(Image: APH)

"I'm still staggered by the power of this warrant. It allows the AFP to 'add, copy, delete or alter' material in the ABC's computers," tweeted John Lyons, executive editor of news and head of investigative journalism at the Australian Broadcasting Corporation (ABC).

Free PDF Australia’s encryption laws: An insider’s guide Australia now has world-first encryption laws. This guide explains what the laws can do, what they cannot do, and how Australia ended up here. Read More

It was Tuesday morning and Lyons was live-tweeting from a conference room at the ABC's Sydney headquarters. There, Australian Federal Police (AFP) officers, including digital forensics specialists, were executing a search warrant on the ABC's computer systems, while the broadcaster's lawyers argued with them about what was and wasn't covered by that warrant.

The AFP said the warrant was "in relation to allegations of publishing classified material", namely the reported "hundreds of pages" of classified documents which led to the ABC's report from mid-2017 titled The Afghan Files.

"A large proportion of the documents are reports on at least 10 incidents between 2009-2013 in which special forces troops shot dead insurgents, but also unarmed men and children," the ABC reported.

In March 2019, former Defence Force lawyer David McBride was charged with leaking the documents.

Much has already been written elsewhere about how the AFP raid played out, including how the besuited officers were asked to wait in the foyer by ABC security, and whether this hunt for a leaker constitutes an attack on the free press. That's not ZDNet's beat.

Our interests are the scope of this warrant, the law it's based on, how we got here, and what it means for the tech industry.

Those words that "staggered" Lyons -- the power to "add, copy, delete or alter" data on a computer -- are now standard under Commonwealth criminal law.

The ABC wasn't hit with anything special, either in relation to the alleged crime of leaking classified information, or in its role as a potential publisher of that information.

Specifically, we're looking at section 3F of the Crimes Act 1914 (Cth): "The things that are authorised by a search warrant".

That power to "add, copy, delete or alter other data in the computer" may be used when it is "necessary to achieve" purposes such as to use a computer or other device found during the course of the search, "for the purpose of obtaining access to data (the relevant data) that is held in the computer or device ... to determine whether the relevant data is evidential material of a kind specified in the warrant".

Officers may also use "any other computer or a communication in transit to access the relevant data", and "if necessary achieve that purpose -- to add, copy, delete or alter other data", provided that "having regard to other methods (if any) of obtaining access to the relevant data which are likely to be as effective, it is reasonable in all the circumstances to do so".

It's a complicated bit of law. There are other inclusions and other restrictions, but that's the guts of it.

And where did this new power come from? Our old friend the Telecommunications and Other Legislation Amendment (Assistance and Access) Act 2018.

Yes, the controversial legislation that was rushed through parliament in December 2018 after the Labor opposition caved in.

The new law was pitched as being about encryption. Indeed, the explanatory memorandum [PDF] details the Act's intent "to introduce measures to better deal with the challenges posed by ubiquitous encryption".

But while the media and tech industry, and indeed the politicians largely focused on the question of backdoors, the dragooning of developers as unwilling spies, and the impact on Australia's tech industry, these new warrant powers were there for all to see In Schedule 3. If we'd looked properly that is. Which we didn't.

As I've written before, the tech community seems far more interested in knee-jerk derision of the government for a so-called "war on maths" -- something that isn't a thing and never was -- rather than understanding that a technological problem like encryption can often be countered with a non-technological response. Like a search warrant backed up by a court order.

There's also a knee-jerk reaction to words like "add, copy, delete or alter data" to mean hacking. As Acting AFP Commissioner Neil Gaughan said in a press conference on Wednesday afternoon, the intention is to cover the somewhat less sinister processes of moving the data around during the execution of the warrant.

Remember the "necessary to achieve the purpose" bit. There's also the fact that the normal rules of evidence still apply in any prosecution.

That said, the letter of the law might well allow other scenarios. This is a not a defence.

Then there's the whole other matter of the so-called "covert computer access warrants" available under the Surveillance Devices Act 2004 -- a topic for another time, because that one does allow hacking.

As Gaughan put it: "If we think the law is inappropriate, we need to change the law. As the law stands at the moment, we have to execute it."

If only our elected representatives put some effort into thinking about that properly.

Related Coverage

Amendments to Australia's encryption laws stranded before election

Once again, Labor has been Charlie Brown to the Coalition's Lucy with the football.

Employees not the target of encryption laws: Home Affairs

Australian developers really do need to relax. Cops and spooks are being told very clearly that the Assistance and Access Act isn't for dragooning you into deceiving your bosses.

The encryption wars are back, but this time it's different

Some of the technical details have changed but the digital privacy battle continues.

AFP concerned about approving state police usage of Australia's encryption laws

Concerns over a federal body overseeing the operations of state and territory authorities.

Committee asks for more transparency over Australia's face-matching system

In addition to asking for more transparency on privacy and false matches regarding biometric databases, a Parliamentary Joint Committee has made recommendations on how to tackle the IoT age, the dark web, artificial intelligence, and data-sharing from an Australian law enforcement lens.