In an increasingly digital world, our society has become reliant on companies which transmit digital communications, from banks to mobile phone service providers. While the internet and its associated services assists us in performing everyday activities, these services must also comply with lawful requests from government agencies. One such set of legal measures include ‘Computer Network Operations’ (CNO). The Internet Policy Review Journal on Internet Regulation provides useful information about CNOs, the application in Australia and the potential threat to the rule of law.
What are Computer Network Operations (CNOs)?
Computer Network Operations (CNOs) refers to government intrusion and/or interference with networked information communication infrastructures for the purposes of law enforcement and security intelligence.
The use of CNOs represents a great shift in how governments exercise power, with a transition from compelling digital communications companies to provide requested information, to forcibly affecting their networks and collecting this information, often without their assistance or knowledge.
Why do governments use CNOs?
Due to the use of advanced technologies such as encryption by cyber criminals, law enforcement agencies are presented with great challenges in gathering intelligence as part of a criminal investigation. CNO measures are being adopted to counter these difficulties and to facilitate cybercrime investigations, as well as to disrupt terrorist attacks.
What are the implications and potential risks of CNOs?
Although CNOs might be lawfully authorised under domestic legislation, the associated activities may:
- Be deliberately hidden from judges or oversight bodies
- Not have sufficient levels of transparency and accountability to be recognised as a democratically legitimised activity
- Violate laws of foreign states
- Infringe upon international human rights
CNOs and law enforcement in Australia
Several pieces of legislation authorise Australian government agencies’ use of CNOs for security and law enforcement purposes, including:
TELECOMMUNICATIONS INTERCEPTION (AND ACCESS) ACT 1979
This act is the primary legal framework for security intelligence and police access to communications that transit telecommunications infrastructure in Australia, and can be used to authorise CNOs.
THE SURVEILLANCE DEVICES ACT 2004
This act also authorises CNOs.
THE ASIO ACT
CNO measures are authorised by Section 25(a) of the Australian Security Intelligence Organisation Act 1979 (ASIO Act).
The Australian Signals Directorate assistance in CNOs
The Australian Signals Directorate (ASD) provides technical assistance to domestic agencies in carrying out their functions under the Intelligence Services Act 2001 (ISA). This assistance may extend to CNO activities.
What is the Rule of Law?
The Rule of Law Institute of Australia states that while there is no single agreed definition of the rule of law, there is a core definition that has near universal acceptance:
“…most of the content of the rule of law can be summed up in two points:
(1) that the people (including, one should add, the government) should be ruled by the law and obey it and
(2) that the law should be such that people will be able (and, one should add, willing) to be guided by it.”
– Geoffrey de Q. Walker, The rule of law: foundation of constitutional democracy, (1st Ed., 1988).
How do CNOs threaten the rule of law?
Outdated definitions of technology in legislation have led to blurred boundaries, where CNOs can be applied in a fairly unrestrained manner, introducing a multitude of risks relating to privacy, civil liberties and security.
The government is not able to assure the public that basic democratic freedoms will not be violated, placing strain on the rule of law principles.
Even though Computer Network Operations (CNOs) can be ‘lawfully’ used in Australia, they can disturb the preservation of democratic freedoms and procedural justice, and threaten the Rule of Law.