Legislative and security requirements of audit material for evidentiary purpose

This research used the Queensland Police Service, Australia, as a major case study. Information on principles, techniques and processes used, and the reason for the recording, storing and release of audit information for evidentiary purposes is reported. It is shown that Law Enforcement Agencies have a two-fold interest in, and legal obligation pertaining to, audit trails. The first interest relates to the situation where audit trails are actually used by criminals in the commission of crime and the second to where audit trails are generated by the information systems used by the police themselves in support of the recording and investigation of crime. Eleven court cases involving Queensland Police Service audit trails used in evidence in Queensland courts were selected for further analysis. It is shown that, of the cases studied, none of the evidence presented was rejected or seriously challenged from a technical perspective. These results were further analysed and related to normal requirements for trusted maintenance of audit trail information in sensitive environments with discussion on the ability and/or willingness of courts to fully challenge, assess or value audit evidence presented. Managerial and technical frameworks for firstly what is considered as an environment where a computer system may be considered to be operating “properly” and, secondly, what aspects of education, training, qualifications, expertise and the like may be considered as appropriate for persons responsible within that environment, are both proposed. Analysis was undertaken to determine if audit and control of information in a high security environment, such as law enforcement, could be judged as having improved, or not, in the transition from manual to electronic processes. Information collection, control of processing and audit in manual processes used by the Queensland Police Service, Australia, in the period 1940 to 1980 was assessed against current electronic systems essentially introduced to policing in the decades of the 1980s and 1990s. Results show that electronic systems do provide for faster communications with centrally controlled and updated information readily available for use by large numbers of users who are connected across significant geographical locations. However, it is clearly evident that the price paid for this is a lack of ability and/or reluctance to provide improved audit and control processes. To compare the information systems audit and control arrangements of the Queensland Police Service with other government departments or agencies, an Australia wide survey was conducted. Results of the survey were contrasted with the particular results of a survey, conducted by the Australian Commonwealth Privacy Commission four years previous, to this survey which showed that security in relation to the recording of activity against access to information held on Australian government computer systems has been poor and a cause for concern. However, within this four year period there is evidence to suggest that government organisations are increasingly more inclined to generate audit trails. An attack on the overall security of audit trails in computer operating systems was initiated to further investigate findings reported in relation to the government systems survey. The survey showed that information systems audit trails in Microsoft Corporation's “Windows” operating system environments are relied on quite heavily. An audit of the security for audit trails generated, stored and managed in the Microsoft “Windows 2000” operating system environment was undertaken and compared and contrasted with similar such audit trail schemes in the “UNIX” and “Linux” operating systems. Strength of passwords and exploitation of any security problems in access control were targeted using software tools that are freely available in the public domain. Results showed that such security for the “Windows 2000” system is seriously flawed and the integrity of audit trails stored within these environments cannot be relied upon. An attempt to produce a framework and set of guidelines for use by expert witnesses in the information technology (IT) profession is proposed. This is achieved by examining the current rules and guidelines related to the provision of expert evidence in a court environment, by analysing the rationale for the separation of distinct disciplines and corresponding bodies of knowledge used by the Medical Profession and Forensic Science and then by analysing the bodies of knowledge within the discipline of IT itself. It is demonstrated that the accepted processes and procedures relevant to expert witnessing in a court environment are transferable to the IT sector. However, unlike some discipline areas, this analysis has clearly identified two distinct aspects of the matter which appear particularly relevant to IT. These two areas are; expertise gained through the application of IT to information needs in a particular public or private enterprise; and expertise gained through accepted and verifiable education, training and experience in fundamental IT products and system.

The constitutional power to make war: domestic legal issues raised by Australia's action in Iraq

The legal power to declare war has traditionally been a part of a prerogative to be exercised solely on advice that passed from the King to the Governor-General no later than 1942. In 2003, the Governor- General was not involved in the decision by the Prime Minister and Cabinet to commit Australian troops to the invasion of Iraq. The authors explore the alternative legal means by which Australia can go to war - means the government in fact used in 2003 - and the constitutional basis of those means. While the prerogative power can be regulated and/or devolved by legislation, and just possibly by practice, there does not seem to be a sound legal basis to assert that the power has been devolved to any other person. It appears that in 2003 the Defence Minister used his legal powers under the Defence Act 1903 (Cth) (as amended in 1975) to give instructions to the service head(s). A powerful argument could be made that the relevant sections of the Defence Act were not intended to be used for the decision to go to war, and that such instructions are for peacetime or in bello decisions. If so, the power to make war remains within the prerogative to be exercised on advice. Interviews with the then Governor-General indicate that Prime Minister Howard had planned to take the matter to the Federal Executive Council 'for noting', but did not do so after the Governor-General sought the views of the then Attorney-General about relevant issues of international law. The exchange raises many issues, but those of interest concern the kinds of questions the Governor-General could and should ask about proposed international action and whether they in any way mirror the assurances that are uncontroversially required for domestic action. In 2003, the Governor-General's scrutiny was the only independent scrutiny available because the legality of the decision to go to war was not a matter that could be determined in the High Court, and the federal government had taken action in March 2002 that effectively prevented the matter coming before the International Court of Justice

The mandatory notification of data breaches : issues arising for Australian and EU legal developments

Public and private sector organisations are now able to capture and utilise data on a vast scale, thus heightening the importance of adequate measures for protecting unauthorised disclosure of personal information. In this respect, data breach notification has emerged as an issue of increasing importance throughout the world. It has been the subject of law reform in the United States and in other jurisdictions. This article reviews US, Australian and EU legal developments regarding the mandatory notification of data breaches. The authors highlight areas of concern based on the extant US experience that require further consideration in Australia and in the EU.

Finding a way through the ethical and legal maze : withdrawing medical treatment and euthanasia

This article examines Finnis' and Keown's claim that the intention/foresight distinction should be used as the basis for the lawfulness of withholding and withdrawing medical treatment, rather than the act/omission distinction which is currently used. I argue that whilst the intention/foresight distinction is sound and can apply to palliative pain relief hastening death, it cannot be applied to withholding and withdrawing medical treatment. Instead, the act/omission distinction remains the better basis for the lawfulness of withholding and withdrawal, and law reform is consequently unnecessary.

Governmentality and the reflection of legal educators : assessment practices as a case study

This paper presents a conceptual framework, informed by Foucault’s work on governmentality, which allows for new kinds of reflection on the practice of legal education. Put simply, this framework suggests that legal education can be understood as a form of government that relies on a specific rationalisation and programming of the activities of legal educators, students, and administrators, and is implemented by harnessing specific techniques and bodies of ‘know-how’. Applying this framework to assessment at three Australian law schools, this paper highlights how assessment practices are rationalised, programmed, and implemented, and points out how this government shapes students’ legal personae. In particular, this analysis focuses on the governmental effects of pedagogical discourses that are dominant within the design and scholarship of legal education. It demonstrates that the development of pedagogically-sound regimes of assessment has contributed to a reformulation of the terrain of government, by providing the conditions under which forms of legal personae may be more effectively shaped, and extending the power relations that achieve this. This analysis provides legal educators with an original way of reflecting on the power effects of teaching the law, and new opportunities for thinking about what is possible in legal education.

Governing depression in law students and the shaping of legal personae

Since a recent Australian study found that university law students experience higher rates of depression than medical students and legal professionals (Kelk et al. 2009), the mental health of law students has increasingly become a target of government. To date, however, there has been no attempt to analyse these practices as an activity of government in advanced liberal societies. This paper addresses this imbalance by providing an initial analytics of the government of depression in law schools. It demonstrates how students are responsibilised to manage the risks and uncertainties of legal education by constructing resilient forms of personal and professional personae. It highlights that, in order to avoid depression, students are encouraged to shape not just their minds and bodies according to psychological and biomedical discourses, but are also to govern their ethical dispositions and become virtuous persons. This paper also argues that these forms of government are tied to advanced liberal forms of rule, as they position the law student as the locus of responsibility for depression, imply that depression is caused by an individual failing, and entrench students within responsibilising and entrepreneurial forms of subjectivity.

Carbon capture and storage laws in Australia : project facilitation or a precautionary approach?

Carbon capture and storage (CCS) is considered to be an integral transitionary measure in the mitigation of the global greenhouse gas emissions from our continued use of fossil fuels. Regulatory frameworks have been developed around the world and pilot projects have been commenced. However, CCS processes are largely untested at commercial scales and there are many unknowns associated with the long terms risks from these storage projects. Governments, including Australia, are struggling to develop appropriate, yet commercially viable, regulatory approaches to manage the uncertain long term risks of CCS activities. There have been numerous CCS regimes passed at the Federal, State and Territory levels in Australia. All adopt a different approach to the delicate balance facilitating projects and managing risk. This paper will examine the relatively new onshore and offshore regimes for CCS in Australia and the legal issues arising in relation to the implementation of CCS projects. Comparisons will be made with the EU CCS Directive where appropriate.

The Australian response to climate change : business as usual or legal innovation?

Through international agreement to the United Nations Framework Convention on Climate Change and the Kyoto Protocol the global community has acknowledged that climate change is a global problem and sought to achieve reductions in global emissions, within a sufficient timeframe, to avoid dangerous anthropogenic interference with the climate system. The sheer magnitude of emissions reductions required within such an urgent timeframe presents a challenge to conventional regulatory approaches both internationally and within Australia. The phenomenon of climate change is temporally and geographically challenging and it is scientifically complex and uncertain. The purpose of this paper is to analyse the current Australian legal response to climate change and to examine the legal measures which have been proposed to promote carbon trading, energy efficiency, renewable energy, and carbon sequestration initiatives across Australia. As this paper illustrates, the current Australian approach is clearly ineffective and the law as it stands overwhelmingly inadequate to address Australia’s emissions and meet the enormity of the challenges posed by climate change. Consequently, the government should look towards a more effective legal framework to achieve rapid and urgent transformations in the selection of energy sources, energy use and sequestration initiatives across the Australian community.

Cyberbullying in social networking sites and blogs : legal issues for young people and schools

This article examines the social networking phenomenon that has been so readily embraced by school-age adolescents, in the context of its potential to contribute further to the mechanisms for and incidence of cyberbullying amongst school students. Cyberbullying in these online for a, as a misuse of technology to harass, intimidate, tease, threaten, abuse or otherwise terrorise peers, teachers and/or the school in general, is discussed from both the psychological perspective and in terms of its legal ramifications (both criminal and civil) in Australia. Some recommendations for proactive and preventative measures, education and policy adoptions are provided, together with general advice to parents, schools and adolescents on awareness of the risks involved and how young people might better protect themselves in light of that knowledge.

Retracing the Roots and Ideals of Confucian Principles of Governance: the Art of Regulating Governance without Legal Rules in Chinese Societies

Confucius was and still is one of the most eminent Chinese philosophers. Such is the importance of Confucius’s teachings; it had influenced all aspects of social life in Chinese societies. In the post-Enron, post-Worldcom, and post-Global Financial Crisis era there are raising doubts in the mantra of the so-called conventional wisdom about law and economic order. Whilst many recent publications offered solutions to those problems like advocating for more laws, rules or reforms in regulatory institutions to enhance the regulation of corporate governance. What Confucius advocated was a non-legal, social mode of regulation based on moral ideals that should be embedded into the minds of every person. Whilst this is an ancient concept from primitive societies, its relevance and merits could be seen in modern Chinese societies like Hong Kong. In essence, Confucian principles of governance build on relational and paternalistic order based on moral ideals.

A Mouthful of Pins : questioning constructionist therapy frameworks in theatre-making

A Mouthful of Pins constitutes the practical component (50 per cent) of a practice-led Master of Arts through the Creative Industries Faculty of Queensland University of Technology. This research reports on the attempt to create a constructionist/collaborative theatre-making process by incorporating postmodern constructs borrowed from the therapy room. The study asserts that, when applied with awareness, therapeutic frameworks can help members of the creative team . including the director, performers, writer, designers and technicians . to fulfil their artistic capacity, thereby enriching their process, their performance and their collaborative relationship with each other. For this to occur, it is imperative that the director/facilitator stay curious and aware of how they lead their creative team, with particular care around their use of language, as well as an increased awareness of the multiple stories (including the sometimes invisible social, historical, political, theatrical and leadership discourses) that surround and impact the artist.s process. This research is designed to assist students of theatre, as well as established professional practitioners, to find an alternative approach for collaboration that can result in longevity of practice, while at the same time embracing best practice for their outgoing creativity.

Design of a model-generated repository as a service for USDL

SAP and its research partners have been developing a lan- guage for describing details of Services from various view- points called the Unified Service Description Language (USDL). At the time of writing, version 3.0 describes technical implementation aspects of services, as well as stakeholders, pricing, lifecycle, and availability. Work is also underway to address other business and legal aspects of services. This language is designed to be used in service portfolio management, with a repository of service descriptions being available to various stakeholders in an organisation to allow for service prioritisation, development, deployment and lifecycle management. The structure of the USDL metadata is specified using an object-oriented metamodel that conforms to UML, MOF and EMF Ecore. As such it is amenable to code gener-ation for implementations of repositories that store service description instances. Although Web services toolkits can be used to make these programming language objects available as a set of Web services, the practicalities of writing dis- tributed clients against over one hundred class definitions, containing several hundred attributes, will make for very large WSDL interfaces and highly inefficient “chatty” implementations. This paper gives the high-level design for a completely model-generated repository for any version of USDL (or any other data-only metamodel), which uses the Eclipse Modelling Framework’s Java code generation, along with several open source plugins to create a robust, transactional repository running in a Java application with a relational datastore. However, the repository exposes a generated WSDL interface at a coarse granularity, suitable for distributed client code and user-interface creation. It uses heuristics to drive code generation to bridge between the Web service and EMF granularities.