Account takeover warrants

​The Crimes Act 1914.

Enable agencies to take control of an online account and deprive the account holder of access to that account for the purposes of gathering evidence about criminal activity.

Examples of online accounts include social media accounts, online banking accounts and accounts associated with online forums.​

​Who can apply?
Officers of the Australian Federal Police (AFP) and the Australian Criminal Intelligence Commission (ACIC).
​Threshold for application
​The officer must suspect on reasonable grounds that:
  • an offence has been, is being, is about to be, or is likely to be committed
  • an investigation into those offences is being, will be, or is likely to be, conducted, and​
  • taking control of one or more online accounts is necessary, in the course of that investigation, for the purpose of enabling evidence to be obtained of the commission of those offences.​
The offence must be a Commonwealth offence, or a State/Territory offence with a federal aspect, carrying a term of imprisonment of 3 years or more.
​Issued by
A magistrate.
​Considerations for issue

A magistrate must be satisfied that there are reasonable grounds for the suspicion founding the application.

Among other things, in issuing an account takeover warrant the magistrate must have regard to: 

  • ​the nature and gravity of the conduct, including giving weight to whether the conduct constituting the offences targeted relates to the most serious types of criminal activity
  • ​the impact on third parties and the extent to which the privacy of any person is likely to be affected, to the extent this is known
  • ​where an investigation of a secrecy provision is in relation to a person working in a professional capacity as a journalist, whether the public interest in issuing the warrant outweighs the public interest in protecting the identity of a journalist source and reporting matters in the public interest.
​What actions can be authorised?

An account takeover warrant authorises taking control of an online account. Taking control of an account means taking steps that result in the person having exclusive access to the account, such as altering the password to an account. In order to take control of an account, officers can use a computer or other electronic equipment, access account-based data, and add, copy, alter or delete credentials or other data.

The officer must take reasonable steps to restore access to a lawful account to the account holder when the warrant expires or control of the account is no longer required.

Account takeover warrants can also be issued internally in an emergency situation, and subsequently authorised by a magistrate, where there is an imminent risk of serious violence to a person, or imminent risk of substantial damage to property.

They can also permit the officer to seek an assistance order from a magistrate requiring a person with knowledge of a computer or a computer system to provide reasonable and necessary assistance to help in carrying out the warrant. For example, this could include requiring the account holder to provide the relevant username and password for the online account.

​For example
Having obtained account credentials belonging to a member of a terrorist group, an officer could access that account and alter the credentials. This complements other authorisations or warrants, for example a controlled operation, where the officer could then use the account to pose as another member of the terrorist group, and gather evidence.
​What cannot be authorised?
​Account takeover warrants do not permit officers to cause a person to suffer a permanent loss of property or finances, nor to cause material loss or damage to persons lawfully using a computer. It also does not permit officers to materially interfere with, interrupt or obstruct a communication in transit or the lawful use by other persons of a computer unless necessary to execute the warrant.
​A maximum period of 90 days, with extensions of up to 90 days available.
​How is this different from other warrants?
There is no other explicit power in the Crimes Act authorising an officer to take control of an online account. The account takeover power only authorises the taking control of the account. If the agency needs to use the account in order to conduct other activities, such as using the account to represent themselves as the original account holder and communicate with others, another appropriate authorisation or warrant will have to be sought. Account takeover warrants are intended to be used in conjunction with other powers, for example controlled operations.
​How will information be used?

Information collected under an account takeover warrant can be used as evidence in a proceeding. It is an offence to use or disclose this information except in limited circumstances such as for the purposes of the investigation of an offence, the making of a decision about whether or not to bring a prosecution, or the prevention of serious harm.
The Commonwealth Ombudsman has oversight of account takeover warrants and is responsible for inspecting the records of agencies at least once every 12 months to determine the extent of compliance with the account takeover warrant regime. The Ombudsman must report to the Minister for Home Affairs on the results of any inspection conducted. The Ombudsman can request any relevant information from officers that will assist in determining compliance.
​Record keeping
​The chief officer of the AFP or the ACIC must ensure that information obtained is kept in a secure place that is not accessible to people who are not entitled to deal with the record or report. Records must be destroyed as soon as practicable if the material is no longer required, and within 5 years.
Agencies are required to provide annual reports to the Minister for Home Affairs and the Commonwealth Ombudsman. Annual reports about the use of these warrants will also be tabled in Parliament.​

pop-up content starts
pop-up content ends