Data disruption warrants

​The Surveillance Devices Act 2004.
To enable disruption of criminal activity facilitated or conducted online to frustrate the commission of serious offences.
​Who can apply?

Officers of the Australian Federal Police (AFP) and the Australian Criminal Intelligence Commission (ACIC).

An officer cannot apply for a warrant unless an endorsing officer has approved the application. Endorsing officers are appointed by the AFP Commissioner or ACIC CEO, must be of a sufficiently senior rank and must meet certain training, skill and experience requirements.​
​Threshold for application
​The officer must suspect on reasonable grounds that:
  • an offence is being, is about to be, or is likely to be committed
  • the offence involves data held on a computer, and
  • disrupting the data is likely to substantially assist in frustrating the commission of an offence.​
The offence must be a Commonwealth offence, or a State/Territory offence with a federal aspect, carrying a term of imprisonment of 3 years or more.
​Issued by
​An eligible Judge or nominated Administrative Appeals Tribunal (AAT) Member.
​Considerations for issue

The Judge or AAT member must be satisfied that there are reasonable grounds for the suspicion founding the application and that the disruption of data is reasonably necessary and proportionate.

Among other things, the Judge or AAT member must have regard to:

  • ​the nature and gravity of the conduct, including giving weight to whether the conduct constituting the offences targeted relates to the most serious types of criminal activity 
  • the existence of any alternative means of frustrating the commission of the offence 
  • the impact on third parties, including the extent to which the privacy of any person is likely to be affected, to the extent this is known
  • ​where an investigation of a secrecy provision is in relation to a person working in a professional capacity as a journalist, whether the public interest in issuing the warrant outweighs the public interest in protecting the identity of a journalist source and reporting matters in the public interest.
​What actions can be authorised?

Data disruption means adding, copying, deleting or altering data held in a computer. This can only be done in order to frustrate the commission of offences. To assist disruption, a warrant can also authorise other facilitative activities, such as entering specified premises, using electronic equipment to obtain access to data, removing a computer from premises, copying data that has been obtained, and intercepting if necessary to carry out the things authorised in the warrant.

If a computer is removed from premises, it must be returned as soon as it is reasonably practicable to do so, and once it is no longer required under the warrant. ​A data disruption warrant also allows the officer to take actions to conceal the access and the activities, allowing the warrant to be conducted covertly.

Data disruption warrants can be used to affect data offshore with the consent of an appropriate consenting foreign official (if the location of data is known or can be reasonably determined).

They can also be issued internally in an emergency situation, and subsequently authorised by a Judge or AAT member, where there is an imminent risk of serious violence to a person, or imminent risk of substantial damage to property.

They can also permit the officer to seek an assistance order from a Judge or AAT member requiring a ​​​person with knowledge of a computer or a computer system to provide reasonable and necessary assistance to help in carrying out the warrant.

​​For example
An agency may remove content from a website hosting child abuse material, or redirect or block activity to the website to prevent access to, and dissemination of, this harmful material. ​
​What cannot be authorised?

A data disruption warrant cannot authorise causing any material loss or damage to persons lawfully using a computer unless this is reasonably necessary and proportionate to the offending agencies seek to disrupt. Where material loss or damage does occur, agencies are required to notify the Commonwealth Ombudsman within 7 days.

The warrant must not be executed in a manner that causes a person to suffer the permanent loss of property (other than data) or finances.

A person can be eligible for compensation if they suffer unauthorised loss or damage from execution of a data disruption warrant.

​A maximum period of 90 days, with extensions of up to 90 days available.
​How is this different from other warrants?
Computer access warrants in the Surveillance Devices Act allow access to a computer but only for the purpose of gathering evidence. Data disruption warrants allow agencies to proactively remove content or redirect activity in order to prevent further harm from occurring. Unlike other warrants, the main purpose of activity undertaken through data disruption is not gathering evidence for a prosecution, but rather frustrating the commission of further offences.
​How will information be used?

The information collected under a data disruption warrant will be strictly protected. It is an offence to use or disclose this information except in limited circumstances such as for the purposes of the investigation of a relevant offence, the making of a decision about whether or not to bring a prosecution, or the prevention of serious harm. Information collected can be used in evidence in a proceeding.

​The Commonwealth Ombudsman will oversee data disruption warrants. The Ombudsman must report on the results of inspections to the Minister for Home Affairs every 6 months. The Ombudsman can request any relevant information from officers that will assist in determining compliance with the data disruption warrant regime.
​Record keeping
The chief officer of the AFP or the ACIC must ensure that information obtained is kept in a secure place that is not accessible to people who are not entitled to deal with the record or report. Records must be destroyed as soon as practicable if the material is no longer required, and within 5 years.
Agencies are required to report to the Minister for Home Affairs after each warrant has been executed. Annual reports about the use of these warrants will be tabled in Parliament.​
pop-up content starts
pop-up content ends