Adjourned debate on second reading.
(Continued from 14 November, 2017.)
The Hon. A.L. McLACHLAN (16:04): I rise to speak to the Statutes Amendment (Child Exploitation and Encrypted Material) Bill. I speak on behalf of the Liberal opposition and indicate that we are supporting the second reading.
The bill seeks to make a change to two areas of the law. The first relates to child exploitation material websites, and the second relates to accessing encrypted material during the investigation of serious criminal offences. With respect to the first, the bill establishes new offences criminalising the creation, promotion and use of child exploitation websites, which addresses a current gap in the South Australian legislation.
The Attorney-General in the other place highlighted, when introducing this bill, that child exploitation material:
…website administrators and those hosting such websites contribute to the proliferation of CEM online and facilitate and promote the exchange and distribution of CEM…While South Australia’s existing laws address the possession and distribution of this material, existing offences do not always sufficiently capture the conduct of administering, establishing and operating CEM websites—which can occur without actual possession of the CEM.
To address this, the bill will create new offences that criminalises the use, creation and promotion of such sites. It will also be an offence to encourage others to use a child exploitation website as well as to provide information to assist them in avoiding apprehension for a child exploitation offence.
The offences have been drafted in such a way as to capture online forums, groups and other social media platforms which are capable of and commonly used for the dissemination of child exploitation material. It was on such a site or chat forum that the offending of Shannon McCoole was discovered by international law enforcement agencies. Importantly, defence provisions have been included to protect legitimate website administrators hosting a site in good faith.
We are advised that the offences have been modelled on similar legislation in Victoria, and the legislation is intended to complement the new commonwealth legislation which also targets the provision of websites and online child abuse material. I note that the federal government’s Crimes Legislation Amendment (Sexual Crimes Against Children and Community Protection Measures) Bill contains new measures criminalising the provision of services such as websites that provide access to child abuse material online.
As highlighted in the second reading of that bill, this is necessary, as these services facilitate and encourage offending by large, sometimes global audiences and promote the production of new child abuse material. The Liberal Party supports these initiatives to combat the exploitation of children both here and abroad.
As I alluded to, what is, in effect, the second part of the bill is in relation to encrypted computer records. When introducing this bill the Attorney-General highlighted the difficulties commonly faced by law enforcement in gaining access to encrypted material that may contain evidence of serious crimes. Indeed, the recent experience has shown that criminals, particularly those involved in child exploitation offences, have been able to take advantage of modern advances in technology to conceal their crimes.
The Attorney-General indicated that although this problem is typically encountered in relation to child exploitation material offending, it is not confined to these crimes. He stated:
The use of encrypted records is now an established feature of much modern offending. It could include fraud, drug dealing, cyber bullying or revenge porn, online stalking or a breach of an intervention order where the offender uses the internet to harass or communicate with his or her former partner.
A Queensland Crime and Corruption Commission report, released in October 2015, on accessing electronically stored child exploitation material offences highlighted the current legislative limitations and barriers that law enforcement agencies face when investigating child exploitation offences. The report echoed the Australian Crime Commission’s concern that there is a growing international concern that technological advancement is facilitating the online exploitation of children. The report indicated:
It is common for child exploitation material to be stored electronically and offenders are becoming increasingly skilled in data encryption and secure data storage to conceal evidence of their involvement in these offences.
Encryption and other security measures make it virtually impossible for law enforcement to access evidence of suspected [child exploitation material] on an electronic storage device without information such as login details and passwords that are necessary to access the device or its files.
An inability to access this information means that evidence of these offences remains concealed and may be destroyed. Further, police are unable to identify, locate and remove from harm the children involved in the Child Exploitation Material.
To address this, the bill establishes a new procedure contained in the Summary Offences Act for a magistrate to order that a suspected offender or other narrow class of third parties be compelled to provide information or assistance to access encrypted or restricted access records held on or accessible through a computer or data storage capable device. The bill provides that an application must be made to the magistrate for such an order by either a police officer or the Independent Commissioner against Corruption. Honourable members should note that the ICAC was added after amendments in the House of Assembly.
The bill sets out that the application for an order must include the nature of the serious offence that is suspected to have been committed and in relation to which the order is required; the grounds on which the applicant suspects that the offence has been committed; the grounds on which the applicant suspects that any data held on a computer or data storage device is or may be relevant to the offence; and the grounds on which the applicant suspects that the specified person has knowledge relevant to gaining access to any data held on a computer or data storage device.
The application must also be accompanied by an affidavit made by the applicant verifying the grounds of the application. The magistrate may make an order if they are satisfied that there are reasonable grounds to suspect that data held on a computer or data storage device may afford evidence of a serious offence. It is my understanding that a serious defence is defined as an indictable offence or an offence with a maximum penalty of two years’ imprisonment or more.
It is broadly based on the Criminal Law (Forensic Procedures) Act 2007 which authorises forensic procedures for offences carrying more than two years’ imprisonment. I ask that we be advised in the second reading summing-up of the types of offences that come within that definition, in particular any nonviolence offences such as driving. It would seem, on first blush, that it is a very broad definition to allow access to encrypted material outside of, obviously, child exploitation materials.
The magistrate must also be satisfied of a number of other factors such as whether the specified person is reasonably suspected of having committed a serious offence or is the owner of the data or computer or data storage device or the lessee of the computer and so on and so forth. The magistrate must also be satisfied that the specified person named in an order has relevant knowledge of either the computer or data storage device or network which the computer forms part of or the measures applied to protect data held on the computer or data storage device.
There are some provisions for failure to comply. The bill proposes an offence provision for those who refuse or fail, without reasonable excuse, to provide the information or assistance that is sought under the order. The bill proposes a maximum penalty of five years’ imprisonment. I note that this not only reflects the penalty in other jurisdictions, such as Victoria, Queensland and the ACT, but also seeks to act as an incentive for compliance.
This is particularly pertinent to child exploitation offences, for as the Queensland crime commission report has noted, a person may refuse to comply with an access order knowing that the penalty for failing to comply is substantially less than the penalty for the child exploitation offence that the information contained on the storage device might be evidence of. Importantly, a defence of reasonable excuse for failing to comply with an order is available. Applications for orders can be made before or after the execution of a search warrant.
The bill also introduces new offences to the Summary Offences Act for impeding an investigation by interfering with data. The new offence provisions criminalise the alteration, concealment or obstruction of data held on a computer or device that is subject to an access order and may reasonably be expected to be evidence of an offence. The maximum penalty will be five years’ imprisonment and 10 years for those who are a specified person subject to an order of the court.
The Attorney-General in the other place indicated in his second reading that this offence is especially necessary as with remote storage it is possible for an associate to be able to remotely delete the encrypted material even though the device has been seized by police and is the subject of an order to compel access. I know the Queensland crime commission’s report also recommended criminalising a failure to comply. This followed a finding that high-level offenders with extensive involvement in the child exploitation material community are often well-informed of the law and law enforcement methods, and of technologies used to hide evidence and conceal their involvement in child exploitation offences. These offenders are less likely to give access and information to the police and it is in these situations that an access order must operate effectively.
I advise honourable members that the Liberal Party is considering amendments to the bill with the view of requiring South Australia Police and the ICAC to report on the use of these provisions. They may well have been filed by now, and we will consider those in the committee stage. I ask honourable members to have kind regard to them. The Law Society has provided a submission in relation to this bill, dated 20 October 2017. I ask the minister, if possible, to provide in the second reading summing-up a response to the issues that are raised by the Law Society in their letter.
The Liberal Party will be supporting the second reading. It will be seeking to amend in relation to reporting requirements. It will be interested, in the committee stage, to better understand the government’s justification for seeking aggressive search powers and seeking to break encryption codes beyond child exploitation materials and associated offences, which I think have been argued by the Law Society as the more controversial aspects of this bill. As I said, the Liberal Party will be supporting the second reading.
Debate adjourned on motion of Hon. J.E. Hanson.See full session on Hansard