QUESTIONS OF LAW RESERVED (NOS. 1 AND 2 OF 2023)

SUPREME COURT OF SOUTH AUSTRALIA

(Court of Appeal: Criminal)

QUESTIONS OF LAW RESERVED (NOS. 1 AND 2 OF 2023)

[2024] SASCA 82

Judgment of the Court of Appeal  

(The Honourable Acting Chief Justice Livesey, the Honourable Justice Doyle and the Honourable Justice David)

27 June 2024

COMMUNICATIONS LAW - SURVEILLANCE AND INTERCEPTION OF COMMUNICATIONS - INTERCEPTION AND PROHIBITION THEREOF

COMMUNICATIONS LAW - SURVEILLANCE AND INTERCEPTION OF COMMUNICATIONS - WARRANTS AND AUTHORISATIONS

COMMUNICATIONS LAW - SURVEILLANCE AND INTERCEPTION OF COMMUNICATIONS - LISTENING DEVICES AND SURVEILLANCE DEVICES

The defendants (TB and CD) are jointly charged with participating in a criminal organisation contrary to s 83E(1) of the Criminal Law Consolidation Act 1935 (SA) (Count 1) and various firearms offences contrary to the Firearms Act 2015 (SA) (Counts 2-5 and 8-15).

Six questions of law were reserved for the Court of Appeal’s determination pursuant to ss 153 and 154 of the Criminal Procedure Act 1921 (SA). Broadly speaking, the questions relate to the admissibility of evidence obtained by the Australian Federal Police (‘AFP’) of communications made through the use of an encrypted communications application called ‘AN0M’ that had been installed on a number of mobile devices. The prosecution seeks to rely upon the evidence of these communications in criminal proceedings against the defendants.

Questions 1 and 2 require consideration of whether the AFP’s conduct in obtaining evidence of the AN0M communications involved an interception of communications passing over a telecommunications system contrary to s 7(1) of the Telecommunications (Interception and Access) Act 1979 (Cth) (‘the TIA Act’), with the result that the evidence is inadmissible.

Question 3 requires consideration of whether two major controlled operation authorisations (‘MCO No 1’ and ‘MCO No 2’), which were obtained under Part IAB of the Crimes Act 1914 (Cth), and covered the AFP’s activities in relation to the AN0M application, were invalid by reason that they were predicated upon a misconstruction of the applicable statutory requirements in ss 15GI and 15GK of that Act.

Questions 4, 5 and 6 require consideration of whether certain of the offences with which the defendants have been charged are State offences having a federal aspect within the meaning of ss 4AA(1)(a), (c) and/or (d) of the Australian Federal Police Act 1979 (Cth) (‘the AFP Act’), thus excepting evidence of the communications made using the AN0M application from the general inadmissibility of protected information under s 45(3) of the Surveillance Devices Act 2004 (Cth).

Held, per the Court (Livesey A/CJ, Doyle and David JJA):

1.The use of the AN0M application and platform did not involve an interception of the AN0M communications in contravention of s 7(1) of the TIA Act.

2.The challenges to the validity of the authorisations referred to as MCO No 1 and MCO No 2 have not been made out.

3.An investigation by the AFP of the State offences the subject of Counts 1-3 and 8-14 would have been incidental to the AFP’s existing investigation of Commonwealth offences, with the result that those offences are State offences having a federal aspect under s 4AA(1)(d) of the AFP Act.

4.      The questions reserved, as set out at [379], should be answered as follows:

Question 1:     No.

Question 2:     Does not arise.

Question 3.1:  No.

Question 3.2:  No.

Question 4:     Not necessary to answer.

Question 5:     Not necessary to answer.

Question 6:     Yes.

Acts Interpretation Act 1901 (Cth) ss 2C, 15AA; Australian Federal Police Act 1979 (Cth) ss 4AA(1)(a), 4AA(1)(c), 4AA(1)(d), 4AA(2), 4AA(3), 4AA(3)(e), 4AA(3)(i), 4AA(5), 8(1)(baa); Australian Constitution ss 51(v), 51(xxix), 51(xxxix); Crimes Act 1914 (Cth) ss 3E, 15GA, 15GD, 15GH, 15HZ, 15GI, 15GK, 15GQ, 15GV; Criminal Code Act 1995 (Cth) ss 4.1(2), 11.5(1), 302.2, 307.1, 390.4, 390.6(2), 400.4, 474.14(1); Criminal Law Consolidation Act 1935 (SA) ss 83E(1), 83G, 83E; Criminal Procedure Act 1921 (SA) ss 153, 154; Crown Proceedings Act 1992 (SA) ss 9(2), 9(5); Firearms Act 2015 (SA) ss 9(1), 9(7), 29(5)(b), 31(1), 31(12), 39(1); Joint Criminal Rules 2022 (SA); Judiciary Act 1903 (Cth) s 78A; Mutual Assistance in Criminal Matters Act 1987 (Cth); Surveillance Devices Act 2004 (Cth) ss 6, 7, 44, 45(1), 45(2), 45(3), 45(4), 45(5), 45(5)(c), 45(9)(a), 65B; Telecommunications (Interception) Act 1979 (Cth); Telecommunications (Interception) Amendment Act 2006 (Cth); Telecommunications (Interception and Access) Act 1979 (Cth) ss 5(1), 5F(a), 5F(b), 5G, 5H, 6(1), 7(1), 63, referred to.
Airlines of NSW Pty Ltd v New South Wales (No 2) (1965) 113 CLR 54; Airservices Australia v Canadian Airlines (2000) 202 CLR 133; Alcan (NT) Alumina Pty Ltd v Commissioner of Territory Revenue (2009) 239 CLR 27; Attorney-General (Cth) v Huynh (2023) 97 ALJR 298; Attorney-General v Reynolds [1980] AC 637; Australian Industry Group v Automotive, Food, Metals, Engineering, Printing and Kindred Industries Union (2002) 125 FCR 529; Australian Steamships Ltd v Malcolm (1914) 19 CLR 298; Boensch v Pascoe (2019) 268 CLR 593; Bradley v Commonwealth (1973) 128 CLR 557; British Medical Association v Commonwealth (1949) 79 CLR 201; Burns v Corbett (2018) 265 CLR 304; Burton v Honan (1952) 86 CLR 169; CIC Insurance Ltd v Bankstown Football Club Ltd (1997) 187 CLR 384; CMU16 v Minister for Immigration and Border Protection (2020) 277 FCR 201; Commonwealth v Tasmania (1983) 158 CLR 1; Davis v Commonwealth (1988) 166 CLR 79; Deputy Commissioner of Taxation v Dick (2007) 226 FLR 388; Djokovic v Minister for Immigration, Citizenship, Migrant Services and Multicultural Affairs (2022) 289 FCR 21; Doyle’s Farm Produce Pty Ltd v Murray Darling Basin Authority (No 2) (2021) 106 NSWLR 41; Edelsten v Investigating Committee of NSW (1986) 7 NSWLR 222; Ellison v Sandini Pty Ltd (2018) 263 FCR 460; Furnari v Ziegert [2016] FCA 1080; Garth v The Queen (2016) 261 A Crim R 583; George v Rockett (1990) 170 CLR 104; Grannall v Marrickville Margarine Pty Ltd (1955) 93 CLR 55; Green v The Queen (1996) 124 FLR 423; Gulic v Boral Transport Ltd [2016] NSWCA 269; Holdsworth v Commissioner of Police, New South Wales Police Force [2020] NSWSC 228; Hunter Douglas Australia Pty Ltd v Perma Blinds (1970) 122 CLR 49; Jones v Commonwealth (2023) 97 ALJR 936; Lambert v Weichelt (1954) 28 ALJ 282; Le Mesurier v Connor (1929) 42 CLR 481; Lesi v Minister for Immigration and Multicultural and Indigenous Affairs (2003) 134 FCR 27; LibertyWorks Inc v Commonwealth (2021) 274 CLR 1; Macquarie Bank Ltd v Fociri Pty Ltd (1992) 27 NSWLR 203; Massoud v Nationwide News Pty Ltd (2022) 109 NSWLR 468; McKinnon v Secretary, Department of Treasury (2006) 228 CLR 423; Mineralogy Pty Ltd v Western Australia (2021) 274 CLR 219; Minister for Immigration and Multicultural Affairs v Eshetu (1999) 197 CLR 611; Morad v El-Ashey [2017] FCA 1136; Mulholland v Australian Electoral Commission (2004) 220 CLR 181; Muller v Dalgety & Co Ltd (1909) 9 CLR 693; Multicon Engineering Pty Ltd v Federal Airports Corporation (1997) 47 NSWLR 631; Mutual Pools & Staff Pty Ltd v Commonwealth (1994) 179 CLR 155; Nationwide News Pty Ltd v Wills (1992) 177 CLR 1; Nature’s Care Manufacture Pty Ltd v Australian Made Campaign Ltd (2018) 363 ALR 717; Newcastle Airport Pty Ltd v Chief Commissioner of State Revenue (2014) 99 ATR 748; New South Wales Aboriginal Land Council v Minister Administering the Crown Lands Act (2016) 260 CLR 232; Project Blue Sky Inc v Australian Broadcasting Authority (1998) 194 CLR 355; Proudfoot v Director of Public Prosecutions (Vic) (2020) 283 A Crim R 332; Re Wakim; Ex parte McNally (1999) 198 CLR 511; Richardson v Forestry Commission (1988) 164 CLR 261; R v A, B, D & C [2021] 2 WLR 1301; R v Connell; Ex parte Hetton Bellbird Collieries Ltd (1944) 69 CLR 407; R v East (2003) 13 NTLR 91; 189 FLR 118; R v Edelsten (1990) 21 NSWLR 542; R v Ellis (2001) 162 FLR 423; R v Giaccio (1997) 68 SASR 484; R v Hughes (2000) 202 CLR 535; R v Metcalfe (2018) 338 FLR 357; R v TB (No 1) [2023] SASC 45; R v TB (No 3) [2023] SASC 61; R v TB (No 5) [2023] SASC 118; R v TB (No 6) [2023] SASC 140; Saravinovski v Saravinovska [2017] NSWCA 85; Sarkis v Morrison [2013] NSWCA 281; S v Australian Crime Commission (2006) 149 FCR 361; Spence v Queensland (2019) 268 CLR 355; Stemp v Australian Glass Manufacturers Co Ltd (1917) 23 CLR 226; SZTAL v Minister for Immigration and Border Protection (2017) 262 CLR 362; Tabet v Gett (2010) 240 CLR 537; Taciak v Commissioner of Australian Federal Police (1995) 59 FCR 285; Thomas v Mowbray (2007) 233 CLR 307; Tjungarrayi v Western Australia (2019) 269 CLR 150; T v Medical Board (SA) (1992) 58 SASR 382; Victoria v Commonwealth (1975) 134 CLR 338; Victoria v Commonwealth (1996) 187 CLR 416; Violi v Berrivale Orchards Ltd (2000) 99 FCR 580; Voxson Pty Ltd v Telstra Corporation Limited (No 10) [2018] FCA 376; Wei v Minister for Immigration and Border Protection (2015) 257 CLR 22; XCIV v Australian Crime Commission (2015) 234 FCR 274; Zhang v Commissioner of the Australian Federal Police (2021) 273 CLR 216, considered.

QUESTIONS OF LAW RESERVED (NOS. 1 AND 2 OF 2023)
[2024] SASCA 82

Court of Appeal – Criminal:    Livesey A/CJ, Doyle and David JJA

1. THE COURT:  These reasons concern six questions of law reserved for this Court’s determination pursuant to ss 153 and 154 of the Criminal Procedure Act 1921 (SA). Broadly speaking, the questions relate to the admissibility of evidence obtained by the Australian Federal Police (AFP) of communications made through the use of an encrypted communications application called ‘AN0M’ that had been installed on a number of mobile devices.  The prosecution seeks to rely upon the evidence of these communications in criminal proceedings against the defendants.

2. The first three questions, which arise from two decisions of the primary judge dismissing interlocutory applications filed by the defendants, were reserved on 25 September 2023. Questions 1 and 2 require consideration of whether the AFP’s conduct in obtaining evidence of the AN0M communications involved an interception of communications passing over a telecommunications system contrary to s 7(1) of the Telecommunications (Interception and Access) Act 1979 (Cth) (TIA Act), with the result that the evidence is inadmissible.  Question 3 requires consideration of whether two major controlled operation (MCO) authorisations, which were obtained under Part IAB of the Crimes Act 1914 (Cth), and covered the AFP’s activities in relation to the AN0M application, were invalid by reason that they were predicated upon a misconstruction of the applicable statutory requirements in ss 15GI and 15GK of that Act.

3. The next three questions, which arise from a decision of the primary judge dismissing a third interlocutory application filed by the defendants, were reserved on 20 October 2023. Questions 4, 5 and 6 require determination of whether certain of the offences with which the defendants have been charged are State offences having a federal aspect within the meaning of ss 4AA(1)(a), (c) and/or (d) of the Australian Federal Police Act 1979 (Cth) (AFP Act), thus excepting evidence of the communications made using the AN0M application from the general inadmissibility of “protected information” under s 45(3) of the Surveillance Devices Act 2004 (Cth) (SD Act).

4. The Attorney-General of the Commonwealth has intervened pursuant to s 78A of the Judiciary Act 1903 (Cth), and ss 9(2) and (5) of the Crown Proceedings Act 1992 (SA). The Commonwealth directed its submissions primarily to the issues arising in respect of Questions 4, 5 and 6, although it also made some submissions in relation to Questions 1, 2 and 3. Broadly speaking, the Commonwealth’s submissions were consistent with those advanced by the prosecution.

5. These reasons are organised as follows:

   PART A:  BACKGROUND.............................................................................................. [6]

   Genesis of the AN0M platform..................................................................................... [12]

   Overview of the AN0M platform.................................................................................. [21]

   The defendants’ AN0M communications...................................................................... [25]

   Applications to exclude evidence of the AN0M communications.................................... [47]

   PART B:  INTERCEPTION OF A COMMUNICATION UNDER THE TIA ACT............. [50]

   The evidence before the primary judge......................................................................... [53]

   AOS and the AN0M application................................................................................ [61]

   Unlocking, authentication and connection................................................................. [68]

   Preparing and sending messages.............................................................................. [71]

   The iBot server........................................................................................................ [88]

   Modern application-based communications systems................................................... [96]

   The TIA Act............................................................................................................. [119]

   The provisions of Chapter 2.................................................................................... [125]

   Construing the TIA Act........................................................................................... [140]

   The parties’ contentions............................................................................................. [156]

   Alleged interception upon creation of the copy message............................................... [160]

   The primary judge’s reasons................................................................................... [162]

   Analysis................................................................................................................ [170]

   Alleged interception through the iBot server’s listening activity................................... [217]

   Alleged interception of the communications received by the iBot server....................... [223]

   Conclusion................................................................................................................ [240]

   PART C:  VALIDITY OF THE MCO AUTHORISATIONS........................................... [242]

   The authorisation of MCOs under the Crimes Act........................................................ [249]

   The defendants’ challenge to the validity of the MCO authorisations............................ [261]

   The primary judge’s reasons....................................................................................... [265]

   Analysis.................................................................................................................... [272]

   PART D:  STATE OFFENCES HAVING A FEDERAL ASPECT................................... [280]

   Legislative framework............................................................................................... [290]

   The parties’ arguments............................................................................................... [299]

   The primary judge’s reasons....................................................................................... [309]

   Section 4AA(1)(d) – incidental to investigation of Commonwealth offences................ [310]

   Section 4AA(1)(c) – involved electronic communications.......................................... [319]

   Section 4AA(1)(a) – would have been valid laws of the Commonwealth..................... [327]

   Incidental to the investigation of Commonwealth offences........................................... [337]

   A prudential approach................................................................................................ [371]

   PART E:  CONCLUSION............................................................................................. [379]

   PART A:  BACKGROUND

6. By ex officio information dated 17 November 2021, the defendants (TB and CD) were jointly charged with participating in a criminal organisation contrary to s 83E(1) of the Criminal Law Consolidation Act 1935 (SA) (CLCA) (Count 1), and with various firearms offences contrary to the Firearms Act 2015 (SA) (Counts 2-5 and 8-15).

7. The prosecution alleges that the defendants were senior members of the Comancheros Motorcycle Club, a criminal organisation.  On the prosecution case, a white Holden utility containing firearms and drugs was stored by the defendants for its safekeeping at the house of Rohan Wakefield, who was a worker or driver for the Comancheros.  It is alleged that the utility, which was used by the Comancheros for its unlawful purposes, was stored at Mr Wakefield’s house for a number of months at the direction of senior members of the Comancheros, including the defendants.  The defendants had control over access to the utility and its contents while it was stored at Mr Wakefield’s house, and directed the disposal or concealment of the firearms and drugs upon police attendance at Mr Wakefield’s house on 12 January 2020.

8. The particulars of the Count 1 offence are that the defendants supported the criminal organisation known as the Comancheros by storing and controlling access to the utility containing firearms and drugs, knowing or being reckless as to whether their participation contributed to the occurrence of any criminal activity.  The firearms offences the subject of Counts 2-5 and 8-15 are all related to the possession of firearms[1] or other prohibited items (ammunition[2] and a sound moderator[3]) located in the utility.  Counts 6 and 7 do not concern the defendants; they relate only to Mr Wakefield, who has already pleaded guilty to, and been sentenced for, the offending alleged against him.

   [1] Contrary to s 9(1) of the Firearms Act (possession of a firearm without a licence) (Counts 2, 3 and 12), s 9(7) of the Firearms Act (aggravated possession of a firearm without a licence) (Counts 8, 9, 10 and 14) and s 29(5)(b) of the Firearms Act (possession of a firearm without an identifying mark) (Counts 11 and 13).

   [2] Contrary to ss 31(1) and (12) of the Firearms Act (Counts 5 and 15).

   [3] Contrary to s 39(1) of the Firearms Act (Count 4).

9. The prosecution also seeks a declaration under s 83G of the CLCA that the Comancheros is a criminal organisation for the purposes of s 83E.

10. A central plank of the evidence to be led in respect of all Counts, and in support of the declaration under s 83G of the CLCA, is evidence in the form of electronic data relating to communications between the defendants, Mr Wakefield and other members or associates of the Comancheros. These communications are generally in the form of text messages alleged to have been written or received by the defendants using mobile devices which were enabled with a software application known as the AN0M application. The AN0M application was an encrypted communications application which was installed on mobile devices programmed and enabled for that purpose. It not only permitted communications between users of the AN0M application, but also copied those communications without the users’ knowledge. The AN0M system then operated to ensure that copies of the users’ communications were ultimately transmitted to servers at the Google data centre in Sydney, and able to be accessed by the AFP. Evidence of the AN0M communications was able to be retrieved by the AFP from these servers, pursuant to various surveillance device warrants and computer access warrants issued under the SD Act. It is this evidence which is the subject of the applications made to the primary judge and the questions reserved for this Court’s determination.

1. A second set of data relating to AN0M communications was obtained pursuant to warrants under s 3E of the Crimes Act from the same servers.  A third set of data relating to AN0M communications was obtained pursuant to a request under the Mutual Assistance in Criminal Matters Act 1987 (Cth) from the Government of the United States of America. These second and third sets of data are not the subject of the present challenges to admissibility.[4]

   [4]     R v TB (No 6) [2023] SASC 140 at [4]-[5].

   Genesis of the AN0M platform

2. The genesis of the AN0M application and system (together, the AN0M platform) was a joint operation between the Organised Crime section of the AFP and the United States Federal Bureau of Investigations (FBI), referred to as Operation Safecracking.  Operation Safecracking was aimed at an encrypted communications platform provider known as Phantom Secure.  Phantom Secure was a Canadian company which provided end-to-end encryption devices to the organised crime market. 

3. As a result of action taken in about March 2018 to shut down Phantom Secure and arrest its owner, the AFP became aware of another encrypted communications application and platform, called AN0M.  It was being developed by a person associated with Phantom Secure, referred to in these proceedings as the confidential human source (CHS).  The AFP and FBI considered that this presented an opportunity for them to obtain evidence of communications between users of the AN0M platform.  They sought to establish whether a capability could be built into the AN0M application to enable this to occur.

4. The initial stages of the operation, which became known as Operation Ironside, were led by Detective Superintendent Mansfield.  In his evidence before the primary judge, he explained that the capability sought by the AFP was developed in liaison with the CHS, and with the assistance of a person within the AFP referred to in these proceedings as covert identity number 325 (CIN325).  CIN325 was a special member of the AFP, and gave evidence before the primary judge. 

5. CIN325 worked closely with the CHS, and other software developers working with the CHS, throughout the period from about April 2018 to June 2021.  CIN325’s role was, among other things, to ensure that the AFP’s desire to obtain copies of communications was built into the functionality of the AN0M application.  After a number of months’ work, the AN0M application was successfully developed to achieve the requirements of the AFP.

6. The AFP’s conduct in relation to the AN0M platform formed part of a covert operation conducted pursuant to two MCO authorisations within the meaning of s 15GD of the Crimes Act. The first MCO was authorised by Deputy Commissioner Gaughan of the AFP on 25 September 2018.  A second MCO was authorised by Deputy Commissioner McCartney of the AFP on 25 September 2020.  The validity of the two MCO authorisations is the subject of Question 3 in these proceedings.

7. The purpose of the MCO authorisations included enabling the AFP to facilitate the distribution of AN0M-enabled mobile devices, in circumstances where it was anticipated that they would be used by people engaged in criminal activities.  AN0M-enabled devices were distributed in Australia from October 2018.  CIN325 provided them to a number of people identified by the CHS in various locations throughout Australia.  The AN0M application was first enabled for use in October 2018, and remained in use until the resolution of Operation Ironside in June 2021. 

8. The devices which were enabled and distributed were mobile phones utilising the Android operating system (AOS).  The usual features of a phone – such as the ability to make standard telephone calls, send standard messages and access the internet via standard applications – were disabled on these devices. 

9. The mobile devices were readied for the installation of the AN0M application by the end user installing Mobile Data Management (MDM) software.  This software enabled the AN0M application to be administered and managed by a system administrator.  The CHS maintained the AN0M application and managed its use via the MDM software.  The CHS was, in effect, the system administrator.

10. Having installed the software for the AN0M application on their mobile devices, users were able to send encrypted communications to other users of the AN0M application.  Only users with a device enabled in this way could communicate on the AN0M platform.

    Overview of the AN0M platform

11. By way of overview, the AN0M platform operated so that, unbeknown to the users of the AN0M application, and without their consent, communications sent from AN0M-enabled devices were copied and sent to the servers able to be accessed by the AFP.

12. More particularly, the AN0M application installed on the AN0M-enabled devices operated so that when a user (User A) composed a message (or attached a photo or voice memo) in the AN0M application, and pressed the ‘send’ icon, or activated the ‘trigger’, for the message to be transmitted to the recipient user (User B), a separate second message was created in the AN0M application.  The second message included a copy of the message from User A to User B, as well as some additional data retrieved from User A’s device for law enforcement purposes.[5] 

    [5]     Such as username, a unique message ID, the International Mobile Equipment Identity (IMEI) attached to the telecommunications device, the Mobile Country Code (if the device was using a SIM card), location data (from about April 2020), audio pitch adjustment, and quoted or forwarded messages.

13. Both messages were then encrypted and sent as separate messages over the telecommunications system via a server using the Extensible Messaging and Presence Protocol (XMPP).  As User A intended, the first message would be sent, via an XMPP server, to User B.  However, without the knowledge of Users A or B, the second message (a copy of the first message with the additional data) would be sent, via an XMPP server, to a server with the username ‘[email protected]’ (the iBot server).

14. The messages received by the iBot server were then re-transmitted to the servers in Sydney that were able to be accessed by the AFP.  The AFP obtained these messages using retrieval software, pursuant to the surveillance device warrants and computer access warrants mentioned earlier. 

    The defendants’ AN0M communications

15. We have earlier mentioned the offences alleged against the defendants.  It is convenient at this point to provide some context for the allegations made, and the AN0M communications sought to be relied upon by the prosecution. The following is based upon the primary judge’s summary of the prosecution case.[6]

    [6]     R v TB (No 3) [2023] SASC 61 at [7]-[8].

16. On 12 January 2020, South Australian police officers attended the home of Mr Wakefield in Newton.  Police told Mr Wakefield they had uncovered a clandestine laboratory in New South Wales.  On the prosecution case, CD and TB knew of, and were involved in, that laboratory.  The police then left.

17. On the prosecution case, that visit by police to the home of Mr Wakefield was the catalyst for a number of communications using the AN0M platform between Mr Wakefield, CD and TB, who realised the precautions they had taken to hide their criminal activities from law enforcement had failed. On the prosecution case, these men also considered that the police might return to search Mr Wakefield’s home. 

18. These concerns proved to be well founded.  Later that day, police attended Mr Wakefield’s home again, this time to conduct a search.  During this search, they found the firearms and other prohibited items which are the subject of the offences with which CD and TB are charged.  Within the utility, police located a handgun, a shotgun, a sound moderator and a large amount of ammunition.  CD and TB are charged with offences relating to each of these items. 

19. The utility was taken to a police compound to allow them to conduct a more thorough search.  When that search was conducted the following day, two hidden compartments were found in the wall separating the cabin from the tray – one behind the driver’s seat and one behind the passenger’s seat.  On the prosecution case, both compartments had been custom built into the utility to allow the driver to transport firearms and drugs for the Comancheros. Within the hidden compartment behind the driver’s seat, police located further items the subject of charges with respect to both defendants.  In particular, they located two further handguns, two rifles and a revolver.

20. On the prosecution case, Mr Wakefield had been storing the utility, and the firearms it contained, at the behest of CD and TB and for the Comancheros.  The defendants were aware of the firearms concealed in the hidden compartment, but Mr Wakefield was not.

21. Mr Wakefield was arrested on 12 January 2020.  He was granted bail a few days later.  Following his release, Mr Wakefield continued to use his AN0M-enabled device.  Some of these communications were with CD and TB. 

22. CD and TB were arrested in June 2021.

23. As the primary judge explained, the prosecution has not yet identified with precision the AN0M communications which it will seek to lead in evidence.  The applications before his Honour proceeded on the basis that this was not necessary given the nature of the admissibility challenges raised by the defendants.  It was sufficient for his Honour to observe that there were communications in which CD and TB were participants which commenced from 6 January 2020 and continued beyond when the first items were located, and Mr Wakefield was arrested, on 12 January 2020.

24. A bundle of the AN0M communications relied upon by the prosecution was tendered on the applications before the primary judge.[7]  A schedule of some of the more significant communications was annexed to the prosecution’s submissions before this Court.

    [7]     Exhibit VD P1.

25. It is not necessary for present purposes to do more than identify the nature of some of the communications in the prosecution schedule.  They are said to be probative of the relationship between the defendants and Mr Wakefield, of the defendants’ knowledge of the clandestine laboratory in New South Wales and the location and contents of the utility, of the defendants’ control over the utility and its contents, and of the connection between the defendants, the utility and the criminal activities of the Comancheros. 

26. The communications in the schedule commenced with several messages from Mr Wakefield to TB at 10.12 am on 12 January 2020, around the time the police first attended Mr Wakefield’s house. In the first two of the messages, Mr Wakefield said “Cops just came here saying slugs lab got taken out” and “They want me to go and listen to them”.  On the prosecution case, these messages involved reference to the clandestine laboratory that police had uncovered in New South Wales. 

27. TB almost immediately sent a text message to CD, informing him that the police had been in contact with Mr Wakefield (whom he referred to as the “adel worker”), adding “Fuck fuck fuck”.  The text messages exchanged over the next few minutes between TB and CD made reference to their concerns about the utility being at Mr Wakefield’s place, what the police might have found or been told, and the need to move the utility.  In one of the messages, CD referred to Mr Wakefield as the “driver”, and in another TB referred to the utility having “guns in it”.  In response to messages at 10.28 am from TB to CD in which he referred to the utility as “full of guns”, CD responded “Man where could we take them”.  TB and CD then exchanged several further messages in which they discussed the utility with the guns in it, and that “We can’t go get it now”.

28. At 11.17 am, Mr Wakefield sent a message to TB, apparently after the police had left, saying that he told the police that he was not saying anything without a lawyer.  TB responded by saying “You will prob get raided”, and Mr Wakefield replied “This ute can’t be here then???!!!”  TB and Mr Wakefield exchanged further messages in which they discussed doing what was necessary to get rid of certain things (referring in particular to the “ii”).  TB told Mr Wakefield to “Do what you have to man”, “Be very careful”, “They must be watching you and making things up to scare you”.  They discussed burying the guns that were in the utility, although TB said that “I don’t think I’d be able to bury them here”.

29. At 11.20 am CD sent a message to TB in relation to moving the utility (“Dude now we need rego plates for that Ute and move around corner and put dif plates we need buy plates and drive car nsw or any where”).  TB asked Mr Wakefield whether he could “get to the stuff in car?”, and to “look down street to see if any cars parked down road with someone sitting in it”.

30. TB and CD discussed getting the guns out and burying them, and after Mr Wakefield said that the police had driven off and there were no other cars around, TB instructed him to “Vac wrap them a few times and [bury] very deep”, adding that he might have cameras watching him.  Mr Wakefield responded “Alright.  I’ll see what I can do.  Gonna get rid of the ii and shit first”.  TB responded “Yep flush it”.

31. In a further exchange of messages commencing at 11.25 am, TB told CD that he had told Mr Wakefield “to flush any gear he has”, and they discussed what to do about the utility and guns.

32. In a message at 11.27 am, Mr Wakefield asked TB whether there was any way he could check if “slugs labs have been raided”, and TB said he would find out what was going on.  A few minutes later, Mr Wakefield sent TB a message saying that he “can’t really bury the guns if they are watching with cameras” and suggesting that he tell police that the utility was not his, and that he had agreed to look after it for someone but had lost their number.  After TB told him that he thought “slug” was “all good”, Mr Wakefield responded “No worries cheers, hopefully they were just trying to scare me then, fingers crossed no raid”.

33. At 1.08 pm CD sent TB a message saying “We need Ute out today and we need to use to get worm out there is enough in there to get them both machine gun pistol and sawn off”.

34. At various points during the sequence of messages summarised above, the defendants also exchanged messages with other AN0M users (alleged by the prosecution to be other members or associates of the Comancheros), keeping them apprised as to the issue that had arisen in relation to the utility and its contents.

35. It seems that police then attended Mr Wakefield’s premises again and seized the utility, because at 1.49 pm TB sent a message to another AN0M user saying “Cops just raided Adel safe house and told the guy we just busted slugs lab”.

36. As will be explained later in these reasons, the prosecution contends that the above messages go beyond mere circumstantial evidence of the alleged participation in a criminal organisation (Count 1) and possession of the firearms and other prohibited items (Counts 2-5 and 8-14), and include messages which evidence the defendants’ exercise of control over the utility and firearms constituting the offending – noting that the participation and possession alleged in Counts 1-5 and 8-14 was particularised as having occurred on 12 January 2020 at Newton.

    Applications to exclude evidence of the AN0M communications

37. In advance of trial, the defendants filed various interlocutory applications in accordance with r 39 of the Joint Criminal Rules 2022 (SA), seeking to exclude evidence of the AN0M communications.

38. Relevantly, the questions reserved for consideration by this Court relate to three interlocutory applications:

    ·an application filed on 5 December 2022 (FDN 166) which was, in essence, an application to exclude the AN0M communications on the ground that they were obtained through an unlawful interception of telecommunications contrary to the TIA Act and were hence inadmissible;

    ·an application filed on 3 February 2023 (FDN 227) which was, in essence, a challenge to the validity of the two MCO authorisations obtained by the AFP under Part IAB of the Crimes Act; and

    ·an application filed on 23 March 2023 (FDN 346) which was, in essence, an application to exclude the AN0M communications on the ground that they were “protected information” under s 44 of the SD Act and hence inadmissible at trial – the trial not being a “relevant proceeding” under s 45(5)(c) of the SD Act, with “relevant proceeding” defined in s 6 of that Act to include the prosecution of a “relevant offence”.

39. In separate judgments, the primary judge dismissed each of these applications.[8]  The questions relating to each are addressed separately in Part B (Questions 1 and 2), Part C (Question 3)  and Part D (Questions 4, 5 and 6) of the reasons which follow.

    [8]     R v TB (No 1) [2023] SASC 45, dismissing application FDN 166; R v TB (No 5) [2023] SASC 118, dismissing application FDN 227; and R v TB (No 6) [2023] SASC 140, dismissing application FDN 346.

    PART B:  INTERCEPTION OF A COMMUNICATION UNDER THE TIA ACT

40. The first two questions are in the following terms:

    Question 1

    In respect of Interlocutory Application [FDN 166] filed by the defendants on 5 December 2022, did the AN0M Application and system (together the AN0M Platform), as described in R v TB [2023] SASC 45 … involve an interception of a communication passing over a telecommunications system contrary to s 7(1) of the [TIA Act]?

    Question 2

    If the answer to Question 1 is “Yes”, is the information and records obtained as a result of that interception inadmissible at the trial of the defendants?

41. Question 1 requires consideration of whether the conduct of the AFP in obtaining evidence of the AN0M communications involved an interception under s 7(1) of the TIA Act on the basis that it involved an interception of a communication passing over a telecommunications system. As to Question 2, it is common ground that if obtaining the copy messages did involve a contravention of s 7(1), then s 63 of the TIA Act would be enlivened and mean that the evidence is inadmissible. There is no discretion.

42. In addressing the issues raised by these questions, it is appropriate to commence by examining in some greater detail the evidence as to the operation of the AN0M application and platform. We will next address the relevant provisions of the TIA Act, before then considering their application to the AFP’s conduct in obtaining evidence of the AN0M communications.

    The evidence before the primary judge

43. At the hearing before the primary judge, the prosecution relied upon a significant body of evidence in relation to the development and operation of the AN0M application and platform. 

44. We have already outlined the effect of Detective Superintendent Mansfield’s evidence as to the development of the AN0M platform. 

45. Turning to its operation, the relevant evidence included evidence in relation to the source code of the AN0M application, the iBot servers and the retrieval software.  It also included evidence as to the operation of modern communications systems, including dedicated encrypted communication applications, AOS and the telecommunications network.

46. In considering this evidence it is important to bear in mind that the issue of whether there was an unlawful interception must ultimately focus upon the terms of the statutory scheme, summarised later in these reasons.  However, as will become apparent, an understanding of the operation of the AN0M platform, and the telecommunications system through which it operated, is critical to an informed application of the legislation.

47. The prosecution relied upon the unchallenged affidavit evidence of three AFP employees working in digital evidence:

    ·Matthew Smith, who was a team leader within the AFP digital surveillance section, and had oversight of a team responsible for creating the functionality of the AFP retrieval servers and for their ongoing maintenance during the life of Operation Ironside.  His evidence included a description of the architecture of the AN0M platform.

    ·Keith Fell, who was an AFP Senior Digital Forensic Examiner.  He gave evidence of his visual examination of an AN0M configured mobile phone handset, and conducted a comparison with a standard mobile device running AOS.

    ·CIN325, who was a special member of the AFP attached to the digital surveillance collection area.  It was not suggested that CIN325 had any technical expertise in relation to the operation of the AN0M platform.  Rather, CIN325’s role was to act as a liaison between the technical and non-technical people involved in the development and maintenance of the AN0M platform.

1. The prosecution also called evidence from three independent experts:

   ·Professor Aruna Seneviratne, an expert in telecommunications networks and systems, who gave evidence about modern telecommunications networks and end system application software, including AOS.

   ·Yogeshkumar Khatri and Brett Jenkins, who are both experts in reading and writing computer programming code, and gave evidence of their examination of the AN0M source code and their opinions as to the operation of the software used by the AN0M application, iBot servers and AFP servers.

2. There was no challenge to the expertise of these witnesses.  Nor was there ultimately any significant dispute as to how the AN0M platform operated.  The area of controversy was in the application of the legislation to the operation of the AN0M platform.

3. Questions 1 and 2 fall to be determined according to the description of the AN0M platform in the primary judge’s reasons.  Consistently with this, the summary of the AN0M platform which follows borrows heavily from those reasons, but supplemented in places by aspects of the evidence emphasised in the submissions of the parties.  Whilst at times the judge’s reasons were expressed as merely summarising the evidence, it is apparent from the forensic context we have described that his Honour accepted the evidence included in his summary.  The summary which follows should be understood in the same way.

   AOS and the AN0M application

4. A computer system that connects to a network may be referred to as an end system.  Today’s mobile phone devices, commonly referred to as smartphones, are minicomputer systems and operate as end systems.[9]

   [9] Prof Seneviratne T703, affidavit [29].

5. The functionality of a mobile phone is generally located on, and controlled through, a printed circuit board known as a motherboard or mainboard.  That functionality includes the device’s processor, storage and memory.  The operation of these functions is determined through the transmission, from the software installed on the device to the motherboard, of digital signals comprising electrical signals or impulses representing instructions to perform specific tasks. The software is usually written in a higher level computer language, but converted into signals transmitted as a series of zeros and ones known as (binary) machine code.[10]

   [10]   Prof Seneviratne affidavit [67]-[68].

6. Operating systems and applications are both forms of software.[11]  Speaking generally, the operating system manages the hardware of the end system.  For example, it controls the timing and power management of the relevant device, as well as what is written to, and stored in, the memory of the device, and how data is transmitted and received via the device’s network interfaces.  The two most widely available operating systems for mobile devices are AOS (an open-source operating system developed by Google) and iOS (a proprietary operating system developed by Apple).

   [11]   Prof Seneviratne affidavit [27]-[30].

7. Applications are software programs that provide specific services to users of an end system or device.  They may be built on top of an operating system such as AOS.[12]  Examples of common application software include WhatsApp (which provides communication services) and Microsoft Word (which provides word processing services).

   [12]   Prof Seneviratne affidavit [36]-[37].

8. The operating system also enables application software to read data from the hardware or device, through specialised software such as an application programming interface (API).  An API is essentially software that allows two other software packages to speak to one another.[13]

   [13]   Mr Khatri T888-889, T897-898.

9. As mentioned, the devices distributed during Operation Ironside were mobile phones utilising AOS.  The AN0M application was installed on the devices and operated using AOS.  Its source code governed the way the application functioned.  The AN0M application had an API which allowed it to access the functionality of AOS and the mobile device on which it was installed.

10. To enable communications, the devices were connected to a telecommunications network using either a wifi or cellular data connection to the internet.  In this way, they were connected to an XMPP server, with XMPP being a protocol that enables communications through instant messaging and the ability to check users’ presence on the network.[14]  Through the use of XMPP, the AN0M application provided similar functionality to other messaging applications using that protocol, including WhatsApp.[15]  Messages or communications were able to be sent between users’ devices through the transmission of packets of data, in the form of electromagnetic energy or waves, over the telecommunications system.[16]

    Unlocking, authentication and connection

    [14]   Prof Seneviratne affidavit [55]-[58], [79]-[80].

    [15] Prof Seneviratne affidavit [92].

    [16]   Prof Seneviratne T814-815.

11. The AN0M application was hidden on the user’s mobile device, disguised as what appeared to be a standard calculator installed on the device.  It was unlocked by a user entering a unique ID number into the calculator and then holding down or ‘long pressing’ the relevant button or icon.  Once the user ID was authenticated, the AN0M application would open.[17] 

    [17]   Mr Khatri affidavit [88]-[89], T955; Mr Jenkins T1087.

12. Upon it opening, the AN0M application was designed to automatically connect to the XMPP server.  An internet connection was required for that to occur, and would ordinarily be established automatically upon the application being opened.[18] 

    [18]   Mr Khatri affidavit [90], T918, T955; Mr Jenkins T1087.

13. In order to connect to the XMPP server, the AN0M application needed to authenticate with a username and password.  The application was authenticated by the XMPP server identifying the username and password which were derived from the device’s IMEI number and a fixed string of numbers and letters. Once authenticated by the XMPP server, the application was available for use.[19]

    Preparing and sending messages

    [19]   Mr Khatri affidavit [78]-[79].

14. Users would prepare communications through the AN0M application in a way familiar to any user of a smartphone.  User A would type a message (or record a voice message, or attach a photo) and address it to User B, being the person or persons to whom User A intended to send the communication.  Once this had been done, User A would press the ‘send’ button (that is, the icon next to the field in which the message had been entered, also referred to as the ‘trigger’).

15. When User A pressed the icon in order to send the message to User B, an entirely separate copy of the message was made.[20]  Both the original message and the copy message were then sent as separate packets of data to their different destinations.

    [20]   Mr Khatri T905, T963-965.

16. On Mr Khatri’s evidence, the creation of the copy message occurred entirely within the AN0M application.[21]  To the extent that additional data was attached to the copy message, it was obtained from outside of the AN0M application, taken back into the application and then added to the copy of the message whilst it was within the application and before it left the application.[22]

    [21]   Mr Khatri T905.

    [22]   Mr Khatri T906-909.

17. The original message was sent to User B.  The copy message, on the other hand, was sent to the bot user (username ‘[email protected]’) which had been installed in the contact list of User A’s device.  The existence of the bot user, and its presence in the contacts list, was not known to users of the AN0M-enabled devices.[23]

    [23]   Mr Khatri T943-945.

18. Mr Khatri drew a distinction between the send button being pressed and the ‘send message function’ being activated,[24] albeit that the former plainly caused the latter to occur.  By reference to the source code of the AN0M application, he described the sequence of operations, not visible to the user, which occurred when the send button was pressed, and the send message function activated, in relation to a particular communication.[25]  Those operations included: performance checks to determine whether the XMPP server was online; encryption of the communication; formatting the communication in accordance with XMPP; and sending the encrypted message to AOS for transmission to the XMPP server.[26]

    [24]   Mr Khatri T908.

    [25] Mr Khatri T903, T905, affidavit [95].

    [26]   Mr Khatri T902-903, affidavit [92]-[103].

19. The encryption of the communication itself involved several steps, including: checks to determine the encryption protocol to be used; calls to the relevant code libraries to encrypt the message in the selected protocol; creation of the end-to-end encryption ‘envelope’ through the exchange of public keys; and encryption of the message based on the public key of the recipient(s).

20. Focussing upon the passing of the encrypted message from the application to AOS, Mr Khatri explained:[27]

    QWhat is the sequence of operations with respect to the message itself.  So you type in your message and you hit send.  Now what occurs.

    ASo it takes the message and it will then determine which encryption protocol it needs to use.  It will basically make those calls to those libraries, get that message encrypted in that format.  Those libraries will also ensure – I’m skipping a lot of processes along the way.  It will ensure that the encrypted envelope that we talked about, the end-to-end encryption, all of that is established.  It will go ahead, encrypt that message based upon the public key of the recipient.  Once all that is done it will eventually then hand that packet over – well, it will basically format it in the XMPP protocol manner, the way the XMPP protocol needs that to be formatted, and eventually that message packet will be sent out to the server and in order to do that it will make a call to the android operating system and say ‘Hey, take this.  Send it out to the server at this point.’ And the server will then handle you know forwarding that packet to the intended recipient.

    [27]   Mr Khatri T903.

21. Mr Khatri described AOS as providing the “doorway to the telecommunications network”.[28]

    [28]  Mr Khatri T897.

22. Mr Khatri also agreed that both the original message and copy message were created and encrypted in the AN0M application, and then sent via AOS and the XMPP server in the same way, but to their different recipients (User B and the iBot server respectively).[29]

    [29]   Mr Khatri T901-907, affidavit [19]-[24].

23. Mr Jenkins described what occurred upon User A pressing the send button in terms that were consistent with the evidence of Mr Khatri.  He said that when User A pressed the send button, the following occurred: a second or copy message was created from the same content as User A’s message to User B; additional information was obtained from sensors on the device, via AOS, to add to the copy message; the copy message was encrypted; and the copy message was sent as a separate message to the iBot server.[30]

    [30]   Mr Jenkins T1081-1083.

24. Mr Jenkins was clear in his evidence that, in accordance with the application software, the creation of the copy message, the addition of data to that message, and the encryption of both messages, all occurred within the application.[31]  He was also clear that the original and copy messages were then sent as separate messages, via AOS and the XMPP server, to their respective destinations.[32]

    [31]   Mr Jenkins T1082-1083.

    [32]   Mr Jenkins T1107-1108.

25. Mr Jenkins described the movement of the message from the application to the XMPP server, via AOS, in the following terms:[33]

    When you look at [any] application running on a network it goes – when the message is sent across the network it goes through various layers which we refer to as different transport layers on the phone.  So the phone, you have the – I’m trying to explain it carefully.  So you have the AN0M app and it’s sending a message to the XMPP server but it doesn’t do it directly.  It passes it down to another layer in the operating system, which passes it down to a layer which puts it in a packet and sends that packet across the network to the service at the other end.  So we always picture networking as being through these transport layers.  And at the bottom is a physical layer of wires that you pass through.

    [33]   Mr Jenkins T1144.

26. Mr Jenkins said that once the send button was pressed, the user could not stop what occurred, including not being able to stop either message being sent.  It was, in that sense, “an inexorable process” that occurred “largely” instantaneously.[34]  He later described it as an “integrated process”.[35] 

    [34]   Mr Jenkins T1090.

    [35]   Mr Jenkins T1121.

27. At the same time, Mr Jenkins agreed that the message created in the AN0M application by User A sat in the temporary memory of the device while it was being packaged and encrypted, and before it was passed to AOS to then be sent from the device.[36]  Mr Jenkins also said that while the AN0M application required an internet connection to ‘work’ (in the sense of sending a message to another user), it could nevertheless launch and run on the device without the device being connected to the internet.  His evidence was that if a message was ‘sent’ in this state, it would not go anywhere until a connection was established.[37]

    [36]   Mr Jenkins T1148.

    [37]   Mr Jenkins T1144, T1148.

28. Mr Khatri gave evidence to similar effect.  Earlier in his evidence, Mr Khatri had said that the AN0M application required a connection to the internet in order for it to operate in the sense of enabling messages to be sent.[38]  However, he later clarified that his understanding was that, like most messaging applications, the AN0M application nevertheless enabled a user to compose a message even when there was no internet connection (for example, if the signal dropped out).  In that scenario, if the user pressed send, the application would start to process the message into data packets in the shape or protocols necessary for transmission to the XMPP server.  However, the data representing the message would be stored on the device, in a queue, until there was an active internet connection permitting it to be sent from the device.[39]

    [38]   Mr Khatri T918, T955-956.

    [39]   Mr Khatri T972-973.

29. In this sense it would seem there is an analogy with what occurs when a user of a computer or smartphone types an email and presses send, but the device is not connected to the internet.  The data representing the email message is processed and packaged for transmission, but remains stored in the email application operating on the device; that is, sitting in the user’s outbox.  It is not able to leave the device, and travel over the telecommunications system to its intended recipient, until an internet connection is established or restored.  Once that connection is established or restored (and assuming the user has not deleted the message in the interim) the email is automatically sent.[40]

    [40]   Prof Seneviratne T768-772.

30. The silent copying and relaying of messages by the AN0M application was at times referred to in the evidence as ‘the BCC functionality’.  However, as the experts emphasised, this functionality of the AN0M application operated quite differently from the BCC functionality of emails.  In an email, a single message is sent to the server with a list of the recipients, including the BCC recipients.  The server then handles the creation and distribution of the separate copies.  However, as has been explained, in the case of the AN0M application, the separate copy message was created in the application itself, rather than at the point the original message reached the server.[41]

    The iBot server

    [41]   Mr Khatri affidavit [113], T905, T963-964; Mr Jenkins T1107-1108.

31. As explained, the copy message was sent via the XMPP server to the bot user at the iBot server.  The iBot server was installed with software, described as a “Java-based application” which could run on a computer (the iBot application).[42] 

    [42]   Mr Khatri T884, T945.

32. Mr Khatri said that the purpose of the iBot application was to connect to the XMPP server as the bot user and retrieve messages sent to it.  He explained that as soon as it logged onto the XMPP server, the iBot server would receive the messages sent to the bot user and save them into a database.[43]  He described the iBot application as an AN0M client enabled to receive and retrieve messages addressed to the iBot server and store them in a database:[44]

    … iBot is … a Java based application that … you could run on a standalone computer – not on a phone, on a computer – and it was basically an AN0M client, just like you have an AN0M client which is the app, except this is not in an app form, this is running on a computer and it would login as the bot user and it would retrieve messages.  As soon as it logged in it would get all of the messages addressed to bot, it would take those messages and put them in the database.

    [43]   Mr Khatri T945, T949.

    [44]   Mr Khatri T945.

33. Mr Khatri explained that the iBot server also operated iBot API software, a core functionality of which was to query the database in which the iBot application stored the data (representing the copy messages) in response to programmatic requests from the software operating on the AFP retrieval servers, and to then make that data available for download via a web interface.  He described the iBot API as a conduit for the flow of data between the iBot server and the servers accessible by the AFP.[45]

    [45]   Mr Khatri affidavit [207]-[242], T884, T888-889.

34. Mr Jenkins also described the function of the iBot application and what he referred to as its ‘listening activity’.  He described the iBot application as a “cut-down version of the AN0M handset software, configured only to receive and not to send or display messages … its role was to listen for, to receive, and to store XMPP messages that were addressed to the ‘bot’ account.”[46]

    [46] Mr Jenkins affidavit [20].

35. He said that the iBot application was designed to maintain a connection with the XMPP server[47] and to receive messages addressed to the bot user.[48]  The ‘push’ functionality of the iBot application worked by the bot user announcing itself online to the XMPP server, and thereafter ‘listening’ for messages addressed to it from the XMPP server.[49]  To launch and authenticate, or log in, as the bot user, a configuration file was required which would include information for the software about where to connect – such as the IP address of the XMPP server, details about encryption including the key, and a username and password.[50]

    [47]   Mr Jenkins T1072.

    [48]   Mr Jenkins T1066.

    [49]   Mr Jenkins T1067.

    [50]   Mr Jenkins T1071.

36. Mr Jenkins said that upon receipt of an encrypted message, the iBot application would decrypt the message, check to see whether it required further content to be downloaded and, if so, download that content and save it to a database on the iBot server (which he referred to as the collection server).[51]  In the opinion of Mr Jenkins, in later builds of the iBot application,[52] a process of re-encrypting the content and saving it to a database was also observed in the source code.[53]

    [51]   Mr Jenkins T1066.

    [52]   Mr Jenkins T1112.

    [53] Mr Jenkins T1067-1068; see also Mr Khatri affidavit [188].

37. Mr Jenkins said that the role of the iBot API included receiving and managing retrieval requests from the AFP servers.  It responded to requests by accessing data on the collection server database and then sending that content in an appropriate format to one of the two servers in Sydney accessible by the AFP.[54]  It was this data which the AFP then accessed through computer access warrants, and which is the subject of the present applications.

    [54]   Mr Jenkins affidavit [57], T1077-1079.

38. AN0M mobile devices were, of course, also enabled to receive messages.  Like the iBot servers, AN0M devices would listen for messages addressed to them from the XMPP server.[55]

    Modern application-based communications systems

    [55]   Mr Jenkins T1144-1145.

1. Prof Seneviratne gave evidence about the operation of communication systems, and in particular modern application-based communication systems. 

2. Prof Seneviratne described a telecommunications network as “the devices and the infrastructure that transports signals from end device to another end device.”[56] He described a ‘network’ as being split between the physical or ‘underlay’ network, and the ‘overlay’ network that sits on top of it.[57]  He explained that the underlay network is the ‘transport’ network that is provided by an operator or carrier like Telstra or Optus, and consists of software and hardware for connecting to end systems and transferring data.[58]  The overlay network includes mobile phones, desktop computers, laptops and servers, all of which may be described as end systems where data comes to rest for a time before it is processed or retransmitted.  The end system devices connect to the underlay network but, in his view, do not form part of it.[59]

   [56]   Prof Seneviratne T1010.

   [57]   Prof Seneviratne T701-T703, affidavit [61]-[64].

   [58]   Prof Seneviratne T703.

   [59]   Prof Seneviratne T702-703, affidavit [27]-[29].

3. Mr Khatri said that although he did not typically use the terminology of underlay and overlay networks, he was familiar with that terminology and that the former referred to “the telecommunications pipe … the telecommunications conduit which allows the data to flow back and forth”, whereas the latter referred to “the data at the higher layers, meaning the application itself”.[60]  In cross examination, he maintained that the AN0M platform did not itself form part of the telecommunications network but, rather, connected to the telecommunications network in order to transmit data.[61] That said, he was appropriately reluctant to provide a detailed opinion about such matters as he was not a telecommunications expert.

   [60]   Mr Khatri T900.

   [61]   Mr Khatri T916-918.

4. Turning to the operation of the AN0M platform, Prof Seneviratne said that the AN0M application was designed to be installed on a mobile phone using AOS.[62]  He explained that AOS was an ‘open source’ operating system, meaning that its source code is accessible to developers.[63]  He described AOS as managing the hardware resources and software components of an Android device, while allowing additional functionality to be developed.[64]  

   [62]   Prof Seneviratne T704‑705. 

   [63]   Prof Seneviratne T698, T699, affidavit [67]-[70]. 

   [64]   Prof Seneviratne T697. 

5. Prof Seneviratne explained that applications, including dedicated encrypted communications applications, are items of software that are not part of the operating system of a phone.  He said that applications are designed to run on top of the operating system.  He said:[65] 

   The way I describe to the students is you have a Lego base plate, which you build things on.  So you can add – the base plate is the operating system and the Lego blocks are apps which are of different colour, they can – one app can build on another app or it could be apps that just plug onto the base plate.

   [65]   Prof Seneviratne T704-705, affidavit [30]-[38]. 

6. Prof Seneviratne described AOS as providing an end system (such as an AN0M-enabled mobile device) with supportive functionality to communicate with other end systems using the same software by connecting to the underlay network.[66] 

   [66]   Prof Seneviratne T704. 

7. Prof Seneviratne explained that the operation of a ‘communications system’ involves two phases, the connection phase and the data transfer phase.[67]  He also explained that in his field of expertise, a communications system is referred to in terms of ‘layers’, defined by reference to an international standard known as the ISO reference model.[68]  The bottom ‘physical layer’ is where a communication is transmitted from one piece of hardware to another.[69] 

   [67]   Prof Seneviratne T707. 

   [68]   Prof Seneviratne T715, affidavit [17]-[26]. 

   [69]   Prof Seneviratne T715. 

8. Above this layer is the ‘data link layer’, which takes the physical connection and makes it reliable by adding extra information to the packets of data received from the physical layer, correcting for any errors that may have occurred whilst the signals were being transmitted.[70]

   [70] Prof Seneviratne affidavit [19].

9. The layer above this is the ‘network layer’, which is responsible for routing the packets of data through interconnected networks.  This is again done by adding extra information to the packets.  The most commonly used protocol for this purpose is the Internet Protocol (IP).  This protocol is used to add a unique identifier or address for the intended receiving end system, in the form of an IP address.[71]

   [71] Prof Seneviratne affidavit [20].

10. Above this layer sits the ‘transport layer’, which is responsible for the reliable delivery and receipt of packets of data sent between end users.  The most widely used transport layer protocol is the Transmission Control Protocol (TCP).  There are extensions to the TCP that provide better security.  These include the security extension referred to as Transport Layer Security (TLS).[72]

    [72] Prof Seneviratne affidavit [22].

11. The top layer, or ‘application layer’, is where a dedicated encrypted communication application like the AN0M application operates.  

12. A dedicated encrypted communications application may not use all seven layers in the ISO reference model.  However, it will use the application layer and the physical layer, along with the data link, network and transport layers.[73]  

    [73]   Prof Seneviratne T716-717. 

13. Prof Seneviratne said that the application layer is where the connection phase commences.  He described this phase as involving a ‘handshake’ that establishes the connection between two end systems (the AN0M device and the XMPP server) and that authenticates the transmitter and receiver.[74]  The data to establish the connection travels through the layers, from the application layer to the physical layer of the device, and then through the network to the recipient.  

    [74]   Prof Seneviratne T725. 

14. On Prof Seneviratne’s evidence, only the physical layer of the device forms part of the telecommunications network.  A messaging application is not part of the physical layer of the device, and is not part of the telecommunications network.  He said that in the physical layer it is necessary to have the appropriate signalling on a device to connect to the network.[75]  Prof Seneviratne explained that the signal then travels back through the layers to the application layer to signal that the connection has been made, before the data transfer phase can commence.[76] 

    [75]   Prof Seneviratne T1020. 

    [76]   Prof Seneviratne T722, T733, affidavit [12]‑[17]. 

15. Prof Seneviratne described the transfer of data using a dedicated encrypted communications application as involving a different phase from the connection phase.  He described the data transfer phase in the following way: [77] 

    So what will happen is there will be a bit of code or, as they would call, a library which will allow the data that you type on your device to be collected and encrypted.  ‘Encrypted’ means you scramble it in a way that nobody else can understand and the way you scramble it is by using a key, as they say, so you use a key to scramble the data in a specific way so that the only other person who can understand the data is a person who can get the data, put it through this process of unscrambling using the same key.  So it will get the data, encrypt it or scramble it and give it to the operating system and the way you give it to the operating system is through a specific interface, which is, in computing jargon it’s called a socket, so you actually get the data into that socket and the operating system takes over and adds some information to that data, encrypted data, that it was given and that additional information is the information that is used by the telecommunications network to route the packet to the destination. 

    [77]   Prof Seneviratne T707‑708. 

16. Thus, the encryption of the data occurs in the application on the device, within the application layer.  The encrypted message is then passed through a socket to the operating system on the device.  The operating system adds ‘control information’ to the data to route the data to the recipient’s device.[78]  This occurs in the transport layer.[79]  The data, or message, then travels through the physical layer and into the telecommunications network to the recipient.  It is not, and cannot be, decrypted until it reaches the recipient.  Once received, it is decrypted using an encryption key on the application in the receiving end device.[80]

    [78]   Prof Seneviratne T709.

    [79]   Prof Seneviratne T718-719.

    [80]   Prof Seneviratne T709-710.

17. Prof Seneviratne said that when using a dedicated encrypted communication application, TLS provides a secure ‘pipe’ from one end system to another that prevents interference in the middle of the data transfer.[81]  He explained:[82]  

    So think of it as messages being encrypted like what you write is scrambled and the pipe as being hard and so that nobody can look into it, because if you just don’t harden the pipe, people can just see what is going on. So what TLS does is hardens the pipe so that nobody can look in.

    [81]   Prof Seneviratne T720‑721. 

    [82]   Prof Seneviratne T799. 

18. The TLS is used during both the connection phase and the data transfer phase.  The type of encryption to be used in the data transfer phase is negotiated or agreed upon between the parties during the connection phase, before the data can be transferred.  The sequence was summarised by Prof Seneviratne in the following way:[83]  

    TLS has two components to it.  We talked about a handshake which establishes the secure channel to the server, XMPP server, and then actually transfer of data from the ANOM application to the XMPP, from the XMPP server to the destination.  So I'm assuming that when we run - when you say that you have started the ANOM application, the handshake process has happened and there is a TLS connection between the ANOM application and the XMPP server.  Assume that TLS connection is there, now we are entering data and whatever [User A] types will be essentially packaged into a packet and will be transferred to the TLS.  TLS happens to be within the operating system, so think of the application as running in the application layer.  TLS is the transport layer and then there is the network layer which is IP and then there is immediate access control layer and a physical layer.  So what happens is the data is given to the transport layer, the transport layer adds all the necessary control to make sure that it is secure.  It goes through the pipe and the network layer routes the data to the destination and gives it to the physical layer.  The physical layer converts it into whatever signal that it wants to and sends it through the telecommunications network. 

    [83]   Prof Seneviratne T1030‑1031. 

19. In Prof Seneviratne’s opinion there is a ‘boundary’ between an end system device and the transport network.  As to the determination of that boundary, he said:[84] 

    It’s - so it is the boundary at which your device has some control of what is happening in that cloud.  So your mobile device cannot control what is happening inside the network, it can just give your information to the operating system and it goes through the interface into the network.  So if you look at a desktop computer, that boundary would be where your desktop computer connects the internet cable, you can’t control what's beyond that, whatever is in your machine you can control.  If it’s your mobile device, once you send it to either the cellular network or wi-fi network, your device cannot control what is happening.  So the network boundary is where, once it - something leaves your network and you cannot control what is there.  What’s outside the network boundary is where you have full control, so you can - I can essentially manipulate the data as I see fit. 

    [84]   Prof Seneviratne T731‑732. 

20. Prof Seneviratne spoke of both an ‘internal boundary’ between the application and operating system of a mobile device, and a ‘physical boundary’ between the device and the network:[85]

    There is definitely a boundary.  So there is a boundary from the application to the operating system.  That’s an internal boundary.  Then there is a physical boundary from the phone to the network, whichever network that you connect.  And the reason why I say that there is a boundary within the phone, until it hits the physical layer I have full control of the data.  For example [User A] can hit the send button, I can take that data out and do something to it and retransmit it, so there is no boundary between [User A’s] application and the telecommunications system at the point where [User A] is sending the hit button.

    [85]   Prof Seneviratne T1021-1022.

21. He rejected the proposition that pressing the send button rendered such boundaries meaningless.  He explained:[86] 

    The reason is [User A] may have pressed the send button but it has even not left [User A’s] application, whatever application that may be.  The application has full control of the data that [User A] has sent.  It can send to another application which is running.  It has nothing to do with the telecommunications network. In that application I can do whatever I want and I can send it to a third application, fourth application, whatever number of applications that I want.  And then I give it to the operating system.  Right.  The operating system in itself has full control of what you do to the network.  Only when it leaves the operating system and goes into the telecommunications network do I or the person who owns the device have no control. 

    [86]   Prof Seneviratne T1022. 

22. As the primary judge observed,[87] there is no inconsistency between this evidence and the evidence of Mr Jenkins to the effect that User A was not able to stop the processes commenced by hitting the send button.  Mr Jenkins’ evidence was directed to what the human user was able to do, or more particularly, unable to do, once they had pressed send.  Prof Seneviratne’s evidence, on the other hand, related to how the application may be programmed.  That is, the programming of the application controls what occurs and, in that sense, the application has ‘full control’ of the data and there is a ‘boundary’ between it and the operating system.  AOS also has control of the data passed to it by the application as it may also be programmed to deal with that data in a particular way.  AOS only loses control when the data is passed to the network.

    [87]   R v TB (No 1) [2023] SASC 45 at [78].

23. Prof Seneviratne also said that the network was no longer involved once a communication arrived at the device of a recipient.  He said that at that point, it was no longer passing over the telecommunications system.[88]

    [88]   Prof Seneviratne T734.

    The TIA Act

24. The TIA Act recognises and protects the interest of users of the Australian telecommunications system in the privacy of the content of, and information about, their communications over that system. It does so by, amongst other things, regulating the interception of communications passing over the telecommunications system (Chapter 2), and regulating access to stored communications (Chapter 3) and telecommunications data (Chapter 4).

25. The provisions of the TIA Act regulating these matters are premised upon a recognition that the planning and carrying out of criminal activity – particularly serious and organised crime – often involves the use of telecommunications services and technology. With this in mind, the Act provides a framework for national security and law enforcement agencies to access communications and data for law enforcement and national security purposes, while at the same time striking a balance with the interest of users of the telecommunications system in the privacy of their communications.

26. As mentioned, Chapter 2 of the TIA Act regulates the interception of communications. Its primary function is to prohibit the interception of communications passing over the telecommunications system, except as authorised by the TIA Act (essentially, in limited circumstances such as a life threatening emergency, or otherwise under what is referred to as an interception warrant). We shall shortly return to the detail of the provisions of Chapter 2.

27. Chapter 3 regulates access to stored communications, being communications that are not passing over a telecommunications system, but rather held, or ‘stored’, in some way. Importantly, by reason of the definition of “stored communications” in s 5(1), the TIA Act only seeks to regulate stored communications which are held on equipment operated and possessed by a telecommunications carrier, and which can only be accessed with the assistance of that carrier. Access to these stored communications is likewise restricted to limited circumstances, or otherwise under what is referred to as a stored communications warrant.

28. Communications that are not passing over a telecommunications system, and are not “stored communications” within the meaning of s 5(1) (because they are not accessed through a telecommunications carrier), are not regulated by the TIA Act. Thus, records of communications which are, for example, stored on users’ computers or mobile devices before or after their passage over the telecommunications system, are not regulated by the TIA Act. Instead, they remain subject to general principles of lawful access including consent, general search warrants and notices to produce.[89]

    [89]   As confirmed by the Explanatory Memorandum (p 6) and Supplementary Explanatory Memorandum (p 3) to the Telecommunications (Interception) Amendment Act 2006 (Cth) (through which the provisions governing access to stored communications were introduced).

29. Chapter 4 of the TIA Act governs access to telecommunications data, being information about communications (such as the phone numbers or email addresses of participants in communications, and the time, duration and frequency of communications) or information about a service (such as the name, address or billing details of the relevant customer or subscriber), as opposed to information about the content of communications. Data of this type is often useful in criminal investigations, and the provisions of Chapter 4 recognise this both by requiring the retention of such data, and by permitting access to it by certain law enforcement agencies in defined circumstances.

    The provisions of Chapter 2

30. In considering the prohibition against the interception of communications in Chapter 2 of the TIA Act, the starting point is s 7(1). It provides:

    7Telecommunications not to be intercepted

    (1)     A person shall not:

    (a)intercept;

    (b)authorize, suffer or permit another person to intercept; or

    (c)do any act or thing that will enable him or her or another person to intercept;

    a communication passing over a telecommunications system.

31. The word “intercept” is not defined in the TIA Act, but s 6(1) addresses what is meant by the “interception of a communication passing over a telecommunications systems”:

    6Interception of a communication

    (1)     For the purposes of this Act, but subject to this section, interception of a communication passing over a telecommunications system consists of listening to or recording, by any means, such a communication in its passage over that telecommunications system without the knowledge of the person making the communication.

32. It can be seen that for there to be an “interception”, there must be a “communication” which is listened to or recorded “in its passage over the telecommunications system” and “without the knowledge of the person making the communication”. 

33. Section 5(1) of the TIA Act defines several relevant terms. “Communication” is defined as:

    communication includes conversation and a message, and any part of a conversation or message, whether:

    (a)     in the form of:

    (i)speech, music or other sounds;

    (ii)data;

    (iii)text;

    (iv)visual images, whether or not animated; or

    (v)signals; or

    (b)     in any other form or in any combination of forms.

1. Before this Court, the defendants challenge the primary judge’s conclusion that Counts 1-3 and 8-14 involved State offences having a federal aspect under s 4AA(1)(d) of the AFP Act.

2. There is no dispute that the AFP was investigating Commonwealth offences (s 4AA(1)(d)(i)). Pursuant to Operation Ironside, it was investigating the Commonwealth offences listed in the MCO authorisations. 

3. However, the defendants do not accept that s 4AA(1)(d)(ii) was made out. They do not accept that if the AFP was investigating the State offences in question, or were to investigate those offences, then that investigation would be incidental to the investigation mentioned in s 4AA(1)(d)(i).

4. In developing this argument, the defendants commenced by pointing out that the AFP were not investigating the State offences.  Rather, the AFP merely came across the AN0M communications which revealed the potential offending and then provided them to SAPOL for it to determine whether to investigate the State offences.

5. While this may be accepted, it will be recalled that the primary judge nevertheless held that s 4AA(1)(d)(ii) was satisfied on the basis that if the AFP “were to investigate the State offence[s] – that investigation … would be, incidental to the investigation mentioned in subparagraph (1)”; that is, a hypothetical investigation of the State offences by the AFP would have been incidental to the investigation it was in fact undertaking pursuant to Operation Ironside.

6. In challenging this conclusion, the defendants argue that the primary judge took an erroneously broad view of what is contemplated by the notion of the (hypothetical) investigation of State offences by the AFP being “incidental” to the AFP’s investigation for the purposes of s 4AA(1)(d)(ii) of the AFP Act. Invoking the authorities addressing the scope of the Commonwealth’s legislative powers under s 51(xxxix) of the Constitution, they argue that the hypothesised investigation of the State offences would need to be subordinate to the existing investigation in the sense of being in aid of its execution. They argue that an investigation will only be incidental to an AFP investigation where it is a necessary part of, or is essential to, that investigation.

7. The defendants argue that it is not enough that the suspected State offending was detected in the course of an existing AFP investigation. More is needed before an investigation of the suspected State offending could be said to be an incident of, or incidental to, an existing AFP investigation. It would be necessary to identify some relationship between the AFP investigation and the State offences that involved more than mere happenstance. If it were otherwise, s 4AA(1)(d) would operate to render ss 4AA(1)(a) and (c) otiose. There would be no need to identify hypothesised laws under ss 4AA(1)(a) or (c) if it was sufficient that the AFP learned of the suspected State offending during the course of an investigation of Commonwealth offending.

8. In summary, the defendants argue that s 4AA(1)(d) requires a close connection or relationship between the AFP investigation pursuant to the MCO authorisations and the State offences, and that that did not exist here.

9. The prosecution and Commonwealth, on the other hand, while accepting the relevance of considering the Commonwealth Parliament’s express incidental power under s 51(xxxix) of the Constitution, do not accept that such a close connection or relationship is required. They argue that the incidental power is not confined by necessity; rather it extends to matters attending or arising in the execution of the power under s 61 of the Constitution to execute and maintain the laws of the Commonwealth. Bearing in mind that an investigation of Commonwealth offences by the AFP involves the execution and maintenance of the AFP Act, they argue that it is sufficient for the purposes of s 4AA(1)(d)(ii) that the (hypothesised) investigation of the State offences arose in the course of the AFP’s investigation of Commonwealth offences pursuant to the MCO authorisations and Operation Ironside.

10. In addressing the parties’ arguments, we accept the relevance of their reference to authorities governing the breadth of the Commonwealth Parliament’s incidental power under s 51(xxxix) of the Constitution. It is not suggested that the relevant provisions of the SD Act were dependent for their validity upon, or otherwise required direct consideration of, this head of legislative power. The provisions of the SD Act governing the use and admissibility of intercepted communications are amply supported by the telecommunications power under s 51(v) of the Constitution. However, in articulating the breadth of the exceptions to the general prohibition upon the use and admissibility of those communications, the legislature invoked the notion of State offences with a federal aspect, as defined in the AFP Act. Accordingly, it is necessary to not only have regard to the definition of State offences with a federal aspect in s 4AA of the AFP Act, but also to interpret that definition in the context in which it appears in that Act.

11. At this point in the analysis, it becomes relevant to note that, under s 8(1)(baa) of the AFP Act, the AFP is authorised to investigate State offences that have a federal aspect. Understood in this context, it can be seen that the definition of State offences with a federal aspect in s 4AA(1) of that Act has been drafted by reference to the various heads of Commonwealth legislative power under the Constitution that might support the AFP’s investigation of State offences. It may be said that the terms and structure of s 4AA(1) indicate that it was intended to draw support for the AFP Act (and, in particular, for the AFP’s power to investigate State offences with a federal aspect under s 8(1)(baa)) from “as many heads of power as from time to time have been exercised by the Parliament to create offences against Commonwealth laws.”[198]

    [198] R v Hughes (2000) 202 CLR 535 at [40] (Gleeson CJ, Gaudron, McHugh, Gummow, Hayne and Callinan JJ); Attorney-General (Cth) v Huynh (2023) 97 ALJR 298 at [47] (Kiefel CJ, Gageler and Gleeson JJ); and in the context of a similar legislative technique, S v Australian Crime Commission (2006) 149 FCR 361 at [41] (Emmett J) and XCIV v Australian Crime Commission (2015) 234 FCR 274 at [140] (Wigney J).

12. It would seem to follow from this that the reference in s 4AA(1)(d) to an investigation of State offences that is, or would be, incidental to an AFP investigation of Commonwealth offences, is to be understood as intended to invoke the full breadth of the express incidental power under s 51(xxxix) of the Constitution.

13. Turning to the scope of that power, s 51(xxxix) of the Constitution enables the Commonwealth Parliament to make laws with respect to “matters incidental to the execution of any power vested by this Constitution … in the Government of the Commonwealth … or in any department or officer of the Commonwealth”. This extends to matters incidental to the execution of the power, vested in s 61 of the Constitution, to execute and maintain the laws of the Commonwealth. Section 51(xxxix) in this operation depends upon “a matter ‘incidental to the execution’ of an executive power of the Commonwealth”.[199] 

    [199] Davis v Commonwealth (1988) 166 CLR 79 at 111 (Brennan J).

14. In Le Mesurier v Connor,[200] Knox CJ, Rich and Dixon JJ described the express incidental power under s 51(xxxix) as extending to “something which attends or arises” in the exercise of power, distinguishing it from the implied incidental power in respect of matters incidental to the subject matter of a law.

    [200] Le Mesurier v Connor (1929) 42 CLR 481 at 497-498 (Knox CJ, Rich and Dixon JJ).

15. In Victoria v Commonwealth,[201] Jacobs J expanded upon the distinction between the express and implied incidental powers, and the breadth of the former:[202]

    Matters incidental to the execution of an executive power are not limited to matters either adjectival or ancillary to the execution of that power. That is to say the “incidental” subject matter of s 51(xxxix) may be a matter of substance and not merely a matter in aid of or procedural to the relevant substantive power itself. The latter power is contained within the grant of the substantive power itself because it is incidental to, an incident of, the subject matter of power. But a distinction must be drawn between what is incidental or incident to the subject matter of a power and what is a matter incidental to the execution of a power. Compare Le Mesurier v. Connor.[203] The distinction reflects a recognized difference in the meanings of the word “incidental”. The word may be used to describe a side occurrence which, though not essential to the main action, may be expected to arise in connexion with the main action. It may also be used to describe a side occurrence with stress on its independence of the main action. The distinction is so made in Fowler's Modern English Usage (1954 reprint), p.264, where it is also observed that a tendency has arisen to use the adjective “incident” to describe the former and "incidental" to describe the latter. Thus the Oxford Dictionary defines the adjective "incident" first as "liable or apt to befall or occur to; likely to happen; hence, naturally appertaining or attaching". On the other hand, it defines "incidental" first as "occurring or liable to occur in fortuitous or subordinate conjunction with something else of which it forms no essential part". This, it seems to me, is the distinction between the implied incidental power and the express power in s. 51(xxxix.). Whatever is incident (in the above sense) to the subject matter of power comes within the ambit of the main power. It is incident to that power in that it naturally appertains and attaches to that power. However, what is incidental to the execution of a main power includes every matter which occurs or is liable to occur in subordinate conjunction with the execution of that power, even though it forms no essential part of the main power itself. It is subordinate but just as importantly it is in conjunction. Thus a subject matter incidental to the execution of a power may have a wider ambit than the power implied in respect of the incidents of a subject matter of power. It is itself a subject of legislative power (per Dixon J in British Medical Association v. The Commonwealth[204]) and that is so even though it only exists in subordinate conjunction with the execution of a main power. Whether or not a particular expenditure or proposed expenditure which does not fall within any particular subject matter of power nevertheless falls within this incidental power will depend on the facts and circumstances surrounding that proposed expenditure. Often it will be a matter of degree. Cf. Burton v. Honan.[205]

    [201] Victoria v Commonwealth (1975) 134 CLR 338.

    [202] Victoria v Commonwealth (1975) 134 CLR 338 at 413-414 (Jacobs J).

    [203] (1929) 42 CLR 481 at 497.

    [204] (1949) 79 CLR 201 at 274.

    [205] (1952) 86 CLR 169 at 179.

16. Similarly, in Davis v Commonwealth,[206] Brennan J referred with support to the observations of Knox CJ, Rich and Dixon JJ in Le Mesurier v Connor in relation to the distinction between the express and implied incidental powers, and the scope of the former. His Honour said that “[t]he scope of the legislative power conferred by s 51(xxxix) in conjunction with s 61 depends on what the Executive Government has done or intends to do in execution of its power”, but extends to “a matter attending or arising in the execution of the executive power”.[207]

    [206] Davis v Commonwealth (1988) 166 CLR 79.

    [207] Davis v Commonwealth (1988) 166 CLR 79 at 111-112 (Brennan J).

17. In the same case, Mason CJ, Deane and Gaudron JJ described s 51(xxxix) as enabling Parliament to legislate “in aid of an exercise of the executive power.”[208] This description of s 51(xxxix) was adopted by Gleeson CJ, Gaudron, McHugh, Gummow, Hayne and Callinan JJ in R v Hughes.[209]

    [208] Davis v Commonwealth (1988) 166 CLR 79 at 95 (Mason CJ, Deane and Gaudron JJ).

    [209] R v Hughes (2000) 202 CLR 535 at [39] (Gleeson CJ, Gaudron, McHugh, Gummow, Hayne and Callinan JJ).

18. Understood in this way, the scope of the express incidental power may be seen as both narrower and broader than the implied incidental power in respect of the Commonwealth’s various other heads of legislative power.  It is narrower in the sense that it fixes only upon the execution of power, here executive power.  However, it is broader in that it extends to all matters attending or arising in the exercise of that power, or at least in aid of those powers.  Unlike the implied incidental power, it is not confined to matters incidental, in the sense of necessary for, or conducive to the success of, the exercise of federal legislative power in relation to a subject matter that is within power.

19. While relying principally upon the authorities governing the scope of the express incidental power, the prosecution and Commonwealth also argued that s 4AA(1)(d) might in addition, or perhaps in the alternative, reflect an intention to draw support for the authorisation of power in s 8(1)(baa) from the implied incidental power.

20. To the extent that the s 4AA(1)(d) reference to “incidental” might be said to be supported by, and hence informed by, the implied incidental power, it is relevant to observe that that power has been formulated in terms which include use of the word “necessary”. For example, in Grannall v Marrickville Margarine Pty Ltd,[210] Dixon CJ, McTiernan, Webb and Kitto JJ described the implied incidental power in the following terms:[211]

    In the next place, every legislative power carries with it authority to legislate in relation to acts, matters and things the control of which is found necessary to effectuate its main purpose, and thus carries with it power to make laws governing or affecting many matters that are incidental or ancillary to the subject matter.

    [210] Grannall v Marrickville Margarine Pty Ltd (1955) 93 CLR 55.

    [211] Grannall v Marrickville Margarine Pty Ltd (1955) 93 CLR 55 at 77 (Dixon CJ, McTiernan, Webb and Kitto JJ); quoted in Spence v Queensland (2019) 268 CLR 355 at [53] (Kiefel CJ, Bell, Gageler and Keane JJ).

21. Similarly, in Burton v Honan,[212] Dixon CJ said that “everything which is incidental to the main purpose of a power is contained within the power itself so that it extends to matters which are necessary for the reasonable fulfillment of the legislative power over the subject matter”.

    [212] Burton v Honan (1952) 86 CLR 169 at 177 (Dixon CJ).

22. However, the authorities have emphasised that the use of the word “necessary” in this context is not to be read as unduly narrowing the implied incidental power.  For example, in Nationwide News Pty Ltd v Wills,[213] Mason CJ referred to formulations of that power using the word “necessary”, and explained:[214]

    The second difficulty which arises from the formulations already quoted is to be found in the use of the word “necessary”.  If one thing emerges clearly from the decisions of this Court it is that, to bring a law within the reach of the incidental scope of a power, it is enough that the provision is appropriate to effectuate the exercise of the power; one is not confined to what is necessary for the effective exercise of the power.

    [213] Nationwide News Pty Ltd v Wills (1992) 177 CLR 1.

    [214] Nationwide News Pty Ltd v Wills (1992) 177 CLR 1 at 27 (Mason CJ); subsequently quoted in Mutual Pools & Staff Pty Ltd v Commonwealth (1994) 179 CLR 155 at 179 (Brennan J), Airservices Australia v Canadian Airlines (2000) 202 CLR 133 at [343] (McHugh J) and Burns v Corbett (2018) 265 CLR 304 at [127] (Nettle J).

23. Various other formulations of the scope of the implied incidental power have been offered in the authorities.  For example, it has been held that it extends to a provision if it is “conducive to the success” of the main legislation,[215] or “reasonably necessary to carry [the relevant head of power] into effect”.[216]  It has also been said that the implied incidental power is “in aid of”[217] or “appendant to”[218] the main power.  In Mulholland v Australian Electoral Commission,[219] Gleeson CJ observed that the word “necessary” has “different shades of meaning” and that “[t]here is, in Australia, a long history of judicial and legislative use of the term ‘necessary’, not as meaning essential or indispensable, but as meaning reasonably and appropriately adapted”.

    [215] Re Wakim; Ex parte McNally (1999) 198 CLR 511 at [122] (Gummow and Hayne JJ); Stemp v Australian Glass Manufacturers Co Ltd (1917) 23 CLR 226 at 235 (Barton ACJ).

    [216] Victoria v Commonwealth (1975) 134 CLR 338 at 631 (Williams J).

    [217] Victoria v Commonwealth (1975) 134 CLR 338 at 414 (Jacobs J).

    [218] Australian Steamships Ltd v Malcolm (1914) 19 CLR 298 at 308 (Griffith CJ).

    [219] Mulholland v Australian Electoral Commission (2004) 220 CLR 181 at [39] (Gleeson CJ); referred to with approval in Jones v Commonwealth (2023) 97 ALJR 936 at [42] (Kiefel CJ, Gageler, Gleeson and Jagot JJ); see also Thomas v Mowbray (2007) 233 CLR 307 at [19] (Gleeson CJ), [101]-[103] (Gummow and Crennan JJ), [489]-[490] (Hayne J).

24. Based upon the above, we would construe the reference in s 4AA(1)(d) of the AFP Act to an investigation of State offences that is, or would be, “incidental” to the AFP’s investigation of Commonwealth offences broadly, and as drawing upon the authorities in relation to the express incidental power under s 51(xxxix) of the Constitution. Whilst the primary judge relied essentially upon the ordinary meaning of the word “incidental”, rather than drawing expressly upon the authorities governing the scope of the express incidental power under s 51(xxxix) of the Constitution, we do not think there is any material difference between his Honour’s approach and the meaning we would give “incidental” in s 4AA(1)(d) of the AFP Act.

25. In our view, while the hypothesised investigation of State offences would need to have some connection to the AFP’s existing investigation of Commonwealth offences, we do not think that s 4AA(1)(d) requires much more than that the occasion for the hypothesised investigation arose in the course of the existing investigation. We do not think that s 4AA(1)(d) requires much more than that the evidence or suspicion of the commission of the State offences to be investigated arose in the course of the AFP’s investigation of Commonwealth offences. It may be that there would need to be some connection or link between the facts or subject matter of the existing AFP investigation and the State offences to be investigated. So an AFP investigation into organised crime involving drugs and money laundering may not be sufficient to justify an “incidental” investigation of the suspicion of some entirely unrelated instance of, say, sexual offending. However, we do not think anything more than some connection or link between the facts or subject matter would be required. An AFP investigation of State offences in these circumstances would be in subordinate conjunction to the existing AFP investigation of Commonwealth offences.

26. Construing “incidental” as it appears in s 4AA(1)(d) in this broad way would not render ss 4AA(1)(a) and (c) otiose. Unlike s 4AA(1)(d), those limbs of the definition of a State offence having a federal aspect do not require an existing AFP investigation. Further, and in any event, in circumstances where the structure and terms of s 4AA(1) evince an intention to draw support from all of the available and potentially relevant heads of Commonwealth legislative power under the Constitution, it is unsurprising that there would be significant overlap between the scope of the various limbs of the definition.

27. On this broad view, s 4AA(1)(d) was plainly satisfied. The AFP investigation of Commonwealth offences pursuant to Operation Ironside related to potential offending by participants in organised crime involving the importation and trafficking of controlled drugs and money laundering. We have set out earlier in these reasons the list of Commonwealth offences listed in the MCO authorisations, and it is accepted that this reflected the scope of the investigation in fact being undertaken by the AFP when it came across the AN0M communications. It was also accepted that the AFP investigation related to the potential criminal activities of the Comancheros, and indeed the defendants (as members of the Comancheros and users of the AN0M platform).

1. The suspicion of commission of the State offences charged in these proceedings thus arose in the course of the existing AFP investigation of Commonwealth offences.  Further, there was a clear connection between the subject matter of the AFP investigation and the State offences.  Whilst the former was focused upon the Comancheros’ potential involvement in the importation and trafficking of controlled drugs, and money laundering, the latter was focused upon the defendants’ possession of firearms.  However, despite this difference in focus, there was an overlap between the two.  The State offences included an allegation that the defendants participated in the Comancheros’ criminal activity, and the prosecution case is that the utility and firearms the subject of the State offences were for use in the drug trafficking activities of the Comancheros.

2. This approach is consistent with the reasoning of Chesterman J in R v Ellis.[220]  In that case, the AFP had been investigating the importation of heroin.  In rejecting a challenge to the AFP’s power to investigate a State offence, his Honour said that “[i]f in performing that function it should discover that persons suspected of importing heroin were also dealing in drugs contrary to the laws of a State, investigation of the latter activity would be incidental or conducive to the performance of the function of investigating importation”.[221]

   [220] R v Ellis (2001) 162 FLR 423.

   [221] R v Ellis (2001) 162 FLR 423 at [19] (Chesterman J).

3. In our view, the above is sufficient to establish that an investigation by the AFP of the State offences the subject of Counts 1-3 and 8-14 would have been incidental to the AFP’s existing investigation for the purposes of s 4AA(1)(d) of the AFP Act.

4. However, even if it was necessary to go further, and establish that an AFP investigation of the State offences would have been in aid of its existing investigation of Commonwealth offences, we are satisfied that would have been so in the circumstances of the present case.  Here, the significant factual overlap between the Commonwealth offending being investigated and the alleged State offending meant that investigation of the latter would have been of assistance to the existing investigation.  There would have been a real prospect of an AFP investigation of the State offences revealing information, and lines of inquiry, relevant to its investigation of the Commonwealth offences. 

5. For example, there is a real prospect that investigation of the defendants’ alleged participation in the Comancheros’ criminal activities through the use of the Holden utility stored at Mr Wakefield’s Newton premises would have revealed information, and lines of inquiry, in relation to the AFP’s investigation of the Comancheros’ drug trafficking activities more generally.

6. It is also relevant to observe in this context that the potential Commonwealth offences being investigated by the AFP included not only the drug and money laundering activities of the Comancheros, but also the use of a telecommunications network with the intention to commit a serious offence in contravention of s 474.14(1) of the Criminal Code.  An investigation into the potential commission of offences under the Firearms Act by the defendants would have assisted the AFP to determine whether persons, including the defendants, were using the telecommunications system to commit offences in contravention of s 474.14(1) of the Criminal Code.

7. For these reasons, we agree with the primary judge’s conclusion that the hypothetical investigation of the charged State offences by the AFP would have been incidental to its existing investigation of Commonwealth offences, with the result that those offences were State offences having a federal aspect under s 4AA(1)(d) of the AFP Act.

   A prudential approach

8. Having concluded that the State offences the subject of Counts 1-3 and 8-14 are State offences with a federal aspect under s 4AA(1)(d) of the AFP Act, it is necessary to consider whether it is appropriate for this Court to go further and consider the potential application of s 4AA(1)(a) (in relation to Count 1) and s 4AA(1)(c) (in relation to Counts 1-3 and 8-14). The parties were agreed that the authorities support a prudential approach which ought to incline this Court against considering the potential application of these other limbs of s 4AA(1) of the AFP Act.

9. As recounted earlier in these reasons, the primary judge found that Counts 1-3 and 8-14 were State offences having a federal aspect under s 4AA(1)(d) of the AFP, but nevertheless went on to consider whether they were State offences having a federal aspect under s 4AA(1)(a) or s 4AA(1)(c) of the AFP Act in case he was wrong in his approach or conclusion in relation to s 4AA(1)(d).[222]  Whilst it was not necessary for his Honour to consider these additional bases for meeting the defendants’ challenge to the admissibility of the AN0M communications, his decision to do so was consistent with the “general rule” or “conventional approach” that applies to trial courts; namely, that “a judge should determine all issues before him or her to assist the appeal process and obviate recourse to a new trial”.[223]

   [222] R v TB (No 6) [2023] SASC 140 at [41].

   [223] Massoud v Nationwide News Pty Ltd (2022) 109 NSWLR 468 at [35] (Leeming JA, Mitchelmore JA and Simpson AJA agreeing), quoting Gulic v Boral Transport Ltd [2016] NSWCA 269 at [7] (McFarlane JA, Gleeson JA and Garling J agreeing).

10. However, the principles governing the approach to be taken by an intermediate appellate court in relation to non-dispositive issues are not the same as those governing trial courts.  In Boensch v Pascoe,[224] Kiefel CJ, Gageler and Keane JJ said that, generally speaking, “an appellate court should confine itself to determining only those issues which it considers to be dispositive of the justiciable controversy raised by the appeal”.  Their Honours went on to say that “[i]t is important to the efficiency of the system as a whole that intermediate courts of appeal should not feel compelled to treat determination of non-dispositive issues in appeals before them as the norm”.[225]

    [224] Boensch v Pascoe (2019) 268 CLR 593 at [7] (Kiefel CJ, Gageler and Keane JJ; Bell, Nettle, Gordon and Edelman JJ agreeing at [101]); see also Tabet v Gett (2010) 240 CLR 537 at [97]-[98] (Heydon J).

    [225] Boensch v Pascoe (2019) 268 CLR 593 at [8] (Kiefel CJ, Gageler and Keane JJ; Bell, Nettle, Gordon and Edelman JJ agreeing at [101]).

11. The authorities further suggest that where a non-dispositive issue is constitutional in nature, an intermediate appellate court should be particularly reluctant to decide it.  The High Court has emphasised, on numerous occasions,[226] that “[i]t is not the practice of the Court to investigate and decide constitutional questions unless there exists a state of facts which makes it necessary to decide such a question in order to do justice in the given case and to determine the rights of the parties”.[227]

    [226] Mineralogy Pty Ltd v Western Australia (2021) 274 CLR 219 at [56] (Kiefel CJ, Gageler, Keane, Gordon, Steward and Gleeson JJ); LibertyWorks Inc v Commonwealth (2021) 274 CLR 1 at [90] (Kiefel CJ, Keane and Gleeson JJ); Zhang v Commissioner of the Australian Federal Police (2021) 273 CLR 216 at [21]-[22] (Kiefel CJ, Gageler, Keane, Gordon, Edelman, Steward and Gleeson JJ).

    [227] Lambert v Weichelt (1954) 28 ALJ 282 at 283 (Dixon CJ on behalf of the Court).

12. In Mineralogy Pty Ltd v Western Australia,[228] Kiefel CJ, Gageler, Keane, Gordon, Steward and Gleeson JJ referred to this “cautious and restrained approach” and said:[229]

    Underlying the prudential approach is recognition that the function performed by the Full Court in answering a question of law stated for its opinion is not advisory but adjudicative.  Underlying it also is recognition that performance of an adjudicative function in an adversary setting “proceeds best when it proceeds if, and no further than is, warranted to determine a legal right or legal liability in controversy”.  That is to say, “the adjudicatory process is most securely founded when it is exercised under the impact of a lively conflict between antagonistic demands, actively pressed, which make resolution of the controverted issue a practical necessity”.

    [228] Mineralogy Pty Ltd v Western Australia (2021) 274 CLR 219.

    [229] Mineralogy Pty Ltd v Western Australia (2021) 274 CLR 219 at [57]-[58] (Kiefel CJ, Gageler, Keane, Gordon, Steward and Gleeson JJ) (omitting citations).

13. Relevantly, their Honours identified one of the implications of “the prudential approach” as being “that the necessity of answering the question of law to the judicial resolution of the controversy may not sufficiently appear where there remains a prospect that the controversy can be judicially determined on another basis”.[230]  This prudential approach to the resolution of constitutional questions has been followed by intermediate appellate courts,[231] including in the criminal context.[232]

    [230] Mineralogy Pty Ltd v Western Australia (2021) 274 CLR 219 at [60] (Kiefel CJ, Gageler, Keane, Gordon, Steward and Gleeson JJ).

    [231] Doyle’s Farm Produce Pty Ltd v Murray Darling Basin Authority (No 2) (2021) 106 NSWLR 41 at [20] (Leeming JA, Bathurst CJ and Bell P agreeing); CMU16 v Minister for Immigration and Border Protection (2020) 277 FCR 201 at [65] (Jagot, Yates and Stewart JJ); Australian Industry Group v Automotive, Food, Metals, Engineering, Printing and Kindred Industries Union (2002) 125 FCR 529 at [73] (Goldberg and Finkelstein JJ); Multicon Engineering Pty Ltd v Federal Airports Corporation (1997) 47 NSWLR 631 at 642 (Mason P, Gleeson CJ and Priestley JA agreeing).

    [232] Proudfoot v Director of Public Prosecutions (Vic) (2020) 283 A Crim R 332 at [95]-[98] (Tate, McLeish and Hargrave JJA); Garth v The Queen (2016) 261 A Crim R 583 at [19]-[22] (Bathurst CJ, Beazley P and Simpson JA agreeing).

14. As explained, in our conclusions that Counts 1-3 and 8-14 are State offences having a federal aspect under s 4AA(1)(d) of the AFP Act, and hence that Question 6 should be answered “Yes”, is sufficient to engage the s 45(5)(c) exception to the general inadmissibility of protected information under the SD Act. It is thus not necessary for this Court to consider whether some or all of those Counts might also qualify as State offences having a federal aspect on some additional basis (that is, under ss 4AA(1)(a) or (c) of the AFP Act). As such, the issues raised by Questions 4 and 5 are non-dispositive issues. And unlike the position before the primary judge, there is no general obligation on this Court to decide them. Further, Questions 4 and 5 require direct consideration of the scope of the Commonwealth Parliament’s legislative power under s 51(v) and s 51(xxix) of the Constitution.

15. Consistently with the authorities mentioned above, it is appropriate that this Court take the prudential approach in circumstances where the issues raised by Questions 4 and 5 are non-dispositive and turn upon consideration of the scope of the Commonwealth Parliament’s legislative power under the Constitution. Accordingly, we would decline to answer these questions on the basis that it is not necessary, and therefore undesirable, that this Court do so.

    PART E:  CONCLUSION

16. For the reasons set out, we would answer the questions reserved for this Court’s consideration as follows:

    Question 1

    In respect of Interlocutory Application [FDN 166] filed by the defendants on 5 December 2022, did the AN0M Application and system (together the AN0M Platform), as described in R v TB [2023] SASC 45 … involve an interception of a communication passing over a telecommunications system contrary to s 7(1) of the [TIA Act]?

    Answer to Question 1:  No.

    Question 2

    If the answer to Question 1 is “Yes”, is the information and records obtained as a result of that interception inadmissible at the trial of the defendants?

    Answer to Question 2:  Does not arise.

    Question 3

    In respect of Interlocutory Application [FDN 227] filed by the defendants on 3 February 2023, on the evidence identified in R v TB (No 5) [2023] SASC 118:

    3.1 is MCO No. 1 invalid because it misstates the statutory criteria that were mandatory considerations under section 15GI(2) of the Crimes Act (facial invalidity) and thereby manifests that Deputy Commissioner Neil Gaughan acted on a misconstruction of the applicable statutory criteria in ss 15GI and 15GK of the Crimes Act (misconstruction of the law)?

    and/or

    3.2 is MCO No. 2 invalid because it misstates the statutory criteria that were mandatory considerations under section 15GI(2) of the Crimes Act (facial invalidity) and thereby manifests that Deputy Commissioner [Ian McCartney] acted on a misconstruction of the applicable statutory criteria in ss 15GI and 15GK of the Crimes Act (misconstruction of the law)?

    Answer to Question 3.1:  No.

    Answer to Question 3.2:  No

    Question 4

    In respect of Interlocutory Application [FDN 346] filed by the defendants on 23 March 2023, is Count 1 as contained in the ex-officio information dated 17 November 2021 and the subject of matter SCCRM-21-460, a State offence having a federal aspect within the meaning of s 4AA(1)(a) of the Australian Federal Police Act 1979 (Cth) (AFP Act)?

    Answer to Question 4:  Not necessary to answer.

    Question 5

    In respect of Interlocutory Application [FDN 346] filed by the defendants on 23 March 2023, are each of Counts 1-3 and 8-14 as contained in the ex-officio Information dated 17 November 2021 and the subject of matter SCCRM-21-460, State offences having a federal aspect within the meaning of s 4AA(1)(c) of the AFP Act having regard to ss 4AA(2) and 4AA(3)(e) of that same Act?

    Answer to Question 5:  Not necessary to answer.

    Question 6

    In respect of Interlocutory Application [FDN 346] filed by the defendants on 23 March 2023, are each of Counts 1-3 and 8-14 as contained in the ex-officio Information dated 17 November 2021 and the subject of matter SCCRM-21-460, State offences having a federal aspect within the meaning of s 4AA(1)(d) of the AFP Act?

    Answer to Question 6:  Yes.