There’s a ‘levelling-up’ process going on around the world in terms of privacy and data security. GDPR is a great driver but also the legislation that governs intelligence agencies’ access to data. Here’s how Australia is aligning with the USA and others…:
The Telecommunications Legislation Amendment (International Production Orders) Bill 2020 (IPO Bill) requires law enforcement agencies in Australia to consider privacy, proportionality, and human rights before making a request to access data. As currently drafted, it doesn’t require the Australian Security Intelligence Organisation (ASIO) to do the same.
The IPO Bill is intended to amend the Telecommunications (Interception and Access) Act 1979 (TIA Act) to create a framework for Australian agencies to gain access to stored telecommunications data from foreign designated communication providers in countries that have an agreement with Australia, and vice versa.
The Bill is a precondition for Australia to obtain a proposed bilateral agreement with the United States in order to implement the US Clarifying Lawful Overseas Use of Data Act (the CLOUD Act).
In addition to concerns over ASIO’s approach to accessing data under the IPO Bill, the PCJIS previously heard from the Inspector-General of Intelligence and Security (IGIS), which oversees the operations of ASIO, that the spy agency isn’t required by the Bill in its current form to make public its IPO history.