R v Roy (No 3)

SUPREME COURT OF THE AUSTRALIAN CAPITAL TERRITORY

McCALLUM CJ:        

Introduction

1․Richard Roy faces trial for 90 offences involving the sexual exploitation of children.  The charges include 2 counts under Commonwealth law of possessing child abuse material (each with an alternative count under Territory law), 10 counts of using a carriage service for sexual activity with a person under 16 years of age, 12 counts of using a child for the production of child exploitation material, 37 counts of accessing child abuse material using a carriage service and 27 counts of accessing child pornography material using a carriage service. 

2․The charges are based entirely on items seized from Mr Roy’s home during the execution of search warrants.  The items seized by police included electronic devices, electronic storage devices, a green notebook that includes notes of child abuse material search terms, and clothing and other items police allege can be seen in some of the child exploitation videos allegedly filmed live by Mr Roy. 

3․Mr Roy seeks to have all of that material excluded from evidence under s 138 of the Evidence Act 2011 (ACT). As the evidence sought to be excluded is effectively the whole Crown case, a ruling is sought in advance of the trial, as allowed under s 192A of the Evidence Act.  This is clearly a case in which it is appropriate to give an advance ruling.

Identification of Mr Roy as a suspect

4․Mr Roy was identified as a person suspected of having used a carriage service for child abuse material contrary to s 474.22 of the Criminal Code (Cth) when police obtained information that two electronic files containing child abuse material had been stored on certain dates at an IP address assigned to him at the relevant times. The means by which that information was obtained is central to Mr Roy’s challenge to the admissibility of the evidence against him. Before turning to the individual grounds relied upon for excluding the evidence, it will be helpful to give a high-level overview of the investigation. The technical information included in the summary that follows is drawn from evidence led by the Crown on the application.

5․Child abuse material is commonly shared on the internet.  To understand how police identified Mr Roy as a suspect, it is necessary to understand aspects of the processes by which such material can be shared.  An electronic file can be shared by being uploaded to a centralised server and downloaded from the server using any internet-connected device.  An alternative method of file-sharing is to use a peer-to-peer or “P2P” file-sharing system.  Any person can participate in a peer-to-peer network by installing peer-to-peer software, which is readily available.  Peer-to-peer networks are commonly used to share child abuse material because they enable users to share files directly between themselves, without the use of a centralised server.  Instead, in a peer-to-peer network, each user or “peer” is able to request and receive files directly from another peer in the network.  In this process, each peer performs the functions of both client (a person who requests a file) and server (a person who provides files to others).  Peer-to-peer file-sharing also has the benefit of expediting download as a file can be downloaded in parts over multiple servers. 

6․Participants in a peer-to-peer network are able to search for files held by other participants in the network.  The search function targets additional information associated with a file, referred to as metadata.  The metadata describes the content of a file (and other information) but is separate from the file itself.  The metadata includes the name of the file, which means that users can search for files of interest by searching keywords for the kind of material sought.  In the case of child abuse material, the name of a file often includes common acronyms.  For example, “pthc” as part of a file name is known in the world of child abuse to refer to “pre-teen hard core”.

7․As an alternative to searching keywords, a participant can search for a particular file on a peer-to-peer network by searching its “hash value”, if known.  A hash value is a unique alphanumeric identifier that is created for every electronic file shared on the internet.  It forms part of the metadata of a file.  One witness in the present case likened the hash value of an electronic file to a person’s DNA.  The hash value is unique because it is a function of the content of the file that is derived by applying an algorithm that produces only one result.  The hash value of a file cannot be changed.  Only a change in the content of the file will produce a different hash value.

8․When a user who has peer-to-peer software connects to the network and searches for a particular file or kind of file, the response will identify peers who may hold a file or part of a file that matches the search.  The user can then contact the peer directly and request the file from the peer.  As a file downloads, it is simultaneously made available for sharing with other participants in the same peer-to-peer network.   

9․Material available on the internet is uploaded and downloaded to and from an IP address.  Like the street address of a house, an IP address uniquely identifies a specific device and its place in a network.  This means that a search on a peer-to-peer network of the hash value for a file will give the searcher the IP address of any potential source device participating in the same peer-to-peer network that holds that file.  A police officer who knows the hash value of a file containing child abuse material can (without deception) join a peer-to-peer network and, by searching for that hash value, obtain the IP address for a device that held that file at a particular point in time.

10․The IP address for a device is allocated by the user’s internet service provider.  An IP address can be static or dynamic.  A static IP address is a fixed IP address that does not change during the term of the relevant contract.  A dynamic IP address is one that is assigned to a device temporarily, refreshing with each use of the device.  Internet service providers hold records as to the device to which a dynamic IP address was allocated at any particular point in time.

11․The Child Rescue Coalition is a nonprofit organisation based in Florida dedicated to protecting children from sexual exploitation by developing technology to assist law enforcement officers to investigate child sexual abuse offences and to identify and rescue the victims of such offences.  The Child Rescue Coalition has developed a suite of technological tools, collectively referred to as the “Child Protection System”, which collect data created when child abuse material is shared on a peer-to-peer file-sharing network.  One set of data collected and stored in the Child Protection System is a library of hash values for files containing child abuse material. 

12․The collection of data by the Child Protection System is automated.  Whereas a single police officer can undertake only one manual search at a time, the Child Protection System constantly searches peer-to-peer networks through numerous instances of the software to identify any IP address that could be holding child abuse material.  The system downloads only the metadata, not the child abuse material itself (as that would be illegal).  However, the hash values it records are those of files that have been confirmed through associations with law enforcement authorities around the world to contain child abuse material.  The Child Protection System maintains a centralised library called “Media Library” of the hash values of known child abuse material.  Media Library is constantly updated. 

13․The data collected by the Child Protection System is made available (on certain conditions) to law enforcement officers via a web interface that is also referred to as the Child Protection System.  The web interface enables law enforcement officers to search for IP addresses geolocated to their jurisdiction.  Media Library allows law enforcement officers, when they come across new child abuse material, to apply an algorithm to calculate the corresponding hash value for the file and provide it to the Child Rescue Coalition for inclusion in the database.

14․Detective Sergeant James Brown is a member of the Australian Federal Police (AFP) attached to the Joint Anti Child Exploitation Team.  He is one of a group of AFP officers who have been granted access to the Child Protection System web interface.  He regularly logs into that system and conducts searches to see IP addresses that have been associated with the distribution of child abuse material and geolocated to the Australian Capital Territory.  The result of a search he undertook on 6 July 2020 identified an IP address at which two files classified as “child notable” had been held on two separate dates in June 2020.  I will refer to that result as the CPS search result. 

15․As already explained, the Child Protection System does not obtain the child abuse material itself; it only records some of the metadata associated with a file.  However, using the hash values revealed in the CPS search result, Detective Brown was able to download a copy of each file from a different source and confirm for himself that the files met the definition of child abuse material.

16․The CPS search result gave Detective Brown three critical pieces of information: two hash values of files said (and later confirmed by him) to contain child abuse material, the IP address at which those files had been available on two dates in June, and the fact that the IP address was at that time probably associated with a device located in the Territory (the geolocation filter does not have the precision of a geographical boundary but roughly locates, in this case, to the area of the Territory). On the strength of that information, Detective Brown made an application under s 178 of the Telecommunications (Interception and Access) Act 1979 (Cth) requesting authorisation for the disclosure by the relevant internet service provider of the name and address of the holder of the IP address identified in the CPS search result. That authorisation was granted by a senior member of the AFP, Inspector Shane Scott. I will refer to that authorisation as the s 178 authorisation.

17․The information obtained pursuant to the s 178 authorisation was that the person to whom the IP address was allocated on the relevant dates was Mr Roy. His residential address was also provided. Using that information, Detective Brown took steps to obtain search warrants under s 3E of the Crimes Act 1914 (Cth) to authorise searches of Mr Roy, his residential premises and two vehicles owned by him. The affidavit in support of the warrants was sworn by a different officer, Constable Susan Corey. However, her affidavit was based entirely on information provided to her by Detective Brown. In cross-examination, Detective Brown accepted responsibility for the contents of the affidavit for the purposes of the present application. Constable Corey was accordingly not required for cross-examination.

18․The search warrants were granted by a Special Magistrate on 12 January 2021 and executed on 14 January 2021.  As already noted, numerous items were seized from Mr Roy’s home including electronic devices and storage devices.  Mr Roy was charged on the strength of material found on those devices and other items found in his home.  I will refer to those items as the seized items.  If the seized items are inadmissible, the prosecution must fail. 

Application to exclude the seized material

19․As already noted, the application invokes s 138 of the Evidence Act.  That section provides:

Evidence that was obtained—

(a)    improperly or in contravention of an Australian law; or

(b)    in consequence of an impropriety or of a contravention of an Australian law;

must not be admitted unless the desirability of admitting the evidence outweighs the undesirability of admitting evidence that has been obtained in the way in which the evidence was obtained.

20․Mr Roy contends that every step of the investigation described above either directly or derivatively involved an impropriety or a contravention of an Australian law and accordingly that all of the seized items were obtained in consequence of an impropriety or of a contravention of an Australian law.  The points finally relied upon by Mr Roy are specified in his second further amended application in proceeding filed in Court on the last day of the hearing, supplemented by particulars of the first prayer for relief, also handed up during the hearing (MFI 7).

21․The second further amended application specifies at least 10 separate prayers for relief (orders sought) by the drafting device of specifying each separate reason for excluding the evidence in a separate order.  For example, order 1(a)(i) sought in the application is:

1.Evidence obtained in these proceedings under or in consequence of s 3E search warrants not be admitted pursuant to s 138 of the Evidence Act 2011 because:

(a)The affidavit of Susan Corey sworn 12 January 2021 in support of the application for the search warrants contained and relied on information:

(i)available to the Australian Federal Police as a result of the use of law enforcement tools (described as the “law enforcement specific tool” or “Child Protection System”) which was obtained improperly or unlawfully. 

22․The Court would not make an order in those terms.  A preferable approach in drawing the application would have been to specify the order sought (upon analysis, there is only one, namely, that the evidence obtained during or in consequence of the execution of the search warrants be excluded) and then, separately, to specify the several grounds on which that single order is sought.  This is the approach reflected in the approved form for an application in proceeding, Form 6.2. 

23․When a party seeks an order in an application in proceeding, they seek an exercise of judicial power.  Each order sought should be drawn in terms in which an order might appropriately be made by the court in the exercise of judicial power.  The reason for making an order is juridically discrete from the command of the order and is not appropriately included within the terms of the order itself.  In the present case, the relief sought might have been framed as follows:

Take notice that the Court will hear an application by the accused person on (date), at (time) (or as soon after that as this application can be heard), to make the following order:

That all evidence obtained during or in consequence of the execution of the s 3E search warrants granted on 12 January 2021 be excluded under s 138 of the Evidence Act 2011.

24․As contemplated by Form 6.2, the grounds for seeking an order should be specified separately.  Taking order 1(a)(i) in the application together with particular 1 in MFI 7 as an example, the accused’s first ground for seeking the order set out above might have been framed as follows:

The order is sought on the following grounds:

The evidence seized during the execution of the search warrants was obtained in consequence of an impropriety or of a contravention of an Australian law in that the affidavit of Susan Corey sworn 12 January 2021 in support of the application for the search warrants contained and relied on information available to the Australian Federal Police as a result of the use of law enforcement tools (described as the “law enforcement specific tool” or “Child Protection System”) which was obtained improperly or unlawfully. 

Particulars

The use of the law enforcement specific tool or Child Protection System constituted an illegal interception of communication pursuant to s 7 of the Telecommunications (Interception and Access) Act 1979 (Cth)

The use of the law enforcement specific tool or Child Protection System constituted offences pursuant to various provisions of the Security of Communications; Surveillance Act contained in Chapter 934 contained in Florida Statutes (2003) in the United States of America.

25․Noting those requirements, I have taken the prayers for relief to be, in substance, the grounds on which the accused seeks to have the seized items excluded from evidence.  Accordingly, in this judgment, I refer to the prayers for relief as the grounds for the application.

26․I have endeavoured to group the grounds (including the particulars of ground 1) into categories and, to the extent that it makes sense to do so, to address them in the chronological order of the steps taken during the investigation.  The steps addressed in the grounds relied upon by the accused are:

(a)the collection of data using the Child Protection System based in Florida, which is said to contravene or circumvent the law of Florida, the “guarantees of privacy” in the Telecommunications (Interception and Access) Act, the Human Rights Act 2004 (ACT) and the International Covenant on Civil and Political Rights and the guarantees of the right to a fair trial contained in the Human Rights Act and the International Covenant on Civil and Political Rights;

(b)the provision of that data to the AFP, said to contravene or circumvent the same laws and rights;

(c)the CPS search conducted by Detective Brown on 6 July 2020, said to have contravened or circumvented several laws of Australia and, separately, to have entailed contraventions of the Human Rights Act;

(d)the s 178 authorisation, said to have to have entailed contraventions of the Human Rights Act;

(e)the application for the search warrants, said to have to have entailed contraventions of the Human Rights Act and, separately, to have entailed impropriety in the preparation of the supporting affidavit;

(f)the grant of the search warrants by the Special Magistrate, said to have entailed contraventions of the Human Rights Act;

(g)the execution of the search warrants, said to have involved impropriety in that it is alleged to have been deliberately commenced at a time when Mr Roy was absent from his home.   

Collection of data by the Child Protection System

27․The Crown called two witnesses to explain the technical operation of the Child Protection System.  One was the President of the Child Rescue Coalition, Mr William Wiltse.  Mr Wiltse has a lengthy background in computer technology including tertiary qualifications in computer science.  He also has a background in law enforcement.  The other was an expert witness, Professor Aruna Seneviratne.  Professor Seneviratne is an electronic engineer.  His extensive qualifications and publications include a PhD in communications systems.  He was accepted as an expert in modern communication systems in one of the cases relied upon by the accused, R v TB [2023] SASC 45; 376 FLR 69 at [65] (Kimber J). His primary field of expertise is networking. Professor Seneviratne gave opinion evidence as to whether the operation of the Child Protection System entails any interception of a communication passing over a telecommunications system (it is his opinion that it does not).

28․Mr Wiltse was a law enforcement officer in Salem, Oregon from 1991 to 2009.  In 2006, because of his expertise in computer technology, he was recruited into a team of law enforcement officers investigating the sharing of child abuse material using peer-to-peer technology, which was relatively new at that time.  Initially, the investigation process was manual.  A group of investigators would download open-source peer-to-peer software and conduct keyword searches, as any user of the same peer-to-peer network could.  They would search keywords that were likely to find files containing child abuse material.  They would then cut and paste the search results into a separate database containing the hash values of files that law enforcement officers had previously confirmed to contain child abuse material to ascertain whether the search results included files or parts of files that contained child abuse material.

29․Professor Seneviratne explained that peer-to-peer systems can download a file in pieces or packets over multiple servers, increasing overall download speed.  To support the sharing of files in that way, peer-to-peer systems have well-defined “protocols”.  Professor Seneviratne named BitTorrent, Gnutella and eDonkey as examples of such peer-to-peer protocols. 

30․From about 2007, Mr Wiltse started to develop a tool called “Peer Spectre” which automated the search process, sending out keyword search requests on a peer-to-peer network 24 hours a day.  Peer Spectre operated on Gnutella. 

31․As the developers of Peer Spectre became aware of other similar peer-to-peer networks, they developed similar tools for those networks.  In each case, the function was essentially the same: the software would undertake a keyword search or possibly a hash value search; receive a response containing the IP addresses of devices that potentially held files of interest and then send the results to their own servers to compare the hash values received against the database of known child abuse material.  To determine whether any IP address of interest identified during that process was within the geographical jurisdiction of the investigating officers, they used (and still use) a commercial tool called MaxMind, which geolocates the search results.

32․In 2009, when the Salem unit was to be shut down, one of its senior officers secured philanthropic support for the continuation of their work outside the law enforcement context.  In 2014, following the death of that original benefactor, his family established the Child Rescue Coalition.  The Child Rescue Coalition now works with law enforcement agencies all over the world providing a web interface that allows trained investigators to log in and search for IP addresses geolocated to their jurisdiction that have been identified by the Child Protection System as having held files known from their hash values to contain child abuse material.

33․The library of hash values of child abuse material was originally created using the results of the manual searches undertaken by Mr Wiltse and his colleagues when he was a law enforcement officer.  As already explained, the Child Protection System now includes the tool called “Media Library” which allows investigators, when they come across previously unknown child abuse material, to add hash values for those files to the library.

34․One peer-to-peer file-sharing network currently participated in by the Child Protection System is called eDonkey.  Any person can participate in the eDonkey network using freely available software.  The software is commonly referred to in this context as “the client”.  Mr Wiltse named eMule, aMule and Shareaza as examples of eDonkey client software.  After downloading eDonkey client software, a person can log into the eDonkey network and search for files available for sharing.  As with any peer-to-peer network, police officers can (without deception) do the same.

35․As already explained, a file or part of a file downloaded by a participant simultaneously becomes available to be shared by that participant with other participants.

36․Mr Wiltse explained that, although a peer-to-peer network operates without a centralised server, it can have a centralised component capable of sharing “the awareness of files” with all the peers on the network.  He referred to that centralised component as the eDonkey server.  When a person using eDonkey client software searches for a specific file by its hash value, that message is sent to the eDonkey server, which has a list of file names and hash values for all files held by peers connected to the network at that time.  The eDonkey server interrogates that list and informs the searcher of any match.

37․The user of the eDonkey client can then decide whether to request any of the files displayed in the results by double-clicking on the relevant file name.  Mr Wiltse explained that, when the user double-clicks on a file name, the double-click initiates a file request message sent out to the network seeking “all of the IP addresses that the eDonkey server believes could be in possession currently of a file with the hash value selected”.  The eDonkey client software will then “reach out to any and/or all of those IP addresses” to initiate a peer-to-peer connection so that it can request and download the file.

38․As already noted, one of the publicly available eDonkey client softwares is eMule.  For the purpose of investigating the potential sharing of child abuse material on the eDonkey file-sharing network, the Child Protection System developed its own eDonkey client by taking the eMule software and modifying it so that it could operate much in the same way Peer Spectre did, that is, by conducting automated searches, receiving results showing potential sources for the files identified in the search results and then validating the sources by establishing a peer-to-peer connection.  The eDonkey client developed by the Child Protection System based on eMule is called NordicMule.  Whereas Peer Spectre searched keywords, NordicMule searches only the hash values of known child abuse material, taking advantage of the ever-growing library of such hash values held by the Child Protection System.   

39․The NordicMule protocol specification was not in evidence.  It is deliberately kept secret by the Child Rescue Coalition.  The Crown instead tendered the protocol specification for eMule, on which NordicMule was based.  The usual process for downloading material as described in the eMule protocol specification is:

(a)the searcher sends a search request for a file (as described at paragraph 6.2.9 of the protocol);

(b)the searcher receives a reply to the search request consisting of a list of potentially matching files including the file hash values (described at 6.2.10);

(c)the searcher sends the network a request for peers or sources (other clients) who are making a particular file hash available (described at 6.2.11);

(d)the searcher receives a reply listing sources for the searched file (described at 6.2.11);

(e)the searcher sends a request directly to another client to connect to the searcher’s client so that the file can be shared directly.   

40․Mr Wiltse explained that one of the modifications made to eMule to make NordicMule was, in effect, to enable NordicMule to speak to Media Library:

[I]t reaches out to our servers and it updates itself on the most recent hash values set up and provided to us via Media Library or investigators’ use of Media Library.  So it refreshes itself on the numerous material that has been identified as child notable material and then that’s what it uses to then make its requests on the eDonkey network.

41․After downloading the most recently provided hash values from Media Library, NordicMule then searches the eDonkey network for sources making the corresponding files available and validates those sources by making a direct connection with the peer.  The Child Protection System then records basic data about those sources including the IP address and hash values to which NordicMule successfully connected.  The Child Protection System then uses the commercially available database, MaxMind, to geolocate the IP address.

42․The Child Rescue Coalition makes the Child Protection System available to law enforcement authorities who have undertaken training as to the operation of the system.  In November 2019, a group of AFP officers (Detective Brown thought perhaps 10 or 20) participated in a course on the use of the Child Protection System peer-to-peer program.  The course was organised by the Australian Centre to Counter Child Exploitation and facilitated by the Child Rescue Coalition.  Mr Kevin West of the Child Rescue Coalition travelled from the United States to deliver the training.  He is not a law enforcement officer.  Detective Brown successfully completed the course and was granted access to the Child Protection System web interface.

43․As already explained, police with access to the Child Protection System can periodically search the database to see IP addresses associated with child abuse material that have been geolocated to their jurisdiction.  That is what Detective Brown did on 6 July 2020.

AFP liability for contravention of Florida law

44․A number of the accused’s grounds for having seized items excluded from evidence are based on the contention that the use of NordicMule by the Child Rescue Coalition in Florida and subsequent searches of the Child Protection System database undertaken by members of the AFP in Australia involved contraventions of laws of Florida and Australia.

45․Ground 1(a) conflates two issues concerning the use of the Child Protection System. Ground 1(a)(i) addresses the lawfulness or propriety of the use of the system itself, while grounds 1(a)(ii) and (iii) address the conduct of police in preparing the Corey affidavit, contending that it did not give a full and accurate explanation of the system and that the affidavit was misleading. While each raises a matter that potentially enlivens the obligation to consider whether to exclude evidence under s 138, they are discrete complaints focussing on different conduct at different stages of the investigation. The allegation of impropriety in the preparation of the affidavit is addressed under a separate heading below. This section of the judgment addresses the ground that the seized items should be excluded from evidence because the Corey affidavit relied on information from the Child Protection System which was obtained improperly or unlawfully.

46․There is a further conflation of issues within ground 1(a)(i). Particular 1 of that ground refers to the law of Florida and the law of Australia in the same complaint, contending that the use of the Child Protection System constituted “an illegal interception of communication pursuant to s 7 of the Telecommunications (Interception and Access) Act” and also “offences pursuant to various provisions of the Security of Communications; Surveillance Act contained in Chapter 934 contained in Florida Statutes (2003) in the United States of America”.

47․It is theoretically possible that the same conduct might contravene laws in two different countries.  However, the accused’s submissions did not explicitly address that question.  No submission was made as to where any particular conduct occurred or how otherwise the jurisdictional arm of either country reached the conduct complained of.  As noted in the Crown’s written submissions, the term “Child Protection System” was used in the evidence to refer both to the suite of tools used to collect data by the organisation based in Florida and to the web interface to which Detective Brown has log-in access in the Australian Capital Territory in Australia.  Some of the particulars accuse Detective Brown of committing crimes under the law of Florida.  That is a serious allegation.  However, there is no suggestion that Detective Brown did anything in Florida, no clear articulation of the basis on which he might be criminally responsible for the conduct in Florida of any other person and no explanation as to how he could be criminally responsible under Florida law for his conduct in Australia.

48․It is important in this context to recall the two kinds of matters capable of enlivening the obligation to consider excluding evidence under s 138 of the Evidence Act, impropriety or contravention of an Australian law. Evidence obtained in contravention of a foreign law would not satisfy the second limb. It might satisfy the first, but that would depend on the circumstances. For example, if a foreign law prohibited women from working, the fact that evidence was obtained in consequence of work undertaken by a woman in that jurisdiction would be unlikely to satisfy the test under s 138 because that would not be regarded as an impropriety in Australia. The nature of the test for impropriety is considered further below.

49․The accused’s written submissions appeared to suggest that these complexities are resolved by the contention that the AFP is in a relationship of partnership with the Child Rescue Coalition.  If I have understood the argument correctly, the accused contends that, by virtue of this alleged partnership, members of the AFP in Australia bear criminal responsibility for unlawful conduct in Florida of people they have never met.

50․Separately, or perhaps as an aspect of the same point, the particulars provided in MFI 7 allege accessorial liability on the part of members of the AFP in the unlawful conduct in Florida of other persons.

Alleged partnership between the AFP and the Child Rescue Coalition

51․The accused submitted that the evidence establishes “a clear partnership” between the AFP and the Child Rescue Coalition, adding (enigmatically), “the lawfulness of the Child Protection System and its suite of tools has wide ranging implications”. 

52․One complaint under this heading alleged that Detective Brown was complicit in deception about the use of the Child Protection System.  The accused noted that, during the training, Mr West of the Child Rescue Coalition requested Detective Brown (and others) to describe the NordicMule software as “a law enforcement specific tool” and “similar P2P client software with modifications for law enforcement”.  This language was replicated in the Corey affidavit.  The accused submits that this was a deception because there was “not a word of NordicMule or ShareazaLE in the police statements”.  The accused submits that this “orchestrated and persistent deception” could not have been an aberration on the part of Detective Brown “because the AFP were, beyond doubt, acting in partnership with the Child Rescue Coalition”, despite the fact that the existence of a “partnership” had previously been denied by the Crown (in earlier interlocutory applications in these proceedings).  The submission appears to have been directed to suggesting that, because they were in “partnership” with the Child Rescue Coalition, the AFP must know more than they have disclosed in these proceedings.

53․While it was not said so in terms, the partnership submission appears also to have been directed to establishing that the AFP, through the alleged relationship of partnership with the Child Rescue Coalition, shares liability or responsibility for any illegality or impropriety in its collection of data using the tools and systems housed in Florida.  That is the implicit premise of the particulars of ground 1(a)(i) considered below. 

54․I did not understand the accused to suggest that this was a relationship of partnership in the formal, legal sense. Section 6 of the Partnership Act 1963 (ACT) defines partnership to mean the relation between people carrying on a business in common with a view of profit. The evidence did not establish a partnership in that sense.

55․The submissions in support of the “clear partnership” rely on disparate considerations.  The training undertaken by Detective Brown and others was at the direction of his superiors during work hours.  The officers were paid to undertake the course.  The trainer, Mr West, travelled from the United States to deliver the training and is not a police officer.  Detective Brown did not know precisely how the NordicMule software worked and simply accepted that the use of the Child Protection System did not constitute an interception within the meaning of the Telecommunications (Interception and Access) Act.  The Child Rescue Coalition provided the software required to access the Child Protection System web interface “apparently free of charge”.  Those matters do not establish a legally enforceable agreement, let alone an ongoing “partnership”.  

56․The accused submitted that the Court could conclude that Detective Brown “never questioned” Mr West’s advice about the Telecommunications (Interception and Access) Act and that Mr West said nothing about the law of Florida (specifically, the Security of Communications Act).  I accept that each finding is available and am content to proceed on that basis.  Neither conclusion points to the existence of any impropriety or illegality on the part of Detective Brown or any other member of the AFP.  In the absence of any basis for suspecting that the use of the Child Protection System does involve unlawfulness, Detective Brown’s failure to investigate that issue does not of itself constitute impropriety.  To all appearances, the use of the system was akin to a police officer posing as a customer seeking to buy cocaine in a pub.  It was not explained why Detective Brown should have second-guessed his training or viewed police participation in a peer-to-peer file sharing network as anything other than an astute means of investigating the unlawful sharing of child abuse material.  

57․If the accused intended only to contend that the AFP worked together with the Child Rescue Coalition in some looser sense, it is not clear what consequence was said to follow from that.  The written submissions on this issue concluded as follows: “it could reasonably be expected that the AFP would know the answer to the questions about functionality of the software”.  If that is a complaint about inadequate disclosure by the Crown, the author should have said so in terms.  If something less, it is not clear how the submission informs the determination of the present application.

58․In case I am wrong about the absence of any basis for holding Detective Brown criminally responsible for crimes under Florida law, it is appropriate to consider the submissions on that issue.    

Florida statutes (ground 1(a)(i), particulars 1, 2 and 3)

59․Particular 1 of ground 1(a)(i) contends that the evidence was obtained improperly or unlawfully:

As constituting an illegal interception of communication pursuant to s 7 of the Telecommunications (Interception and Access) Act 1979 (Cth) and constituting offences pursuant to various provisions of the Security of Communications; Surveillance Act contained in Chapter 934 contained in Florida Statutes (2003) in the United States of America.

60․The alleged breach of Telecommunications (Interception and Access) Act is addressed under a separate heading below.

61․The “various provisions” of Florida Statutes are specified in particulars 2 and 3.  Particular 2 contends that members of the AFP were accessories to offences committed by others in Florida:

The Australian Federal Police in the form of Detective Senior Constable Brown and those who authorised his training in what is described as the "Child Protection System" (CPS) "basic P2P investigations" and those who authorised his access to or use of the databank maintained by the Child Rescue Coalition (CRC) pursuant to that training were accessories to an offence or offences contrary to the Security of Communications Act of the State of Florida in the USA (Chapter 934.03(1)(c) and 934.03(1)(d)) of intentionally and unlawfully disclosing to another the contents of any … electronic communication … knowing that the information was obtained through the interception of electronic communications and also, in identical circumstances, intentionally using or endeavoured to use such contents where the electronic communication had been intercepted by the CRC as defined in 934.02(3) of that legislation.

62․Particular 3 is:

In accessing, compiling and preserving the data interrogated by Senior Constable James Ross Brown and other representatives of the Australian Federal Police on or after 6 July 2020 with the permission or license of the Child Rescue Coalition (CRC) or those controlling its activities:

(a)The CRC committed a crime or crimes pursuant to the Security of Communications Act Chapter 934 of the Statutes of Florida in the United States of America by intentionally intercepting (as defined) electronic communications (934.03(1)(a)).

(b)The CRC committed a crime or crimes pursuant to the Security of Communications Act by intentionally disclosing to another the contents of an electronic communication knowing or having reason to know that the information was obtained through the interception of an electronic communication in violation of Subsection 934.03 aforesaid.

(c)The CRC committed a crime pursuant to the Security of Communications Act by using or endeavouring to use the contents of any electronic communication knowing or having reason to know that the content was obtained through the interception of electronic communication in violation of Subsection 934.03 aforesaid.

(d)In interrogating the data accessed compiled and preserved by the Child Rescue Coalition on and after 6 July 2020, Detective Senior Constable Brown and other representatives of the Australian Federal Police committed a crime pursuant to the Security of Communications Act of the State of Florida in the United States of America by using, or endeavouring to use, the contents of an electronic communication knowing, or having reason to know, that the information was obtained through the interception of an electronic communication in violation of Chapter 934 of the Security of Communications Act.

(e)In interrogating the electronic data accessed, compiled and preserved by the Child Rescue Coalition on or after 6 July 2020, Detective Senior Constable Brown and other representatives of the Australian Federal Police did so knowing, or not caring to enquire, that the data had been accessed, compiled and preserved by the Child Rescue Coalition, or those directing its activities, contrary to law in the State of Florida in the United States of America and was being disclosed to him and others as representative or representatives of the Australian Federal Police, contrary to law.

63․While points (a) to (d) specify a particular Florida statute, point (e) does not.  That ground merely asserts that the compilation and preservation of data by the Child Rescue Coalition was “contrary to law in the State of Florida” but does not explain how.  I assume the unlawfulness relied upon in that ground is the same as for the other grounds.  Each of the other grounds assumes as an explicit premise that the use of the Child Protection System entails “interception” of an electronic communication within the meaning of provisions of Florida statutes.

64․The accused did not lead expert evidence as to what the law of Florida is.  The Crown submitted that the argument should fail on that basis as foreign law is a question of fact to be proved by expert evidence.  In support of that submission, the Crown relied on the decision of the High Court in Neilson v Overseas Projects Corporation of Victoria Ltd [2005] HCA 54; (2005) 223 CLR 331 at 370 where Gummow and Hayne JJ said at [115] (under the unpromising heading “Australian Courts know no foreign law”):

The courts of Australia are not presumed to have any knowledge of foreign law.  Decisions about the content of foreign law create no precedent.  That is why foreign law is a question of fact to be proved by expert evidence.  And it is why care must be exercised in using material produced by expert witnesses about foreign law.  In particular, an English translation of the text of foreign written law is not necessarily to be construed as if it were an Australian statute.  Not only is there the difficulty presented by translation of the original text, different rules of construction may be used in that jurisdiction.

65․Neilson was a choice of law case. It should not be assumed that the same principle would apply without qualification in criminal proceedings, where the overriding obligation of the Court is to ensure that the accused has a fair trial. To put the matter another way, there may be cases in which the absence or unavailability of expert evidence should not preclude an accused person from making a case of impropriety based on unlawfulness in another jurisdiction. It is conceivable that, for the purpose of considering whether s 138 of the Evidence Act is enlivened, an Australian court might, even without the benefit of expert evidence, be comfortably satisfied that evidence obtained outside Australia was obtained in a manner that was unlawful in another jurisdiction. 

66․This is not such a case.  The statutory provisions provided to the Court by the accused, said to be Chapter 934 of the Florida Security of Communications Act, are complex if not inscrutable.  While both parties addressed me as to their proper construction, I do not consider it appropriate to embark upon an analysis of those submissions.  The accused’s submissions included assumptions and assertions as to the proper construction of a foreign statute which I have no way of testing.

67․For example, a premise of the allegation of unlawful interception in Florida is that there was interception of an “electronic communication”.  Chapter 934.02(12) of the Florida Security of Communications Act defines “electronic communication” for the purposes of that Act to mean:

“any transfer of signs, signals, writing, images, sounds, data or intelligence of any nature transmitted in whole or in part by a wire, radio, electromagnetic, photoelectronic or photooptical system that affects intrastate, interstate or foreign commerce, but does not include [specified communications]”. 

68․The accused submitted:

“any electronic communication transmitted internationally on a commercial P2P network can reasonably be held to be a communication affecting foreign commerce in the sense that such services are commercially provided.  Affecting commerce can mean nothing more than in commerce or burdening or obstructing the free flow of commerce or having any effect at all on commerce, such as allowing for the free flow of information or communication in a commercial setting”. 

69․I do not know whether that submission is sound.  In the absence of expert evidence, I have no reliable way of determining that issue.  As it was put by Gummow and Hayne JJ in Neilson, this Court knows no foreign law. The accused has failed to establish that the power under s 138 is enlivened on the ground of contravention of Florida law.

70․For those reasons, I reject this aspect of ground 1(a)(i).

The CPS search conducted by Detective Brown

71․Detective Brown’s search on the CPS web interface on 6 July 2020 produced a Network Activity Statement showing that NordicMule had obtained a response from a specified IP address on two separate dates in June 2020 for two hash values of files classified as “child notable”.

72․As already explained, the Child Protection System records only the metadata.  The Network Activity Statement did not give Detective Brown the content of the two files.  To confirm that the two files identified as having been available at the specified IP address did in fact contain child abuse material, Detective Brown downloaded those files from a different public source using ShareazaLE, a modified version of Shareaza.  Shareaza is a freely available eDonkey client.  ShareazaLE is a modified version for law enforcement (“LE”) users that ensures downloaded files are not shared back to the network.    

73․There was a suggestion in the cross-examination of Detective Brown that his conduct in downloading files containing child abuse material constituted an offence.  If that point is maintained, it must be rejected.  Unsurprisingly, law enforcement officers acting in the course of their duties are exempt from criminal responsibility for downloading child abuse material provided the conduct was reasonable in the circumstances for the purpose of performing that duty: s 474.24(3) of the Criminal Code.  Detective Brown’s conduct in confirming, before taking the investigation any further, that the two hash values identified in the CPS search result were in fact associated with files containing child abuse material is clearly protected by that provision.  Indeed, he would be open to criticism if he had not confirmed the nature of the material at an early stage, and had instead taken the risk of embarking on an investigation of the sharing of material that was completely anodyne.

Warrantless search (ground 2) 

74․Ground 2 contends that the evidence should be excluded:

Because any search undertaken by any “suitably qualified online investigators” using “similar P2P client software with modifications for law enforcement” as referred to in paragraph 6.9 of the 11-page affidavit of Constable Susan Corey sworn 12 January 2021 at Canberra constituted an unlawful warrantless search, or in the alternative, an impropriety such as to enliven s 138 of the Evidence Act 2011 (ACT) and crimes pursuant to Part 10.7 of the Criminal Code (Cth).

75․At the time that ground was drafted, the accused had only the Corey affidavit to work from.  The evidence now before the Court establishes that the relevant search is Detective Brown’s search of the Child Protection System web interface, which gave him access to information collected by the Child Protection System using NordicMule.

76․The accused did not address this ground in written submissions, which suggests it may not be pressed.  In case that is wrong, I will address it as best I can.  The ground as drafted apparently specifies three complaints: a warrantless search, an unspecified impropriety and unspecified computer offences contrary to the Criminal Code.

77․As to the allegation of a warrantless search, Mr Taylor, who acts for the accused, submitted that the Detective’s search on the Child Protection System web interface amounted to a “warrantless search” because the Child Protection System operates as a data surveillance device and a data storage device.  That contention is the subject of ground 4, which is addressed below.

78․As to the allegation of impropriety, it is not clear whether the accused intended under this ground to invoke any further impropriety or requirement for a warrant that was not addressed elsewhere in the grounds specified in his application.  As submitted by the Crown, it was not unlawful, and no warrant was required, for the AFP to undertake searches on the Child Protection System with the consent of the Child Rescue Coalition.

79․In his written submissions, the accused submitted:

The fact that the AFP allowed, facilitated or encouraged a foreign non-policing body to dictate the way Australian police should go about the investigation of apparently criminal conduct by one or more Australian citizens is, in the accused's submission, a serious impropriety which, with other features of illegality and impropriety, should weigh heavily in the balancing process in Section 138(3) of the Evidence Act.

80․The submission was based on a passage from the cross-examination of Detective Brown.  With great respect to Mr Pappas, who cross-examined this witness, the cross-examination did not establish the premise of the submission.  Detective Brown did not say that the trainers dictated the investigative tools he could use.  He simply said that, following the training, and in discussion with other members of the AFP, it was determined that, given the information available from the Child Protection System, there was no need for surveillance device warrants.  That determination was either right or wrong (as I explain below, I consider that it was right). 

81․Separately, during the cross-examination by Mr Taylor of Mr Wiltse, Mr Taylor appeared to suggest impropriety in that the people using NordicMule to undertake searches on eDonkey (who were presumably employees of the Child Rescue Coalition) were engaging in subterfuge to obtain information that was not publicly available:

HER HONOUR:  So what’s the legal issue that we’re now dealing with?

MR TAYLOR:  Pretending that it's a legitimate consumer of child abuse material, pretending that he does not - - -

HER HONOUR:  Is there such a thing as a legitimate consumer [of] child pornography material?

MR TAYLOR:  Well, can I develop my point, your Honour?  It does not tell the peer, either by implication or directly that it is obtaining the information for law enforcement purposes and to be deployed in furtherance of a criminal investigation.  It is enhancing the technology and capabilities of extracting from a peer information that other individual peers don’t.

82․If that argument is maintained, I reject it.  Any person who knows what they are doing can extract metadata from a peer-to-peer network.  It does not matter whether they are a police officer, a concerned citizen or a person wishing to download child abuse material.  Leaving aside the determination of the issues that remain to be determined in this judgment, there is no impropriety in a police officer or any other person participating in peer-to-peer file-sharing networks to identify the possible sharing of child abuse material, any more than there is any impropriety in the example given above of a police officer posing as a person seeking to buy cocaine in a pub.  Any person who engages in criminal conduct with others in public assumes the risk that they may be dealing with a police officer, or a person who is providing information to police officers.  Like the dark corners of a pub, the eDonkey network is a public space.  The fact that software is required to participate in that network does not mean that it is not publicly accessible.  It is.       

83․As to alleged “crimes pursuant to Part 10.7 of the Criminal Code (Cth)”, that part of the Code is concerned with unauthorised access to data. For the reason explained above, users of the eDonkey network may be taken to have consented to others accessing data made available by them as a result of their use of the network. As submitted by the Crown, that is implicit in the act of installing and running software that automatically responds to messages in the manner defined in the eDonkey protocol. The whole point of the eDonkey network is to facilitate the sharing of files with peers on the network. As explained by Professor Seneviratne, a necessary incident of that process of sharing is the display of the user’s IP address.

84․For those reasons, I reject ground 2.  

Unlawful interception of communications in the Territory (grounds 1(a)(i), 3, 7, 8 and 9)

85․Section 7 of the Telecommunications (Interception and Access) Act creates an offence:

Telecommunications not to be intercepted

(1)    A person shall not:

(a)       intercept;

(b)       authorize, suffer or permit another person to intercept; or

(c)       do any act or thing that will enable him or her or another person to intercept;

a communication passing over a telecommunications system.

86․Grounds 1(a)(i), 7, 8 and 9 are premised on the contention that the use of the Child Protection System entails the commission of that offence. 

87․Conversely, ground 3 contends that the seized items should be excluded from evidence because the use of the system had the purpose or effect of avoiding the application of the Telecommunications (Interception and Access) Act.  What vice there is in that was not explained.  Indeed, this ground was not addressed at all in the accused’s submissions.  If the use of the Child Protection System avoided the application of the Act by adopting a method of obtaining data that involved no interception of a communication passing over a telecommunications system, the result is that there was no unlawfulness.  It is not improper for police to adopt procedures or use investigative tools that avoid unlawful activity.  To circumvent unlawful activity in that way is to act lawfully.

88․I accept that is not necessarily the end of the matter. Section 138 of the Evidence Act contemplates that evidence might be obtained in a way that, although lawful, is improper.  However, beyond the points considered above, and leaving aside the human rights argument addressed below, the accused did not explain why the adoption of investigative tools and procedures designed to avoid unlawfulness of itself entailed any impropriety in the circumstances of the present case. 

89․Failing any clearly articulated argument to support it, I reject ground 3.    

90․Ground 1(a)(i) is set out above.  Grounds 7, 8 and 9 are:

7.Evidence obtained in these proceedings under or in consequence of s 3E search warrants should not be admitted pursuant to s 138 of the Evidence Act 2011 because the interception of communication said to emanate from or to be intended for [the specified IP address] was contrary to s 7 of the Telecommunications (Interception and Access) Act 1979 (Cth) and thus unlawful.

8.Any evidence obtained as a result of the use of law enforcement tools (described as the “law enforcement specific tool” or “Child Protection System”) is not admissible by virtue of section 77 of the Telecommunications (Interception and Access) Act 1979 (Cth).

9.Any evidence obtained as a result of the use of law enforcement tools (described as the “law enforcement specific tool” or “Child Protection System”) is not admissible by virtue of section 63 of the Telecommunications (Interception and Access) Act 1979 (Cth).

91․For the purpose of assessing these grounds, it is necessary to determine whether the use of the Child Protection System involves unlawful interception. That term is defined in s 6(1) of the Telecommunications Act as follows:

Interception of a communication

(1)For the purposes of this Act (other than Schedule 1), but subject to this section, interception of a communication passing over a telecommunications system consists of listening to or recording, by any means, such a communication in its passage over that telecommunications system without the knowledge of the person making the communication.

92․The term “communication” is defined in s 5 of the Act but need not be set out here.  It clearly includes messages of the kind exchanged on the eDonkey network and with the Child Protection System database.

93․The term “telecommunications system” is defined in s 5 to mean a telecommunications network that is within Australia; or partly within Australia, but only to the extent that the network is within Australia.

94․The term “telecommunications network” is in turn defined in s 5 as follows:

telecommunications network means a system, or series of systems, for carrying communications by means of guided or unguided electromagnetic energy or both, but does not include a system, or series of systems, for carrying communications solely by means of radiocommunication.

95․Section 5F is a deeming provision that prescribes when a communication is taken to be “passing over a telecommunications system”, as follows:

When a communication is passing over a telecommunications system

For the purposes of this Act, a communication:

(a)is taken to start passing over a telecommunications system when it is sent or transmitted by the person sending the communication; and

(b)is taken to continue to pass over the system until it becomes accessible to the intended recipient of the communication.

96․The term “intended recipient” is in turn defined in s 5G.  As noted by the Crown, according to that definition, the intended recipient is determined by reference to characteristics of the addressee, not the intention of the sender.  Section 5G provides:

5G The intended recipient of a communication

For the purposes of this Act (other than Schedule 1), the intended recipient of a communication is:

(a)if the communication is addressed to an individual (either in the individual's own capacity or in the capacity of an employee or agent of another person) – the individual; or

(b)   if the communication is addressed to a person who is not an individual – the person; or

(c)if the communication is not addressed to a person – the person who has, or whose employee or agent has, control over the telecommunications service to which the communication is sent.

97․Finally, s 5H addresses one of the matters specified in s 5F, namely, the point at which a communication “becomes accessible to its intended recipient”:

5H When a communication is accessible to the intended recipient

(1)For the purposes of this Act, a communication is accessible to its intended recipient if it:

(a)has been received by the telecommunications service provided to the intended recipient; or

(b)       is under the control of the intended recipient; or

(c)has been delivered to the telecommunications service provided to the intended recipient.

(2)Subsection (1) does not limit the circumstances in which a communication may be taken to be accessible to its intended recipient for the purposes of this Act.

98․The Crown has contended throughout these proceedings that the use of the Child Protection System does not entail any interception of a communication passing over a telecommunications system because the tools used by the system do not listen to or record any communication in its passage over that telecommunications system.  There is no suggestion that the system does any listening.  It records metadata associated with a communication, but only after the communication has reached its intended recipient. 

99․Section 6(1) (set out above) includes another element that is problematic for the accused’s argument. The interception of a communication passing over a telecommunications system is only unlawful when it occurs “without the knowledge of the person making the communication”. As I will explain, there are two relevant series of communications; those between NordicMule and the eDonkey network and those between NordicMule and the CPS database.

100․As to the first, I would infer that any person who participates in a peer-to-peer file sharing network may be taken to know their files may be shared with peers on the network.  If a peer’s files are shared, that is not without their knowledge.  As already noted, file-sharing is the purpose of the software.  It is a process that necessarily involves displaying the peer’s IP address.  As to the communications between NordicMule and the CPS database, they obviously occur with the knowledge of the Child Rescue System, which operates both.  

101․In case that analysis is wrong, it is necessary to consider, by reference to the other elements of the offence, whether the use of the Child Protection System entails an interception.  According to the expert opinion evidence of Professor Seneviratne, it does not. 

102․Professor Seneviratne began by explaining some basic terms.  Although the term “telecommunications network” is a defined term in the Act, it is helpful to note his practical explanation, which is not inconsistent with the definition in the Act.  He explained that a telecommunications network is a network consisting of a series of connections which take information from one end of the connection to the other end of the connection.  He said that the user’s IP address, whether static or dynamic, is an identifier which describes the endpoint of that communication link (“IP” stands for Internet Protocol).

103․In accordance with s 5F of the Act, a communication “is taken to start passing over a telecommunications system when it is sent or transmitted by the person sending the communication” and “is taken to continue to pass over the system until it becomes accessible to the intended recipient of the communication”.

104․Professor Seneviratne was briefed with a copy of the Network Activity Statement obtained by Detective Brown from the Child Protection System showing that certain “child notable” hash values were available at the IP address later associated with Mr Roy. 

105․Professor Seneviratne explained that the information set out in that statement would have been obtained by the Child Protection System “querying the P2P network and receiving a response”.  He said, “Therefore, it would have been a combination of both CPS communications and network communication”.  He was asked to say whether the communications passed over a telecommunication system (which, in accordance with the statutory definitions set out above, means a telecommunications network that is at least partly in Australia).  He confirmed that the communications would have passed over a telecommunications system.  However, he said that, at the point at which the information was recorded by the Child Protection System, “this did not constitute an interception as the data was collected by sending queries, and there was no interception of traffic that carried the data between the clients and the server.  Data is intended for the device sending the query”.   

106․Professor Seneviratne explained that NordicMule “explicitly asks [the eDonkey network] for a piece of information, so it is actually given [scil: giving] the information to it”. 

107․The accused does not challenge the correctness of Professor Seneviratne’s expert opinion but takes issue with the premise that the endpoint of the reply communication is the device that sent the query (the device in Florida operating NordicMule).  In short, the accused’s argument is that the recording of the information received by NordicMule from a peer in reply to a query constitutes an interception because the communication is still passing over a telecommunications system when and after it is received.  To adopt a football analogy, if a forward called for the ball and a midfielder successfully passed the ball to the forward and she went on to score a goal, the accused’s argument would hold that the forward intercepted the ball because the “intended recipient” in the game is the space between the goal posts.  The Crown’s argument is that the relevant pass is the pass from midfielder to forward, which was received by her without being intercepted.

108․The accused explained his argument in these terms:

The evidence of Mr Wiltse was to the effect that, ultimately, the intention of the CRC was that any response from a peer should go temporarily to the computer and server controlling the NordicMule automated communications but only for the purpose of enhancing or supplementing the response by attaching geolocation information and then the passing on of the response to what, in the circumstances, should be regarded as the end system, namely, the computer and server storing the data acquired by the CRC with the intention of providing it on a continuous basis to various law enforcement bodies who might choose to interrogate that database.

109․The submission invokes two considerations that are legally irrelevant in this context: the “intention” of the Child Rescue Coalition and the fact that NordicMule deals with the communication only “temporarily”.

110․As already noted, the term “intended recipient” is defined in s 5G in terms that do not refer to any subjective, human intention.  Instead, the section defines the recipient according to the manner in which the communication is addressed.  For convenience, the definition is repeated here:

For the purposes of this Act (other than Schedule 1), the intended recipient of a communication is:

(a)if the communication is addressed to an individual (either in the individual's own capacity or in the capacity of an employee or agent of another person) – the individual; or

(b)if the communication is addressed to a person who is not an individual – the person; or

(c)if the communication is not addressed to a person – the person who has, or whose employee or agent has, control over the telecommunications service to which the communication is sent.

111․The accused acknowledged that it is not necessary to consider the subjective belief of the person sending the communication, citing the decision of Kimber J in R v TB (referred to above) at [121]. However, the accused’s submission set out above, in referring to “the intention of the CRC”, overlooks that principle.

112․Returning to s 5G, the accused asserts (for reasons not explained in the submissions) that “the evidence does not allow a conclusion that alternatives (a) or (b) have any application”.  He accordingly contends that the intended recipient must be identified in accordance with (c), which introduces a notion of control over the telecommunications service.

113․The accused submitted that this means the intended recipient was “the CPS server” (the database in which the data collected by NordicMule is recorded) or Detective Brown.  As submitted by the Crown, the intended recipient could not have been a server or database.  Under each of the limbs of s 5G, the intended recipient must be a “person”. In accordance with s 2C of the Acts Interpretation Act 1902 (Cth), the term “person” can include “a body politic or corporate” as well as an individual but it could not include a server or a database.

114․The Crown further submitted that the intended recipient could not have been Detective Brown.  I agree.  There was no communication addressed or sent to him.  As submitted by the Crown, the Network Activity Statement discloses that communications were addressed to and received by the Child Rescue Coalition on 14, 19 and 20 June 2020.  What was obtained by Detective Brown was data extracted from the Child Protection System on 6 July 2020.  

115․The Crown noted that the accused’s argument would hold that communications sent by a peer in response to an inquiry from NordicMule continue passing over a telecommunications system indefinitely, until a previously unknown police officer chooses to log into the Child Protection System web interface.  While the point was made rhetorically, that does appear to be the accused’s argument, as reflected in the following passage in the accused’s written submissions:

If, as seems to be the case, the computer operating and controlling the NordicMule automated searching represents merely a stopping off point on the transmission from the peer to the CRC, at which point the geolocation material is attached, before the communication is sent on to the intended recipient, that is, it is submitted, an interception under the Act.

116․The argument misapprehends the relevant communications.  As submitted by the Crown, the evidence establishes that there were two separate series of communications (and accordingly two intended recipients).  The Crown described these as the messages and responses between NordicMule and the eDonkey network and the messages and responses between NordicMule and the CPS database (accessible to Detective Brown via the Child Protection System web interface).  More accurately, I am concerned with the messages between, first, the relevant device in Mr Wiltse’s office using NordicMule and the device used by the peer on eDonkey and, secondly, the device using NordicMule in Mr Wiltse’s office and the CPS database.  To return to the football analogy, the first communication is the pass from the midfielder that reaches the forward without interception.  The second is the shot at goal made by the forward after receiving the ball, which takes place within the Child Protection system with the knowledge of the Child Rescue Coalition.

117․The second series of communications occurs because, having received responses from the eDonkey network, NordicMule records some of the metadata, adds the approximate geolocation of the IP address using MaxMind, which is commercially available, and then sends the augmented data to the CPS server.  The CPS server makes that information available to law enforcement officers.

118․As to the use of MaxMind, Mr Wiltse agreed that it was in the nature of a telephone book containing IP addresses and locations.  He explained that MaxMind externalises their database, meaning that it can be run by the Child Rescue Coalition in their own office (“so we can do all of the geolocation without having to reach out to the MaxMind servers”).  He said they effectively “download the phone book” and conduct the geolocation searches internally.

119․The servers that run NordicMule and the Child Protection System database are not part of the telecommunications system.  Professor Seneviratne explained:

the client [NordicMule] can essentially send the data or a query which will augment that data to another server, right. And that is again - it goes through a TCP IP connection and the data comes out. So once the data comes out of the [eDonkey] network, it is not part of the telecommunications network…

120․At the risk of undue repetition, NordicMule operates by sending a message to the eDonkey network requesting a particular hash file (one known to be child abuse material).  In reply, it receives a list of addresses holding that file.  NordicMule then sends a further request to one of the identified IP addresses.  Here, that was the IP address later associated with Mr Roy.  The device in Mr Wiltse’s office operating NordicMule received a response from that IP address confirming that it held the file. 

121․The Crown submitted that each time NordicMule (operating on one of those devices) receives a response to its query, it is the “intended recipient” within the meaning of s 5G.  According to my understanding of the evidence, that submission must be accepted.  It follows, as submitted by the Crown, that at the time NordicMule records the communications it receives, those communications are no longer passing over the telecommunications network.  Accordingly, there is no interception.

122․On the analysis put forward by the Crown, which I accept, the second series of communications occurs between NordicMule servers and the server that stores data on the Child Protection System which, on this analysis, is another “intended recipient”.  As indicated in his answer set out above, Professor Seneviratne noted that the communication between NordicMule and the CPS database could have taken place over either a telecommunications network or an internal communication network.  Either way, there is no interception because, as submitted by the Crown, at the time of Detective Brown’s search, “the information is accessible to the intended recipient (the CPS database) and has finished passing over the telecommunications network”.   

123․The Crown accepted that, as a communication is taken (under s 5H) to continue to pass over a telecommunications system until it becomes accessible to the intended recipient, any communication sent from the IP address associated with the accused to the Child Rescue Coalition via NordicMule would be taken to continue passing over a “telecommunications system” after it left Australia, even though the definition of “telecommunications system” is confined “to the extent that the [telecommunications] network is within Australia.”

124․However, those communications were addressed to an IP address assigned to the Child Rescue Coalition.  The Crown submitted that they were accordingly “addressed” to it in accordance with s 5G(b).  If that is wrong, and the communications are taken not to have been addressed to any person, the intended recipient was “the person who has … control over the telecommunications service to which the communication is sent”, which is the Child Rescue Coalition.  On either analysis, the responses to the eDonkey searches ceased passing over a telecommunications service when they were received by the Child Rescue Coalition.

125․For those reasons, I am satisfied that Detective Brown’s use of the Child Protection System did not involve any unlawful interception.  It follows that I reject this aspect of ground 1(a)(i) and ground 7.  In light of my conclusion on that issue, it is not necessary to consider grounds 8 or 9, each of which is premised on there having been an interception.  I reject those grounds.

(a)       the nature of the right affected;

(b)       the importance of the purpose of the limitation;

(c)       the nature and extent of the limitation;

(d)       the relationship between the limitation and its purpose;

(e)any less restrictive means reasonably available to achieve the purpose the limitation seeks to achieve.

222․There is a further limit on the right to privacy specified within the terms of s 12 itself.  The content of the right acknowledged in that section is “not to have their privacy, family, home or correspondence interfered with unlawfully or arbitrarily” (my emphasis).  The accused submitted that, in giving effect to that limit, the Court “should not read down the scope of what comes within the concept of privacy”.  It was acknowledged that law enforcement agencies might permissibly limit privacy when investigating crime but submitted that the requirements of lawfulness and non-arbitrariness provide “a safeguard against abuse by requiring those agencies be authorised by law and operating within safeguards that prevent the use of their invasive powers from being used arbitrarily”.  The accused submits that, in the present case, the police limited Mr Roy’s right to privacy in a manner that was “not attended by sufficient safeguards”.

223․Accordingly, the issues raised by the argument are whether police limited Mr Roy’s right to privacy and, if so, whether they did so unlawfully (that is, in breach of s 40B of the Human Rights Act) or arbitrarily.

Whether police limited Mr Roy’s right to privacy

224․A threshold question in determining whether police limited Mr Roy’s right to privacy is to determine the scope of that right. 

225․Despite Mr Roy’s concerns about the secrecy surrounding the source code for the NordicMule software, the evidence clearly establishes that, however that software operates, the IP address associated with the accused was openly shared as a necessary incident of the fact that the device in question was making known child abuse material available for sharing on two dates in June 2020.  My analysis of that evidence is set out in detail above and need not be repeated here.

226․That aspect of the technology was not disputed by the accused, but he submits, even so, that privacy attached to communications to and from the IP address.   

227․It was submitted “[a]s was the case in Benedik v Slovenia [(European Court of Human Rights, Fourth Section, Application No 62357/14, 24 April 2014)], the accused’s interest in having his identity with respect to his online activity protected clearly falls within the scope of a person’s private life”.  This was said to be because:

the CPS obtained information, allegedly from him, that was private. The peer-to-peer network involves (as its name suggests) unilateral [scil: bilateral] interactions between two individuals on the internet. The internet is a global network of devices that allows users to communicate by sending data through pulses of light or electricity that are not visible to the public. The peer-to-peer network is an aspect of the “zone of interaction of a person with others, even in a public context, which may fall within the scope of ‘private life’”. 

228․The scope of the human right to privacy is not to be determined according to whether “pulses of light or electricity” are visible to the public.  Digital radio is not “visible to the public” but communications by that means plainly do not attract a right to privacy. 

229․Furthermore, while it is open to this Court under s 31 of the Human Rights Act to consider international law in interpreting the right to privacy, the decision in Benedik does not assist the accused.   

230․The facts were similar to the present case.  Swiss police investigating the exchange of files containing illegal content through a peer-to-peer file-sharing network recorded a dynamic IP address which was later linked to Mr Benedik.  Based on the data obtained by the Swiss police, Slovenian police, without obtaining a court order, requested a Slovenian internet service provider to disclose data concerning the user to whom the IP address was assigned at the relevant time.  That information was not publicly available.  The internet service provider gave the police the name and address of the applicant’s father, who was the subscriber to the internet service relating to the IP address.

231․The request was based on domestic legislation (the Slovenian Criminal Procedure Act) that authorised police to make such a request without a court order.  However, the European Court of Human Rights held at [127] that the legislation was “not coherent as regards the level of protection afforded to the applicant’s privacy interest”.  The judgment continues at [128]:

Having said that, the Court would be usurping the function of national courts were it to attempt to make an authoritative statement as to which law should have prevailed in the present case. It must instead turn to the reasoning offered by the domestic courts. It notes in this connection that the Constitutional Court considered that the “identity of the communicating individual [was] one of the important aspects of communication privacy” and that its disclosure required a court order…   

232․That conclusion reveals a limitation on the usefulness of international law in the present context. Before requesting subscriber information from the internet service provider, Detective Brown sought and obtained an authorisation in the manner allowed under s 178 of the Telecommunications (Interception and Access) Act, a Commonwealth statute.  In Australia, that is the legislative regime that governs the provision of information to police by service providers.  Unlike the European Court of Human Rights, I have no authority to gainsay the coherence of that legislation in the balance it strikes between human rights and the disclosure of information that is reasonably necessary for the enforcement of the criminal law. 

233․The accused provided a lengthy outline of principles citing many international decisions as well as domestic decisions on the right to privacy.

234․One was a decision of the Supreme Court of Victoria in which it was held that a person’s name is an aspect of their right to privacy: DPP v Kaba [2014] VSC 52; (2014) 44 VR 526 at [132]-[134], [463] (Bell J). That was a case in which police pulled over a vehicle occupied by two black African men. Mr Kaba was the passenger. Without the legislative authority that applies in the case of a driver, police demanded to know his name. As with Benedik, the comparison with the present case is inapposite.  Police did not demand to know the dynamic IP address that was making child abuse material available for sharing.  That information was displayed publicly as a result of acts of the user of the device.  The name and address of the subscriber were then requested from the internet service provider with lawful authority.

235․The international jurisprudence invokes the concept of “a reasonable expectation of privacy”, even in the case of activities undertaken in public places.  The accused relied in this context on the decision of the Supreme Court of the United Kingdom in R (Catt) v Commissioner of Police of the Metropolis [2015] AC 1065; [2015] UKSC 9 in which, after referring to the adoption of the reasonable expectation test by the courts of the United Kingdom, the European Court of Human Rights and the courts of the United States, Canada and New Zealand, Lord Sumption said at [4]:

Given the expanded concept of private life in the jurisprudence of the Convention, the test cannot be limited to cases where a person can be said to have a reasonable expectation about the privacy of his home or personal communications. It must extend to every occasion on which a person has a reasonable expectation that there will be no interference with the broader right of personal autonomy recognised in the case law of the Strasbourg court. This is consistent with the recognition that there may be some matters about which there is a reasonable expectation of privacy, notwithstanding that they occur in public and are patent to all the world. In this context mere observation cannot, save perhaps in extreme circumstances, engage article 8, but the systematic retention of information may do.

236․The decision in Catt was concerned with the systematic collection and retention by police authorities of electronic data about individuals.  Mr Catt objected to “the retention on a police database of records of his participation in political demonstrations going back to 2005”.  Mr Catt accepted that it was “lawful for the police to make a record of the events in question as they occurred” but contended that police interfered with his rights under article 8 of the European Convention on Human Rights by retaining that information on a searchable database.

237․The difference is that, in Catt, police were collecting and retaining information about Mr Catt unconnected with any unlawful conduct.  In the present case, police were not collecting information about any particular individual (except when attempting to identify the child victims of the offences, whose privacy was among several human rights breached by the offences committed against them).  Police here were accessing information about the “place” on the internet where an offence had probably been committed.  Only after confirming the probable commission of an offence, and then armed with appropriate warrants and authorities, did they seek to identity a suspect.  It cannot even be said that police in the present case stored any “unique information” about the accused, an issue discussed in one of the authorities referred to in the accused’s outline of principles: S and Marper v United Kingdom (European Court of Human Rights, Grand Chamber, Application No 30562/04 and 30455/04, 4 December 2008) at [84]. 

238․Marper was a case about fingerprints which, as noted by the European Court of Human Rights, “objectively contain unique information about the individual concerned”.  In the present case, the information stored by the CPS and made available to police was a dynamic IP address.  As already explained, a dynamic IP address is one that is not assigned to a particular person; it refreshes with each use of the internet.  Accordingly, the IP address recorded in the present case was not “unique information about” the accused.  It was recorded by the Child Protection System only when and because it was associated with the unlawful sharing of child abuse material.  On the two occasions when that occurred, the address was assigned to the accused.    

239․The only authority referred to by the accused that directly engages with the right of a person seeking to engage in child sexual offences to privacy in their communications in pursuit of that undertaking is against the accused’s argument.  The case is Sutherland v HM Advocate for Scotland (Director of Public Prosecutions intervening) [2020] UKSC 32. That was a case invoking article 8 of the European Convention for the Protection of Human Rights and Fundamental Freedoms, which provides “[e]veryone has the right to respect for his private and family life, his home and his correspondence”. An adult member of a “paedophile hunter” group posed as a 13-year-old boy on Grindr, a dating app. The defendant contacted that person. They exchanged messages, first on Grindr and later on WhatsApp, a private messaging service protected by end-to-end encryption. In their communications the defendant discussed sexual matters, sent sexually explicit images of himself and eventually arranged a meeting. When he arrived for the meeting, he was met by members of the paedophile hunter group, who called the police. The communications were provided to police as evidence and the defendant was charged with offences of attempting to commit various child sexual offences. The evidence of his communications with the person who had posed as the 13-year-old boy was admitted at trial over his objection. The objection was that the admission of the evidence would violate the defendant’s rights under article 8 in relation to respect for his private life and correspondence. An appeal to the High Court of Judiciary was dismissed.

240․The defendant appealed to the Supreme Court of the United Kingdom.  The appeal was limited to “compatibility issues”, namely, whether the prosecuting authority and the court in admitting the evidence had acted in a way which was incompatible with a Convention right.

241․The Supreme Court noted that article 8 reflects two fundamental values: the inviolability of the home and personal communications from “official snooping, entry and interference without a very good reason” and “the inviolability of . . . the personal and psychological space within which each individual develops his or her own sense of self and relationships with other people”.  The decision in Benedik was cited as authority for the proposition that “the right to respect for private life and correspondence in article 8(1) may be engaged with reference to the first of these values even where the conduct engaged in by an individual is not in itself worthy of respect in accordance with the scheme of the ECHR”. 

242․The Supreme Court at [28] distinguished Benedik on the basis that the evidence of the communications between Mr Sutherland and the person posing as the boy “was gathered by a private individual acting on his own behalf, and not by means of surveillance by state authorities, nor by a private individual acting on behalf of or at the instigation of a public authority”. 

243․In other words, there was no “official snooping”.  Police did not “snoop” on Mr Benedik or solicit or receive any communication from him, they simply gathered evidence of an offence (exchanging child abuse material) that had already been committed when they obtained the evidence (the IP address).  The difficulty arose at the next stage of the investigation because they requested the subscriber details for the IP address without first obtaining authority.  As the Supreme Court explained at [18] of Sutherland, that decision was concerned only with the issue of compatibility, which turned not on the question of lawfulness but on “the prior question of the extent and effect of the rights conferred by article 8(1)”.

244․The Supreme Court held in Sutherland at [31] that the defendant’s rights under article 8(1) in relation to respect for private life and respect for his correspondence were not interfered with because, first, the nature of the communications from the defendant to the person he believed to be a child, “was not such as was capable of making them worthy of respect for the purposes of the application of the ECHR”; and secondly, the defendant had “no reasonable expectation of privacy in relation to the communications”.

245․There is no reasonable expectation of privacy in relation to the use of an IP address to commit the federal offence of making child abuse material available on a peer-to-peer file-sharing network.  If I am wrong about that, the rights of children clearly prevail over any right to privacy to engage in communications that are unlawful.  Adopting the reasons explained in Sutherland at [43], this Court would not construe the Human Rights Act so as to suffer the assertion of the accused’s rights under s 12 of the Act to be used for the destruction of the rights of a child and the right not to be tortured: cf ss 10 and 11 of the Human Rights Act.

246․For those reasons, I am not persuaded that the accused’s right to privacy was limited by the conduct of police.

Whether police acted in breach of s 40B of the Human Rights Act

247․Section 40B provides:

40B Public authorities must act consistently with human rights

It is unlawful for a public authority—

(a)    to act in a way that is incompatible with a human right; or

(b)    in making a decision, to fail to give proper consideration to a relevant human right.

248․The accused submitted that, as Detective Brown was unaware of the Human Rights Act, it follows that he could not comply with s 40B to avoid acting in a way incompatible with a human right or give proper consideration to such human rights in making a number of decisions.

249․The submission was supported by reference to a number of decisions.  It is enough to refer to the two most recent authorities cited by the accused, the decisions of the Victorian Court of Appeal in HJ (a pseudonym) v IBAC [2021] VSCA 200 and Thompson.

250․In HJ (a pseudonym) v IBAC, the Court said at [155]:

For a decision-maker to give ‘proper’ consideration to a relevant human right in compliance with s 38(1) of the Charter, he or she must: (1) understand in general terms which of the rights of the person affected by the decision may be relevant and whether, and if so how, those rights will be interfered with by the decision; (2) seriously turn his or her mind to the possible impact of the decision on a person’s human rights and the implications for the affected person; (3) identify the countervailing interests or obligations; and (4) balance competing private and public interests as part of the exercise of justification.

251․Those remarks were cited with approval in Thompson v Minogue at [83].

252․I do not understand those remarks to mean that every decision-maker bound by the Charter must know the terms of the Charter or consult its terms before making a decision.  My conclusion on that issue is reinforced by the fact that, two paragraphs earlier in Thompson v Minogue, the Court also cited with approval a passage from the decision of Emerton J in Castles that included the following statement:

Proper consideration need not involve formally identifying the ‘correct’ rights or explaining their content by reference to legal principles or jurisprudence. Rather, proper consideration will involve understanding in general terms which of the rights of the person affected by the decision may be relevant and whether, and if so how, those rights will be interfered with by the decision that is made.

253․In my respectful opinion, it is enough in accordance with those authorities for the decision-maker to consider the substance of the relevant rights.  If I have misunderstood the Victorian Court of Appeal’s decisions on that issue, I respectfully disagree.  I do not see why a decision-maker in the Territory must necessarily know the terms of the Human Rights Act in order to comply with s 40B. The critical question is whether, as a matter of substance rather than form, Detective Brown acted in a way that was incompatible with the accused’s right to privacy or failed to give proper consideration to that right.

254․The accused specified the following decisions of Detective Brown as decisions that involved a breach of s 40B:

(a)the decision to hop online on 6 July 2020 and arbitrarily see if he could find anything in the CRC database of interest to him.

(b)the decision to employ shareazaLE to further interrogate the results of his arbitrary resort to the database.

(c)the decision to make the numerous enquiries which he subsequently made concerning the IP address and the owner of the premises apparently associated with the IP address etc.

(d) the decision to apply for the s 3 search warrants.

(e)the decision to craft Senior Constable Corey's affidavit in a manner calculated to give the Magistrate a less than full and frank understanding of what had been done, and by whom, as well as the conclusions to be properly drawn from those matters, which directly contributed to the Magistrate failing to give proper consideration to the relevant human rights.

255․Each complaint treats the right to privacy as absolute.  As already explained, it is not.  As submitted by the Crown, the Human Rights Act recognises numerous rights, “none of which is absolute and which must sometimes be in conflict or competition with other rights”.  The degree of analysis required in order to give proper consideration to any individual human right is necessarily informed by the nature of the various rights in play. 

256․The complaint about the decision to “hop online” and “arbitrarily see if he could find anything in the CRC database of interest to him” is without substance.  The word “arbitrarily” is misplaced in this context.  Detective Brown had cause to search the database regularly because he knew it might provide IP addresses located in the Territory that may have been involved in sharing child abuse material.  His approach was no different from police patrolling the streets.  Nor was there anything arbitrary about his decision “to employ shareazaLE to further interrogate the results of his arbitrary resort to the database”.  It was necessary for Detective Brown to take that step in order to satisfy himself that the hash numbers specified were indeed child abuse material.

257․The accused’s submissions did not address “the decision to make the numerous enquiries which he subsequently made concerning the IP address and the owner of the premises apparently associated with the IP address etc”.  The content of that complaint is unclear.  At one point in the cross-examination of Detective Brown it was suggested that he made inadequate inquiries concerning the owner of the premises in that he should have deployed a junior police officer to keep the premises under surveillance to ensure Mr Roy would be home when the warrants were executed.

258․As to the decision to apply for the s 3 search warrants, Detective Brown was cross-examined about the proposition that the execution of the search warrants involved breaches of privacy in “someone coming and looking into your computer without your approval”, in “a number of people coming into your house and going through your things, your clothing, your personal possessions or possessions of others who might share the house” and in “someone or others coming into your house and taking a video of the entire interior of the house and still photos of various things”. Unsurprisingly, he accepted that those activities involved breaches of privacy. Every search warrant does, but that is not the end of the matter (unless you treat the right to privacy as being absolute). Detective Brown was not asked about the consideration he gave to other matters that might qualify the right to privacy, such as the right of a child not to be sexually abused and filmed in the process and to have the film shared internationally on the internet.

259․The decisions to be made by Detective Brown were not difficult.  As submitted by the Crown, the offences under investigation were:

intrinsically inimical to the rights of children which the [Human Rights Act] protects, which the Convention on the Rights of the Child requires be given primary consideration by the courts and the executive, and the abuse of which the Commonwealth Parliament has stringently criminalised.

260․Knowing that a device in the accused’s house had held child abuse material and made it available for sharing on particular dates, it was entirely proper for Detective Brown to approach the investigation on the premise that the human rights of children were paramount.  Consideration of the accused’s right to privacy was appropriately subverted to the protection of those rights.  I am not persuaded that, in deciding to pursue an application for search warrants, Detective Brown failed to give proper consideration to the accused’s right to privacy. 

261․I am not persuaded that Detective Brown breached the procedural obligation in s 40B.

Whether police acted arbitrarily

262․As noted in the accused’s written submissions, an interference with a person’s privacy may be arbitrary even if it is not unlawful: Thompson v Minogue at [50].

263․The accused’s reasons for contending that police acted arbitrarily were not well articulated.  In each case, the characterisation of an act as arbitrary was asserted without explanation.  The accused contended that unlawfulness arose in “applying for the warrants arbitrarily” thereby limiting the accused’s right to privacy; in the magistrate’s “issue of the warrants arbitrarily”; and in Detective Brown’s “decision to hop online” and “arbitrarily see if he could find anything in the CRC database of interest to him”.  He contends that “the breach of privacy by CPS collecting the data in a manner that was not attended by sufficient safeguards and by ACT Policing obtaining the data in a manner that was not attended by sufficient safeguards (and without ensuring that CPS’ collection of the data was attended by sufficient safeguards), was arbitrary”.

264․I reject those contentions.  None of the acts complained of is properly described as arbitrary.  Patrolling by police, whether physically “on the beat” or by checking a database that identifies the sharing of child abuse material, is not “arbitrary”.  Going online to search for the possible commission of offences is not arbitrary.

Whether the magistrate was caused to act incompatibly with the accused’s s 12 right

265․It follows from those conclusions that the magistrate was not caused to act incompatibly with the accused’s right to privacy.

Conclusion as to human rights grounds

266․For those reasons, I reject grounds 6 and 10.

Second stage of the s 138 test 

267․Where it is established that evidence was obtained improperly or in contravention of an Australian law or in consequence of an impropriety or of a contravention of an Australian law, the court must consider whether the desirability of admitting the evidence outweighs the undesirability of admitting evidence that has been obtained in the way in which the evidence was obtained. 

268․In case the foregoing conclusions concerning the first stage of the test are wrong, it is appropriate to consider that issue. There is a measure of artificiality in doing so, as there are so many variables in the accused’s contentions, and I have not been persuaded of any matter that would engage the requirement to move to the second stage. Furthermore, it is doubtful whether the allegation of contravention of s 7 of the Telecommunications (Interception and Access) Act should be taken into account on this counterfactual. That is because if, contrary to the conclusion I have reached, there was an interception within the meaning of that section, information “obtained by the interception” is inadmissible under s 77 of the Act. Although the Crown does not rely on the information obtained by the CPS search (the Network Activity Statement) to support any charge on the indictment, it is arguable that, if there was an interception, the seized items are caught by the description “obtained by the interception” and so excluded under s 77. The parties have not been heard on that issue.

269․In the circumstances, the prudent approach is to take the accused’s case at its highest and consider the second part of s 138 on the assumption that the use of the CPS involved an unlawful interception or a warrantless search and an arbitrary limit on the accused’s right to privacy, that those matters tainted the processes that followed and that the evidence is not excluded by force of s 77 of the Telecommunications (Interception and Access) Act, leaving the question of admissibility to be answered under s 138.

270․On those assumptions, I would not exclude the evidence for the following reasons. 

271․Section 138 contains a non-exhaustive list of mandatory considerations in determining whether the desirability of admitting the evidence outweighs the undesirability of admitting evidence obtained in that way. That section provides:

Without limiting the matters that the court may take into account under subsection (1), it must take into account—

(a)    the probative value of the evidence; and

(b)    the importance of the evidence in the proceeding; and

(c) the nature of the relevant offence, cause of action or defence and the nature of the subject matter of the proceeding; and

(d)    the gravity of the impropriety or contravention; and

(e)    whether the impropriety or contravention was deliberate or reckless; and

(f) whether the impropriety or contravention was contrary to or inconsistent with a right of a person recognised by the International Covenant on Civil and Political Rights; and

(g) whether any other proceeding (whether or not in a court) has been or is likely to be taken in relation to the impropriety or contravention; and

(h) the difficulty (if any) of obtaining the evidence without impropriety or contravention of an Australian law. 

272․The probative value of the evidence is high.  On the strength of the evidence of Mr Wiltse and Professor Seneviratne, the identification of the IP address as one that was making child abuse material available to share was the product of a robust process.  Its reliability is confirmed by the fact that considerably more child abuse material was found during the execution of the search warrant.  That is not relevant at the first stage of the test but it is relevant to the determination of the present issue.   

273․The evidence is of high importance because, without it, the Crown case must fail. 

274․The nature of the alleged offences is that they are serious, involving sexual violence and other forms of humiliation against children.  The subject matter involves sexual violence against children and other forms of cruel and degrading treatment of children.  A sample of the files showed the forced rape of children by adult offenders, incest between adults and children and child bestiality.

275․The gravity of the alleged impropriety is low, for several reasons.  If there was an unlawful interception, it was not deliberate.  It was not suggested to Detective Brown that he did not believe what he was told about the way in which the CPS works.  If there was a breach of privacy, it was not flagrant.  Inspector Scott said he did consider the issue of privacy.  If there was a breach of privacy, it was not grave.  What was learned was the accused’s IP address, which is not the most intimate or private aspect of a person’s private life.  I am not persuaded that any impropriety was deliberate or even reckless. 

276․The difficulty of obtaining the evidence of the seized items without using the CPS search result or executing the search warrant is high.  Detecting the sharing of child abuse material is difficult because persons who engage in that activity use secretive methods.

277․The exclusion of evidence contemplated by s 138 is not confined to evidence that is improperly or illegally obtained by police or other law enforcement agencies: Kadir v The Queen; Grech v The Queen [2020] HCA 1 at [12]. However, for the reasons I have explained, I have not been persuaded of any impropriety or unlawfulness on the part of any other person or agency.

278․Having regard to all of those considerations, had I been satisfied of the matters complained of by the accused, I would have been satisfied that the desirability of admitting the evidence outweighs the undesirability of admitting evidence obtained in that way.    

Conclusion

279․Section 192A of the Evidence Act authorises the Court to give a ruling or make a finding in relation to a question of admissibility before the evidence is presented in the proceeding.  As allowed under that section, and for the reasons in this judgment, I find that the items seized during the execution of the search warrants at the accused’s home on 14 January 2021 were not obtained improperly or in contravention of an Australian law; or in consequence of an impropriety or of a contravention of an Australian law.

280․Even if that is wrong, I find that the desirability of admitting the evidence outweighs the undesirability of admitting evidence obtained in the way alleged by the accused.

281․Accordingly, I give the following ruling:

(1)I decline to exclude, under s 138 of the Evidence Act, the evidence of the items seized during the execution of the search warrants at the home of the accused on 14 January 2021.