pop-up content starts
pop-up content ends

Network activity warrants

​The Surveillance Devices Act 2004.
​To enable the collection of intelligence that relates to criminal networks operating online.
​Who can apply?
​The chief officer of the Australian Federal Police (AFP) and the Australian Criminal Intelligence Commission (ACIC).
​Threshold for application
​The officer must suspect on reasonable grounds that:
  • a group of individuals is a criminal network of individuals, and
  • access to data held in a computer being used, or likely to be used from time to time by individuals in the group, will substantially assist in the collection of intelligence that relates to the group or its members, and
  • the data is relevant to the prevention, detection, or frustration of one or more kinds of relevant offences.
The offence must be an offence carrying a term of imprisonment of 3 years or more.
​Issued by
​An eligible Judge or nominated Administrative Appeals Tribunal (AAT) Member.
​Considerations for issue
​The Judge or AAT member must be satisfied that there are reasonable grounds for the suspicion founding the application. The Judge or AAT member must have regard to the nature and gravity of the conduct and the likely intelligence value of any information obtained, as well as other considerations.
​What actions can be authorised?
​Network activity warrants authorise computer access techniques, such as adding, copying, deleting, or altering data to obtain access to data, for the purpose of collecting intelligence on criminal networks operating online. The AFP and ACIC are also permitted to intercept communications and use surveillance devices for the purposes of facilitating the execution of a network activity warrant, but will not be able to use any information collected through surveillance or interception as intelligence. Officers can also take actions to conceal the computer access, allowing the warrant to be conducted covertly.

Network activity warrants can be used to collect intelligence offshore with the consent of an appropriate consenting foreign official (if the location of the data is known or can be reasonably determined). These warrants can also permit the officer to seek assistance from a person with knowledge of a computer or a computer system to help in carrying out the warrant.
​For example
​A network activity warrant could be used to collect intelligence on a syndicate of human traffickers operating online. Under the warrant, through computer access, an agency could collect intelligence on the group in order to better understand who they are and how they operate. The agency could then obtain a targeted investigatory warrant (e.g. a surveillance device warrant) to gather evidence about the offending.
​What cannot be authorised?
​Network activity warrants must not involve conduct likely to materially interfere with, interrupt or obstruct a communication in transit or the lawful use by other persons of a computer unless necessary to execute the warrant. The warrant must not result in any other material loss or damage to other persons lawfully using a computer.
​A maximum period of 90 days, with extensions of up to 90 days available.
​How is this different from other warrants?
​Existing warrants, such as computer access warrants in the Surveillance Devices Act, allow the collection of evidence, rather than intelligence. Network activity warrants allow agencies to target criminal networks about which very little is known to discover the scope of the network and its offending. Network activity warrants provide a discovery tool that can be used in conjunction with other investigatory powers to further a single investigation.
​How will information be used?

​Information obtained under a network activity warrant is for intelligence purposes and is not permitted to be used as evidence in a criminal proceeding. However, it can be used to support an application for other warrants to then collect evidence.

​The Inspector-General of Intelligence and Security (IGIS) will have oversight of network activity warrants. The IGIS annual report must include the IGIS’ comments on any inspection conducted. The IGIS can request any relevant information from officers that will assist in determining the legality and propriety of the use of network activity warrants.
​Record keeping
​The chief officer of the AFP or the ACIC must ensure that information obtained is kept in a secure place that is not accessible to people who are not entitled to deal with the record or report. Records must be destroyed as soon as practicable if the material is no longer required, and within 5 years.
​Agencies are required to report to the Minister for Home Affairs after each warrant has been executed. Annual reports about the use of these warrants will be tabled in Parliament.