|(There is an) absolute respect for the need for the Australian people to be aware of what is occurring through regular periodic briefings to the media. But there is also a balance that is struck operationally, which might send a message to the people smugglers of how we intend to conduct our business.1
LTGEN Angus Campbell, AO, DSC.
In 2013, Operation Sovereign Borders (‘OSB’) was implemented in order to regulate Australia’s maritime points of entry. Officially defined as a ‘military-led border security operation supported and assisted by a wide range of federal government agencies’ 2 the operation, building upon the preceding Operation Relex and Relex II, has been characterised by strict operations security requirements and regulations, especially with respect to information available to the public. 3
Yet, despite the clear intent of the Commonwealth Government to control the flow of information to people smugglers, various forms of media continue to provide a steady stream of sensitive information, including public Defence publications. This paper explores the importance and need for operations security, before highlighting some areas in which it may be improved.
Operations Security – What is it?
Operations security (OPSEC) is not new, nor are the effects of its lapses. Sun Tzu – the oft quoted military philosopher – wrote:
If I am able to determine the enemy’s disposition while at the same time conceal my own, then I can concentrate and he must divide.4
In a general sense, OPSEC is the process of protecting small, individual data so it cannot be aggregated into a larger picture, for use by the enemy. As identified by Sun Tzu, the ability to determine an enemy forces’ disposition leads to more reliable intelligence, which in turn allows for concentrated and efficient military planning, allocation of resources and direction in attacks for an overall mission success. Equally, failure to abide by OPSEC provisions can lead to wasted resources, ineffective combat and at worst mission failure.
OPSEC is a five-step iterative process that allows for organisations, including the Defence Forces of States, to identify what specific pieces of information require protection. These steps are:
- Identification of Critical Information
- Analysis of Threat
- Analysis of Vulnerabilities
- Assessment of Risk
- Application of Appropriate OPSEC Measures.5
The process evolved after recommendations by personnel from the National Security Agency and the Department of Defence in Operation Purple Dragon, Vietnam.6 It remains an important consideration in any military operation, and requires constant monitoring to ensure it remains relevant against the appropriate threat.7
Critical Information & Threat
At the inaugural media meeting for Operation Sovereign Borders, then Immigration Minister Scott Morrison commented that:
operational and tactical issues that relate to current or prospective operations, whether it's the maritime environment, whether it's in the land environment, offshore or anywhere else, will not be the subject of public commentary from these podiums.8
The Immigration Minister’s comments are important in establishing the wide spectrum of what the Commonwealth Government considers to be ‘critical information’. This includes both ‘wet’ and ‘dry’ information, with respect to on-water TTPs, vessels and equipment capabilities, the identification details of intercepted individuals, as well as the nationalities of those involved in the voyage.9 It also covers the more fundamental elements of information management – the identity of deployed individuals, patrol routes and operational skill sets, the number of deployed personnel and general sensitive information.10
The purpose of these measures is so, in the words of the then Prime Minister Tony Abbott, to stop the Australian Defence Force as acting as a ‘shipping news service for the people smugglers.’11 This threat – people smugglers – is clear from the initial Operation Relex through to the current Operation Sovereign Borders.
Analysis of Vulnerabilities
Since World War II and Vietnam, let alone Sun Tzu, the changing nature of information, communication and information systems has added a new dimension to OPSEC. With approximately one-half of the world’s population able to use the Internet,12 information online offers, inter alii, people smugglers the ability to use e-mail, chat rooms, blogs and other forums to disseminate available intelligence on Australian tactics, techniques and procedures (TTPs), patrol routes and personnel numbers. Examples of the use of modern communication system, by non-State actors, are abound: the filming of Operation Nimrod in the UK as the SAS poised for attack that gave information to the hostage takers; the potential use of geotags on social media photos in high value targeting;13 or the recent data provided by fitness trackers which have led to highlight locations of military bases and exercise routes.14 Accordingly, in any modern theatre OPSEC must be assessed against its cyber vulnerability.
One large vulnerability, after an initial triage of Government statements, newspaper reports, Ministerial statements, open Parliament debates and reports by non-government organizations,15 is online information from Defence publishing itself.
Navy News online provides valuable information through its daily updates. One 2014 article outlined the number of Navy personnel deployed off Darwin over the 2014 period, patrol routes of HMAS Broome around the Tiwi Islands, as well as various vessels and their patrol range and capabilities.16 Some information given was the ‘long range surveillance missions as far out as the Cocos Keeling Islands… 2000 nautical miles from Darwin.’17 Later online articles from Navy Daily outlined the ‘first Replenishment at Sea (RAS) for the Royal Australian Navy in 2014… while an RAAF AP-3C Orion made a low level fly past.’ 18
Another publicly available online article confirmed that HMAS Sirius over a five month period had deployed on five refueling missions in support of OSB from Fleet Base West. The article noted that the tanker would soon be unavailable, tied-up alongside on a maintenance period from March 2014.19 During this period it would be assisting:
‘up to seven of the Royal Australian Navy’s Armidale Class Patrol Boats operating from Darwin and Cairns (which) are deployed at sea at any one time.’20
Although this information once again may act as a deterrent, it does not appear to be in accordance with the intent of Government outlined at the outset of this paper. Army publications have reported on the composition of boarding parties, as well as the skill-sets required by the operation. 21 One such article is in such detail that it denotes the division of Transit Security Element 70 into three sections, each comprising eight to 11 personnel, allowing for several rotations throughout the five-month deployment aboard Armidale-class patrol boats and Customs and Border Protection vessels. This paper has since been removed from Defence publications but the information is available through newspaper reports.22 Names and photographs still remain available online. 23
The reality is that information will inevitably become available through human error, be it negligent or deliberate. In instances where it is by a Defence member, the Defence Force Discipline Act 1982 (Cth) can be utilised. 24 More generally, another solution is to prosecute any media releases under the relatively new Australian Border Force Act 2015 (Cth). Any ‘protected information’- defined as any information gained in the capacity of employment whilst on border protection is punishable by up to two years imprisonment. 25 The Act aims to criminalise any unauthorised disclosure by not only deployed troops, but equally attached media elements and civilians working with the military.
The issue, however, lies in the publicly available nature of the supposedly classified information in Defence media publications. As highlighted above, OPSEC requires constant monitoring to ensure it addresses the identified vulnerabilities and mitigates the assessed risks. It may be that this needs to occur not only in the chain of command, but by Defence publications as well.
1 LTGEN Angus Campbell, ‘Operation Sovereign Borders: Inaugural Press Conference’ Parliamentary
Speeches (online) 23 Sept 2013
2 Accessed from http://www.osb.homeaffairs.gov.au/
3 See Samuel White, ‘Hiding the Boats’ (2018) 92 AIAL Forum 12 - 24.
4 Sun Tzu, The Art of War (Collins Classics, 2011) 6.11.
5 US Army Regulation 530-1 Operations and Signal Security, HQ Department of the Army, Washington DC, 2014.
6 Accessed from https://www.opsecprofessionals.org/origin.html
7 US Army Regulation 530-1, above n 5.
8 Scott Morrison, ‘Transcript: Press Conference - Operation Sovereign Borders Update’ Department of
Immigration and Border Protection Newsroom (online) 24 September 2013
9 Tim Leslie and Mark Corcoran ‘Operation Sovereign Borders: The First Six Months’ ABC News (online) 26
March 2014 http://www.abc.net.au/news/2014-03-26/operation-sovereign-borders-the-first-6-
10 Ibid 1.
11 Emma Griffiths, ‘Immigration Minister Scott Morrison touts ‘rapid increase’ in asylum seeker transfers’ ABC
News (online) 23 September 2013 http://www.abc.net.au/news/2013-09-23/immigration-minister-
12 See International Telecommunications Union, ‘Global Internet usage’ (2015), accessed from
https://www.itu.int/en/ITU-D/Statistics/Documents/facts/ICTFactsFigures2015.pdf and as extrapolated.
13 Peter W Singer and Allan Friedman, Cyber Security and Cyberwar (Oxford University Press, 2014).
15 White, above n 3.
21 Leslie and Corcoran, above 9.
24 Either through preferring charges for failure to abide by a lawful general order (such as being ordered to refrain from
publishing photographs online) pursuant to s 29; or under the more nebulous concept of prejudicial conduct pursuant to s
25 Australian Border Force Act 2015 (Cth) s 41
* LL.M (Hons I) (MLS) | BA/LL.B (Hons) (UQ)
Peter W Singer and Allan Friedman, ‘Cyber Security and Cyberwar’
Mary Crock and Daniel Ghezelbash, ‘Do Loose Lips Bring Ships? The Role of Policy, Politics and Human Rights in Managing Unauthorised Boat Arrivals’ (2010) 19 Griffith Law Review 238
Samuel White, 'Hiding the Boats' (2018) 92 AIAL Forum 12.
Scott Morrison, ‘Transcript: Press Conference - Operation Sovereign Borders Update’ Department of Immigration and Border Protection Newsroom (online) 24 September 2013 http://newsroom.border.gov.au/channels/transcripts-operation-sovereign-b...
Tim Leslie and Mark Corcoran ‘Operation Sovereign Borders: The First Six Months’ ABC News (online) 26 March 2014 http://www.abc.net.au/news/2014-03-26/operation-sovereign-borders-the-fi...
Emma Griffiths, ‘Immigration Minister Scott Morrison touts ‘rapid increase’ in asylum seeker transfers’ ABC News (online) 23 September 2013 http://www.abc.net.au/news/2013-09-23/immigration-minister-morrison-deta...
LTGEN Angus Campbell, ‘Operation Sovereign Borders: Inaugural Press Conference’ Parliamentary Speeches (online) 23 Sept 2013 http://parlinfo.aph.gov.au/parlInfo/download/media/pressrel/3099126/uplo...
Australian Border Force Act 2015 (Cth)
Public Interest Disclosure Act 2010 (Cth)