes in bug­ging Aus­tralians off­shore think­ing they were for­eign cit­i­zens be­cause that is what ASIO’s pri­vacy rules pre­sume.

The Aus­tralian Se­cret In­tel­li­gence Ser­vice (ASIS) and ASD also recorded breaches, al­though fewer than ASIO.

In re­la­tion to ASIO’s han­dling of sen­si­tive fi­nan­cial in­tel­li­gence, Stone de­tailed “ex­treme non-com­pli­ance” both with its own in­ter­nal poli­cies and its rules for han­dling in­for­ma­tion pro­vided by an­other spy agency, the Aus­tralian Trans­ac­tions Re­ports and Anal­y­sis Cen­tre. In one case, ASIO had passed in­for­ma­tion to a for­eign in­tel­li­gence agency with­out ap­proval. She said it still had not ex­plained how it would avoid ac­ci­den­tal dis­clo­sures in fu­ture.

Stone also crit­i­cised the lengthy de­lays in ASIO pro­cess­ing se­cu­rity as­sess­ments, es­pe­cially in im­mi­gra­tion and cit­i­zen­ship cases.

Speak­ing to The Satur­day Pa­per, Pez­zullo, in whose portfolio ASIO now sits, says the breaches and other dif­fi­cul­ties, most of which the agen­cies them­selves iden­ti­fied and re­ported, must be seen in the con­text of the huge vol­ume of in­ter­cepts and other sur­veil­lance ac­tiv­i­ties that the agen­cies un­der­take ev­ery year.

“Look at all the cases that they are run­ning, look at all the in­for­ma­tion that ASD col­lects, look at all the re­ports that ASIS col­lects,” he says. “It’s got to be kept in per­spec­tive. Where is the Mar­garet Stone equiv­a­lent, or the in­spec­tor­gen­eral of in­tel­li­gence and se­cu­rity in non-demo­cratic au­thor­i­tar­ian states?”

Specif­i­cally, he com­pares both the ac­tiv­i­ties and the over­sight pro­cesses in Aus­tralia to those of Rus­sia’s Gen­eral Staff of the Armed Forces, which is also known as the GRU, an ab­bre­vi­a­tion of its Rus­sian name.

“Where is the an­nual re­port of the GRU? Where is the an­nual re­port of the over­sight body of the GRU that in­di­cates how many times the GRU mis­used and over­reached in terms of its pow­ers?”

Pez­zullo’s com­ments about the chal­lenges tech­nol­ogy and so­cial me­dia pose to both se­cu­rity and democ­racy echo sen­ti­ments ex­pressed by the for­mer United States di­rec­tor of na­tional in­tel­li­gence in the Obama ad­min­is­tra­tion, James Clap­per, who has been in Aus­tralia re­cently as a vis­it­ing pro­fes­sor at the ANU.

On Oc­to­ber 9, Clap­per gave a pub­lic lec­ture in which he can­vassed the chal­lenges to and de­vel­op­ments in in­tel­li­gence and se­cu­rity.

“So­cial me­dia has huge in­tel­li­gence im­pli­ca­tions, so you have to take that into ac­count,” said Clap­per.

“If the in­tel­li­gence com­mu­nity doesn’t stay up on tech­nol­ogy and if the gov­ern­ment that owns that in­tel­li­gence ap­pa­ra­tus chooses not to in­vest in in­tel­li­gence, do re­search and de­vel­op­ment, well over time that in­tel­li­gence ap­pa­ra­tus will be­come less and less rel­e­vant to pol­icy-mak­ers. One of the first things you learn in in­tel­li­gence school – first week – [is that] there are only two con­di­tions in life: there’s pol­icy suc­cess or there’s in­tel­li­gence fail­ure. No other con­di­tions.”

The im­age of in­tel­li­gence of­fi­cers as the whip­ping boys and girls for gov­ern­ments’ bad de­ci­sions got a laugh at the univer­sity lec­ture.

But his mes­sage – like those of Mike Pez­zullo and Mike Burgess – was se­ri­ous: in­tel­li­gence agen­cies needed the ca­pac­ity to speak “truth to power” and pro­vide the most ac­cu­rate as­sess­ments they can be­cause do­ing any­thing less is dan­ger­ous.

Clap­per’s fur­ther com­ments may pro­vide a hint as to why se­cu­rity chiefs have em­barked upon what ap­pears to be a sud­den pub­lic re­la­tions cam­paign – one Pez­zullo declines to con­firm but does not deny and also co­in­cides with the en­cryp­tion bill’s con­sid­er­a­tion by the joint stand­ing com­mit­tee.

James Clap­per also pointed to the leaks of the past decade, es­pe­cially the work of Ed­ward Snow­den. “In the af­ter­math of Snow­den, the take­away les­son is that the in­tel­li­gence com­mu­nity should have been more trans­par­ent,” he said.

What Snow­den ex­posed was a pro­gram that in­volved the US’s Na­tional Se­cu­rity Agency (NSA) track­ing what is known as telecom­mu­ni­ca­tions meta­data, in this case the phone num­bers of peo­ple mak­ing and re­ceiv­ing calls – in­clud­ing Amer­i­cans – and the lengths of the calls, with­out names or their ac­tual con­tent.

It was a pro­gram put in place as a di­rect re­sult of the Septem­ber 11, 2001 ter­ror­ist at­tacks, in which phone calls were made from out­side the US to peo­ple within the coun­try and the agen­cies had no way to link them.

Clap­per in­sists the pow­ers were im­por­tant – pow­ers sim­i­lar to those Aus­tralian agen­cies now also have – but says the gov­ern­ment and NSA should not have been so se­cre­tive about them.

“In ret­ro­spect, had that just been ex­plained to peo­ple – and the Congress – in the wake of 9/11, you could have got leg­is­la­tion big enough to drive a truck through,” said Clap­per. “No one would have ob­jected.”

As an aside, he sug­gested Amer­i­cans should be no more wor­ried about that than about the data­base the Fed­eral Bureau of In­ves­ti­ga­tion main­tains on mil­lions of in­no­cent cit­i­zens.

“So, by the way, two years later af­ter the Snow­den rev­e­la­tions they passed an­other law … where in­stead of NSA main­tain­ing the meta­data, what NSA now does is go to the providers and ask for it,” Clap­per said.

“I’ll leave it to you to de­cide how much you trust the providers to pro­tect that in­for­ma­tion,” he con­tin­ued, “the irony is, now NSA can re­quest even more data. Be­cause NSA was only storing data from three providers – about 30 per cent of phone calls. Now they get 90 per cent.

“But it ain’t the gov­ern­ment. So that makes every­body feel bet­ter.”

Aus­tralia’s pro­posed new law would ac­cess the en­crypted con­tent of the data and the mes­sage from se­cu­rity agen­cies here is that those com­pa­nies are not nec­es­sar­ily the good guys.

But when it comes to the two Mikes – Pez­zullo and Burgess – Clap­per’s aside

• may help ex­plain the charm of­fen­sive.

“THE TRA­DI­TIONAL BAR­GAIN UP UN­TIL ABOUT A DECADE AGO WAS ‘WE’RE NOT GO­ING TO TALK ABOUT ANY OF THIS, BUT YOU CAN PRE­SUME THAT WE’RE KEEP­ING YOU SAFE’. PEO­PLE BY AND LARGE AC­CEPTED IT.”

KAREN MID­DLE­TON is The Satur­day Pa­per’s chief po­lit­i­cal cor­re­spon­dent.

Newspapers in English

Newspapers from Australia

© PressReader. All rights reserved.