Introduction
The 2024 independent review of Australia’s National Intelligence Community (NIC) is welcome. The work of the NIC underpins Australia’s national security objectives, including safeguarding Australia’s security, prosperity and sovereignty in an uncertain and constantly changing security environment.1 The 2024 Independent Intelligence Review (the Review) follows significant structural change since the last Independent Intelligence Review in 2017 (2017 IIR).2 Further, potentially transformative changes to the NIC are mid-implementation following the 2019 Comprehensive Review of the Legal Framework of the National Intelligence Community (the Richardson Review).3
Additionally, there are significant changes in regional and global security as well as technology advancements that are rapidly shaping the environment within which the NIC operates and engages.4 Emerging technologies are in the process of transforming our society – from digital transformation, the geopolitics of AI and the future of work5 through to the future of capitalism and open markets.6 The Review occurs in a crowded regulatory environment in Australia that is catching up to the changes emerging technologies are bringing. This includes the 2023-2030 Australian Cyber Security Strategy,7 ongoing Privacy Act reforms,8 an inquiry into AI use in the public service,9 and the Digital Platform Services Inquiry 2020–25.10
Technology policy is complex and interconnected, and emerging technologies “shape many of the contemporary security challenges Australia faces”.11 Changes in technology development, application and regulation can cause profound – and often unexpected – changes for intelligence communities. Simple policy changes in technology companies, such as those around propaganda labelling at X (formerly Twitter), can have significant impacts on state-based information activities and disinformation.12
The NIC is required to protect Australia’s security, prosperity and sovereignty in complex and changing circumstances.13 This submission predominately focuses on challenges facing the NIC as a result of emerging technologies. It draws on a range of research, including a forthcoming book, Big Data, Emerging Technologies and Intelligence: National Security Disrupted by Dr Miah Hammond-Errey (to be released in early 2024).14 The book highlights how the big data landscape – comprised of data abundance, digital connectivity and ubiquitous technology15 – is already and will continue to transform intelligence, including in the NIC, and society writ large. This big data landscape fuels emerging technologies, which are intertwined with aspects pertinent to the NIC’s ongoing function and evolution – including privacy, ethics, mis- and disinformation as well as legitimacy and trust in public institutions.
This submission is not comprehensive, as many factors relating to the implementation of the 2017 IIR and the Richardson Review have not been made public. Instead, it focuses on the following key areas relevant to assessing the current preparedness of the NIC;
- Secrecy and the declassification of intelligence
- Improving intelligence infrastructure – digital and physical
- Trust in intelligence agencies
- Partnerships and alliances
Secrecy and the declassification of intelligence
Secrecy is a key characteristic of intelligence that has long been considered one of the most central parts of intelligence activities and organisations16 and importantly, is an integral component of organisational culture.17 The big data landscape has changed the nature of privacy and secrecy, and emerging technologies clearly make it more difficult for some activities to remain secret. The past decade has seen a convergence of trends that have forced an evolution in the nature of secrecy in intelligence agencies. These trends include an increase in Open-Source Intelligence (OSINT); a rise in the need to share intelligence with new stakeholders outside of national security agencies; and the movement of national security threats and harms into society – from cyber security to election interference and disinformation.
This has resulted in a marked increase in intelligence declassification by agencies across the globe with a focus on improved transparency. Overseas, we have seen the declassification of intelligence just before the Russian invasion of Ukraine in early 2022 and the release of a declassified US intelligence community assessment concerning Russia’s activities in the 2016 US Presidential Election.18 In Australia, the AIC,19 including ASIO, played a key role in assessing Huawei's involvement in the National Broadband Network – although the contents of the assessment were not made public.20As a former Principal Deputy Director of National Intelligence summarised from the US perspective:
I think the disclosures by Edward Snowden were really significant [as they] broke open this idea that there were intelligence activities going on broadly about which the American people and our allies and partners had opinion. And we had a hard time explaining what we were doing because we were so used to never talking about it ... Move forward in time. You [have] the Ebola crisis in 2014, where the National Geospatial Intelligence Agency figures out that if it releases some of its imagery and mapping data that it can positively affect the treatment and containment of that ... taking a national security resource and making it openly available ... Then you have the Skripal incident where the intelligence community figures out that it needs to reveal that Russia used a fourth-gen nerve agent to try and assassinate somebody because otherwise we couldn’t stop the counter narrative coming forward. Then you have 2016, the Russian interference in our election, and we have to reveal that because it’s the American people that are being affected ... I think it’s just this movement of recognition that you have to be able to share some of the information to the people that are being affected in order to engender trust.
– Susan Gordon, former Principal Deputy Director of National Intelligence, for Technology and Security.21
Alongside the rise in intelligence declassifications, there has been a growing awareness and use of OSINT alongside secret or covert intelligence.22 However, the valuable, yet complex role of OSINT does not render secret intelligence less valuable or significant. In fact, an argument can be made that it increases the premium on secret collection because so much is knowable in the public domain.23 Irrespective, this debate should not be framed as mutually exclusive. The key benefits come from combining covert intelligence with open-source information.
“All secrecy is not equal, and there is a need to maintain the most important national security secrets in a world of abundant information and increased intelligence declassification.”24 It is necessary to continue to rebalance the tension between secrecy and transparency. Governments need to preserve aspects of secrecy for security, while also protecting democratic principles (such as representative, responsible, transparent and accountable government and constitutional order).25
As such, the Review should give serious consideration to ensuring the protection of current intelligence capabilities (including collection methods, sources of intelligence, data and intelligence assessments) across the NIC. It should also consider the NIC’s evolution amid future technological change and ensure alignment with broader Defence and government agencies who are increasingly involved in traditional national security activities.
The Review should further consider how to communicate both the requirement for and capability of protection mechanisms across the NIC at various classifications. It is necessary to delineate and communicate the significance of secrecy practices and trade-offs to policymakers in the context of democratic transparency.
The Review should consider making an agency, perhaps ONI, responsible for the clear designation of capabilities for collection and analysis across all NIC agencies and ensuring that government has access to voices from all NIC agencies. Often specific agencies or intelligence disciplines are disproportionally reflected in discussion.
The Review should consider how continued public releases and declassifications of intelligence fit into the broader context of the NIC’s growing public profile. The Review should consider how the intelligence community can ensure that the “gap between community expectation and intelligence capabilities does not become a gulf so far that it cannot be bridged.”26 The Review should recommend a centralised function to work collaboratively across the public-facing components of key agencies whose work relates directly to issues of transparency. This could include working with the Department of Home Affairs’ Strengthening Democracy Taskforce27 to increase trust in the institutions of democracy and ensure that the balance of secrecy and transparency is bipartisan and de-politicised. The issue of trust is explored further in the ‘Trust in intelligence agencies’ section.
The Review should also recommend building capacity and understanding within the NIC and the government of the ongoing tension between secrecy and transparency, which could be delivered through training. The Review should consider a broad range of professional education and development options for decision-makers in federal, state and territory governments.
For example, this could include adding a module on the tensions between secrecy and transparency to the ANU National Security College’s course National Security 2328 — a parliamentarian training program. Similar training should be included in state and territory legislative induction programs to build national understanding. Expanded professional development options to decision-makers and parliamentarians could also include programs on understanding and digesting intelligence product to facilitate best-practice understanding by decision-makers, particularly in a crowded, information-heavy environment. For further detail see pages 90–3 and 102–4 in Big Data, Emerging Technologies and Intelligence. Programs that look at the role of intelligence in national security decision-making would be a welcome addition to the existing research.
Improving intelligence infrastructure – digital and physical
Australia’s contemporary intelligence infrastructure — both digital and physical — is not match-fit for the present or the future. Australia needs an intelligence enterprise that can tackle the challenging missions it faces in the current and future environment. There is a key need for the NIC to improve its intelligence or information management systems and processes – especially in terms of security protocols. Similarly, particular attention must be given to building data sharing practices within, across and between NIC agencies.
The two primary methods of protecting intelligence, and information accessed through intelligence activities, are security clearances and compartmentalisation. The rise of big data is challenging these fundamental practices and raising the risks and consequences of security breaches – as the 2017 IIR recognised.29 The traditional approach of segmenting or compartmenting intelligence disciplines conducted by different agencies (such as HUMINT or SIGINT)30 and compartmenting specific ‘briefed’ groups31 risks compromising the ability of the NIC to harness the benefits of big data. By its nature, big data analytics benefit from being able to draw insights from across data sets that are as large as possible – something the compartmentalisation of information directly counters. However, combining data sets to produce large digital information holdings – particularly when paired with poor access controls and protections – increases the risk of vast amounts of sensitive information being rapidly distributed. The emergence of this risk is one enabled by the digitisation that preceded and coincides with the rise of big data.
Balancing the security of information with the effectiveness of big data and big data analytics – which has the potential to improve intelligence analysis by providing new insights – is a complex judgement that the NIC must make and constantly revise as technology and security processes evolve. This challenge is also intertwined with the ambition of building a more integrated intelligence enterprise in Australia – something that was a “central theme” of the 2017 IIR.32 Integrated digital and physical infrastructure is a core component of building collaborative inter-agency relationships and data sharing arrangements of the kind necessary to tackle the modern strategic and digital environment.
Data sharing
The balance between the security of information and big data analytics that could offer profound opportunities for intelligence is tied directly to the issue of data sharing within the NIC. There are significant structural and technical hurdles to increasing data sharing in the NIC. Not only are there foundational ICT system inefficiencies – an inability to communicate digitally across all agencies, including data sharing, email and video conferencing facilities – but AIC and NIC agencies operate at different classification and operating systems. You can see more on this in Big Data, Emerging Technologies and Intelligence (pages 106–7).
The different classification levels have different IT requirements, meaning different work must happen on different systems – and it must largely be moved manually. Identifying and addressing the appropriate mechanisms to solve some of these challenges – technical, cultural and legislative – across the NIC will be critical.
The 2017 IIR suggested that the newly created ONI would be responsible for “the development of an environment for enhanced data sharing and collaborative analysis”33 as part of its National Intelligence Enterprise Management role. The 2024 Review should assess whether ONI has delivered on this expectation and driven the necessary integration to enable data sharing, which during our research had yet to eventuate.34
In addition, the Review should prioritise completion of the 2017 IIR recommendation on upgrading ICT and data analytics capabilities. The 2017 IIR stated:
we recommend that data analytics and ICT connectivity, including the establishment of an intelligence community computing environment in which technical barriers to collaboration are minimised, be one of the highest priorities of a more structured approach to technological change and the funding of joint capabilities.35
If not yet complete, urgent prioritisation of this endeavour should be encouraged by the Review. In particular, the focus should be on improving digital information exchanges between NIC agencies (including between Top Secret and Protected) as well as facilities that enable engagement with external stakeholders such as decision-makers, policy agencies, industry and increasingly directly with media and Australians. These facilities should also have the ability to increase international engagement – enabling learning from industry best-practice whilst preserving the necessary physical security requirements.
The Review should also recommend prioritising the building and implementation of improved risk assessment capabilities and controls to ensure against significant intelligence breaches. Such efforts to improve information security would also provide assurances around privacy – that the sensitive information of Australians is held as securely as possible where collected by NIC agencies, and only accessed by those with the authority to collect, store and analyse that information. These two efforts would want to draw on the progress, best-practice and potential mistakes of our close intelligence allies through consultation – particularly the United States and the United Kingdom, as well as other Five Eyes partners.
The Review needs to pay particular attention to the differing jurisdictional authorities and legislative requirements of the NIC agencies. A data sharing agreement that included the ‘plus four’ NIC agencies that were not part of the AIC and have different legislative frameworks would need to include appropriate mechanisms that uphold the important, enduring principles of the NIC.
One potential first step that could help lead towards building out a NIC-wide data sharing architecture is building up intra-agency data sharing. This could involve building certain common frameworks for information storage and access that each agency could adopt or integrate – either using as the scaffolding for building up new data sharing structures, or to revise their existing processes. Agencies could collaborate on NIC best-practice related to the information management of different intelligence disciplines or types. This process would set the foundations for a NIC-wide data sharing agreement and environment that could then offer both robust information protection and improved big data capabilities.
The Review team should consider recommending a single, preferably sovereign, cloud service provider across the NIC, at the relevant security classifications. This would help facilitate inter-agency data sharing and consistent security standards and baselines to work from when collaborating and create collective bargaining power with providers – although security of NIC holdings should remain paramount.
The Review should also consider how the NIC’s data sharing capabilities and frameworks relate to the overseas systems of allies and partners. Ensuring that the above lines of effort are undertaken with an eye to interoperability and sharing with key allies and alliances – such as Five Eyes partners – when possible, will be important. This point addressed in further detail under the section on partnerships and alliances.
Cultural infrastructure
Workforce opportunities, retention and desired working environments are changing rapidly. Emerging technologies are altering not just the location and modes of work, but how and with whom that work is conducted – offering new opportunities for dynamic collaboration and sharing.36 However, fostering these within the closed systems that, by function, the intelligence community utilises, is a significant barrier that has consistently been identified as an inhibitor on the ability of intelligence agencies to deliver on their mission.37 Addressing this will be necessary to build the “world-class” integrated intelligence community the 2017 IIR set as a core aim.38
The Review should ensure that the working environment of the intelligence community is competitive and attractive to potential employees. This could include multi-agency classified facilities that enable security-cleared staff to work from multiple locations and cross-agency or stakeholder briefings and collaboration between larger groups.
It is necessary to create — at all classifications — multi-agency buildings that include more (and larger) meeting rooms, hot-desking capabilities, digital communications, and facilities in major cities, especially near transport hubs and where people want to live (to enable NIC employees to travel and move around and provide decision-makers with secure access to information). ASD’s REDSPICE initiative39 is an excellent start, but NIC-wide approaches require systemic cultural change — toward collaboration and innovation — and leadership.
Often, intelligence leaders and practitioners speak from experience in one or two agencies or intelligence disciplines. There appears to still be limited mobility and awareness about whole-of-community capabilities and challenges, as individuals are still compartmentalised in a way that does not encourage interdisciplinary collaboration, respect, appreciation and unity across agencies.40
The Review should recommend the facilitation of greater movement within the NIC and opportunities across government, think tanks, regulators and technology companies to understand technology challenges and be equipped to counter them. Additionally, it is important to link agencies up with each other’s information and data and foster deeper understanding — and respect for — different agency missions, cultures and functions.
The big data landscape is and will continue to impact and transform the role of the intelligence analyst in the collation and compilation of intelligence material for analysis. Within the NIC, there are a variety of schools of thought on the evolving role of the analyst in intelligence.41 While the eventual reality for analysts will vary across agencies, the approaches taken will depend on technology adoptions across the entire intelligence community and there are considerations the NIC should be encouraged to keep in mind.
The Review could consider recommending an internal review into the future role of the analyst to project and prepare the NIC for possible changes to analytical roles. This could include preparing existing analysts to work with and be supported by the capabilities that big data and emerging technologies can offer or considering where – or whether – an ‘analyst-free' model is something the NIC could incorporate in specific intelligence processes.42 Regardless, the Review should recommend the NIC ensure intelligence analysts are equipped to work with and harness the technology tools of tomorrow (and today) to produce intelligence and improve decision-making. This could be through bespoke training, potentially with external experts on key technologies, such as machine learning, that require significant expertise to design and implement.
The Review should also encourage that appropriate attention is given to the continued involvement of human analysis in providing judgement and contextualisation for intelligence processes. As technology augmented intelligence analysis develops, the specific capabilities of human analysis (including judgement, contextualisation and accountability) will be even more critical to provide robust decision support for the final intelligence product.
Trust in intelligence agencies
To date, there have been no comprehensive surveys of the Australian public’s trust in the people, activities and intelligence agencies that comprise the NIC. This is similar overseas, with comparable intelligence agencies, including in the UK, where “there are rarely any studies or opinion polls which provide quantifiable data on the decline in public confidence” or trust in intelligence institutions.43 The United Kingdom and the United States have seen some limited polls conducted, surveying the public for their opinions on intelligence agencies and activities.44 However, none have been conducted by intelligence agencies or government themselves.
As an important proxy for legitimacy in the context of national security, trust is tied to the understanding that the work of national security agencies contributes to safeguarding the national interests and lives of citizens.45 As the 2017 IIR noted, national security agencies, in completing their mission are expected to “act with propriety, legality and proportionality, are responsive to Ministerial direction and control, and are accountable for their activities”.46 Such expectations are a cornerstone of agency operations. For a detailed account of how contemporary intelligence leaders think about the role of trust in intelligence, including how it is built and maintained, please see Chapter 7 of Big Data, Emerging Technologies and Intelligence. As Unsworth notes, in “today’s world of ubiquitous technology and big data, trust is a necessary and foundational principle for the protection of personal information.”47 They go on to say, “it is especially important that we can trust that the process by which the policies are designed is transparent”.48
The reduction in individual privacy as a result of big data makes the trust citizens have in government holding their data all the more important. This is not just the case for intelligence agencies, but for all public organisations and government agencies.49
However, the question of trust is impacting different NIC agencies in varying ways. NIC leaders have noted50 that the structures of intelligence agencies shaped how those within an agency viewed trust – such as the differences between NIC and original AIC agencies. For a detailed summary please see pages 161–5 of Big Data, Emerging Technologies and Intelligence.
The Review should seriously consider how to address the tensions between the NIC and AIC agencies. This includes the purposes and missions, focus and drive of agencies, the clearances of staff and their decision-making processes. In particular, the Review should consider how to develop measures of mutual respect between all agencies and their work, assisted by mechanisms for collaboration and sharing.
NIC professionals have also expressed that even amongst AIC agencies, legitimacy and trust were viewed differently.51 Those agencies that had a foreign collection focus (ASD, ASIS and AGO) – which operate under the Intelligence Services Act 2001 and are prohibited from collecting on Australian nationals (with some exceptions by ministerial authorisation) and in Australia – engaged less on issues of domestic legitimacy. Instead, they focused more on trust in terms of intelligence collection that respects the privacy of Australians and is centred on foreign nationals and entities.52
Balancing trust, public engagement and the social contract
Given the inherent need for secrecy in the operation of intelligence agencies, there are necessary limits on what agencies can share. Resolving where these limits are, especially as the role of secrecy evolves, will be important in the context of other public engagement efforts to build trust and a continued social contract that enables the NIC to operate. The Review should consider how the NIC can build the appropriate frameworks that reflect this evolving dynamic.
Clearly, the process of building the public profile of NIC agencies through public awareness and engagement – integral to building and maintaining trust in these institutions and the social contract with the public in a digital age – are new to the NIC.
As a starting point, the Review should recommend the NIC, potentially led by ONI, commission an annual survey to gauge the level of public awareness of and trust in the NIC and its component agencies. This survey could either be kept within the NIC or publicly released and would allow the NIC to coordinate its public profile and identify areas of community concern over its role, mission or actions. This could include identifying gaps in public knowledge that are mis-representing the NIC and compromising trust in these organisations as a result. Completing such a survey on an annual or two-year basis would allow the NIC to develop an understanding of how public opinion towards and trust in the NIC is changing in the Australian public. This would support plans to improve public confidence, legitimacy and trust in NIC agencies, as well as support recruitment and retention efforts.
The Review should actively explore how to increase public trust in the NIC as a part of increasing democratic resilience and trust in institutions. Increasing two-way engagement with Australians, either directly or through representatives, is one possibility. Another is periodic reviews of public-facing material, such as on websites, that details the exact mission of respective NIC agencies – and the principles that guide them – which could ensure continued understandings of trust that reflect developments in public expectations. The Review could also consider reporting mechanisms that enable public concerns about intelligence activities, agencies or professionals to be identified and responded to quickly, transparently and accountably. Finally, the Review should explore the gaps and expanded oversight of the NIC agencies, especially those where intelligence is a part of their overall function with the relevant bodies, including the Parliamentary Joint Committee on Intelligence and Security (PJCIS), the Parliamentary Joint Committee on Law Enforcement, IGIS and the Independent National Security Legislation Monitor.
The predominant role of industry in data and analytics capabilities and intelligence, especially cyber threat collection and analysis, has led to an increase in their engagement with the NIC.53 Building on this and continuing to expand external engagement to include key stakeholders across industry, academia and society will be increasingly important for the NIC in the digital age.
Notably, as summarised earlier by former US Principal Deputy Director of National Intelligence, building trust between intelligence agencies and the public is also related to other trends – including the declassification of intelligence: “I think it’s just this movement of recognition that you have to be able to share some of the information to the people that are being affected in order to engender trust.”54 The Review should suggest that the leadership of NIC agencies continue using intelligence releases and declassifications – where appropriate – as opportunities to build trust with the Australian public and showcase their ability to deliver on their mission and protect the nation. However, the Review should also explore how the NIC can improve how it listens to the views of Australians.
Partnerships and alliances
To respond to the changing digital landscape, intelligence agencies need to build better relationships with government, industry and Australian citizens.55 NIC agencies have the opportunity to ‘bake in’ institutional and cultural approaches to build better relationships. Whilst this may seem self-evident, intelligence communities and public engagement can be inimical to each other and for some NIC members the concept remains revelatory.56 This applies both in relation to domestic Australian stakeholders and international alliances and partnerships with allies. There is a need to improve domestic stakeholder relationships and knowledge transfer with industry, allies, academia and government.57
Increases to agency capacity for two-way conversations could help improve relationships with stakeholders that may require a cultural change and specific training, especially for agencies for whom engagement outside the intelligence community is new. Additional areas for improvement include how intelligence agencies understand, relate to and access key decision-makers, get the right people in the right rooms for collaboration and manage the flow of information and intelligence.
The Review should consider how the NIC can further support DFAT activities and operations and acknowledge the role of DFAT in supporting NIC operations. Intelligence diplomacy has real potential in the current strategic environment, but not at the expense of DFAT, as many intelligence activities overseas rely on diplomatic facilities, relationships and capabilities. There are examples of closer integration between diplomatic and intelligence overseas, such as the United States’ Bureau of Intelligence and Research, which is part of the US Department of State and the US Intelligence Community.58
Establishing a unit focusing on digital experimentation, in conjunction with the National Security Science and Technology Centre, to run pilot projects that address community-wide challenges on talent, processes and technologies identified by agencies should be considered by the Review. This agency should work with a similar, recently proposed US agency,59 if established.
The Review should establish an advisory board (drawn from industry and academia) to streamline access to technical expertise for the whole of the NIC as well as oversight bodies like the IGIS and the PJCIS.
Alliances
Alliances are critical for intelligence success, but little is known publicly about them.60 Dedicated, funded research is necessary to explore ways to improve intelligence exchange, technical capacity and burden sharing as well as intelligence diplomacy in the digital era. This could explore ways to improve intelligence alliances within the Five Eyes, and with other nations such as Japan and South Korea. One avenue of delivery could be through an Australian Research Council grant managed by ONI – similar to the National Intelligence and Security Discovery Research Grants (NISDRG) Program that supports research in national security and intelligence.61
The Review should recommend that formal mechanisms are established to improve technical development and alignment in US and UK alliances and ensure integration between intelligence-led Five Eyes technical cooperation and Defence-led AUKUS advanced capability cooperation.62 These should also be – where appropriate – shared with industry in dual-use technology areas, such as AI and cyber, to ensure they have appropriate points of engagement across the defence and intelligence enterprises.
Furthermore, the Review should explore ways to improve the indigenous intelligence collection, analysis and sharing capabilities in the Pacific, perhaps exploring existing approaches such as Financial Intelligence Unit (FIU) in a box.
Summary of recommendations
Secrecy and the declassification of intelligence
The Review should:
- Seriously consider ensuring improved protection of current intelligence capabilities (including collection methods, sources of intelligence, data and intelligence assessments) across the NIC in light of increased intelligence declassification and OSINT.
- Consider how to communicate both the requirement for and capability of protection mechanisms across the NIC at various classifications.
- Consider making an agency, perhaps ONI, responsible for the clear designation of capabilities for collection and analysis across all NIC agencies and ensuring that government has access to voices from all NIC agencies.
- Consider how continued public releases and declassifications of intelligence fit into the broader context of the NIC’s growing public profile.
- Recommend a centralised function to work collaboratively across the public-facing components of key agencies whose work relates directly to issues of transparency. This could include working with the Department of Home Affairs’ Strengthening Democracy Taskforce to increase trust in the institutions of democracy and ensure that the balance of secrecy and transparency is bipartisan and de-politicised.
- Consider a broad range of professional education and development options for decision-makers in federal, state and territory governments.
- This could include adding a module on the tensions between secrecy and transparency to the ANU National Security College’s National Security 23 course — a parliamentarian training program. Similar training should be included in state and territory legislative induction programs to build national understanding.
- Expanded professional development options to decision-makers and parliamentarians could also include programs on understanding and digesting intelligence product to facilitate best-practice understanding by decision-makers, particularly in a crowded, information-heavy environment.
Improving intelligence infrastructure – digital and physical
The Review should:
- Assess whether ONI has delivered on the recommendation of the 2017 IIR to be responsible for “the development of an environment for enhanced data sharing and collaborative analysis”. If not yet completed, this should be an immediate priority.
- Particular attention should be paid to the differing jurisdictional authorities and legislative requirements of the NIC agencies. This could involve building common frameworks for information storage and access that each agency could adopt or integrate.
- Consider a single, preferably sovereign, cloud service provider across the NIC, at the relevant security classifications. This would help data sharing and consistent security standards and baselines to work from when collaborating.
- Consider the creation of facilities that enable engagement with external stakeholders such as decision-makers, policy agencies, industry and increasingly directly with media and Australians.
- Consider the creation of — at all classifications — multi-agency buildings that include more (and larger) meeting rooms, hot-desking capabilities, digital communications, and facilities in major cities, especially near transport hubs and where people want to live.
- Recommend the prioritisation of building and implementing improved risk assessment capabilities and controls to ensure against significant intelligence breaches. In doing so, it should draw on the best-practice understandings of international allies – including the United States, the United Kingdom and other Five Eyes partners.
- Suggest that the NIC’s data sharing frameworks and capabilities be constructed with consideration of interoperability with overseas intelligence partners.
- Ensure that the working environment of the intelligence community is competitive and attractive to potential employees. This could include multi-agency classified facilities that enable security-cleared staff to work from multiple locations and cross-agency or stakeholder briefings and collaboration between larger groups.
- Recommend the facilitation of greater movement within the NIC and opportunities across government, think tanks, regulators, and technology companies to understand technology challenges and be equipped to counter them.
- Commission an internal review into the future role of the analyst to prepare the NIC for possible changes to analytical roles.
- Recommend the NIC ensure intelligence analysts are equipped to work with and harness the technology tools of tomorrow (and today) to produce intelligence and improve decision-making.
- This could be through bespoke training, potentially with external experts on key technologies, such as machine learning, that require significant expertise to design and implement.
- Recommend that the NIC give appropriate attention to the continued involvement of human analysis in providing judgement and contextualisation when integrating technologies into the processes of intelligence analysis.
Trust in intelligence agencies
The Review should:
- Consider how to address the tensions between the NIC and AIC agencies. This includes the purposes and missions, focus and drive of agencies, the clearances of staff and their decision-making processes.
- This includes how to develop measures of mutual respect between all agencies and their work, assisted by mechanisms for collaboration and sharing.
- Recommend the NIC build appropriate frameworks to clearly communicate the evolving balance between the necessary secrecy in the operation of intelligence agencies and increased public engagement efforts designed to engender trust.
- Recommend the NIC, potentially led by ONI, commission an annual survey to gauge the level of public awareness of and trust in the NIC and its component agencies.
- Explore mechanisms that allow public expressions of concern over the activities of NIC agencies and personnel – possibly collated centrally by an agency or oversight body – that offers two-directional engagement with the public.
- Suggest that the leadership of NIC agencies consider using intelligence releases and declassifications – where appropriate – as opportunities to build trust with the Australian public and showcase their ability to deliver on their mission and protect the nation.
Partnerships and alliances
The Review should:
- Consider how the NIC can further support DFAT activities and operations and acknowledge the role of DFAT in supporting NIC operations. Intelligence diplomacy has real potential in the current strategic environment, but not at the expense of DFAT, as many intelligence activities overseas rely on diplomatic facilities, relationships and capabilities.
- Consider the establishment of a unit focusing on digital experimentation, in conjunction with the National Security Science and Technology Centre, to run pilot projects that address community-wide challenges on talent, processes and technologies identified by NIC agencies.
- Recommend the creation of an advisory board (drawn from industry and academia) to streamline access to technical expertise for the whole of the NIC as well as oversight bodies like the IGIS and the PJCIS.
- Recommend dedicated, funded research to explore ways to improve intelligence alliances within the Five Eyes, and with other nations such as Japan and South Korea. This could be delivered through an Australian Research Council grant managed by ONI – similar to the National Intelligence and Security Discovery Research Grants (NISDRG) Program that supports research in national security and intelligence.
- Examine options for formal mechanisms to improve technical development and alignment in US and UK alliances and ensure integration between intelligence-led Five Eyes technical cooperation and Defence-led AUKUS advanced capability cooperation.
- Explore ways to improve the indigenous intelligence collection, analysis and sharing capabilities in the Pacific, perhaps exploring existing approaches such as Financial Intelligence Unit (FIU) in a box.
Reference list
Attorney General’s Department 2023, ‘Policy 8: Sensitive and classified information’, Protective Security Policy Framework, 30 August, accessed 17 November 2023, https://www.protectivesecurity.gov.au/publications-library/policy-8-classification-system.
Australian Competition & Consumer Commission (ACCC) 2023, ‘Digital platform services inquiry 2020-25’, ACCC, accessed 17 November 2023, https://www.accc.gov.au/inquiries-and-consultations/digital-platform-services-inquiry-2020-25.
Australian Research Council 2023, ‘National Intelligence and Security Discovery Research Grants (NISDRG) Program’, Australian Government, accessed 21 November 2023, https://www.researchgrants.gov.au/grant-opportunities/nisdrg.
Australian Signals Directorate 2022, ‘REDSPICE’, Australian Government, accessed 20 November 2023, https://www.asd.gov.au/about/redspice.
Baldwin, R 2019, The globotics upheaval: globalisation, robotics and the future of work, Orion, London.
Bureau of Intelligence and Research n.d., ‘About Us – Bureau of Intelligence and Research’, U.S. Department of State, accessed 22 November 2023,https://www.state.gov/about-us-bureau-of-intelligence-and-research/.
Chesterman, S 2011, One nation under surveillance: a new social contract to defend freedom without sacrificing liberty, Oxford University Press, New York.
Department of Home Affairs 2023, ‘Strengthening Democracy Taskforce’, Department of Home Affairs, 24 July, accessed 20 November 2023, https://www.homeaffairs.gov.au/about-us/taskforces/strengthening-democracy-taskforce.
Department of Home Affairs 2023, 2023-2030 Australian Cyber Security Strategy, Commonwealth of Australia, Canberra.
Department of the Prime Minister and Cabinet 2017, 2017 Independent Intelligence Review, Commonwealth of Australia, Canberra.
Digital Transformation Agency 2023, ‘The AI in Government Taskforce: examining use and governance of AI by the APS’, Australian Government, 20 September, accessed 17 November 2023, https://www.dta.gov.au/blogs/ai-government-taskforce-examining-use-and-governance-ai-aps.
Giannini, D 2022, ‘National security school for politicians’, Canberra Times, 10 November, accessed 19 November 2023, https://www.canberratimes.com.au/story/7977259/national-security-school-for-politicians/.
Hammond-Errey, M 2022, Big data and national security: A guide for Australian policymakers, Lowy Institute, Sydney.
Hammond-Errey, M 2023a, ‘Twitter Is Becoming a Sewer of Disinformation’, Foreign Policy, 15 July, accessed at 20 November 2023, https://foreignpolicy.com/2023/07/15/elon-musk-twitter-blue-checks-verification-disinformation-propaganda-russia-china-trust-safety/.
Hammond-Errey, M 2023b, Secrecy, sovereignty and sharing: How data and emerging technologies are transforming intelligence, United States Studies Centre at the University of Sydney, Sydney.
Hammond-Errey 2023c, ’Security requires a balance of secrecy and transparency’, The Australian, 9 February, accessed 19 November 2023, https://www.theaustralian.com.au/commentary/security-requires-a-balance-of-secrecy-and-transparency/news-story/2ea6964d3197d87062c2f7a2c8a1ff33.
Hammond-Errey 2024, Big Data, Emerging Technologies and Intelligence: National Security Disrupted, Routledge, United Kingdom [forthcoming].
Hartcher, P 2021, ‘Huawei? No way! Why Australia banned the world’s biggest telecoms firm’, Sydney Morning Herald, 21 May, accessed 19 November 2023, https://www.smh.com.au/national/huawei-no-way-why-australia-banned-the-world-s-biggest-telecoms-firm-20210503-p57oc9.html.
Henderson, R 2020, Reimagining capitalism in a world on fire, PublicAffairs, New York.
Hillebrand, C & Hughes, RG 2017, ‘The Quest for a Theory of Intelligence’, in R Dover, H Dylan & MS Goodman (eds.), The Palgrave Handbook of Security, Risk and Intelligence, Palgrave Macmillan UK, London.
Horlings, T 2023, ‘Dealing with Data: Coming to Grips with the Information Age in Intelligence Studies Journals’, Intelligence and National Security, vol. 38, no. 3, pp. 447-469.
Janjeva, A, Harris, A & Byrne, J 2022, ‘The Future of Open Source Intelligence for UK National Security’, Royal United Services Institute for Defence and Security Studies, London.
Lowenthal, MM 2012, Intelligence: from secrets to policy, 5th edn, Sage/CQ Press, Los Angeles.
Lu-YueYang, M 2012, ‘Australia blocks China's Huawei from broadband tender’, Reuters, 26 March, accessed 18 November 2023, https://www.reuters.com/article/us-australia-huawei-nbn-idUSBRE82P0GA20120326.
Office of National Intelligence (ONI) 2023, ‘Agencies’, Office of National Intelligence, accessed 16 November 2023, https://www.intelligence.gov.au/about/agencies.
Omand, D 2010, Securing the state, Columbia University Press, New York.
Omand, D, Bartlett, J & Miller, C 2012b, #Intelligence, Demos, London.
Parliamentary Education Office 2023, ‘Democracy,’ Parliamentary Education Office, 19 October, accessed 17 November 2023, https://peo.gov.au/understand-our-parliament/how-parliament-works/system-of-government/democracy/.
Richardson, D 2020, Comprehensive Review of the Legal Framework of the National Intelligence Community, Commonwealth of Australia, Canberra.
Slick, S, Busby, J & Oswal, A 2021, ‘Public Attitudes on US Intelligence 2020 Final Trump-Era Survey Confirms Broad Popular Support, Reveals Opportunities for Greater Transparency’, The Chicago Council of Foreign Affairs, May, accessed 20 November 2023, https://globalaffairs.org/research/public-opinion-survey/public-attitudes -us-intelligence-2020.
Special Competitive Studies Project 2022, ‘Intelligence in An Age of Data-Driven Competition,’ Special Competitive Studies Project, October, accessed 20 November 2023, https://www.scsp.ai/2022/10/scsps-intelligence-panel-releases-interim-panel-report/.
Technology and Security 2023, audio podcast, United States Studies Centre, 24 May, https://www.ussc.edu.au/analysis/technology-and-security-ts-podcast-intelligence-ai-and-aukus-with-former-us-principal-deputy-director-of-national-intelligence-susan-gordon.
The Australian Government 2023a, Defence Strategic Review, Commonwealth of Australia, Canberra.
The Australian Government 2023b, Government response to the Privacy Act Review Report, Commonwealth of Australia, Canberra.
Unsworth, K 2016, 'The social contract and big data', Journal of lnformation Ethics, vol. 25, pp. 83-97.
US Senate Select Committee on Intelligence 2017, ‘ODNI Statement on Declassified Intelligence Community Assessment of Russian Activities and Intentions in Recent U.S. Elections’, accessed 18 November 2023, https://www.intelligence.senate.gov/hearings/open-hearing-intelligence-communitys-assessment-russian-activities-and-intentions-2016-us.
Vogel, KM, Reid, G, Kampe, C, & Jones, P 2021, ‘The impact of AI on intelligence analysis: tackling issues of collaboration, algorithmic transparency, accountability, and management’, Intelligence and National Security, vol. 36, no. 6, pp. 827–848.
YouGov 2021, ‘Trust in UK intelligence and security agencies’, The YouGov Study on Spying, 30 September, accessed 20 November 2023, https://yougov.co.uk/topics/politics/a rticles-reports/2021/09/30/part-four-trust-uk-intelligence-and-security-agenc.
Zegart, A 2023, ‘Open Secrets: Ukraine and the Next Intelligence Revolution’, Foreign Affairs, January, accessed 20 February 2023, https://www.foreignaffairs.com/world/open-secrets-ukraine-intelligence-revolution-amy-zegart.
Zuboff, S 2019, The age of surveillance capitalism: the fight for a human future at the new frontier of power, Profile Books, London.