pop-up content starts
pop-up content ends

Data disruption warrants

​The Surveillance Devices Act 2004.
To enable disruption of criminal activity facilitated or conducted online.
​Who can apply?
​Officers of the Australian Federal Police (AFP) and the Australian Criminal Intelligence Commission (ACIC).
​Threshold for application
​The officer must suspect on reasonable grounds that:
  • an offence is being, is about to be, or is likely to be committed
  • the offence involves data held on a computer, and
  • disrupting the data is likely to substantially assist in frustrating the commission of an offence.​
The offence must be an offence carrying a term of imprisonment of 3 years or more.
​Issued by
​An eligible Judge or nominated Administrative Appeals Tribunal (AAT) Member.
​Considerations for issue
The Judge or AAT member must be satisfied that the disruption of data is justifiable and proportionate. The Judge or AAT member must have regard to the nature and gravity of the conduct and the existence of any alternative means of frustrating the commission of the offence, as well as other considerations.
​What actions can be authorised?
Data disruption means adding, copying, deleting or altering data held in a computer. This can only be done in order to frustrate the commission of offences or determine relevance of data. To assist disruption, a warrant can also authorise other facilitative activities, such as entering specified premises, using electronic equipment to obtain access to data, removing a computer from premises, copying data that has been obtained, and intercepting if necessary to carry out the things authorised in the warrant. A data disruption warrant also allows the officer to take actions to conceal the access and the activities, allowing the warrant to be conducted covertly.

Data disruption warrants can be used to affect data offshore with the consent of an appropriate consenting foreign official (if the location of data is known or can be reasonably determined). They can also be issued internally in an emergency situation, and subsequently authorised by a Judge or AAT member. They can also permit the officer to seek assistance from a person with knowledge of a computer or a computer system to help in carrying out the warrant.
​For example
An agency may remove content from a website hosting child abuse material, or redirect activity away from the website and onto a different forum in order to prevent access or further dissemination of the material.
​What cannot be authorised?
A data disruption warrant cannot authorise causing any material loss or damage to persons lawfully using a computer unless this is justified and proportionate. The warrant must not be executed in a manner that causes a person to suffer the permanent loss of property or finances.
​A maximum period of 90 days, with extensions of up to 90 days available.
​How is this different from other warrants?
Computer access warrants in the Surveillance Devices Act allow access to a computer but only for the purpose of gathering evidence. Data disruption warrants allow agencies to proactively remove content or redirect activity in order to prevent further harm from occurring. Unlike other warrants, the main purpose of activity undertaken through data disruption is not gathering evidence for a prosecution, but rather frustrating the commission of further offences.
​How will information be used?

The information collected under a data disruption warrant will be strictly protected. It is an offence to use this information except in limited circumstances such as for the purposes of the investigation of a relevant offence, the making of a decision about whether or not to bring a prosecution, or the prevention of serious harm. Information collected can be used in evidence in a proceeding.

​The Commonwealth Ombudsman will oversee data disruption warrants. The Ombudsman must report on the results of inspections to the Minister for Home Affairs every 6 months. The Ombudsman can request any relevant information from officers that will assist in determining compliance with the data disruption warrant regime.
​Record keeping
The chief officer of the AFP or the ACIC must ensure that information obtained is kept in a secure place that is not accessible to people who are not entitled to deal with the record or report. Records must be destroyed as soon as practicable if the material is no longer required, and within 5 years.
Agencies are required to report to the Minister for Home Affairs after each warrant has been executed. Annual reports about the use of these warrants will be tabled in Parliament.​