Defence Signals Directorate

What DSD does

DSD is Australia’s national authority for signals intelligence (sigint), and for information security (infosec).

As Australia’s national authority for sigint, DSD collects foreign signals intelligence and produces and disseminates reports based on the intelligence information it collects. These reports are provided to key policymakers and select government agencies with a clear and established need to know.

In performing this function DSD must not intercept communications within the domestic Australian telecommunications network. If the collection of foreign intelligence requires such interception, this can only be conducted by ASIO under warrant authority.

DSD’s various intelligence collection and reporting activities are regulated by ministerial directions, MAs and privacy rules which are made pursuant to the ISA.

Intelligence priorities for the Australian intelligence community are established in a planning document that is endorsed and regularly reviewed by the National Security Committee of Cabinet.

DSD’s intelligence-related activities are highly sensitive and are therefore classified in the interests of national security.

The other significant function DSD performs is to provide Infosec products and services to the Australian Government and to the ADF. The underlying purpose of this function is to protect Australian official communications and information systems from unauthorised access and other potential threats.

As Australia’s infosec authority DSD also plays an important role working with industry towards the development of new cryptographic products and the evaluation of other information security products.

DSD’s infosec role is not security classified, and general information about the various infosec products and services DSD provides can be accessed via the DSD website.

Further information about DSD can be found at <http://www.dsd.gov.au>.

Significant issues

New Director DSD

As discussed in ‘The year in review – general matters’ Mr Stephen Merchant, was promoted to the position of Deputy Secretary Intelligence and Security (DepSec I&S) in the Department of Defence, and in early May 2007 the then Director DIGO, Mr Ian McKenzie was announced as Mr Merchant’s successor as Director DSD.

Support to military operations

DSD naturally devotes significant resources to meeting the needs of the ADF and the wider Defence Organisation. In the last 10 years the number and variety of ADF deployments has increased significantly. As at the completion of this reporting period up to 3500 ADF personnel were variously deployed to locations including the Solomon Islands, East Timor, Sinai, Sudan, Iraq and Afghanistan.

As can be deduced from this list, the operational environments into which our service personnel are deployed can range up to the extremely hostile.

So as to minimise the risks that the ADF deployments face and to facilitate their operational effectiveness, as well as to ensure the operations of these deployments is not compromised, DSD is being increasingly called upon to provide high-quality and timely sigint products and services to the ADF. DSD also contributes to the security of ADF missions abroad by ensuring that sensitive electronic information systems are sufficiently robust to deflect attempts at unauthorised access, compromise or disruption.

As has been the case for several years now, the number and variety of ADF deployments continues to impose significant demands on DSD. I received several briefings throughout 2006–07 on the support provided to the ADF by DSD, and a range of cognate issues. These briefings and discussions have indicated that DSD is properly focussed on delivering to the ADF the best possible service it is able to provide.

Support for counter-terrorism activities

While providing support to military operations is a critical part of DSD’s mission, it is not the only function DSD performs.

A very important focus for DSD in the current global security environment is to identify, collect and share foreign intelligence information relating to terrorism-related targets.

Obtaining and sharing information of this kind directly assists government to develop policies and plans to reduce the risks posed by these targets to Australian persons and Australian interests, both within Australia and abroad.

NSW coronial inquiry into the late Mr Brian Peters

As discussed in ‘The year in review – general matters’ chapter the NSW Coroner has been conducting an inquest into the death of Mr Brian Peters in East Timor, in October 1975.

My predecessor, Mr Blick, conducted an extensive investigation in 2000/01 into claims that intelligence information said to have been in the possession of DSD before the killings was not passed on to the Government, and that if it had been, the deaths of Mr Peters and four of his colleagues could have been averted.

While Mr Blick ultimately concluded that intelligence material meeting the above description did not exist, DSD naturally has a very considerable interest in the matters currently being inquired into by the NSW Coroner.

Although Mr Blick’s inquiry had a completely different focus to the inquest (one being focussed on whether the Australian government had forewarning and the other concerned with the circumstances of Mr Peters’ death), I have been monitoring developments in this matter.

Through out the second half of the reporting period, I sought regular updates from DSD on the progress of the inquest, and the efforts they were making to respond to requests from the Coroner.

I was satisfied, based on these briefings, that DSD was very genuine in providing materials and responding to other requests, notwithstanding the very significant costs in terms of time and resources associated with servicing the Coroner’s requirements.

Public hearings associated with the inquest concluded in June 2007, with a report of the outcome of the inquest likely to be finalised and made public in the first half of the 2007–08 reporting period.

Inspection activities

During 2007 my office undertook the following inspection activities:

reviewing all MA submissions made by DSD to the Minister for Defence
monitoring DSD reporting for compliance with the ISA and the DSD privacy rules
conducting monthly meetings with relevant DSD staff to discuss compliance, intelligence policy, and legal issues, and
visiting various DSD collection sites outside of Canberra.

Ministerial authorisations

The ISA provides a framework within which DSD can deliberately collect the foreign communications of Australians, in limited circumstances.

If DSD wishes to obtain an MA to intercept the foreign communications of an Australian person, the Director needs to satisfy the Minister for Defence that the person of interest is, or is likely to be, involved in one or more of a range of activities including:

activities that present a significant risk to a person’s safety
acting for, or behalf of a foreign power
activities that are, or are likely to be a threat to security, or
committing a serious crime.⁵⁴

In order to obtain an MA, the Director DSD provides a comprehensive written submission to the Minister in respect of each individual on which DSD wishes to produce intelligence.

My office has access to the details of every authorisation which is approved, and I and my staff review documentation for each new or renewed authorisation, usually within four weeks of the authorisation being granted.

We became aware through our various inspection activities, that differing views existed about how subsection 9(1A)(b) of the ISA should be interpreted and applied, and discussed the implications of this with various DSD seniors.

The provision in question requires that before a responsible Minister issues an MA in respect of an Australian person, the Minister needs to be satisfied of certain things. If the MA application is justified on the grounds that the subject is believed to engaged in activities that are, or are likely to be, a threat to security, the agreement of the Attorney-General must first be obtained.

A slightly more detailed discussion of this issue is provided in the DIGO chapter, but this matter was ultimately resolved by a definitive legal opinion on the subject being obtained from the Australian Government Solicitor, which is accepted by all parties with an interest in this matter.

Although it occurs relatively infrequently, DSD has a potential role to play in assisting other government authorities in respect of Australians who are overseas who get caught up in hostage situations, particularly if there is a genuine fear or apprehension about their safety.

During the course of the year, we discussed with DSD the applicability of section 9(1A) of the ISA to the communications of persons in such situations.

Spot checking of databases

As detailed in my previous annual report⁵⁵, in the first half of 2006 I had a member of my staff conduct a series of spot checks of various DSD databases to ensure that collection activities which were enabled by the granting of each MA did not exceed any limits imposed in that approval, and that such collection only occurred during the period specified in the authorisation.

These checks, which concluded in the second half of the 2006 calendar year, revealed that the requirements of each MA were being complied with.

This pilot project did reveal several data entry errors relating to expiry dates, but steps have been taken to ensure improved data integrity into the future.

I propose to conduct similar checks in the first half of 2008 to check on the efficacy of these measures.

Monthly meetings

I place great store on meeting regularly with senior level managers and desk officers, in each of the collection agencies, on a regular basis, so that we can candidly discuss issues of common interest or concern.

The style and form of these various meetings all have their genesis in the regular meetings we have been holding with DSD for very many years.

The meetings we hold with DSD usually involve a very senior DSD manager, as well as drawing staff from the compliance and reporting standards area of the Directorate, staff involved in intelligence policy issues, and DSD’s legal adviser.

These meetings typically involve broad-ranging discussion on privacy rules casework, collection priorities, ministerial authorisations, legislative and parliamentary reviews, and current legal issues, as well as any topical issues which may have featured in the media.

Any briefings I might seek on specific aspects of DSD’s work are also usually scheduled to coincide with these meetings.

I also meet with the Director DSD, either prior to, or following each monthly meeting, or in his absence, with one of the Deputy Directors.

I have been very pleased with the candour and quality of discussion in these meetings, and find them very helpful in gaining a better understanding of the important work which DSD undertakes.

Privacy rules

Section 15(1) of the ISA requires the Minister for Defence to make written rules regulating the communication and retention of intelligence information concerning Australians. The then Minister for Defence issued privacy rules to DSD in late October 2001 to coincide with the commencement of the ISA.

The DSD privacy rules enable DSD to include references to Australian persons in their reporting, in limited circumstances, so long as these references are properly justified in accordance with the privacy rules.

A fully staffed section within DSD monitors that the requirements of the privacy rules are being met. My office fulfils a similar function independently of DSD.

My staff and I engage in regular dialogue with DSD’s compliance staff on a range of issues. It is not possible to provide details of these issues in a public report, but I can say that the incidence of Australian persons being identified in DSD reporting is extremely low relative to the number of reports DSD disseminates.

It has been my experience since becoming IGIS that DSD has a strong compliance culture, and that staff across the spectrum of its activities are usually very well schooled in their legal obligations.

The leadership shown by various Directors and senior managers combined with the efforts of DSD’s compliance staff, policy advisers, legal counsel and trainers, satisfy me that notwithstanding that DSD’s work is necessarily very intrusive, privacy issues are taken very seriously.

New collection activities

In order to remain effective DSD must continually enhance its collection activities and counter threats to its capabilities.

DSD regularly informs this office of projects with these objectives and we discuss any aspects that might involve legality or propriety.

I was pleased that DSD briefed me on several such projects during the reporting period and seriously addressed the various queries which I raised.

Site visits

DSD maintains a number of facilities around Australia which are integral to its collection activities.

During the reporting period my staff visited one such facility, as well as an ADF unit whose work is very closely aligned with DSD’s mission.

Training

DSD continues to devote significant resources to delivering technical and professional training opportunities to its staff on a wide range of subject matters.

In this reporting period my office delivered 10 presentations to DSD staff on the role of my office and the principles underpinning the ISA.

Complaints and inquiries

The level of complaint about DSD is generally low because its primary business is to collect foreign sigint by technical means. Given this focus DSD’s activities are unlikely to come to the notice of or impact directly on members of the Australian public.

Appropriateness of OSA procedures/security related issues

During this reporting period I received one complaint specifically about DSD which I decided to pursue as a preliminary inquiry.

The complaint, which was from an unsuccessful applicant for a position with DSD, revolved around the appropriateness or otherwise of an Organisational Suitability Assessment (OSA) process and also raised several related security issues.

I advised the complainant at the conclusion of my inquiry, that I was satisfied that they had not been disadvantaged because of any of the factors which they had identified as purported defects.

Wider review of OSA policy and procedures

Quite unrelated to the above matter, I decided towards the end of this reporting period to initiate an ‘own motion’ inquiry into OSA policy, procedures and practices across the three AIC agencies which operate within the Department of Defence. This naturally includes DSD.

The purpose of this inquiry is to examine existing policies, procedures and practices in each of the Defence Intelligence Group intelligence agencies, to identify and consider any inconsistencies which might exist, and to comment on practice across the Group against considerations of fairness and “propriety” generally. This inquiry was on-going at the completion of the reporting period.

Matters handled administratively

In addition to this formal inquiry, I also received one other complaint about DSD which, because of its nature, I decided to handle administratively.

Footnotes
54 Section 9(1A) of the Intelligence Services Act 2001.
55 IGIS Annual Report 2005-2006, Canberra, October 2006 pp. 44-45.

content