While internet users in Australia are generally free to access and distribute materials online, free speech is limited by a number of legal obstacles, such as broadly applied defamation laws and a lack of codified free speech rights. Additionally, recent amendments have significantly increased the government’s capacity for surveillance of ICTs, including an amendment broadening the definition of “computer” to include entire networks, and a provision allowing law enforcement and intelligence agencies warrantless access to metadata.

Legal Environment

Australians’ rights to access online content and freely engage in online discussions are based less in law and more in the shared understanding of a fair and free society. Legal protection for free speech is limited to the constitutionally-implied freedom of political communication, which only extends to the limited context of political discourse during an election.[44] There is no bill of rights or similar legislative instrument that protects the full range of human rights in Australia, and the courts have less ground to strike down legislation that infringes on civil liberties. Nonetheless, Australians benefit greatly from a culture of freedom of expression and freedom of information, further protected by an independent judiciary. The country is also a signatory to the International Covenant on Civil and Political Rights (ICCPR).

Australian defamation law has been interpreted liberally and is governed by legislation passed by the states as well as common law principles.[45] Civil actions over defamation are common and form the main impetus for self-censorship, though a number of cases have established a constitutional defense when the publication of defamatory material involves political discussion.[46] Court costs and the stress associated with defending against suits under Australia’s expansive defamation laws have caused organizations to leave the country and blogs to shut down.[47]

Under Australian law, a person may bring a defamation case to court based on information posted online by someone in another country, providing that the material is accessible in Australia and that the defamed person enjoys a reputation in Australia. In some cases, this law allows for the possibility of libel tourism, which allows individuals from any country to take up legal cases in Australia because of the more favorable legal environment regarding defamation suits. The right to reputation is generally afforded greater protection in countries like Australia and the United Kingdom than the right of freedom of expression. In Australia this is especially so as freedom of expression is limited to political speech. While the United States and the United Kingdom have recently enacted laws to restrict libel tourism, Australia is not currently considering any such legislation.

Prosecutions and Detentions for Online Activities

In January 2015, a Western Australian court ordered estranged wife Robyn Greeuw to pay $12,500 in damages for her defamatory Facebook postings where she alleged that her former husband Miro Dabrowski had emotionally and physically abused her for over 18 years.[48] The defence of truth was not proven. This follows the widely publicized earlier decision in the case of Mickle v Farley,[49] where a young man in New South Wales was fined AUD 105,000 plus costs for posting defamatory statements on Twitter and Facebook about his music teacher. The case was novel for the amount of damages incurred on the defendant and for being the first Australian decision where a tweet was held to be defamatory.[50] In the case Judge Elkaim stated that “when defamatory publications are made on social media it is common knowledge that they spread. They are spread easily by the simple manipulation of mobile phones and computer. Their evil lies in the grapevine effect that stems from the use of this type of communication.”[51]

There have been several cases in the states of New South Wales and Victoria of individuals being sentenced to jail terms for publishing explicit photos of women, typically former girlfriends or boyfriends. By way of example, in 2012 Australian citizen Ravshan Usmanov pled guilty to publishing an indecent article and was originally sentenced to six months of home detention after he posted nude photographs of an ex-girlfriend on Facebook.[52] The sentence was appealed and the court commuted the original sentence in favor of a suspended sentence.

Surveillance, Privacy and Anonymity

Over the past few years, revelations regarding global surveillance and retention of communications data by the NSA and other intelligence agencies have raised concerns regarding users’ right to privacy and freedom of expression. However, the Australian government has taken few steps to remedy these concerns, and has instead moved to expand the government’s surveillance capabilities. In October 2014, the parliament passed amendments to the national security legislation that increase penalties for whistleblowers and could potentially allow intelligence agents to monitor an entire network with a single warrant. Further, data retention amendments passed in March 2015 require telecommunication companies to store customers’ metadata for two years, allowing agencies to access that metadata without a warrant.

Law enforcement agencies may search and seize computers and compel an ISP to intercept and store data from those suspected of committing a crime. Such actions require a lawful warrant. As will be discussed below, law enforcement no longer requires a warrant to access, review, and store metadata. The collection and monitoring of the content of communication falls within the purview of the Telecommunications (Interception and Access) Act 1979 (TIAA). Call-charge records, however, are regulated by the Telecommunications Act 1997 (TA).[53] It is prohibited for ISPs and similar entities, acting on their own, to monitor and disclose the content of communications without the customer’s consent.[54] Unlawful collection and disclosure of the content of a communication can draw both civil and criminal sanctions.[55] The TIAA and TA explicitly authorize a range of disclosures, including to specified law enforcement and tax agencies, all of which require a warrant. ISPs are currently able to monitor their networks without a warrant for “network protection duties,” such as curtailing malicious software and spam.[56]

The Telecommunications (Interception and Access) Amendment (Data Retention) Bill 2015 (Bill) is potentially the greatest legislative threat to Australian online freedom. The bill amends the TIAA and TA while introducing a statutory obligation for telecommunication service providers to retain telecommunications data (metadata) for two years. The bill became law on April 13, 2015 and is now referred to as the Telecommunications (Interception and Access) Amendment (Data Retention) Act 2015 (the Act). Telecommunications providers have an 18 month grace period before the applicable provisions enter into force. The metadata of all Australians will be stored for two years. There is no longer the requirement of restricting metadata access and use only in the course of an investigation. Law enforcement and intelligence agencies will no longer require a warrant to access and review metadata. However, law enforcement will still need a warrant to access stored communications, as well as any metadata associated with journalists or their sources.

While other countries have implemented data retention frameworks, the Australian Attorney-General has failed to discuss the significant differences between the EU, American, and Australian legal environments. In other countries, citizens’ rights are protected under a Bill of Rights or a Charter of Human Rights and Freedoms. Like the U.S. courts, European courts can and have struck down data retention laws or directives that offend these guarantees of fundamental human rights and civil liberties. There is no Bill of Rights or Charter of Human Rights and Freedoms in Australia. As such, the courts have no effective means to strike down proposals that violate civil liberties. Once a proposal is enacted, the only way to have it changed is through legislation, which often requires a change of government.

Following the leaks of U.S. National Security Agency documents by former contractor Edward Snowden in June 2013, it was reported that Australian law enforcement has received information from the NSA surveillance programs. It is further believed that the attorney general’s department is seeking the power to “break into anonymization and encryption software like Tor.”[57]

Additionally, in April 2015, new revisions to the Defense Trade Controls Act introduced restrictions on encryption software that could discourage the use of these tools. The new revisions have been criticized for being overly broad, with the potential to criminalize the use of encryption for teaching and research purposes, in addition to everyday use for privacy and security.[58]

The NSA surveillance revelations have further impacted the way in which Australia views its obligations around classified data. On October 1, 2014, the parliament enacted amendments to the National Security Legislation Amendment Act, including provisions that threaten journalists and whistleblowers with a ten year prison term if they publish classified information.[59] These provisions have entered into force. Other worrying provisions that will come into force in 2015 include changes to the scope of warrants. The definition of a “computer” has been broadened to allow law enforcement to access data to multiple computers connected to a network with a single warrant.

Users do not need to register to use the internet, nor are there restrictions placed on anonymous communications. The same cannot be said of mobile phone users, as verified identification information is required to purchase any prepaid mobile service. Additional personal information must be provided to the service provider before a phone may be activated. All purchase information is stored while the service remains activated, and it may be accessed by law enforcement and emergency agencies provided there is a valid warrant.[60]

Intimidation and Violence

There were no reported acts of intimidation or violence resulting from online activities during the reporting period.

Technical Attacks

Cyberattacks and hacking incidents remain a common concern in Australia. Several businesses and universities sustained denial-of-service (DoS) attacks lasting close to a week, disrupting all facets of online university research, teaching, and administration. Private corporations such as those in the mining industry continue to be attacked on a regular basis. The overall rate of cyberattacks has remained steady over the past few years.