Australians are not allowed to know how many times — if any — local intelligence agencies have tapped phones abroad under a new bilateral agreement with the US. At least, not yet.
On January 31 this year, the US and Australia brought into effect an agreement to allow each other’s intelligence agencies to obtain electronic and phone data from service providers in the other country. The deal was originally clinched between US Attorney-General Merrick Garland and then Home Affairs minister Karen Andrews in 2021.
Crikey asked several Australian agencies for information on how many times the so-called international production orders (IPOs) had been sought and obtained so far, but the requests were denied.
The Australian Signals Directorate and the Australian Federal Police both forwarded the requests to the Attorney-General’s Department (AGD), which responded through a spokesperson who refused to answer the question but said agencies were legally required to report this information to the attorney-general within three months of the end of each financial year.
The Australian Secret Intelligence Service responded with its own refusal: “Consistent with long-standing practice, the Australian Secret Intelligence Service does not comment on intelligence matters.”
When Garland and Attorney-General Mark Dreyfus announced that the agreement was coming into effect, they said in a joint statement the deal would “transform and enhance international cooperation in addressing serious crimes, including terrorism and child sexual abuse”.
“The agreement will allow US and Australian authorities to obtain more timely access to electronic data held by service providers in the partner nation,” the statement went on. “Obtaining this information will help US and Australian agencies prevent, detect, investigate, and prosecute serious crime and safeguard our national security.”
A report by the Commonwealth Ombudsman into the oversight of covert electronic surveillance, published last week, found agencies linked to the IPO scheme showed “varied levels of readiness to use an order”.
“Minimal training had been delivered for staff, including for applicants and authorising officers [and] solutions for handling information obtained from an order were not tested and finalised,” the report noted.
Under the IPO scheme, relevant agencies can apply for interception of live communications, access to stored communications, and telecommunications data from the other country. “For example, this could include files uploaded to a storage/backup service, emails and chat history, as well as information related to those communications such as the time sent, associated geolocation data, IP addresses or the identities of the persons sending the messages,” the AGD said in an explainer.