Loading
pop-up content starts
pop-up content ends

Account takeover warrants

​​​​​​​​​​TitleDescription​
​Legislation​
​The Crimes Act 1914.
​Purpose
​Enable agencies to take control of an online account and deprive the account holder of access to that account.
​Who can apply?
Officers of the Australian Federal Police (AFP) and the Australian Criminal Intelligence Commission (ACIC).
​Threshold for application
​The officer must suspect on reasonable grounds that:
  • an offence has been, is being, is about to be, or is likely to be committed
  • an investigation into those offences is being, will be, or is likely to be, conducted, and​
  • taking control of one or more online accounts is necessary, in the course of that investigation, for the purpose of enabling evidence to be obtained of the commission of those offences.​
The offence must be an offence carrying a term of imprisonment of 3 years or more.
​Issued by
A magistrate.
​Considerations for issue
Amongst other things, in issuing an account takeover warrant the magistrate must have regard to the nature and gravity of the conduct and the extent to which the privacy of any person is likely to be affected.
​What actions can be authorised?
An account takeover warrant authorises taking control of an online account. Taking control of an account means taking steps that result in the person having exclusive access to the account, such as altering account credentials. In order to take control of an account, officers can use a computer or other electronic equipment, access account-based data, and add, copy, alter or delete credentials or data. The officer must restore access to a lawful account to the account holder when the warrant expires or control of the account is no longer required. Account takeover warrants can also be issued internally in an emergency situation, and subsequently authorised by a magistrate. They can also permit the officer to seek assistance from a person with knowledge of a computer or a computer system to help in carrying out the warrant.
​For example
Having obtained account credentials belonging to a member of a terrorist group, an officer could access that account and alter the credentials to block the person from using the account. Under other authorisations or warrants, for example a controlled operation, the officer could then use the account to pose as another member of the terrorist group, and gather evidence.
​What cannot be authorised?
​Account takeover warrants do not permit officers to cause a person to suffer a permanent loss of property or finances, nor to cause material loss or damage to persons lawfully using a computer, or materially interfere with, interrupt or obstruct a communication in transit or the lawful use by other persons of a computer unless necessary to execute the warrant.
​Duration
​A maximum period of 90 days, with extensions of up to 90 days available.
​How is this different from other warrants?
There is no other explicit power in the Crimes Act authorising an officer to take control of an online account. The account takeover power only authorises the taking control of the account. If the agency needs to use the account in order to conduct other activities, such as using the account to represent themselves as the original account holder and communicate with others, another appropriate authorisation or warrant will have to be sought. Account takeover warrants are intended to be used in conjunction with other powers, for example controlled operations.
​How will information be used?

Information collected under an account takeover warrant can be used as evidence in a proceeding. It is an offence to use this information except in limited circumstances such as for the purposes of the investigation of a relevant offence, the making of a decision about whether or not to bring a prosecution, or the prevention of serious harm.
​Oversight
The Commonwealth Ombudsman has oversight of account takeover warrants and is responsible for inspecting the records of agencies at least once every six months to determine the extent of compliance with the account takeover warrant regime. The Ombudsman must report to the Minister for Home Affairs on the results of any inspection conducted. The Ombudsman can request any relevant information from officers that will assist in determining compliance.
​Record keeping
​The chief officer of the AFP or the ACIC must ensure that information obtained is kept in a secure place that is not accessible to people who are not entitled to deal with the record or report. Records must be destroyed as soon as practicable if the material is no longer required, and within 5 years.
​Reporting​
Agencies are required to provide bi-annual reports to the Minister for Home Affairs and the Commonwealth Ombudsman. Annual reports about the use of these warrants will also be tabled in Parliament.​