Government response to the Independent National Security Legislation Monitor Secrecy Review

The offences in Part 5.6 should not rely on information being classified under a policy framework as an element of the offence.

The Government agrees to this recommendation. 

The Government will develop legislation to repeal the security classified information limbs of the deemed harm offences in section 122.1 (Communication and other dealings with inherently harmful information by current and former Commonwealth officers etc.), and of section 122.4A (Communicating and dealing with information by non-Commonwealth officers etc.). 

The Government will also consider if any further legislative amendments are required to avoid unintended gaps in the protection of security classified information. This will include consideration of broadening the definition of ‘causing harm to Australia’s interests’ in section 121.1 and explicitly providing that the presence of security classification markings on information is relevant to proving fault elements in the offences in section 122.1 and 122.4A (see also response to recommendation 12).

The deemed harm offences in s 122.1 should not apply to all information connected to an intelligence agency’s functions. Instead, deemed harm should be limited to intelligence information (as defined) and the operations, capabilities, technologies, methods and sources used to obtain or communicate that information.

The Government notes this recommendation. 

The Government will undertake further work to assess the feasibility of legislating an alternative, narrower definition of the intelligence agency limb of ‘inherently harmful information’ in section 122.1. This work will aim to confine the intelligence agency limb to circumstances where there is an essential public interest that requires criminal sanctions, including the essential public interest in national security. 

The Government acknowledges that not all information held by intelligence agencies is inherently sensitive. However, the Government considers that the recommended approach to limiting the intelligence agency limb would remove protections from categories of information which would cause harm if disclosed.

The deemed harm offences in s 122.1 should not apply to all information relating to the operations, capabilities or technologies of, or methods or sources used by, a domestic or foreign law enforcement agency. Instead, the deemed harm offence should be limited to information that relates to the technologies, capabilities and methods used to exercise special electronic surveillance powers.

The Government agrees in principle to this recommendation. 

The Government will develop legislation to confine the categories of law enforcement information covered by section 122.1 to information in which there is an essential public interest that needs to be protected by the application of criminal sanctions. 

This includes essential public interests in the integrity of criminal justice processes and protection of sensitive law enforcement capabilities, methodologies and sources. 

The Government considers that further work is required to ensure the law enforcement limb is framed appropriately to protect sensitive law enforcement capabilities, methodologies and sources, as these are not limited to electronic surveillance or specifically legislated capabilities.

If separate general ‘deemed harm’ offences are to be retained in the IS Act, the ASIO Act, and the ONI Act, those offences should be narrowed so that the scope of the deemed harm is no wider than that described in Recommendation 2, except that:

• for Australian Secret Intelligence Service (ASIS) and ASIO existing specific offences relating to the identity of current and former staff, affiliates and agents should be retained. 
• in the ASIO Act, the offence should include a category of information connected to the function of assessing and issuing Australia’s highest level of security clearance under Part IVA of that Act.

The Government does not agree to this recommendation. 

The Government considers that secrecy obligations applying to staff, affiliates and individuals who have entered into contracts, agreements or arrangements with ASIS, ASIO, ASD, AGO, DIO and the ONI should be stricter than secrecy obligations applying to other Commonwealth officers. This reflects the unique level of trust placed in these individuals to protect Australia’s national security and their privileged access to highly sensitive information. It is also important to maintain protections for categories of information that would cause harm if disclosed. 

The Government’s position is consistent with the findings of previous reviews. The 1987 Gibbs Committee Review of Commonwealth Criminal Law found that members of intelligence and security services have ‘a lifelong duty of secrecy as regards information obtained by virtue of [their] position’ without proof of harm. The 2019 Comprehensive Review of the Legal Framework Governing the National Intelligence Community (2019 Richardson Review) found that the specific secrecy offences in the Intelligence Services Act 2001 ‘differ in significant and justifiable ways such that the general secrecy offences would not provide sufficient protection for the information or provide appropriate penalties with respect to unauthorised conduct’ (para 35.126).

The functions of the Defence Intelligence Organisation (DIO) should be set out in legislation or in a disallowable legislative instrument.

The Government agrees in principle to this recommendation.

The Government will develop legislation that requires the publication of the functions of the Defence Intelligence Organisation (DIO), so that information is publicly available. This would ensure that secrecy offences applying in relation to DIO’s functions comply with the rule of law.

This approach is consistent with the long-standing practice of not legislating the functions of departments of state and recognises that DIO is an administrative part of the Department of Defence that does not exercise intrusive powers. 

The Government notes the report of the 2019 Richardson Review found that ‘there is no legal imperative or strong policy reason that supports setting out the functions of DIO in legislation’ (paragraph 13.68), but did recommend that DIO’s functions be made public (recommendation 15). Following this recommendation, the Government now publishes the DIO Mandate that includes DIO’s functions on the Department of Defence website.

The offence in 122.2 should apply to disclosures of information by officials where there is harm or likely harm to:

• security, defence or international relations (as defined)
• the utility of operational and technical capabilities and methods connected to statutory powers granted to any agency to access information or to search people, places or things (other than those covered by 122.1) to combat crime 
• AFP protective and custodial functions and proceeds of crime functions, or 
• the health or safety of the Australian public or a section of the Australian public.

The Government agrees in principle to this recommendation. 

The Government agrees that section 122.2 should apply to protect against harm or likely harm to:

• security, as defined
• AFP protective and custodial functions and proceeds of crime functions, and 
• the health or safety of the Australian public or a section of the Australian public

The Government will consider if and how to define ‘defence’ in the context of consideration of reforms to Defence legislation. 

The Government considers the definition of ‘international relations’ should continue to include ‘economic relations’. Economic relations are a key part of international relations and there is a close nexus between economic relations, economic security and national security. As a result, disclosure of information relating to ‘economic relations’ can significantly harm Australia’s interests. Information relating to ‘economic relations’ contains insights into Australia’s strategic interests and positions on economic issues, and can be used to inflict economic damage on Australia, degrade Australia’s diplomatic and trade relations, and damage Australia’s reputation. The definition of ‘international relations’ should also capture engagements with non-State organisations or States with which Australia does not have regular diplomatic or military relations. These engagements also form part of Australia’s international relations. 

The Government does not propose to narrow the existing protection against ‘interfering with or prejudicing the prevention, detection, investigation, prosecution or punishment of a criminal offence against a law of the Commonwealth’ by replacing it with a reference to ‘harm or likely harm to the utility of operational and technical capabilities and methods connected to statutory powers granted to any agency to access information or to search people, places or things’. The narrower framing would not adequately protect essential public interests in the integrity of criminal justice processes and the protection of sensitive law enforcement capabilities, methodologies and sources.

The definition of ‘deal with’ for the purpose of Part 5.6 should be amended so that it excludes initial receipt and does not overlap with the disclosure offences. The remaining parts of the definition (collect, possess, record and copy) are broadly justified for officials, although some clarification in drafting is suggested.

The Government agrees in principle to this recommendation. 

The Government will develop legislation to expressly clarify that unsolicited receipt and other unwitting dealings do not constitute ‘dealing with’ information for the purpose of Part 5.6, and to remove overlaps between the definitions of ‘communicate’ and ‘deal with’. The former measure would build on the 2023 Review of Commonwealth Secrecy Provisions, which found that unsolicited receipt or other unwitting dealings are not sufficient to satisfy the fault elements of the Part 5.6 offences. 

The Government will further consider the definition of ‘deal with’ following the INSLM’s review of the espionage and foreign interference offences in Part 5.2 of the Criminal Code, which uses the same definition of ‘deal with’ as Part 5.6.

The offence for ‘dealing with’ by non-officials in 122.4A(2) should be repealed.

The Government agrees to this recommendation. 

The Government will develop legislation to repeal the offence for ‘dealing with’ by non-officials in subsection 122.4A(2) of the Criminal Code. Offences in Part 2.4 (Extensions of criminal responsibility) of the Criminal Code will continue to apply to a range of preparatory and ancillary conduct connected with the unlawful communication of sensitive information.

 A range of security classified and sensitive information will continue to be protected by arrangements between government agencies and non-officials, and specific secrecy offences.

The ‘proper place of custody’ offences in section 122.1(3) and 122.2(3) of the Criminal Code should be repealed.

The Government agrees to this recommendation. 

This is consistent with the Government’s agreement to recommendation 6 of the Review of Commonwealth Secrecy Provisions, which also recommended repeal of these offences.

The maximum penalty for offences by officials under Part 5.6 should be increased only where: at the time the person received the information or committed the underlying offence, the person held the highest level of Australian Government security clearance; or the person intended or knew their conduct would or was likely to cause a type of harm covered by the underlying offence.

The Government agrees to this recommendation. 

The Government will develop legislation to repeal three of the four existing aggravating circumstances in section 122.3 (Aggravated offence), and to appropriately increase the level of security clearance necessary to trigger the fourth circumstance. It will also ensure an aggravated offence applies to those who commit an underlying offence with the higher fault element of intention to cause harm or knowledge of that harm. 

The three aggravating circumstances that will be repealed are sub-paragraphs 122.3(1)(b)(ii) (code word information), 122.3(1)(b)(iii) (5 or more records which have a security classification), and 122.3(1)(b)(iv) (altering a record to remove or conceal its security classification). The level of security clearance necessary to trigger the circumstance in sub-paragraph 122.3(1)(b)(v) will be increased from a security clearance allowing access to information that has a security classification of at least secret, to the highest level of security clearance. This is appropriate because the Australian Government places a unique level of trust in individuals with the highest level of security clearance to protect Australia’s national security, and the aggravated offence reflects the privileged access these individuals have to highly sensitive information. 

Courts will be able to consider the three repealed aggravating circumstances when determining sentences for other secrecy offences under ordinary sentencing principles.

Any general offence to replace section 122.4 should be consistent with the following principles:

• The new offence should apply to disclosures that prejudice the prevention, detection, investigation, prosecution or punishment of a criminal offence against a law of the Commonwealth. 
• The offence should be harm-based and relate to essential public interests. However, if ‘deemed harm’ offences are to be incorporated, they should be limited to a very narrow category of information where significant harm to an essential public interest is always, or almost always, going to be the result. 
• The offence should cover only the types of disclosures that cannot be adequately dealt with by existing remedies including contractual and administrative remedies. 
• Broad and uncertain language such as ‘functioning of government’ should be avoided. 
• The offence should apply to current and former Commonwealth officials and others who perform work for a Commonwealth entity in relation to information acquired in the course of their duties. However, if the scope of the offence is to be broadened it should still be closely linked to some kind of contract, agreement or arrangement with the Commonwealth.

The penalty for reckless conduct should be no more than 2 years imprisonment.

The Government agrees in part to this recommendation.

The Government intends that any new general secrecy offence that replaces section 122.4 will be consistent with the recommended principles, but that disclosures that prejudice the prevention, detection, investigation, prosecution or punishment of a Commonwealth criminal offence should continue to be covered by the more significant protection provided by offences in section 122.2. 

The Government considers it would be inappropriate for the protection of the essential public interest in the integrity of criminal justice processes to be downgraded to a low-level secrecy offence such as any new general secrecy offence that replaces section 122.4. 

The Government is continuing to develop a new general secrecy offence to further reduce the numbers of specific secrecy offences and non-disclosure duties, as recommended by the Review of Commonwealth Secrecy Provisions. The Attorney-General’s Department is giving further consideration to the appropriate elements of the offence having regard to the potential for the new offence to replace existing offences, and to the kinds of harms that should appropriately be targeted. For example, this could include harm to individuals that can be caused by the improper disclosure of sensitive personal or commercial information entrusted to government, or specified harms to the administration of government that can be caused by the improper disclosure of confidential information.

The offence in s 122.4A for communications by non-officials should be modified so that: 

• classification markings do not form an element of the offence 
• the current requirement that actual harm be established should be maintained and the offence apply to: 
  • causing serious damage to the security or defence of Australia, with those terms defined as per Recommendation 6 
  • seriously undermining the utility of the technologies, capabilities and methods used to exercise special statutory powers (per Recommendations 3 and 4) 
  • seriously impeding the prevention, detection, investigation, prosecution or punishment of a criminal offence against a law of the Commonwealth 
  • prejudicing the health or safety of the Australian public or a section of the Australian public. 
• the maximum penalty should be approximately half the maximum penalty for a comparable communication by an official. 

Action should be taken to ensure that ABC and SBS staff and contractors are not inadvertently covered by the offences for officials as persons ‘otherwise engaged to perform work for a Commonwealth entity’.

The Government agrees in principle to this recommendation. 

The Government will develop legislation to provide that: 

• classification markings do not form an element of the offence in section 122.4 
• the offence in section 122.4A applies to serious damage to the ‘security’ or ‘defence’ of Australia 
• the maximum penalty for the offence in section 122.4A is approximately half of the maximum penalty for a comparable communication by an official, and 
• ABC and SBS staff and contractors are not inadvertently covered by the offences for officials as persons ‘otherwise engaged to perform work for a Commonwealth entity’. 

The Government agrees that section 122.4A should continue to apply to: 

• actual harm 
• ‘security’ defined as per recommendation 6 
• prejudicing the health or safety of the Australian public or a section of the Australian public. 

The Government will consider if and how to define ‘defence’ in the context of consideration of reforms to Defence legislation (see response to recommendation 6). 

The Government does not agree to amend section 122.4A as it applies to the prevention, detection, investigation, prosecution or punishment of a criminal offence against a law of the Commonwealth. The framing of section 122.4A as it applies to this information is appropriate to protect the essential public interests in the protection of law enforcement capabilities and methodologies and the integrity of criminal justice processes.

Finally, the Government will consider explicitly providing that the presence of security classification markings on information is relevant to proving fault elements in the offences in section 122.4A (see also the response to recommendation 1).

A new general public interest defence should not be added in Part 5.6. However, consideration could be given to recasting the current defence for journalists as an exception rather than a defence.

The Government agrees to this recommendation. 

The Government considers that adding a general public interest defence would risk undermining the utility of the general secrecy offence in protecting sensitive information and depart from the framework in the Public Interest Disclosure Act 2013. 

The Government will further consider the framing of the defence for journalists but notes that exceptions and defences have the same legal effect and that, once an exception or defence is raised by a defendant, the prosecution bears the legal burden of disproving the exception or defence.

The requirement that the Attorney-General’s consent be obtained for any prosecution under Part 5.6 should be retained. The Attorney-General’s consent should be required regardless of whether the prosecution proceeds by way of committal or summary proceedings.

The Government agrees to this recommendation. 

The Government agrees that the requirement to obtain the Attorney-General’s consent should be retained and will consider whether there is a need to for any legislative amendments to clarify the existing requirement.

Consideration should be given to revising the Prosecution Policy of the Commonwealth so that in any prosecution involving a journalist or news media organisation the public interest in a free and open press be expressly considered.

The Government notes this recommendation. 

The Government will write to invite the Commonwealth Director of Public Prosecutions (CDPP) to respond to this recommendation, as changes to the Prosecution Policy of the Commonwealth are a matter for the CDPP.