You are here: Skip breadcrumbAttorney-General's Department >> Publications >> Annual reports >> Annual report 2007-08 >> Annual Report 2007-08 Output 2.3

Annual Report 2007-08 Output 2.3

National leadership and coordination of legal and policy advice on national security and counter-terrorism laws and critical infrastructure protection


The Security and Critical Infrastructure Division has been engaged in a diverse range of projects associated with enhancing the security of Australia, its people and the infrastructure they rely on.

These projects reflect the broad scope of the evolving threats that Australia must address in the criminal and national security environments. The projects are characterised by increasing technical complexity and the need to closely coordinate the efforts of numerous stakeholders in the Government and the private sector. Security is increasingly a matter for everyone and we are playing an important role in leading and coordinating Australia’s response.

We have reacted to the increasing demands of legal challenges and reviews, and provided support to the Government in an environment where policy and legal advice are increasingly contested.

Major achievements

Responses to the Government on controversial cases

During the reporting period, the Division advised on a number of high profile cases. These included the Thomas control order (where the first control order was upheld in a High Court challenge), the release of David Hicks and the making of a control order with respect to him, and the detention of Dr Mohammed Haneef and the subsequent inquiry into the circumstances of that detention. These all involved complicated issues that required carefully considered and appropriate responses to the Government.

Counter-terrorism policy

National security policy is an increasingly complex area which crosses multiple departments and agencies. We played a central role in working across these areas to ensure the consistent and coordinated development and implementation of counter-terrorism and national security policy issues. In particular, in 2007–08, we worked with Australian, State and Territory Government agencies to implement the 37 recommendations of the Review of Information and Intelligence Sharing in the Aviation Sector. The Division took a leading role in coordinating the Department’s involvement in the development of aviation and maritime security policy that fits within a consistent broader national security agenda, and oversaw the development of the Portfolio’s national security budget submission. The Division also coordinated the Department’s input to the Homeland and Border Security Review.

The Division is working with relevant agencies from the Australian Government and State and Territory Governments to develop strategies to counter violent extremism within Australian communities.

The National Security Policy Branch

The National Security Policy Branch was established in March 2008 to bring together various national security policy issues and projects from across the National Security and Criminal Justice Group. The Branch encompasses the former Counter-Terrorism Strategic Policy Unit and some initiatives previously progressed in the Protective Security Coordination Centre, including work with the Muslim community, the Wireless Priority Service System project, and spatial and information management work.

Cyber security

The Division developed and led Australia’s successful participation in the international cyber security exercise Cyber Storm II, held over five days in March 2008. The exercise simulated cyber attacks targeting critical infrastructure, including the water, energy, IT, communications, and banking and finance sectors. More than 50 organisations from Australian, State and Territory Governments, the IT industry and private sector members of the Australian Government’s Trusted Information Sharing Network for Critical Infrastructure Protection (TISN) took part in the Australian arm of the exercise.

The Australian Government Computer Emergency Readiness Team provided specific cyber threat information to more than 400 critical infrastructure and other key business organisations to assist them to protect their information and communications technology systems and networks. These companies span the defence industry sector and major Australian exporters, including those in the coal, iron ore and natural gas sectors, and companies in the banking and finance, energy, transport, communications and water services sectors.

Modelling and analysis

The Division has responsibility for the Critical Infrastructure Protection Modelling and Analysis (CIPMA) capability. The project continued to build its partnership with the four priority sectors (energy, banking and finance, communications and water). Formal ‘tasking’ of CIPMA opened and eight tasking applications were received. CIPMA supported the security planning for two significant events by analysing the vulnerabilities and dependencies of a number of venues for APEC Leaders’ Week and World Youth Day 2008. With funding from the 2008 Budget, CIPMA has commenced the transition from a pilot capability to operational status.

Guidance on security laws

The Division finalised and published a practitioner’s guide to the National Security Information (Criminal and Civil Proceedings) Act 2004. The guide outlines the objectives of the Act and provides a step-by-step analysis of the procedures the Act sets out. It is designed to raise awareness of the Act and enhance understanding of its operation among practitioners and courts.

We also produced a question and answer pamphlet on Australia’s counter-terrorism law as an easily understandable guide to the operation of the legislation.

Advice on critical infrastructure protection

The Trusted Information Sharing Network for Critical Infrastructure Protection continues to mature, as demonstrated by the successful conduct of the first All Sectors Forum, which brought together the nine critical infrastructure sectors for two days in May 2008. The forum provided an opportunity for the full membership of the network to learn firsthand of the work being undertaken by the other sectors, to establish and reinforce cross-sectoral links, and to do strategic planning.

The Department continued to work with business to assist in the development of comprehensive plans to prepare for, and respond to, a human influenza pandemic. Workshops were conducted in August and December 2007 to inform business of current government planning and to get a greater understanding of the interdependencies between sectors, contingency plans and underlying assumptions.

The Mass Gatherings Infrastructure Assurance Advisory Group developed the Counter-Terrorism Government–Business Partnership Model, which proposes a scaleable model for communications between government and business. Specific elements range from a best practice toolkit to a terrorism preparedness exercise program.

The extensive program of briefings to industry stakeholders on the terrorism threat to their sectors and government expectations about infrastructure protection continued. The briefings, conducted jointly by Australian, State and Territory Government agencies, are expected to be completed by the end of 2008.

Resilient organisations meet key organisational objectives in a challenging operating environment through effective risk, emergency and business continuity management. The Department worked with the members of the network to examine ways to further advance the organisational resilience of Australian business. We conducted an organisational resilience framework workshop in December 2007 which considered the potential to develop resilience guidance materials, awareness raising and training.

National Telecommunications Conference

The Division hosted the National Telecommunications Conference in Adelaide in September 2007. The conference was attended by more than 170 delegates and included presenters from a number of overseas jurisdictions.

Lawful access to telecommunications is crucial for effective law enforcement investigations, yet no area of technology is developing as rapidly as telecommunications. We have a central role in leading the process of adapting to this changing environment. The conference provided a forum for Australian law enforcement agencies and carriers to meet and to share information on technologies and the operation of legal regimes. As well as providing the opportunity to discuss ways to adapt and respond to these challenges.

Wireless priority service system

The wireless priority service system aims to deliver priority access to the mobile telephone network to senior decision makers and emergency responders during a crisis when the network may be congested. Phase 1 of the system was delivered in time for the APEC Leaders’ Week meetings in September 2007. The Phase 1 capability, a joint initiative of the Attorney-General’s Department and the Department of Defence, was provided through a single carrier, Telstra, on the 2G GSM network.

Evaluations and reviews

The Clarke Inquiry

On 13 March 2008, the Attorney-General announced the establishment of an inquiry into the handling of the case of Dr Mohammed Haneef, to be conducted by former New South Wales Supreme Court Judge The Hon John Clarke QC. The Clarke Inquiry will consider the lessons to be learnt from Dr Haneef’s case and any potential improvements to the way Australia’s security and law enforcement agencies work and cooperate in terrorism matters. The Security Law Branch coordinated the Department’s submission to the Inquiry and the compilation of relevant documents for provision to the Inquiry. The Inquiry has been asked to report by 30 September 2008.

Parliamentary committee reviews of terrorist organisation listings

The Parliamentary Joint Committee on Intelligence and Security completed its report into the operation, effectiveness and implications of the listing provisions for terrorist organisations in the Criminal Code. The report was tabled in Parliament on 20 September 2007. The Division coordinated the Attorney-General’s portfolio submission to the review.

The Parliamentary Joint Committee on Intelligence and Security also undertook several reviews into the listing of specific terrorist organisations. Officers of the Division provided evidence to the Committee for each of those reviews and coordinated the Government’s responses to each of those reports, which were tabled in Parliament on 26 June 2008.

Critical Infrastructure Protection Program

In 2007, the Department reviewed the Critical Infrastructure Protection Program. The review was overseen by a steering committee from the departments of the Prime Minister and Cabinet, Finance and Deregulation, and The Treasury. The review included a stakeholder survey and interviews with government and industry.

The review found that the Program had substantially met all objectives set for it by Government. Australia’s critical infrastructure is better protected by being better informed of threats, more aware of vulnerabilities and fully integrated into the national security arrangements. The program has created a broad and committed partnership between the Australian Government and businesses in the target sectors. The current and likely future threat environment and the increasing consequences of an infrastructure failure justify the continuation of the Program.


In the area of security law, we expect that in 2008–09 a number of prosecutions will be concluded and court decisions made. These decisions will assist us in our ongoing assessment of the counter-terrorism legislation and advice to the Attorney-General.

In the coming year, we will focus on providing further leadership in the development of national responses on critical infrastructure protection and e-security issues. Liaison with business is expected to continue to mature with an increasing number and range of activities.

The CIPMA Program will complete the transition from a pilot capability to operational status. We will continue to work to capture data on the fourth sector (water), and commence work on the fifth sector (transport).

We will continue to monitor developments in information and communications technology and their implications for technology-enabled crime. We are particularly aware of the speed with which sophisticated criminals are able to capitalise on the potential of new and emerging technologies.

We will continue to focus on working with our stakeholders to better coordinate portfolio responses to national security incidents and policy development. This will include responding to the results of the Review of Homeland and Border Security and the Government’s National Security Statement, and working with Australian, State and Territory Government agencies and the community to enable earlier intervention to address initial signs of terrorist activity.

Performance indicators
Quantitative and qualitative

Output 2.3

National leadership and coordination of legal and policy advice on national security and counter-terrorism laws and critical infrastructure protection


Performance indicator


Policy advice provided to ministers Quantity   2006–07 2007–08
Submissions to ministers 233 188
Cabinet submissions 1 2
Responses provided to ministerial correspondence* 11,565 1,604
Responses to questions on notice 25 2
Briefs 154 223
Speeches 13 13
Quality Advice to ministers provided within agreed timeframes Achieved
Extent of satisfaction of ministers as measured by periodic feedback from ministers and their offices Highly satisfied
Advice provided to other agencies Quantity   2006–07 2007–08
Items of legal/policy/operational advice 480 772
  Quality Advice provided within agreed timelines


The Division provides operational and policy advice to agencies on a daily basis. Strategies are consistently reviewed to ensure compliance with agreed timeframes.

Agencies indicated that they found the advice relevant, timely and of high quality.

Types of advice

– engagement with other departments and agencies to ensure a coordinated approach to significant counter-terrorism related cases

– interpretation of various provisions in the National Security Information (Criminal and Civil Proceedings) Act, the Australian Security Intelligence Organisation Act 1979, the Intelligence Services Act 2001, the Telecommunications (Interception and Access) Act 1979 and the Criminal Code

– formulation of appropriate secrecy provisions in proposed new legislation

– provisions for calling out the Defence Force in Part IIIAAA of the Defence Act 1903.

Advice provided is respected by client agencies, as measured by periodic feedback


Stakeholders indicated they were highly satisfied with the service level.

Feedback from stakeholders generally indicated a high level of satisfaction with the service provided and that practices and advices provided by the section were implemented.

Agency comments include:

– ‘Constructive engagement characterised by frank and open communication.’

– ‘Helpful, pragmatic, consultative and actively engaged.’

Development of Government’s legislative priorities Quality Bills are introduced in accordance with the legislative program Achieved

The Division consistently met legislative priorities. The past year saw the entering into force of the Telecommunications (Interception and Access) Amendment Act 2007 while the Telecommunications (Interception and Access) Amendment Act 2008 received royal assent in May 2008.

A further amendment Bill was introduced on 25 June 2008.
Fulfilment of statutory functions, including decisions made under legislation and statutory reporting functions met Quality Actions taken under legislation Substantially achieved

The Division successfully met its obligations to provide annual reports under the Telecommunications (Interception and Access) Act 1979 and the Surveillance Devices Act 2004. The reports were tabled in Parliament as soon as practicable. Strategies were put in place to ensure timely compilation of the reports which included dedicating additional staff to the task.

During the past 12 months, the Division managed an increase in the number of licensed carriers in Australia who are required to submit interception capability plans.

In the past 12 months, officers extended their education and liaison activities, for example, by visiting 42 carriers and carriage service providers, to assist industry understanding of obligations to provide lawful interception and reasonably necessary assistance to law enforcement agencies.
Administrative or legislative reviews, including the Inquiry into the Terrorist Organisation Listing Provisions of the Criminal Code Act 1995 Quality Reviews completed and presented to the Minister within agreed timeframes Achieved

The Division provided submissions to and appeared before the Parliamentary Joint Committee on Intelligence and Security in its separate reviews of the relisting of several terrorist organisations and its review of the terrorist organisation listing provisions of the Criminal Code.

We provided a submission and documentation to the Clarke Inquiry into the Dr Haneef case.

We successfully conducted the review of the Critical Infrastructure Protection Program, which found that the program had substantially met all objectives set for it by the Government.
Improved communication and collaboration within and between business sectors Quality Establishment and maintenance of two-way communication between key stakeholders Substantially achieved

Examples include the successful conduct of the first All Sectors TISN Forum, workshops on pandemic preparedness and organisational resilience, and the National Telecommunications Conference.
Increase investment in research and analysis and in the testing of vulnerabilities and interdependencies Quality Extent of uptake within particular business sectors Partially achieved

Examples include research for the protection of urban water supplies from contamination; the modelling of progressive building collapse; and the CIPMA Program’s relationship building with the four priority sectors (energy, banking and finance, communications and water).
Engage infrastructure owners and operators in a comprehensive national approach Quality Establishment and maintenance of two-way communication between key stakeholders Substantially achieved

Examples include the ongoing briefing of owners and operators Australia-wide on the threats to their sectors and engagement with TISN to examine the further advancement of organisational resilience for Australian business.

* The number of ministerials relates to the number of actions in relation to ministerial correspondence.

† Briefs include papers on current issues, possible parliamentary questions (new and updated) and meeting briefs.

‡ The number of advices provided by output have been derived from the Department’s annual workload survey and represent a snapshot obtained by aggregating data from four separate one-week periods—two from parliamentary sitting periods and two from non-sitting periods.

Our people

Lawful access to telecommunications is crucial

Lionel Markey, Telecommunications and Surveillance Law Branch.

Lionel Markey, Telecommunications and
Surveillance Law Branch.

Keeping up with the extraordinary pace of development in the telecommunications industry is crucial when working in the areas of intelligence gathering and law enforcement. To stay ahead of the game, the Department organises an annual forum for Australian law enforcement agencies and carriers to share information on new and emerging technologies.

The first National Telecommunications Conference was held last year in Adelaide, with more than 170 attendees and presenters from a number of overseas jurisdictions.

Lionel Markey, of the Telecommunications and Surveillance Law Branch, took a lead role in coordinating the conference.

‘One challenge in organising a conference of this size is developing an agenda that hits the right balance of issues. The topics must attract people to attend and keep them interested for two days,’ Lionel commented.

According to Lionel, there were a couple of important aspects of the conference. Firstly it gave all participants an opportunity to network with one another.

‘Government relies on industry to provide assistance with access to telecommunications, and strengthening professional relationships is definitely the key to the success of the whole regime.’

Secondly, the Conference provided the opportunity to consult with stakeholders.

‘These discussions gave us the opportunity to take into account various views on the privacy of individuals, the global competitiveness of our telecommunications industry, and access to telecommunications as an important tool for agencies in investigating serious crime and issues of national security,’ Lionel said.

This last point was illustrated by South Australian Police in their presentation on the Snowtown murders. It highlighted the role access to telecommunications played in that investigation.

‘It definitely hit home to the telecommunications industry the pivotal role that this industry plays. By providing assistance, law enforcement are able to more effectively investigate serious crime,’ Lionel said.