ARTICLE
24 September 2025

Australia's surveillance framework: National security and counter-terrorism watchdog signals reform

CC
Corrs Chambers Westgarth

Contributor

Corrs Chambers Westgarth logo
With over 175 years of experience and a team of over 1000 talented professionals, we offer exceptional legal services for major transactions, projects, and disputes. Our client-focused approach and commitment to excellence ensure success for our clients. We connect with top lawyers globally for the best results.
Explore Firm Details
Significant changes are anticipated for our electronic surveillance regime following a comprehensive review by the INSLM.
Australia Government, Public Sector
Frances Wheelahan,Philip Catania, and Matthew Lee
Your Author LinkedIn Connections
Frances Wheelahan’s articles from Corrs Chambers Westgarth are most popular:
  • within Government and Public Sector topic(s)
  • with Senior Company Executives, HR and Inhouse Counsel
  • in United Kingdom
  • with readers working within the Banking & Credit, Insurance and Healthcare industries

Significant changes are anticipated for Australia's electronic surveillance regime following a comprehensive review by the Independent National Security Legislation Monitor (INSLM). The review assessed the powers of the Australian Federal Police and Australian Criminal Intelligence Commission to combat cybercrimes.

The INSLM is a statutory office holder responsible for reviewing Australia's national security and counter-terrorism laws, with the objective of achieving an appropriate balance between national security imperatives - including the novel powers conferred under the Surveillance Legislation Amendment (Identify and Disrupt) Act 2021 (Cth) (SLAID Act) to combat cyber-dependent and cyber-enabled crime - and the protection of individual rights.The INSLM's report, Data Disruption, Network Activity and Account Takeover Powers, provides recommendations designed to refine this balance and integrate robust procedural safeguards.

While the review pertains to government agencies' powers to conduct covert surveillance, potential reforms may also have far-reaching implications for non-government organisations, particularly those entities that host, store, or transmit data in or from Australia. These include telecommunications and technology companies, social media platforms, cloud and data centre providers, financial institutions, and multinational corporations with subsidiaries or outsourced operations in Australia.

The review provides further clarity on Australia's ongoing reforms to its electronic surveillance regime, which have been underway for several years.

Subject of the review: powers under the SLAID Act

The SLAID Act was enacted in 2021 as amending legislation to various laws, including the Surveillance Devices Act 2004 (Cth), the Telecommunications (Interception and Access) Act 1979 (Cth) and the Crimes Act 1914(Cth). These amendments granted the Australian Federal Police and the Australian Criminal Intelligence Commission (ACIC) various new powers to address cyber-dependent and cyber-enabled crimes. The INSLM's review focuses on the warrants required for these powers to be exercised, including:

  • data disruption warrants - to modify, add, copy or delete data to disrupt online crime;
  • network activity warrants - to collect intelligence about a 'criminal network of individuals'; and
  • account takeover warrants - to take control of a person's online accounts to gather evidence.

Key gaps and impacts

The INSLM recognises the new powers' effectiveness in combating serious crime, particularly in cases where traditional investigative tools are inadequate due to encryption, anonymisation and the use of dedicated encrypted communication devices, thus justifying their retention. However, these powers can be extraordinary and invasive:

  • data disruption warrants enable disruptive actions on Australian computers without prior proceedings;
  • network activity warrants permit surveillance of networks for crime-relevant intelligence without requiring suspicion of individual criminality; and
  • account takeover warrants can effectively lock users out of their accounts.

The INSLM made the following specific observations, primarily concerning the deficiencies of the current warrant issuing system:

  • The existing warrant issuance system, rooted in century-old physical search warrant processes, is inadequate for modern surveillance activities that are covert, technologically complex, and impact numerous individuals with minimal judicial oversight.
  • Warrants are issued by few Administrative Review Tribunal members often lacking independent technical advice, public interest monitors or oversight agency input, leading to inconsistency, lack of transparency and accountability gaps.
  • The SLAID Act's framework for handling obtained information is complex with overlapping, inconsistent secrecy offences.
  • These powers' expansive and intrusive nature raises substantial concerns regarding privacy, the protection of sensitive information such as legal professional privilege and journalists' sources, and the rights of individuals not suspected of wrongdoing who are caught in network surveillance.

Robust, fit-for-purpose safeguards are therefore crucial to ensure appropriate balance and oversight.

Recommendations for potential reforms

The report presents recommendations to enhance Australia's electronic surveillance framework, ensuring it remains effective, proportionate and respectful of rights, drawing on international best practices for transparency, accountability and public trust.

Key recommendations include:

  • enhancing safeguards for data disruption, network activity and account takeover warrants, limiting the ACIC's use of account takeover warrants to intelligence-gathering;
  • modernising warrant issuing with a panel of retired judges, supported by public interest monitors (PIMs) and technical advisors, allowing PIMs to review warrant applications and provide feedback;
  • simplifying and harmonising warrant criteria, requiring necessity and proportionality considering offence gravity, success likelihood, privacy impact and less intrusive alternatives;
  • introducing a statutory duty of candour for warrant applicants, requiring full disclosure of relevant information;
  • raising the threshold for warrants to offences punishable by five or more years' imprisonment, reserving powers for serious crimes;
  • replacing the current complex secrecy offences with reliance on the general secrecy offences in the Criminal Code Act 1995 (Cth), while retaining strict limits on the use and disclosure of information obtained under SLAID Act powers;
  • reviewing and destroying SLAID Act information at least every five years if no longer required, with enhanced protection for sensitive categories of information; and
  • strengthening ministerial and public reporting, harmonising information on use, effectiveness and impact, with oversight bodies having flexibility, access to technical advice and public reporting ability.

Key takeaways from the INSLM recommendations

Potential reforms are likely to have a broad impact on organisations both within Australia and internationally, including those with subsidiaries in Australia or those that have outsourced operations or functions to entities within the country. Organisations in industries such as telecommunications and technology, online social media, cloud and data centre services, e-commerce, banking and finance, defence and military, professional services, logistics and transport, energy and utilities, education, and other sectors that potentially hold data sensitive to national security are anticipated to be most directly affected. Entities in other industries and sectors may also face flow-down obligations from these organisations.

Organisations should consider implementing the following key actions in response to the reform:

  • Monitor developments and formulate a plan: The evolution towards a more robust and transparent warrant issuing system, with enhanced scrutiny and technical oversight, is likely to increase compliance burdens on organisations subject to assistance orders or cooperation requests. Organisations should review and update internal policies, procedures, and training to ensure lawful and efficient responses to law enforcement requests while protecting customer privacy and sensitive information.
  • Review and update contracts: Organisations should review existing contracts to ensure rights to disclose data (for example, as required by law or in response to warrants or court orders) are adequately covered and incorporate relevant requirements and safeguards into new or refreshed contracts.
  • Consider privilege implications: Clients of professional organisations may be subject to privileges currently available for information provision or use in courts. Organisations should assess how potential reforms impact these privileges.
  • Revisit disclosure assessments: Overseas legal regimes and prudential requirements often mandate assessments of data disclosure to public authorities for companies operating in Australia (directly or indirectly, including via outsourcing). Existing assessments of data access by Australian public authorities (such as any transfer impact assessments) will require revision in light of the reforms.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Lawyers Weekly Law firm of the year 2021
 		Employer of Choice for Gender Equality (WGEA)
Authors
Photo of Frances Wheelahan
Frances Wheelahan
Photo of Philip Catania
Philip Catania
Photo of Matthew Lee
Matthew Lee
Your Author LinkedIn Connections
See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More