The Australian government has on Thursday introduced a Bill into Parliament that would prepare the nation for accessing the US Clarifying Lawful Overseas Use of Data Act (the CLOUD Act).
The Telecommunications Legislation Amendment (International Production Orders) Bill 2020 [PDF] would amend the Telecommunications (Interception and Access) Act 1979 (TIA Act) to establish a new framework that seeks to assist Australia's international crime cooperation efforts by "improving Australian agencies' access to overseas communications data for law enforcement and national security purposes".
The CLOUD Act creates a legal framework regulating how law enforcement can access data across borders.
Under the proposed amendment, providers in Australia and the US would be able to respond to lawful orders from the other country for access to "electronic evidence".
A bilateral CLOUD Act agreement would enable Australian law enforcement to serve domestic orders for communications data needed to combat serious crime directly on US-based companies, and vice versa.
The Bill introduces three International Production Orders (IPOs) to allow Commonwealth, state and territory law enforcement, and national security agencies to "more efficiently acquire data held in a foreign country by a designated communications provider".
"Almost every crime type and national security concern has an online element -- agencies require electronic information and communications data not only for cyber investigations but also for investigations and prosecutions regarding violent crimes, human trafficking and people smuggling, drug trafficking, financial crimes, terrorism, and child sexual abuse," the Bill's explanatory memorandum [PDF] states.
"The exponential rise of global connectivity and reliance on cloud computing means that intelligence and evidence that was once stored within Australia and available under a domestic warrant or authorisation is now distributed over different services, providers, locations and jurisdictions, and is often only obtainable through international cooperation."
The document touts the Bill as providing the legislative framework for Australia to give effect to future bilateral and multilateral agreements for cross-border access to electronic information and communications data.
It is also reciprocal, with Australia looking to deal with "like-minded foreign governments" for cross-border access to communications data.
"It is anticipated that these agreements would allow law enforcement and national security agencies in each participating country to issue orders, through a competent authority, for the production of data directed to communications and technology companies in the other country's jurisdiction," the document explains.
"These agreements would significantly reduce the time it currently takes to acquire communications data that is vital to law enforcement and security efforts."
Schedule one of the Bill would introduce a regime for Australian agencies to obtain independently-authorised international production orders for interception, stored communications, and telecommunications data directly to designated communications providers in foreign countries with which Australia has a designated international agreement.
International production orders could also be sought by agencies under an amended TIA Act through a warrant; by law enforcement agencies for the purposes of investigating a serious criminal offence or monitoring a person subject to a control order; or by the Australian Security Intelligence Organisation (ASIO) for the purpose of it carrying out its functions.
The establishment of an Australian Designated Authority (ADA) to review international production orders for compliance would also occur under the Bill, with the ADA to act as an intermediary between Australian law enforcement and national security agencies and designated communications providers, including giving international production orders to designated communications providers and, in some cases, receiving data back from designated communications providers pursuant to international production orders.
The Schedule, however, does not place any obligations on Australian communications providers under Australian law to respond to incoming requests for information from foreign countries.
"Designated communications providers will be required to comply with international production orders to the extent they are capable of doing so, and subject to the provider meeting a particular enforcement threshold," the document explains.
An "appropriate enforcement mechanism" with civil penalties would also be established.
The Bill would also make consequential amendments to the Freedom of Information Act 1982, International Criminal Court Act 2002, Law Enforcement Integrity Commissioner Act 2006 and Mutual Assistance in Criminal Matters Act 1987, and would need to adhere to provisions already within the Privacy Act 1988.
RELATED COVERAGE
from Latest Topic for ZDNet in... https://ift.tt/39qUlvn
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.