DEFENCE SIGNALS DIRECTORATE

What DSD does

DSD’s primary function is to collect foreign signals intelligence. It produces and disseminates reports based on what it collects. These reports are provided to key policy makers, the intelligence assessment agencies, and other selected government agencies.

DSD must not intercept communications within the domestic Australian telecommunications network. If the collection of foreign intelligence requires such interception, this would be conducted by ASIO under a warrant.

Since 29 October 2001, DSD’s intelligence collection and reporting activities have been regulated by ministerial directions, ministerial authorisations and privacy rules, made pursuant to the ISA.

Intelligence priorities for the Australian intelligence community are established in a planning document that is endorsed and regularly reviewed by the National Security Committee of Cabinet.

DSD also acts as the government’s authority on matters relating to the security and integrity of information that is processed, stored or communicated by electronic means. This is commonly referred to as Information Security.

Further information about DSD can be found at, http://www.dsd.gov.au.

Significant Issues

Flood Review

DSD, like the other members of the AIC, was subjected to scrutiny by Mr Philip Flood, in the course of his Inquiry into Australian Intelligence Agencies.

After surveying DSD’s role and current activities, and examining the Directorate’s existing accountability arrangements, management structure and resourcing, Mr Flood drew the following conclusions in the report of his inquiry, which was published in July 2004:

"DSD is an impressive agency that provides a first-class Sigint capability and represents a major national security asset for Australia. Its response to regional counter-terrorism has been excellent, and its support for Australian Defence Force operations highly valued. It is producing high-quality product with strong customer satisfaction levels.” ¹⁴

Mr Flood made two specific recommendations in respect of DSD, namely:

that a periodic external review should be undertaken of its performance against high priority and enduring targets, and
the management structure of DSD should be strengthened by the creation of two additional senior executive service level positions.

Action in respect of the first of these recommendations was set in train during the reporting period, while staffing action was undertaken in fulfilment of the later recommendation.

ISLA Bill 2005

The various recommendations ﬂowing from a DPMC review, combined with several specific recommendations made by Mr Flood for amendments to the ISA, informed the development of the ISLA Bill, which was introduced into parliament on 16 June 2005.

DSD was well placed to make a significant contribution to the DPMC review and the development of the ISLA Bill. In recognition of this, and given that many of the proposed amendments will have the greatest impact on the Defence Intelligence Group of agencies (ie. DSD, DIGO and DIO), the Minister for Defence is sponsoring the Bill and steering its passage through parliament.

Inspection Activities

Shortly after I was appointed as Inspector-General, I wrote to the Director DSD setting out the range of inspection activities I planned to undertake. I wrote to the Director DSD again in December 2004, setting down the inspection activities involving DSD which I planned to undertake during the remainder of 2004–05. These activities include:

reviewing ministerial authorisations and other relevant submissions made by DSD to the Minister for Defence on a rolling basis
monitoring DSD reporting on a continuous basis for compliance with the ISA and the DSD privacy rules
conducting monthly meetings with relevant DSD staffto discuss compliance, intelligence policy, and legal issues, and
visiting each of DSD’s collection sites outside of Canberra, as opportunity permits.

The Director and I have also agreed procedures to operate should I form the view that any matter arising from an inspection needed to be brought to the attention of the Minister for Defence or the Prime Minister. No such matters arose during the reporting year.

Ministerial authorisations

The ISA provides a framework within which DSD can deliberately collect the foreign communications of Australians in certain restricted circumstances. The Minister for Defence must authorise any activity undertaken for the specific purpose, or for purposes which include the specific purpose, of producing intelligence on an Australian person.

In those cases where DSD seeks a ministerial authorisation on an Australian person, and where it is believed that the subject is, or is likely to be involved in an activity or activities that are, or are likely to be, a threat to security, the agreement of the Attorney-General must also be obtained. ¹⁵

If DSD wishes to obtain a ministerial authorisation to intercept the foreign communications of any Australian person, the Director needs to satisfy the minister that the criteria set out in the ISA for such intelligence collection will be met. To facilitate this end, DSD provides a comprehensive written submission to the minister in respect of each individual it wishes to produce intelligence on.

I have ready access to the details of every authorisation which is approved, and review the more detailed hardcopy documentation on at least a monthly basis.

Although I am not in a position to state how many authorisations are issued in any given year, readers should be assured that the numbers constitute only a very minor proportion of DSD’s overall collection activities.

I am satisfied on the basis of the material I have reviewed, and the regular discussions I have with senior DSD staff, that the decision to seek a ministerial authorisation on an Australian person is not taken lightly. I am equally satisfied that in those cases where such a decision is made the submissions which are put to the minister contain sufficient information for the minister to make a well-informed decision.

Privacy rules

The DSD privacy rules, like the almost identical ASIS privacy rules, regulate the communication of intelligence information about Australian persons collected by DSD. The DSD privacy rules were published at Annex 4 to the 2001–02 IGIS Annual Report, and can also be accessed from the DSD website at http:www.dsd.gov.au/about_dsd/ privacy_safeguards.html.

The DSD privacy rules require that DSD shall not communicate intelligence information on Australian persons unless certain strict criteria are satisfied.

DSD takes its responsibility to comply with the privacy rules seriously and has established a section within the Directorate which is dedicated to monitoring compliance and reporting standards, providing training, and liaising with customers on privacy and related issues.

In addition to DSD’s Office of Compliance and Reporting Standards, my own office has access to all DSD end product reports and all other forms of communication which may contain intelligence information relating to Australian persons. This access allows us to independently check DSD’s compliance with the privacy rules.

As intimated earlier, the proportion of such reports and messages compared to the total output of reports disseminated by DSD has traditionally been very small, and this was so again during 2004–05.

In addition to the above checking regime DSD maintains a register of every report containing intelligence information about Australian persons, to which I and my staffhave ready access. The register, amongst other things, indicates whether each reference was the result of deliberate or incidental collection. My staffand I separately crosscheck the veracity of this register by independently interrogating the DSD reports database, on a sampling basis.

My staffand I liaise directly with DSD’s compliance staffon any issues that arise in the course of these review activities. For their part, DSD’s compliance staffreadily contact my office to discuss issues in which they think I might have an interest, or upon which they are seeking an alternative viewpoint. I view this willingness of DSD staffto engage my office on these issues very positively.

Monthly meetings

I have continued the practice of my predecessor of meeting with key DSD personnel on a monthly basis. These meetings ordinarily involve several DSD senior managers, as well as stafffrom the compliance section, the intelligence policy section, and the legal adviser.

The purpose of these meetings is to enable participants to freely discuss topical issues in which my office has a direct or potential interest. These meetings typically involve broad-ranging discussion on privacy rules casework, collection priorities, ministerial authorisations, legislative and parliamentary reviews, and current legal issues. Any specific briefings I might seek are usually scheduled to coincide with these meetings.

Depending on his availability, I also met with the Director DSD, either prior to, or following each of these meetings. I have found these meetings to be very useful in gaining a fuller appreciation of DSD’s work.

Comsec monitoring

As mentioned in last year’s annual report, one section within DSD is specifically devoted to Communications Security (Comsec) monitoring. Comsec monitoring involves intercepting the communications of personnel taking part in selected Defence operations to assess how secure their communications are and, if deficiencies are identified, to instigate remedial action. Comsec monitoring is not directed against members of the public.

Comsec monitoring requires ministerial authorisation. Those whose communications are targeted must be warned in advance. Given the potential of such monitoring to intrude upon the privacy of individuals, I received bi-monthly updates on Comsec activities during the reporting period.

The Comsec monitoring section has been particularly active in the past 12 months providing coverage/support to Australian Defence Force personnel overseas, and in various training exercises.

Based on the briefings I have received, I am satisfied that the responsible staffare properly aware of their responsibilities under the ISA and discharge their duties with appropriate care.

New collection activities

DSD frequently develops new projects involving different approaches to collection of intelligence. DSD regularly informs this office of the nature of such projects and we discuss any issues that might arise concerning legality or propriety. I was briefed on a range of projects during the reporting period, and associated safeguards to ensure that the privacy of Australian persons is protected from unlawful or unreasonable intrusion.

Site visits

DSD maintains a number of facilities around Australia which are integral to its collection activities.

It is important that staff in these sometimes remote facilities know that they are governed by the same laws and guidelines as apply in DSD’s Canberra headquarters.

During the reporting period, I visited two of DSD’s more significant sites. I intend to re-visit these and other DSD sites on a periodic basis to reinforce that my remit is not limited because of geographical factors.

Training

DSD continues to devote significant resources to in-house training on the practical requirements of the ISA and the principles underpinning the application of the privacy rules.

As noted earlier in this report in relation to other agencies, I regard training and awareness as an important part of the remit of my office and as a consequence present at as many courses as possible.

Complaints and Inquiries

The level of complaint about DSD is generally low because its primary business is to collect foreign signals intelligence by technical means. As a logical consequence DSD is unlikely to come into direct contact with members of the Australian public. Notwithstanding this, my office receives a small number of complaints about DSD each year.

Two preliminary inquiries into DSD’s activities remained open at the conclusion of 2003–04, both of which were concluded early in 2004–05.

I received complaints from three other persons during 2004–05 which led to preliminary inquiries. These complaints related to security checking.

Three other persons also contacted the office about DSD but their concerns were handled without the need for inquiry action.

A summary of some of the complaints about DSD which this office dealt with during the reporting period is provided below.

Interference with personal communications

An individual wrote to me indicating that he was actively involved in regional political activities and was concerned that sensitive e-mails he had sent to a named individual on these matters were not being delivered. The complainant suggested this was being done deliberately.

The complainant subsequently provided me with some computer records which he believed substantiated his claims.

An analysis of these records did not indicate a specific or unusually concerted attack on the complainant’s computer, but suggested that the problems he had experienced were the common ones internet users face.

On the basis of my inquiries, I concluded that there was no evidence of illegality or impropriety on the part of DSD, or other members of the AIC.

Security checking

During the reporting period I received two complaints from individuals who had sought employment with DSD but were ultimately unsuccessful despite having strong claims to the positions for which they were interviewed.

In these cases, the individuals concerned were asked to submit to extensive background security checking after a conditional offer of employment was made. DSD operates in a highly secure environment and the majority of staff require high level security clearances in order to perform their duties.

In the cases in question, the complainants had been born and lived overseas for significant periods before migrating to Australia and taking out citizenship. In each instance, the vetting body which conducted the security checking procedure recommended against the granting of a security clearance because it could not satisfactorily verify the applicant’s background to the degree required.

There is provision for agencies in this situation to request the vetting agency to waive the requirement to undertake a background check on individuals with an apparently uncheckable background, but this is extremely rare, and will usually only have application to individuals with skills which are either unique or otherwise unavailable within Australia.

This circumstance did not pertain to either complainant, consequently DSD acted in accordance with the recommendation made to it by the vetting agency.

I discussed the underlying cause of these complaints with various individuals within Defence, and suggested that applicants for positions should be given clear guidance on what constitutes a checkable or uncheckable background and the vetting process in general. I also queried when in the process offers of employment (even conditional ones) should or should not be made.

Although I ultimately concluded that DSD had not acted unreasonably, it has subsequently adjusted its recruitment practices so that residency and checkable background issues are adequately addressed before any offers of employment are made.

In the case of one of the complainants, DSD also provided a formal apology for its delay in advising of its decision, which fell short of the standards of service required by the Defence Service Charter

Footnotes
14 Flood, p. 139.
15 Section 9(1A)b, Intelligence Services Act 2001.

content