On 28 August 2019, Australia’s Minister for Education Dan Tehan MP, announced the establishment of the Taskforce to Protect Universities from Foreign Interference (Taskforce).
The Taskforce will target four key strategic areas:
- Cybersecurity – Bolstering safeguards with respect to unauthorised access, manipulation, disruption or damage. Better managing and protecting Australian networks, and increasing capacity to respond to cyber security incidents;
- Research and intellectual property – Increasing ability to deter and detect deception, undue influence, unauthorised disclosure or disruption to research, IP and the Australian research community. At the same time balance the interest in protecting academic freedom;
- Foreign collaboration – Increasing transparency in collaboration with foreign entities, undertaking such activities with full knowledge and consent, and in a way that avoids harm to Australia’s interests; and
- Culture and communication – Educating, increasing awareness, improving research and cyber resiliency. Encouraging positive security culture through government and community engagement.
The Taskforce will include representatives from Australian universities, the Department of Education and national security organisations. The Taskforce is set to develop best-practice guidelines for dealing with foreign interference. The Government’s stated aim is to build an approach that balances national security interests relating to foreign interference, with giving universities autonomy and the freedom to expand knowledge and pursue collaboration.
Review of the Defence Trade Controls Act
The announcement comes amidst growing concerns around the targeting of research and intellectual property (IP) at Australian universities by foreign adversaries.1 In his announcement, the Minister states that the work of the Taskforce will “complement work currently underway involving Defence, other relevant agencies, universities and industry to develop practical, risk-based legislative proposals to address identified gaps in the Defence Trade Controls Act”. The Independent Review of the Defence Trade Controls Act 2012 (Cth) (Review) considered “the adequacy of both safeguards of national defence capability and its operation to prevent trade and collaboration that could advance the military capabilities of potential adversaries or see the transfer of technology that would not be in Australia’s national interests”.2 The Review made nine recommendations to address the inadequacies identified in in the legislation, including:
- developing and delivering an effective program to ensure that key sectors, including university researchers, are aware of their obligations;
- legislating to address the lack of control over the transfer of technology which, if transferred to foreign entities with interests contrary to Australia’s, could prejudice Australia’s security, defence and international relations; and
- legislating to address the inadequate control of emerging and sensitive military and dual-use technology.3
Formation of the Taskforce appears to be in response to reports of a major hack of the information systems of the Australian National University in June of this year and aims to help universities navigate new counter espionage laws put in place in 2018.
Schedule 2 of the National Security Legislation Amendment (Espionage and Foreign Interference) Act 2018 (Cth) (the Amendment Act) came into force on 29 December 2018. The amendments under Schedule 2 added a new Part 5.6 to the Criminal Code Act 1995 (Cth) (Criminal Code), replacing sections 70 and 79 of the Crimes Act 1914 (Cth). Part 5.6 introduces offences applying to Commonwealth officers and non-Commonwealth officers.
The Amendment Act introduces a range of new crimes that define and punish a range of activities including foreign interference, espionage, sabotage and treason. Some of the new offences present a particular risk to Universities and academics that accept funding from foreign sources of particular note are:
- recklessly supporting a foreign intelligence agency (section 92.8)
- recklessly funding or being funded by a foreign intelligence agency (section 92.10)
- theft of trade secrets involving a foreign government principle (section 92A.1)
- an offence by a Commonwealth Officer (a term that includes a contracted service provider under a Commonwealth contract) “causing harm to Australia’s interests” (section 122.2)
- an offence by a person receiving information from a Commonwealth officer of “communicating or dealing with information”where, amongst other things, the Communication “damages the security or defence of Australia” (section 122.4A)
Maximum prison terms for the example offences listed range from 3 to 15 years.
It appears likely that proposed amendments to the Defence Trade Controls Act 2012 (Cth) will create new rules on transfer and/or disclosure of information and outcomes arising from technology research based in Australia. Meanwhile, in connection with the recommended legislative reforms and commitment to address a “general lack of awareness” around legislative obligations in key sectors, the Taskforce seems set to produce valuable guidance for Universities and researchers that will help in navigating the new and potentially harsh regulatory environment. It is anticipated that draft guidelines will be circulated for consultation in September 2019, with finalised guidelines available by November.
1 In his speech at the National Press Club on 28 August 2019, Dan Tehan cites advice from the Australian Cyber Security Centre stating, “Universities are an attractive target given their research across a range of fields and the intellectual property this research generates. Additionally, state-sponsored cyber adversaries may use university networks as infrastructure due to their reliability and high and varied traffic, thus allowing adversaries to ‘hide in the noise'”. Read the speech.