Privacy Commissioner on Search and Surveillance Bill
Their submission is online here.
It will also increase the situations that interception and tracking devices can be used in. Instead of being restricted to certain types of serious crime, enforcement officers will be able to apply for surveillance device warrants on the same basis as search warrants.
This is the point Bell Gully also made. And there is a significant difference (to me anyway, and I am sure most people) between a search warrant and covert surveillance.
However, notification to the individual who has been the subject of a surveillance warrant is not required before a prosecution. An issuing Judge may order notification only if there has been a problem with the warrant (eg a breach of its conditions). From a privacy perspective this is problematic as an individual should generally have the right to know what surveillance has been carried out. I appreciate that in the case of surveillance warrants it is impractical to provide notification in advance of the warrant being carried out. However, notification after the fact should be a matter of course. This must be subject to practical considerations such as the status of ongoing investigations and the safety of others. Notification is common in other jurisdictions such as Germany and the United States.
As I read this, you could have your phones bugged. And if the information obtained is not used in a prosecution, you will never know you were bugged. I think one should know if the state has bugged your phone – unless it will interfere with ongoing investigations or endanger other people.
3.3. Allowing search warrants to be the basis for remotely accessing computers is, from a privacy perspective, alarming. This is mitigated to some extent by the specific limits put on this power in clause 101 (k). The warrant must state whether remote access is authorised, and the provision states that the remote search is limited to things such as Internet data storage facilities that are not located at a physical location that can be searched. This does not seem to allow remote access to the computer itself.
So it sounds like the state can not hack into your home PC remotely, but they can hack into your Google accounts!
Production orders can be issued by an ‘Issuing officer’ who can be a Judge but can also be ‘any other person’ authorised under clause 106. This is a lowering of an important safeguard, particularly in light of the expansion of availability of the orders. Traditional expectations are that intrusions will not be made in private communications without rigorous oversight by a Judge. This is carried into this Bill in the issuing requirements for surveillance device warrants in clause 48. It seems logical that these relatively new, and potentially technical, production orders should also be issued by a Judge.
I prefer judicial oversight. So what does clause 106 allow:
The Attorney-General may authorise any Justice of the Peace, Community Magistrate, Registrar, Deputy Registrar, or other person to act as an issuing officer for a term, not exceeding 3 years, specified in the notice of authorisation.
I like the “or other person” clause. That means I could be appointed an issuing officer for warrants 🙂