Stay secure: Security Protection Diplomatic Liaison

The AFP’s role is to enforce Commonwealth criminal law, contribute to combating complex, transnational, serious and organised crime impacting Australia’s national security and to protect Commonwealth interests from criminal activity in Australia and overseas. The AFP also has responsibility for providing policing services to the Australian Capital Territory and Australia’s territories, including Christmas Island, Cocos (Keeling) Islands, Norfolk Island and Jervis Bay.

The AFP works closely with a range of other law enforcement and government agencies at state, territory, Commonwealth and international levels, enhancing safety and providing a secure regional and global environment.

The AFP has responsibility for the provision of protective services in accordance with section 8 of the Australian Federal Police Act (1979) and the current Ministerial Direction. The AFP provides full time protection to the Prime Minister, Governor-General and selected Ministers. Protective security services are provided to other Ministers or members of parliament based on identified risk. Additionally, the AFP provides full time protection to select non-Australian high office holders, noting their role, function and status as Internationally Protected Persons.

SPDL are teams of experienced Australian Federal Police (AFP) officers located around Australia, including a team at APH. SPDL provide a discreet police point of contact 24 hours, 7 days a week, for parliamentarians and the diplomatic community. SPDL facilitate an initial process of inquiry to inform the most appropriate operational response or course of action to resolve allegations of criminal conduct. If potential offences have been identified and there is likely sufficient evidence to warrant further investigation, the matter is referred to a relevant investigative area.

The SPDLs can provide advice and assistance on matters involving:

• Security risks, threats or incidents involving the diplomatic community and Australian high office holders and their staff.
• This also includes reporting of:
  • harassing, offensive or menacing correspondence
  • suspicious mail or emails
  • threatening mail or emails
  • threatening or harassing phone calls
  • disturbed and/or fixated individuals.
• Protest activity
• General security advice, including cyber
• General policing information.

SPDL can be contacted on the relevant state or territory contact number at the bottom of this page.

DHA provides residential security supports to Australian high office holders^_* and parliamentarians deemed ‘at risk’ by the AFP.

^*Australian high office holders are defined as the Governor-General, the Prime Minister, Government Ministers, the Presiding Officers, and the Leader and Deputy Leader of the Opposition.

DoF provides all parliamentarians with Electorate Offices (EOs) and Ministerial Offices (where applicable). DoF is also responsible for Commonwealth Parliament Offices (CPOs) located in the capital city of each state and territory. DoF is primarily responsible for the provision and implementation of physical security measures, including recommendations by the DHA, in EOs and CPOs

The DPS works jointly with the AFP to ensure APH remains a safe and accessible building for parliamentarians, staff and visitors. DPS support the information communication technology (ICT) requirements of parliamentarians by providing ICT, mobile devices and specific cyber security briefings for those parliamentarians travelling with DPS issued devices.

The Australian Security Intelligence Organisation protects Australia and Australians from threats to security. ASIO operates lawfully, in proportion to the threats we are investigating, and in line with the standards and expectations of the Australian community.

For the purposes of ASIO’s work, the Australian Security Intelligence Organisation Act (1979) defines security as:

• Acts of foreign interference
• Attacks on Australia’s defence system
• Espionage
• Politically motivated violence including terrorism
• Promotion of communal violence
• Sabotage
• Serious threats to Australia’s order integrity

Members of the public who have an issue or concern relevant to ASIO’s responsibilities can call 1800 020 648.  Life threatening and emergency situations should always be reported to the police immediately by calling 000.

• Responds to incidents occurring in their jurisdiction
• Provides operational support at official events on a case-by-case basis

Investigates security incidents within their jurisdiction and provides reporting to security agencies for assessment.

Harassing, offensive or nuisance mail includes any correspondence containing threats and originating from individuals obsessed with religious, political or any other issue  that may be of interest to police.

Correspondence may include:

• Direct or implicit threats
• Offensive material
• Comments of concern including self-harm and end of life statements. This needs to be reported to the AFP NOSSC as soon as possible to ensure the welfare of the person involved can be checked. Contact NOSSC on(02) 5127 0001

What to do

If you continue to receive this type of correspondence from an identifiable sender:

• Consider notifying the sender to cease corresponding with your office. This will make it clear to the sender their correspondence is uninvited
• In the case of email correspondence, you can also establish a rule in your email to redirect any correspondence from the sender to a spam folder.
• Save the correspondence to a separate folder and refer to SPDL with the original email or scanned original paper correspondence as an attached file.

What to do if you identify a suspicious package:

• Try to remove staff from the vicinity of the package
• Notify local police and SPDL as soon as possible.

Further advice on suspicious mail/packages can be provided by SPDL.

What to do:

Do not handle the threatening mail if possible, this will allow for improved scientific/fingerprint examination. Mail items are retained by police and may be required for evidentiary purposes.

Stay safe and avoid danger, your safety is your priority.

• Avoid the area around the escalating protests.
• Avoid confrontation with protesters; do not engage.
• If you're safe where you are, stay put. Many protests are short. You may be able to wait until the protestors leave.
• If it's not safe where you are, get to safety. If possible, go back to your office, accommodation, a police station or other safe place away from the unrest.
• If it's a march, find out the route and where it's going. Avoid it.
• Follow instructions from local authorities.
• Do what you're told by the local first responders, including police and paramedics.
• Get help if you're hurt.
• Check in with your supervisor and colleagues. Tell colleagues, family and friends you're okay.

Stay updated

• Make sure it is safe to leave your location.
• Watch the news and check social media for developments. 
• Find out what your options are. For example, if roads are closed, the trains may still run.
• Try to organise your transport in advance. You may get stuck in a transport hub trying to get out with everyone else.

Immediate danger, or threat to life

• If you need urgent help, call 000

• We recognise that parliamentarians have policy interests that may lead to interest in engaging protestors.  Contact SPDL for security advice as needed.
• Do not engage protesters if there are any behaviours observed that indicate concerning or unlawful activity.
• The Authorised Assembly Area is the only area within the Parliamentary Precincts where protests are to be held. If protest activity is identified elsewhere within the Parliamentary Precincts, please report to (02) 6277 5999.
• When leaving the building remove forms of identification, such as your access pass.
• Ensure your office staff are aware of the emergency tones and participate in lockdown or emergency exercises as notified by DPS.
• If protesters threaten harm, impede access to exit and entry points or ty to gain access immediately call (02) 6277 7117 to report.

• If you are aware a protest is scheduled, consider changing opening hours or working arrangements at that time.
• If the protesters are peaceful and only temporarily blocking as they pass by, stay secure in your office and do not engage.
• If the protesters impede functioning of the electorate office, call the local police and request advice.  
• Do not attempt to open a locked office and retrieve signage or other items – these can be replaced if they are removed or destroyed.
• If the protesters are violent (damaging property or threatening harm), call 000 and activate the duress alarm. 

• Do not engage with protestors, especially constituents or staff entering or leaving the facility.
• Educate all staff as to what you expect of them during the protest, remain calm and keep safe at a distance.
• If protesters are blocking entry or exits to your location, notify local police, and do not engage directly with protesters.
• If protesters are acting in a threatening way to yourself or members of public, call 000 and activate the duress alarm.
• Closely monitor who gains access to your building.
• Ensure you are regularly testing duress and lock-down functions in offices, and new staff are trained how to use these functions.
• Follow the advice of local emergency services.
• Ensure all staff members are safe and accounted for and follow your emergency procedures and incident reporting, post the event.

Event Organiser- official events

All official events, no matter the nature or size, will have risks. It is your responsibility as the event organiser to identify and manage these risks for both staff and the public. Event organisers can effectively manage risks by anticipating, understanding and making decisions on how to manage and control risks.

All risks, including possible protester activity, should be carefully analysed and then rated according to likelihood and impact on your official events. Control measures should then be developed to reduce the likelihood of risks occurring. Comparing the benefits and costs will help you decide your mitigation strategies. Focus on risks that have significant impacts or consequences.

Your risk management plan should form part of your emergency management approach. Once you have developed your plan, continue to monitor, assess and manage risks throughout the planning of the event, and during the event itself.

Reputational risk or the public perception of event risk is an important consideration, in addition to operational or public safety risks. Engage your communications team and organisational executives to consider communications risk or reporting requirements.

Event organisers may wish to consider whether publicising or making an event publicly known in advance is necessary, as this may enable protest groups to plan action ahead of time.

Staff members - official events

When attending an official event, as part of your workplace role, and you have any concerns relating to your safety, raise your concerns with your parliamentarian so it can be assessed as part of the risk management strategy of the event.

Staff members are encouraged to discuss a plan with their parliamentarian in advance of each event, so respective roles and responsibilities are clear in the event a protest occurs. 

For further advice Ministerial and Parliamentary Service (MaPS)

HR Advice and Support

Phone: 02 6215 3333 Email: hr@pwss.gov.au

Workplace health and safety

Phone: 1800 747 977 Email: whs@pwss.gov.au

Planning Electoral events

Contact SPDL for security advice prior to the event as part of the risk management. Depending on the risks identified, SPDL may liaise with AFP’s Protection Assessment Teams and state and territory police as part of the risk management plan.

Information to supply SPDL

• Location, and venue
• Date and times
• Expected size of event
• People attending, VIPS, guest lists, is the event open or ticketed  
• What the event is about, purpose of event
• How is the event being advertised
• Current Electoral office concerns - persons of interest or groups
• Point of contact for the event/electoral office

Assessing risk can be done in conjunction with SPDL.

Maintain Situational Awareness

Passions can run high at protests, and it is important to remain situationally aware of signs of escalations that may interfere with a peaceful protest. 

Ministerial staff

• As parliamentarians, you have a unique role in Australia, serving the government, the parliament and the Australian people.  Ensure the rally or protest you are attending is lawful.
• Speak with SPDL about your intentions to attend the event as a speaker, who can discuss risk mitigation options for your safety. 

Before undertaking government travel, parliamentarians should familiarise themselves with the risk management section of the government travel policy. We recommend researching the destination you are travelling to and be aware of any safety and security risks that might exist during your trip. Risks exist for both domestic and overseas travel.

The use of DPS managed electronic devices while travelling overseas, presents a real and ongoing cyber risk to the parliamentary computing network. Compromised electronic devices could potentially impact the operation and security of parliamentary business.

If you are travelling overseas, before you leave you must complete the Overseas Travel Notification Form provided by DPS 

Please note that controls are in place to protect parliament computing network systems. If you travel overseas without notifying DPS, this may affect the functionality of your device while you travel.

If you are a Security Clearance holder you must advise AGSVA of your Change of Circumstance through the myClearance Portal 

Domestic travel: parliamentarians are encouraged to be aware of any national public security threats, severe weather warnings, planned public demonstrations, areas of potential crime hotspots and other events and circumstances that might affect their trip, and be prepared to change their travel plans accordingly.

International travel: can carry a heightened security risk, and as a result, threats to personal safety and security can vary and evolve rapidly. Advice should be sought from the Department of Foreign Affairs and Trade (DFAT).

Before you go

• Familiarise yourself with the risk management section of the government travel policy.
• Familiarise yourself with the Government’s Protective Data Security Standards.
• Understand the basics of the political and security situation.
• Familiarise yourself with the destination, including:
  • any dangerous areas of a city
  • types of crimes
  • risky modes of transport
  • specific precautions for travellers
  • any behaviour that may offend or break the law.
• Research the health situation and services available for your destination.

While you're away

• Exercise extreme caution.
• Follow the advice of your personal protection service.
• Don’t disclose the location of your accommodation, hotel or room numbers to unknown persons.
• Regularly vary your routine and the routes you take to get a coffee or lunch.
• Be observant and aware of people who appear suspicious and/or try to distract you. If possible, keep a safe distance and call for assistance if necessary.
• Do not discuss your work in a public place.
• Be aware of religious holidays or days of national significance.
• Plan your daily movements and vary your routines and travel routes.
• Avoid known flashpoints, including protest areas.
• Don't wander into unknown areas.
• Avoid or minimise your time at places that terrorists may target.
• Leave an area at the first sign of unrest or if you feel uneasy.
• Be aware of building exits and always know the safe places you can access if you feel threatened.
• Take notice of the people around you and their behaviour. Be aware that you may misinterpret some behaviour in an unfamiliar cultural setting.
• When discussing your plans, avoid sharing details that others may overhear.
• Be cautious about the information you share on social media.
• Refuse unexpected packages or offers.

When undertaking official travel you could be a target for espionage activity.

Foreign powers may target parliamentarians to meet specific intelligence priorities or may target travellers opportunistically. It’s important to report any suspicious, ongoing, unusual or persistent approaches as it will ensure the AFP has a clear picture of potential espionage activity that may harm Australian interests.

Please remember the information you provide (no matter how small) may be the missing piece of the puzzle.

Foreign Intelligence Services will use a range of methods to gain access to information, before, during and after travel including by:

• Exploiting travel data and official documents, including visa, passport or manifest information.
• Exploiting open-source information including social media.
• Eliciting information.
• Co-opting local services that travellers rely on.
• Eavesdropping or covertly observing or recording conversations.
• Conducting physical, audio or video surveillance.
• Exploiting personal vulnerabilities or compromising situations, including blackmail.
• Searching belongings or baggage when unattended, including in transit or at hotels.
• Conducting covert influence operations.
• Stealing unattended papers or devices.
• Conducting technical operations or intercepting personal electronic devices, including at charging points.
• Compromising internet connections, including hotel wi-fi.
• Attempting further contacts on return, including sending unsolicited emails with malicious content.
• Giving gifts—either embedded with malicious content, or legitimate gifts or inducements intended to encourage reciprocity or ongoing contact.

• Avoid travelling with classified or sensitive materials where possible and, where unavoidable, store materials only in appropriate storage facilities with appropriate access controls. 
• Understand that no hotel room is secure—including hotel safes—even if a technical inspection is carried out.
• Maintain positive control of your electronic devices and assets – do not leave them unattended in spaces where others could access them. 
• Only have sensitive or classified conversations in secure rooms, or via secure communications channels.
• Understand that conversations in aircraft, vehicles of all types, hotel rooms, lifts, conference rooms, restaurants and outdoor areas—including hotel balconies—may be recorded or overheard.
• Do not pack sensitive or classified documents and electronic devices in checked luggage. 
• Understand that internet connections of any kind—including mobile data services, as well as wi-fi at hotels, cafes and airports—are not secure.
• Where possible avoid using charging devices from USB sockets provided in hotels, airports, vehicles or conference venues. 
• Be conscious of suspicious or out of the ordinary approaches by unknown persons - in identifying potential sources, Foreign Intelligence Services may orchestrate an approach at a common location e.g. hotel or airport and ask carefully crafted questions to get a sense of whether an individual will be of value to them or has vulnerabilities that can be exploited.  
• Be alert to questioning—even by seemingly benign individuals such as guides, drivers or hotel staff.

Be alert to contact that may occur after the travel/deployment has concluded, and do not provide any personal contact details to anyone you may have met whilst travelling/deployed. 

• Trim shrubbery to avoid providing a potential threat with places to hide and to increase natural surveillance of the front of your home
• Consider installing a CCTV and visitor-monitor system with key coverage of entry points and the path to your vehicle. CCTV systems should have a battery backup capability and provide you with a discreet method of screening visitors away from the entry door
• Consider installing a security alarm system including duress points and contact reed switches on entry points. The alarm system should feature a perimeter arming mode where reed switches on perimeter doors and windows can be armed when residents are at home and not expecting company (typically after-hours or when asleep)
• Use spot and flood lighting activated by a passive infrared sensor covering key approaches to the property and entry points
• Ensure your electrical switchboard has a lock and is approved by utility provider
• Entry doors should ideally be of solid core timber construction/hardened door frames with a deadbolt
• Fit a pad bolt to the manhole or other access point into a ceiling cavity
• Key lock windows at all times and leave timber dowels in sliding window tracks
• Consider installing security screens over perimeter doors/accessible windows as a more cost-effective method than replacing perimeter doors.
• Consider installing security screens over any window panes adjacent to doors that would allow an intruder to break the glass, reach around and unlock door.
• Allocate a room as a safe room – consider replacing door and door frame with solid core door/ hardened frame with deadbolt. When selecting a room be mindful of windows that are accessible from the outside.

• Never leave spare keys outside your home, these are often easily found in predictable locations
• Don’t have personal details such as your name, address and telephone number on your keys
• If you lose your keys or move into a new home make sure you change the locks
• If someone contacts you saying they have found your keys ask them to drop them off at the nearest police station.

• Make sure you keep all gates locked. The rear and sides of homes are often targeted by thieves.
• Always lock tools, ladders and garden equipment away so these items cannot be used to gain entry to your home.

What is YOUR digital footprint? For all personal and family accounts:

• Lockdown all social media security and privacy settings
• Only engage with ‘friends’ you have met in person; do not accept unsolicited messages or links 
• Refrain from including images of your house, children’s school (first day at school photo)
• Ask family and friends to not tag you in social media
• Tell family not to post locations or upcoming plans, avoid advertising planned holidays
• Do not post anything that creates a predictable pattern
• Change passwords regularly and have different passwords for each account
• Suppress your online data. LinkedIn is actively targeted by foreign intelligence services
• Facebook tracks your ‘off Facebook’ online activity
• Keep an eye out for cyber attackers using enticement, fear, uncertainty, doubt and urgency in their engagements with you
• Stop and consider any links you have been sent – even from senders you recognise. A hacker could be impersonating someone you know
• Be mindful of attempts over the phone to obtain your information or details
• Always hang up on illegal robot calls
• Put your phone number on the do not call register
• Do not give personal or financial details – even if they say they have the information and just need you to confirm it.

Phishing is the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers.

Spear phishing is the the fraudulent practice of sending emails supposedly from a known or trusted sender in order to induce targeted individuals to reveal confidential information

Vishing is just one form of phishing, which is any type of message — such as an email, text, phone call or direct-chat message — that appears to be from a trusted source, but isn’t. The goal is to steal someone’s identity or money.

Tabnabbing is a computer exploit and phishing attack, which persuades users to submit their login details and passwords to popular websites by impersonating those sites and convincing the user that the site is genuine. The attack takes advantage of user trust and inattention to detail in regard to tabs, and the ability of browsers to navigate across a page’s origin in inactive tabs a long time after the page is loaded.

Baiting is like the real-world ‘trojan horse’. It uses physical media and relies on the curiosity or greed of the victim. It’s in many ways similar to phishing attacks. However, what distinguishes them from other types of social engineering is the promise of an item or good that hackers use to entice victims.

Pretexting is a method of inventing a scenario to convince victims to divulge information they should not divulge. Pretexting is often used against corporations that retain client data, such as banks, credit card companies, utilities, and the transportation industry.

Tailgating is a physical rather than virtual cyber attack where an unauthorised person gains access to usually restricted areas of an organisation or a building with a view to executing a physical or cyber crime to cause a data breach and steal confidential information, equipment as well as personal belongings.

Other terms used

Smishing is the act of using SMS text messaging to lure victims into a specific course of action. Like phishing it can be clicking on a malicious link or divulging information.

Pharming is a cyberattack intended to redirect a website’s traffic to another, fake site. Pharming can be conducted either by changing the hosts file on a victim’s computer or by exploitation of a vulnerability in DNS server software. DNS servers are computers responsible for resolving internet names into their real IP addresses. Compromised DNS servers are sometimes referred to as “poisoned”. Pharming requires unprotected access to target a computer, such as altering a customer’s home computer, rather than a corporate business server.

Whaling is a specific kind of malicious hacking within the more general category of phishing, which involves hunting for data that can be used by the hacker. In general, phishing efforts are focused on collecting personal data about users