House debates

Tuesday, 23 August 2011

Bills

Cybercrime Legislation Amendment Bill 2011; Second Reading

7:35 pm

Photo of Karen AndrewsKaren Andrews (McPherson, Liberal Party) Share this | Hansard source

I rise to speak on Cybercrime Legislation Amendment Bill 2011. The amendments contained in the bill will ensure Australia is compliant with the Council of Europe Convention on Cybercrime requirements and introduce a variety of measures to help fight cybercrime at home and abroad. Cybercrime is a developing issue that has caused concern within the general public and the business community.

Looking back on events that have occurred over the last year, we have seen the websites of credit card giants Visa and MasterCard attacked after they stopped processing donations to WikiLeaks. This occurred after the public arrest of the organisation's founder, Julian Assange, weeks after the unauthorised disclosure of thousands of sensitive diplomatic documents. Other notable incidents of cybercrime have included the release of passwords from US military consultants, social media profiles being hacked and open invitations to non-existent gatherings being distributed. The parliamentary Joint Standing on Treaties define cybercrime broadly to encompass a variety of situations, referring to it as criminal activity that involves the 'use of computers or computer networks … or where use of a computer is integral to the offence'.

The Council of Europe Convention on Cybercrime has been signed by our major allies and trading partners, including the United States, Japan and the United Kingdom. It aims to develop a common criminal policy to combat cybercrime, in particular by adopting appropriate legislation and international cooperation. This is to occur through the criminalisation of offences such as forgery, fraud, child pornography, data interference and infringement of copyright, as well as facilitating international cooperation through better cyber related procedures and systems. It is the first international treaty that deals with crimes committed over the internet, such as computer related offences and computer accessed offences.

The bill before the House introduces a variety of amendments to the Telecommunications Act 1997, the Telecommunications (Interception and Access) Act 1979, the Criminal Code Act 1995 and the Mutual Assistance in Criminal Matters Act 1987. This will create a statutory method to preserve stored communications and allow for mutual assistance in fighting cybercrime with our allies and foreign law enforcement agencies. The bill proposes to meet the provisions of the convention and will introduce a preservation regime for stored communications—these being, communications that have not commenced or that have passed through the telecommunications system. These communications include emails, voicemails and SMSs. The amended act will allow domestic law enforcement agencies or foreign law enforcement agencies to request disclosure of these stored communications data from carriers and service providers for up to 90 days under a warrant.

In the circumstance of a request for mutual assistance on behalf of a foreign country, the Attorney-General will be able to authorise the Australian Federal Police to apply on behalf of that foreign country for a stored communications warrant in relation to an investigation or investigative proceedings that have commenced in that country for a serious foreign contravention. For the purposes of the bill, a serious foreign contravention is any offence which carries a penalty of three or more years imprisonment, life imprisonment or a fine of roughly $99,000. The bill also deals with legislative changes to the Commonwealth Criminal Code Act 1995—namely, extending the scope of computer related offences listed in the code. Many of the states and territories have already legislated for computer offences, and some submissions to the Joint Select Committee on Cyber-Safety expressed concern that there may be some conflict. Yet the saving provision of the Criminal Code Act will not limit or exclude the operation of the state and territory laws in the event of any inconsistency.

There have been concerns raised about privacy, especially confidentiality requirements in relation to the authorisations to disclose telecommunications data as handled in the bill. Submissions to the Joint Select Committee on Cyber-Safety expressed concern over a lack of sufficient privacy and civil liberty protections to counter the increased powers of surveillance and intelligence the bill implements. However, it should be noted that the bill will impose a broader test upon authorised officers in considering how much privacy of any person or persons would be likely to be interfered with by the disclosure or use of prospective or historical telecommunications data for a domestic or foreign investigation. The bill does not increase the scope of powers for mass surveillance, due to the bill's limitation to telecommunications legislation and the requirement for a warrant. Also, the relevant acts that are being amended maintain their own safeguards in relation to privacy and accountability.

We must not forget the inherent threat that cybercrime poses to both our local communities and the nation at large. In mid-June internet hackers obtained and distributed 62,000 worldwide email addresses and passwords, including some from Australian universities and government departments. But Australia is not the only target. This problem is global. For example, the United States Senate website was hacked as recently as June this year. In response to continued cyberattacks, the United States of America has recently declared that a serious cyberattack on the United States, if found to be perpetrated by another nation, could be construed as an act of war.

Here in Australia, a concern exists that cybercrime may threaten our businesses. With the vast majority of businesses now using computerised systems and the internet in the course of their daily activities, the risk of cybercrime has escalated dramatically. Businesses are already hurting, and they are at increasing risk of cyberattack because they are unable to meet the additional costs associated with high-level internet security. In my electorate of McPherson, there are roughly 15,400 businesses in a variety of industries, including tourism, manufacturing, construction, retail and education. The Australian Institute of Criminology noted in 2009 that 28 per cent of businesses with information technology experienced one or more computer security incidents over a 12-month period in 2006-07. If that statistic were to be applied to the number of businesses in my electorate, this would mean roughly 4,300 businesses, or about one in four businesses, would have been open to a computer security incident of some form.

Last year the former House Standing Committee on Communications produced the report Hackers, fraudsters and botnets: tackling the problem of cyber crime, in whichthe standing committee investigated the economic effect of cybercrime. The report noted:

All aspects of Australian society including Australian government, private businesses and home users, are victimised by cyber criminals.

The standing committee then went on to explain that—with the Australian economy expanding due to the digital economy, a decline in consumer confidence in online services, a loss of business reputation due to online incidents—the direct financial loss to businesses due to scams, frauds and extortion, or even a direct impact on critical infrastructure has the potential to substantially damage the Australian economy. The variety of ways cybercriminals can affect our digital economy is indeed a frightening reality which seems almost daunting when you consider the relative ease with which this occurs. We are now witnessing a new breed of criminals that steal from our computers using software. Unlike the stereotypical robberies that occur in a physical sense, these opportunists are able to commit these crimes at a distance, often in private locations. The internet is a place for opportunistic people. Quite often people are being taken advantage of by email scams, identity theft and the range of other offences I previously mentioned tonight. Our seniors can be some of the most vulnerable people in our community who fall victim to internet scammers. However, there are community groups who assist seniors in navigating their way around the internet and computer systems. I would like to commend the efforts of the Gold Coast Seniors OntheNet computer club, which assists seniors who are interested in learning about computer systems in addition to improving their knowledge of new technologies. Along with the organisation's entire management committee, Vice-President Judy Gamin, who is a constituent of mine and a former state member for Burleigh, does a great job with our seniors on the Gold Coast to ensure they engage as much as possible in an area that is often overlooked or considered too difficult and problematic.

Children are also at high risk of cybercrime and we must ensure they are kept safe from these emerging threats. While the emergence of Facebook, Twitter, Myspace and other social-networking sites have revolutionised the lives of many young people, they have also created many new challenges we must often overcome. The lives of children are often put on display for the world at large where scammers and predators are only an email, comment or tweet away from conversing with these most vulnerable members of our society. I commend the schools in my electorate for their continuing efforts to educate their students on the precautions they should take while surfing the net.

The challenges our national economy faces are constantly discussed in this place and at no time more so than now. It is important we look to giving businesses and private households the security of knowing that those who perpetrate cybercrimes, whether they be related to content being conveyed or stolen or to the integrity of the system or computer itself, will have a net, so to speak, closing in on them fast and surely.

Comments

No comments