The Australian Government has released the Privacy Amendment (Public Health Contact Information) Bill 2020 (COVIDSafe Bill) which will be considered by Parliament this week. The COVIDSafe Bill largely reproduces the biosecurity orders which made it possible to begin to download and operate the COVIDSafe App (App).

The NSW, Queensland and South Australian Councils for Civil Liberties, along with the Australian Council for Civil Liberties, support the introduction of effective digital contact tracing if it is underpinned by robust privacy and transparency legislation.

The joint statement has been sent to the Prime Minister, the Attorney General and Opposition Leader, along with all MPs and Senators. 

In the statement we recommend that a number of issues should be considered by Parliament for incorporation into the Act – or for Government action - to more adequately protect the privacy of Australian citizens who have voluntarily participated in this tracking exercise.

The Sydney Morning Herald reported on the statement - 'The civil liberties groups want the government to change the design to ensure personal data is not stored on a central database, arguing this increases the danger from a single cyber attack.'

'More needs to be done to ensure that the app does not compromise data protection and thereby increase the risk of illegal and inappropriate use of data or surveillance of Australians.'

Read the full statement HERE. 

20^th April 2020

CONCERNS RE PRIVACY AND DIGITAL COVID-19 CONTACT TRACING

Prime Minister Scott Morrison has confirmed that the Australian government is progressing with Singapore-style digital options for contact tracing. The proposed app tracks, via Bluetooth technology, the previous close contacts of an individual who subsequently proves to be COVID-19 positive.  This applies to any contact (also with the app) who had spent 15 minutes or more in close proximity with the infected person.

NSWCCL is concerned with the potential of the app to compromise data protection, increasing illegal and inappropriate use of data and facilitating surveillance and stigmatisation of Australians. Any collection or use of a person’s sensitive personal data for digital contact tracing must come with the imposition of strict limitations.

Despite assurances that the proposed app is opt-in and therefore voluntary, NSWCCL has grave concerns over the safety and privacy of information gathered, stored and shared, along with the potential for abuse of that information. Widespread uptake of any contact tracing app and effective contact tracing will be dependent on whether the Australian people trust the government to take their privacy concerns seriously. It is possible that, as with the My Health Record, the app is transitioned to opt-out, or worse, becomes mandatory because of insufficient uptake. Equally concerning is the possibility that individuals could be excluded by their workplaces or schools if not using the app.

The Minister has said If an individual registers COVID-19 positive status, that information is sent to a national health storage and then sent to State governments to notify the individual’s contacts. Cyber-attacks and accidental and illegal data breaches have and will continue to occur on Australian government databases. It is therefore desirable that mobile device contact tracing be decentralised, with contacts registered in encrypted form on the local mobile device, and not identifiable to others or the government. Such measures reduce the fallout should a data breach occur.

In convincing the community that restrictions can be eased with faster contact tracing, the government should be reminded that privacy and health are not tradeoffs, one for the other. Both are possible with well-designed technology.

NSWCCL recommends that the Australian government consider the use of alternative more privacy friendly digital contact tracing options which are currently under development. These options are rapidly becoming available. The Apple/Google collaboration is opt-in contact tracing which generates transitory arbitrary IDs processed locally on the device and not uploaded onto a central server. Bluetooth anonymous identifier beacons notify persons who have been in contact with a COVID-19 subject.  MIT and the EU are developing similar apps. The EU DP-PPT model uses a backend server to push information through to notify the contact of a risk of infection and has purpose-limiting dismantling of the app at the end of the emergency.

NSWCCL recommends that the Australian government, at least, adopts the following privacy protections in the implementation of the proposed digital COVID-19 app:

• Consideration of reasonable digital alternatives to the proposed model of digital contact tracing
• Transparency and accountability, providing information about the development and use of any mobile device tracking technology and how rights of the individual will be affected and protected,
• The technology must be opt-in after the provision of accurate and complete information about the extent of its use, with the requirement to renew consent periodically,
• The ability to opt out or terminate participation at any time, accompanied by built-in destruction of personal data,
• The use of best practice privacy and security measures, including:
• short, clear and accurate privacy policy;
• strict and express data retention and destruction policy, linked to a short period of application;
• limits on the type of data collected and how it can be accessed;
• anonymisation of data;
• strict limits on data sharing, in particular no sharing of information between government agencies except for public health purposes,
• Decentralisation of anonymised data on users’ mobile devices,
• Strict limitation in relation to the purpose and objects, for which users have expressly consented. Personal data should not be retained for any new purpose,
• A clear, short period of application – (the sunset period for Israel’s contact tracing app is 30 days)
• An easily accessible complaints system and independent judicial oversight, to address any grievances,
• No ability to subpoena data through court proceedings, and
• An independent oversight role for the Office of the Australian Information Commissioner (or other government office) and the new Senate COVID Committee, with regular public reporting of data collected by the technology.

Beyond these specific recommendations it has been longstanding NSWCCL policy that the Australian Government should legislate for a Bill of Rights and a statutory cause of action for serious invasion of privacy.

Nicholas Cowdery AO QC

President NSW Council for Civil Liberties  

------------------

Contacts

Michelle Falstein Secretary NSWCCL: Michelle.falstein@nswccl.org.au

Dr Lesley Lynch: Lesley.lynch@nswccl.org.au

Today the High Court unanimously found the AFP warrant to enter  journalist Annika Smethurst’s home in search of information relating to the publication of classified information, was invalid on a technical ground:

“that it misstated the substance of s 79(3) of the Crimes Act, as it stood on 29 April 2018, and failed to state the offence to which the warrant related with sufficient precision. The entry, search and seizure which occurred on 4 June 2019 were therefore unlawful”

Costs were also awarded to the plaintiffs.  

NSWCCL welcomes this limited victory for Annika Smethurst today - but we remain deeply concerned that freedom of the press and effective investigative journalism continues to be under serious threat in Australia.  This decision does nothing to alleviate those concerns.

The unprecedented raids on both Smethurst and the ABC offices occurred in the context of widespread community concern about the proliferation of draconian secrecy laws and the impact of these laws on the free press and investigative journalism in Australia - especially in relation to reporting on national security matters. 

The motive for the raids was clearly to warn off journalists and whistle-blowers.   The publications posed no threat to national security and the revelation of the information was in the public interest.

The High Court finding that the warrant lacked ‘sufficient precision’ identifies an apparent lack of competence in the AFP’s drafting, but has no wider implications for any protections for investigative journalism or freedom of the press in Australia.

The AFP -with the agreement of the Minister – is still able to press charges against Annika Smethurst.

Divided HC views on return of the unlawfully seized information

Surprisingly - even though the “entry, search and seizure” were declared unlawful – a majority of the High Court Justices refused the plaintiff’s application for the return of the information copied from the journalist’s mobile phone onto a USB stick. 

This was a particularly disappointing majority (4-3) decision.

A key agenda for the raids was the identification of the journalist’s sources which this information is likely to enable.

Whistle-blowers underpin much investigative journalism. If journalists are no longer able to guarantee their informant’s anonymity, investigative journalism and an effective free press will be greatly weakened.

The minority views of the three dissenting Justices (Gageler, Gordon and Edelman) on this issue provide a more positive perspective.

Justice Gordon was of the view that:

165 The law would take a seriously wrong turn if this Court held that it could not grant an injunction to restore a plaintiff, so far as possible, to the position they would have been in had power not been exceeded without the plaintiff demonstrating that, in addition to the excess of power, a private right is also breached by retaining what was seized. To require demonstration of some further or additional private law wrong as the only basis on which injunction may go treats the excess of power as irrelevant and ignores the constitutional purpose of s 75(v) of the Constitution.

Justice Gageler took a similar position:

117…I do not share their Honours' doubts as to the existence of a juridical basis for the final mandatory injunction which Ms Smethurst seeks, requiring the AFP to deliver up the USB drive on which the copied data is stored to enable that data to be deleted. And I disagree with their Honours' view that such an injunction should be refused in the exercise of discretion.

122 For so long as the information remains in the hands of the AFP, the direct effects of the infringement of her rights to possession of her home and of her mobile phone are serious and ongoing. There being no suggestion that the value of the information embedded in the data to her is wholly commercial, money alone cannot restore her to the position she would have been in had the trespasses not been committed. 

All three Justices ordered the return of the USB drive to Annika so the data could be deleted. Gordon and Edelman also required the AFP to delete any copies. Gageler was silent on this but flagged the obvious fact that nothing stopped the AFP from seeking a new and valid warrant for the information.

Legal and constitutional implications

The one application by the plaintiffs which may have had significant legal and constitutional implications was that:

the warrant was invalid on the ground that s 79(3) of the Crimes Act, as it stood on 29 April 2018, infringed the implied freedom of political communication.

This matter was not addressed by the High Court as it was not necessary given their decision that the warrant was invalid on technical reasons.

Therefore the huge issue relating to the encroachment of draconian secrecy laws on the freedom of the media in Australia will have to wait the outcomes of the pending report of the Parliamentary Joint Committee on Intelligence and Security on this broad issue.

This now very overdue PJCIS report will be very significant and carries a weight of expectation that it is not likely to be able to meet given the constraints of its terms of reference.  

In our view, the only effective remedy for the current immense constraint on the media’s capacity to deliver quality investigative journalism and to provide the reporting the community needs to hold governments accountable is a major rollback of Australia’s excessive secrecy laws and a strong human rights charter which includes an effective right of the media to freedom of expression.

NSWCCL Public statement 

Smethurst v Commissioner of Police 

April 1, 2020

PUBLIC STATEMENT

Mobile device tracking of COVID-19 infected persons

Prime Minister Scott Morrison has confirmed that the Commonwealth government is progressing with Singapore-style digital options for contact tracing: the identification, contacting and monitoring of those who may be infected with COVID-19, and their contacts.[1] In addition, the Australian government has now launched a Coronavirus Australia app and WhatsApp group, to provide Australians with information, and advice, about the pandemic. The Coronavirus Australia app permits the voluntary registration of a person’s self-isolation but does not, currently, provide for contact tracing.[2] At present, in Australia, contact tracing is conducted manually and directly with the affected person.[3]

NSWCCL supports the appropriate and generalised use of aggregated, anonymised map data for tracking people’s movements; to assist health services and determine where to target critical medical resources. Contact tracing is essential. However, any collection or use of a person’s sensitive personal data for digital contact tracing must come with the imposition of strict limitations.

The move to monitor citizens’ movements may set a dangerous precedent. Contact tracing and the wider application of mobile device tracking would enable the Australian government to assemble a person’s location history into a single, searchable database. Mobile device tracking, in Australia, could involve tracking infected persons to ensure compliance with self-quarantine, as in Israel (see below). South Korean authorities publicly share details of the age, gender and location of persons infected with COVID-19, by mobile phone alert and on the government’s health website.[4] Often that information is sufficient to identify the infected person.

NSWCCL calls for complete transparency from the Australian government of its development and use of any mobile device tracking technology in this emergency.

NSWCCL provided a submission to the Australian Treasury on the Census and Statistics Amendment (Statistical Information) Regulations 2019 (Regs) amending the Census and Statistics Regulation 2016. This amendment makes significant and concerning changes to the regulation which we oppose on privacy grounds.

Whilst NSWCCL supports the updating of the statistical information topics for inclusion in the census we oppose mandatory collection of sensitive health information and its storage for 4 years by the Australian Bureau of Statistics (ABS).

The amendment proposes the insertion of a new topic relating to health conditions diagnosed by a doctor or a nurse which must be answered by all respondents.  The rationale is that this information will assist health service planning and delivery.

We oppose this proposal is given the retention of that information by the ABS.

In 2016 the Australian government reinstated a plan to retain names and addresses from the census, a move which leaves open the opportunity for a future government to access sensitive personal information. NSWCCL appreciates the need for longitudinal studies but considers these can be conducted on a sample basis.  We continue to support the prior approach to the census which collected important census information but which was disassociated from the individual identification data.  

As a minimum we recommend the ABS conduct an adequate, independent, publicly available, Privacy Impact Statement (PIA).

We also registered our objection to the timing of the consultation period which ended on 10^th January to the Xmas/NY holiday period.  This does not suggest a serious desire to generate community input to the review process.

NSWCCL submission

Dr Arthur Chesterfield-Evans has rallied a group of over 100 doctors who have written to the Australian Minister for Foreign Affairs, the Hon Marise Payne asking that the Australian government meet its obligation to its citizen and intervene for wellbeing of Julian Assange.

“The evidence is overwhelming and clear.. Mr. Assange has been deliberately exposed, for a period of several years, to progressively severe forms of cruel, inhuman or degrading treatment or punishment, the cumulative effects of which can only be described as psychological torture.” - UN Special Rapporteur on Torture Professor Nils Melzer

On 1 November 2019, Professor Melzer was forced to intervene once more: “What we have seen from the UK Government's outright contempt for Mr Assange’s rights and integrity... Despite the medical urgency of my appeal, and the seriousness of the alleged violations, the UK has not undertaken any measures of investigation, prevention and redress required under international law.” He concluded: “Unless the UK urgently changes course and alleviates his inhumane situation, Mr Assange’s continued exposure to arbitrariness and abuse may soon end up costing his life.”

These are extraordinary and unprecedented statements by the world’s foremost authority on torture. The Australian government has shamefully been complicit by its refusal to act, over many years. Should Mr Assange die in a British prison, people will want to know what you, Minister, did to prevent his death.

If you are a doctor and wish to join the campaign, please contact - doctors4assange@gmail.com

Read the letter HERE and the ADDENDUM.

Press Freedom and Whistleblowers

Policy motion considered at the NSWCCL 2019 Annual General Meeting, 23rd October 2019

NSWCCL has for many years defended the rights of a free and uncensored press to ensure the public is sufficiently informed and able to hold those in power to account.

We support the statements of Ita Buttrose at our 2019 annual dinner that there are storm clouds gathering around the ways that information is controlled. Whistleblowers who bring stories to light must not be subjected to a public show of prosecution under the guise of national security, or be censored because their story may cause embarrassment or cost to those in power.

We believe that whistleblowers are not adequately protected in Australia. Particularly in the absence of a bill or charter of rights, specific protection should be enacted.

NSWCCL has reproduced below the full statement made today by the Chair of the ABC in defence of the independent public broadcaster in response to the intimidating raids by the Australian Federal Police on the ABC and a News Corporation journalist.

We do so because of the profound threat to a free press, to legitimate whistle blowers and to the public's right to know posed by these extraordinary raids. 

We do so also because we are greatly relieved that the independent broadcaster has a chair who appears to understand the significance of 'independent' in this context. 

ABC Chair Ita Buttrose's statement in full

On behalf of the ABC, I have registered with the Federal Government my grave concern over this week's raid by the federal police on the national broadcaster.

An untrammelled media is important to the public discourse and to democracy.

It is the way in which Australian citizens are kept informed about the world and its impact on their daily lives.

Observance of this basic tenet of the community's right to know has driven my involvement in public life and my career in journalism for almost five decades.

The raid is unprecedented — both to the ABC and to me.

In a frank conversation with the Minister for Communications, Cyber Safety and the Arts, Paul Fletcher, yesterday, I said the raid, in its very public form and in the sweeping nature of the information sought, was clearly designed to intimidate.

It is impossible to ignore the seismic nature of this week's events: raids on two separate media outfits on consecutive days is a blunt signal of adverse consequences for news organisations who make life uncomfortable for policy makers and regulators by shining lights in dark corners and holding the powerful to account.

I also asked for assurances that the ABC not be subject to future raids of this sort. Mr Fletcher declined to provide such assurances, while noting the "substantial concern" registered by the Corporation.

There has been much reference in recent days to the need to observe the rule of law.

While there are legitimate matters of national security that the ABC will always respect, the ABC Act and Charter are explicit about the importance of an independent public broadcaster to Australian culture and democracy.

Public interest is best served by the ABC doing its job, asking difficult questions and dealing with genuine whistle-blowers who risk their livelihoods and reputations to bring matters of grave import to the surface.

Neither the journalists nor their sources should be treated as criminals.

In my view, legitimate journalistic endeavours that expose flawed decision-making or matters that policy makers and public servants would simply prefer were secret, should not automatically and conveniently be classed as issues of national security.

The onus must always be on the public's right to know.

If that is not reflected sufficiently in current law, then it must be corrected.

As ABC Chair, I will fight any attempts to muzzle the national broadcaster or interfere with its obligations to the Australian public.

Independence is not exercised by degrees.

It is absolute.

5 June 2019

The New South Wales Council for Civil Liberties (CCL) has condemned the raids on journalists by the Australian Federal Police.

NSW CCL President Pauline Wright said “Today, the Australian Federal Police raided the ABC office. Yesterday, they raided the office of News Corp journalist Annika Smethurst. Two raids in two days cannot be a coincidence. We are witnessing what amounts to a state crackdown on journalism. It strikes at the heart of the freedom and independence of the press, which are a cornerstone of democracy."