Accessibility Links
Home
Main Menu
Jurisdiction
Judges
Registrars
Courts & TribunalsAdministered by the Federal Court
International Programs
Freedom of Information
Media GuideInformation for journalists
Corporate Information Reports, plans and other publications
National Court Framework
Employment
Access to Court Files & Transcript
Check the progress of a caseListing dates, Orders & links to judgments
Research Requests
Registry ServicesWhat Registries can & cannot do
Interpreters
Help for people with disabilities
Technology and the Court
Powers of a Registrar
Assisted Dispute Resolution (ADR)
Subscribe to Judgments & Events by NPA; Practice News, Daily Court Lists and more
National Practice Areas (NPAs)
Court Rules, Acts & Regulations
Practice Documents
Class Actions
Consultation & Liaison User group meetings, Harmonised Rules Committees (Bankruptcy & Corporations)
Appeals
Guides Including Bankruptcy, Corporations, Migration, Administrative & Constitutional Law and Human Rights; Communicating with the Court; Expert witnesses.
Use of Communication Devices
Forms Prescribed Under: Other Forms:
Difference Between Fees & Costs
Court Fees About Court fees including exemptions, deferral & refunds
Filing Filing & lodgement
Legal Costs
Interest Rates Pre-judgment & post-judgment interest rates
Court Sitting Dates
  • 2026
    • 2 February - 18 December
  • 2027
    • 1 February - 17 December
Full Court & Appellate Sitting Dates
  • 2026
    • 2 - 27 March
    • 27 July - 28 August
    • 2 - 27 November
  • 2027
    • 22 February - 19 March
    • 26 July - 27 August
    • 1 - 26 November
Daily Court Lists
Select state
Select a state registry to view the current court list: Select a state registry to view the current court list.
click map Western Australia Northern Territory South Australia Queensland New South Wales Victoria Tasmania Australian Capital Territory Australia
Register to receive daily court lists by email soon after they are published. Subscribe
Future Listings Find future hearing times and dates. Go to Federal Law Search
Library
Annual Reports
Judges' Speeches Current and former judges, including Welcome and Farewell ceremonies
Videos & Podcasts Videos, podcasts and online streaming
GlossaryGlossary of legal terms
Judgments About the judgments collection, including FAQs
I am a Party -
Information for Litigants
Jury Service
I am a Practitioner I am a witness I have been Subpoenaed
Guides
Online Services
You are here:

Federal Court of Australia

Knight Watch Security Pty Limited v Aussie Broadband Limited [2023] FCA 344

File number:

NSD 775 of 2022

Judgment of:

CHEESEMAN J

Date of judgment:

18 April 2023

Catchwords:

PRACTICE AND PROCEDURE – application for preliminary discovery under r 7.22 of the Federal Court Rules 2011 (Cth) of identifying information relating to an IP address operated by respondent – where purpose of discovery to ascertain identity of user(s) allocated IP address at time when impugned communications sent – where user(s) made complaints about alleged conduct of applicant to applicant’s clientsconsideration of disclosure prohibitions in the Telecommunications Act 1997 (Cth) – Held: application granted.

Legislation:

Telecommunications Act 1997 (Cth) ss 276, 280(1), 280(1B)

Federal Court Rules 2011 (Cth) r 7.22

Supplementary Explanatory Memorandum, Telecommunications (Interception and Access) Amendment (Data Retention) Bill 2014 (Cth)

Revised Explanatory Memorandum, Telecommunications (Interception and Access) Amendment (Data Retention) Bill 2015 (Cth)

Cases cited:

CIC Insurance Ltd v Bankstown Football Club Ltd [1997] HCA 2; 187 CLR 384

Dallas Buyers Club LLC v iiNet Limited [2015] FCA 317; 245 FCR 129

Federal Commissioner of Taxation v Consolidated Media Holdings Ltd [2012] HCA 55; 250 CLR 503

Hooper v Kirella Pty Ltd [1999] FCA 1584; 96 FCR 1

Project Blue Sky Inc v Australian Broadcasting Authority [1998] HCA 28; 194 CLR 355Siemens Industry Software Inc v Telstra Corporation Limited [2020] FCA 901

SZTAL v Minister for Immigration and Border Protection [2017] HCA 34; 262 CLR 362

Division:

General Division

Registry:

New South Wales

National Practice Area:

Commercial and Corporations

Sub-area:

Commercial Contracts, Banking, Finance and Insurance

Number of paragraphs:

29

Date of last submission:

21 December 2022

Date of hearing:

Determined on the papers.

Solicitor for Applicant:

Streeterlaw

Solicitor for Respondent:

TXD Law

ORDERS

NSD 775 of 2022

BETWEEN:

KNIGHT WATCH SECURITY PTY LIMITED ACN 097 678 272

Applicant

AND:

AUSSIE BROADBAND LIMITED ACN 132 090 192

Respondent

order made by:

CHEESEMAN J

DATE OF ORDER:

18 APRIL 2023

THE COURT ORDERS THAT:

For the purpose of these orders:

Document includes:

(a)    any record of information mentioned in the definition of document in Part 1 of the Dictionary to the Evidence Act 1995 (Cth); and

(b)    any other material, data or information stored or recorded by mechanical or electronic means.

Impugned Communications means the communications described in paragraph [6] to [8] of the reasons for judgment.

1.    Within 14 days, Aussie Broadband Limited (ACN 132 090 192) give discovery to the Knight Watch Security Pty Ltd (ACN 097 678 272) of such documents that are or have been in Aussie Broadband’s control that are sufficient to identify the name and address of the person(s) referred to in the Schedule.

2.    In complying with Order 1, Aussie Broadband is to disclose any documents discovered to the solicitors for Knight Watch (Streeterlaw).

3.    Streeterlaw is to hold and keep the documents disclosed to it confidential subject to Order 4.

4.    Within 14 days of disclosure being provided, Haralambos Davernaris is entitled to inspect the documents in the office of Streeterlaw for the sole purpose of identifying the person(s) who sent the impugned communications to the clients of Knight Watch by examining whether any of the names or addresses are relevantly familiar to him and in doing so, Haralambos Davernaris is not permitted to disclose to any third party the name or address of any account holder disclosed to him pursuant to this Order, other than to Knight Watch and such of its agents and representatives who have been notified of and agreed to be bound by Order 6(a).

5.    Within 7 days after inspection by Haralambos Davernaris, Streeterlaw is to delete all copies (including electronic) of documents discovered by Aussie Broadband that are not relevant to any cause of action that Knight Watch may have in relation to the impugned communications.

6.    Knight Watch:

(a)    is not permitted to disclose to any third party the name and address of any account holder disclosed to Knight Watch pursuant to Order 1, other than agents or representatives of Knight Watch, who have been notified of and agreed in writing to be bound by this Order;

(b)    is to maintain a list of all persons to whom disclosure is made together with a copy of their written agreement to be bound by this Order; and

(c)    is permitted to use the information disclosed pursuant to Order 1 only for the purposes of legal proceedings to obtain damages or compensation, injunctive, declaratory or ancillary relief (including in any related pre or post commencement negotiations and or mediations) in respect of the impugned communications.

7.    Knight Watch pay Aussie Broadband’s reasonable costs of compliance with these orders.

8.    The parties have leave to apply to relist to be heard on the form of these orders, such leave to exercised within 3 business days of the date of the these orders and on the giving of notice to the other party.

Note:    Entry of orders is dealt with in Rule 39.32 of the Federal Court Rules 2011.

Schedule

1.    Subject to paragraph 2 of this Schedule, all documents relating to the identity and the address of any registered account holder(s) allocated the use of IP address 121.200.5.188 at the following times:

(d)    5:24AM AEST on 18 August 2022; and

(e)    1:15 AM AEST on 18 August 2022.

2.    In the event, that the IP address 121.200.5.188 was used by a registered account holder at both the times in paragraph 1(a) and (b), then the identity and the address of that registered account holder only.

REASONS FOR JUDGMENT

CHEESEMAN J:

INTRODUCTION

1    By amended originating application, the applicant, Knight Watch Security Pty Limited (ACN 097 678 272), seeks an order pursuant to r 7.22 of the Federal Court Rules 2011 (Cth) that the respondent, Aussie Broadband Limited (ACN 132 090 192), gives preliminary discovery of all documents relating to the identity and address of the registered Aussie Broadband account holders of an IP address used on two occasions to send separate complaints to two of Knight Watch’s clients. Knight Watch is considering commencing proceedings against the person(s) involved in sending those complaints (the prospective respondent(s)) for misleading and deceptive conduct under Sch 2 to the Competition and Consumer Act 2010 (Cth) (the ACL). However, Knight Watch does not have sufficient information to ascertain the identity (or identities) of the prospective respondent(s) in order to commence proceedings seeking relief under the ACL. Aussie Broadband does not consent or object to the application but contends that the proposed orders are inutile because of certain non-disclosure obligations imposed on it by s 276 of the Telecommunications Act 1977 (Cth).

EVIDENCE

2    Knight Watch relies on the affidavit evidence of Mr Haralambos Davernaris, the sole director of Knight Watch, and Mr Jarret Le Roux, a digital forensics expert engaged on behalf of Knight Watch, who has provided an expert report.

3    Aussie Broadband relies on the affidavit evidence of its chief technology officer, Mr John Charles Reisinger, and on his expert report.

4    Knight Watch provided written submissions in support of its application. Aussie Broadband did not provide written submissions, but outlined its arguments as to why the relief sought lacks utility in a letter from its solicitors. The parties consented to the application being determined on the papers.

FACTUAL BACKGROUND

5    Knight Watch trades under its registered business name, Bluestar Security, and provides protection and security services through the provision of on-site security personnel. The Bluestar business has traded for 29 years and holds labour licences in Queensland and Victoria and has provided services across Australia and New Zealand.

6    On 18 August 2022, two of Knight Watch’s clients received a communication sent via their respective online enquiry portals on their websites (the impugned communications). Both communications contained the same information in the name and email address fields of the website form and contained similar messages. The messages were as follows (as written, hyperlink omitted):

Your security contractor Bluestar / Knight Watch Security is doing well exploiting guards under paying them and using contractors this info will be sent to media and its going to make you also come under investigation see below link

and:

Your security contractor Bluestar Knight Watch Security is doing well exploiting guards under paying them and using contractors. info will be sent to media

see below from Labour Hire Victoria and you will also be in the media for this.

7    The impugned communications both contained a hyperlink to an article published by Labour Hire Victoria in June 2022, with the headline “Cancelled, Refused, Conditions imposed: The Labour Hire Authority is tackling exploitation in the security industry”. Knight Watch was referred to in the article in the following context:

Following recent investigations, the Labour Hire Authority (LHA) has granted a licence to Knight Watch Security Pty Ltd trading as Bluestar Security Services (Bluestar) with significant conditions attached.

However, the LHA refused a separate licence application and cancelled the licence of two subcontractors that had been charging Bluestar for the supply of guards for 24/7 coverage at rates as low as $24 per hour (excluding GST). The contract rates these businesses charged were so low that they were incapable of covering even the minimum wage under the Security Services Industry Award 2020 during some time spans.

There were additional concerns about these subcontractors’ compliance with other legal obligations, including in relation to superannuation, the portable long service leave levy and workers’ compensation insurance.

8    Mr Le Roux examined the impugned communications on behalf of Knight Watch and concluded that they originated from the same IP address operated by Aussie Broadband. The email address contained in each enquiry form was invalid and incapable of accepting emails.

9    Mr Reisinger deposed that Aussie Broadband’s system is configured such that multiple customers may share an IP address at any given time. To distinguish between the potentially relevant customers Aussie Broadband would need to know the port number, in addition to the IP address, date and time of posting the impugned communications. Without the port number, Aussie Broadband may be required to provide the details of up to 128 customers in response to the application for preliminary discovery. Aussie Broadband collects and retains IP address logs primarily to comply with its data retention obligations, however, there are occasions when the logs have been accessed by Aussie Broadband staff for internal fact checking, such as to confirm a purchase made by an Aussie Broadband customer following a complaint. Aussie Broadband does not have a policy relating to the access to the logs by staff for internal fact checking. On the occasions that this has occurred, staff members have done so on their own initiative, in the course of their employment.

APPLICABLE LEGAL PRINCIPLES

10    Rule 7.22(1) of the Rules provides:

A prospective applicant may apply to the Court for an order under subrule (2) if the prospective applicant satisfies the Court that:

(a)    there may be a right for the prospective applicant to obtain relief against a prospective respondent; and

(b)    the prospective applicant is unable to ascertain the description of the prospective respondent; and

(c)    another person (the other person):

(i)    knows or is likely to know the prospective respondents description; or

(ii)    has, or is likely to have, or has had, or is likely to have had, control of a document that would help ascertain the prospective respondent's description.

11    To meet the requirements of r 7.22, it is necessary for Knight Watch to satisfy the Court that it may have a right to obtain relief against a prospective respondent, that it cannot identify the prospective respondent(s) and that Aussie Broadband knows or is likely to know the identity of that person or have a document which reveals it. In addition, the definition of “prospective applicant in r 7.21 as a person who “reasonably believes that there may be a right for the person to obtain relief against another person who is not presently a party to a proceeding in the Court” means that Knight Watch must possess such a belief and that belief must be reasonable: Dallas Buyers Club LLC v iiNet Limited [2015] FCA 317; 245 FCR 129 at [52].

12    Knight Watch is not required to demonstrate the existence of a prima facie case; however, r 7.22 is not to be used in favour of a person who intends to commence merely speculative proceedings, and so a material factor in the exercise of the Court’s discretion is the prospect of Knight Watch succeeding in proceedings against the alleged wrongdoer: Hooper v Kirella Pty Ltd [1999] FCA 1584; 96 FCR 1 at [33] and the cases cited therein.

DISCLOSURE PROHIBITION ISSUE

13    Pursuant to its obligations in Division 1 of Part 5-1A of the Telecommunications (Interception and Access) Act 1979 (Cth) (the TIA Act), Aussie Broadband must retain a specific list of communications data, which relevantly may include the information sought by Knight Watch.

14    As a carrier and carriage service provider, Aussie Broadband is subject to certain primary non-disclosure obligations set out in Division 2 of Part 13 of the Telecommunications Act Protection of Communications. A simplified outline of Part 13 is contained in s 270 which relevantly provides:

    Carriers, carriage service providers, number‑database operators, emergency call persons and their respective associates must protect the confidentiality of information that relates to:

(a)    the contents of communications that have been, or are being, carried by carriers or carriage service providers; and

(b)    carriage services supplied by carriers and carriage service providers; and

(c)    the affairs or personal particulars of other persons.

    The disclosure or use of protected information is authorised in limited circumstances (for example, disclosure or use for purposes relating to the enforcement of the criminal law).

    An authorised recipient of protected information may only disclose or use the information for an authorised purpose.

    Certain record‑keeping requirements are imposed in relation to authorised disclosures or uses of information.

15    Division 2 Primary disclosure includes s 276, which, amongst other things, prohibits the disclosure of personal particulars of a person that have come into Aussie Broadband’s possession in connection with its business as a carriage service provider. A person who contravenes s 276 commits an offence punishable on conviction by imprisonment for a term not exceeding 2 years: s 276(3).

16    Division 3 Exceptions to primary disclosure includes s 280 which provides an exception for disclosure authorised by or under law:

Authorisation by or under law

(1)    Division 2 does not prohibit a disclosure or use of information or a document if:

(a)     ; or

(b)     in any other casethe disclosure or use is required or authorised by or under law.

(1A)    ....

(1B)    Subject to subsection (1C), paragraph (1)(b) does not apply to a disclosure of information or a document if:

(a)    the disclosure is required or authorised because of:

(i)     a subpoena; or

(ii)     a notice of disclosure; or

(iii)     an order of a court;

in connection with a civil proceeding; and

(b)    the information or document is kept, by a service provider (within the meaning of the Telecommunications (Interception and Access) Act 1979), solely for the purpose of complying with Part 5-1A of that Act; and

(c)    the information or document is not used or disclosed by the service provider for any purpose other than one or more of the following purposes:

(i)    complying with Part 5-1A of that Act;

(ii)    complying with the requirements of warrants under Chapters 2 and 3 of that Act or authorisations under Chapter 4 of that Act;

(iii)    complying with requests or requirements to make disclosures provided for by sections 284 to 288 of this Act;

(iv)    providing persons with access to their personal information in accordance with the Privacy Act 1988;

(v)    a purpose prescribed by the regulations;

(vi)    a purpose incidental to any of the purposes referred to in subparagraphs (i) to (v).

(1C) Subsection (1B) does not apply:

(a)     in circumstances of a kind prescribed by the regulations; or

(b)    to a disclosure to an enforcement agency (within the meaning of the Telecommunications (Interception and Access) Act 1979); or

(c)     to a disclosure that occurs during the implementation phase (within the meaning of that Act).

CONSIDERATION

17    On the evidence before me, I am satisfied that it is appropriate to order Aussie Broadband to give preliminary discovery of the documents sought by Knight Watch for the following reasons.

18    For the purpose of the present application, having regard to the relatively low bar in 7.22(1)(a), I am satisfied that Knight Watch may have an action for misleading and deceptive conduct pursuant to s 18 of the ACL against the person(s) responsible for posting the impugned communications, entitling it to damages, a compensation order and / or an injunction.

19    Knight Watch is presently unable to identify the person(s) responsible for the impugned communications. I am satisfied that, through the IP address logs for each of the relevant times, Aussie Broadband is likely to have control of a document(s) that would assist in ascertaining the identity of the relevant person(s).

20    I am not satisfied that the disclosure of the targeted information is prohibited by the Telecommunications Act. Section 280(1B) acts as a constraint on the permissive operation of s 280(1)(b) if certain conditions are met. The applicant submits that the requirements of 280(1B) are cumulative and each must be satisfied to exclude the operation of s 280(1)(b). I agree.

21    The task of statutory construction begins with the statutory text, understood in its context (including legislative history and extrinsic materials) and with regard to its purpose: SZTAL v Minister for Immigration and Border Protection [2017] HCA 34; 262 CLR 362 at [14] per Kiefel CJ, Nettle and Gordon JJ and at [37] to [39] per Gageler J; Federal Commissioner of Taxation v Consolidated Media Holdings Ltd [2012] HCA 55; 250 CLR 503 at [39]; CIC Insurance Ltd v Bankstown Football Club Ltd [1997] HCA 2; 187 CLR 384 at 408; and Project Blue Sky Inc v Australian Broadcasting Authority [1998] HCA 28; 194 CLR 355 at [69] to [71].

22    To construe the requirements of s 280(1B) as cumulative is consistent with a literal reading of the statutory text the conjunction used to link subparagraphs (a),(b) and (c) is “and” not “or”. That is the first indication that the requirements of s 280(1B) are cumulative.

23    To construe the requirements of s 280(1B) as cumulative is also consistent with the statutory context in that it has the effect of narrowing the circumstances in which the primary non-disclosure obligation will take precedence over disclosure otherwise authorised by or under law, in circumstances where the structure of the Act makes it clear that the primary non-disclosure obligation is to be subject to an exception for this purpose. The material that is put beyond the reach of court processes and court orders is confined by reading the criteria in s 280(1B)(a) to (c) as cumulative. To read the exception as a series of independent criteria, each of which operates as a standalone exception to the authorised by law exclusion has the potential to erode the scope of permitted disclosure where authorised by or under law.

24    The legislative history in relation to s 280(1B) was canvassed by Burley J in Siemens Industry Software Inc v Telstra Corporation Limited [2020] FCA 901 (at [32]). The Telecommunications (Interception and Access) Amendment (Data Retention) Act 2015 (Cth) (the Amendment Act) introduced Part 5-1A Data retention into the TIA Act. It includes various requirements that service providers must keep certain personal information including names, addresses, and billing information for a prescribed minimum period: s 187C. Section 187BA imposes an obligation on the provider to ensure the confidentiality of the information stored. The Amendment Act also introduced s 280(1B) to the Telecommunications Act. The extrinsic material recorded that the intention of the legislature was to ensure that data available to litigants was neither increased nor reduced by the data retention obligations introduced in the Amendment Act: see the Revised Explanatory Memorandum, Telecommunications (Interception and Access) Amendment (Data Retention) Bill 2015 (Cth) at [169]. That the requirements of s 280(1B) are properly construed as cumulative is supported by the Supplementary Explanatory Memorandum, Telecommunications (Interception and Access) Amendment (Data Retention) Bill 2014 (Cth) at [140] to [143] (emphasis added):

140.    The effect of proposed subsection 280(1B) will be that paragraph 280(1)(b) does not apply in circumstances where all of the criteria specified in paragraphs 280(1B)(a) to (c) are satisfied. Paragraph 280(1B)(a) will be satisfied where the disclosure is required or authorised because of a subpoena, a notice of disclosure, or an order of a court in connection with a civil proceeding.

141.    Telecommunications data that is retained by service providers for their ordinary business purposes or for other regulatory purposes is currently accessed in the course of many civil proceedings. The purpose of proposed paragraph 280(1B)(b) is to ensure that the prohibition applies only to telecommunications data that is collected and retained only for the purpose of complying with proposed Part 5-1A, and that is used by the service provider only for that purpose, a limited range of defined public interest purposes, or for purposes incidental to any of those purposes.

142.    

143.    This provision thereby ensures that telecommunications data that is collected, retained or used for a service provider’s ordinary business purposes or other purposes unrelated to the data retention obligation, continues to be available for such proceedings.

25    Finally, to construe the requirements of s 280(1B) as cumulative is consistent with the overarching objects contained in s 3 of the Telecommunications Act, which relevantly include:

(1)    The main object of this Act, when read together with Parts XIB and XIC of the Competition and Consumer Act 2010, is to provide a regulatory framework that promotes:

(a)    the long-term interests of end-users of carriage services or of services provided by means of carriage services; and

(b)    the efficiency and international competitiveness of the Australian telecommunications industry; and

(c)    the availability of accessible and affordable carriage services that enhance the welfare of Australians.

(2)    The other objects of this Act, when read together with Parts XIB and XIC of the Competition and Consumer Act 2010, are as follows:

(h)    to provide appropriate community safeguards in relation to telecommunications activities and to regulate adequately participants in sections of the Australian telecommunications industry;

(j)    to promote responsible practices in relation to the sending of commercial electronic messages;

26    Construing the criteria in s 280(1B)(a) to (c) as cumulative achieves an appropriate balance between the interest in privacy in respect of the end users’ private data and the promotion of responsible practices in relation to the sending of commercial electronic messages, including those comprising the impugned communications in this case. The present case usefully illustrates the balance that the legislature has struck by making the exclusions to the exception for disclosure authorised by or under law cumulative and confined. The Court must be satisfied that it is appropriate to exercise the discretion to make an order for preliminary discovery and in doing so may make such ancillary orders as are necessary to mitigate legitimate privacy concerns: Siemens Industry at [30]. The same applies in respect of the Court’s discretion in relation to production and inspection under a subpoena or a notice of disclosure.

27    In the present application, I am satisfied that the exception to the non-disclosure obligation in s 280(1B) is engaged and is not affected by s 280(1B) because although the condition in s 280(1B)(a)(iii) will be satisfied if an order for preliminary discovery is made, the criteria in s 280(1B)(b) and (c) are not satisfied. Aussie Broadband’s evidence demonstrates that the IP address logs are collected and retained primarily for the purpose of complying with Part 5-1A of the TIA Act the sole use requirement in s 280(1B)(b) is not satisfied. In addition, Aussie Broadband has identified occasions on which its staff have used the IP address logs in the course of their duties as part of the business of Aussie Broadband for purposes outside those designated in s 280(1B)(c). The condition stipulated in 280(1B)(c) is therefore not satisfied. The conclusion that the exclusion to the non-disclosure obligation is engaged is not altered having regard to s 280(1C). Being otherwise satisfied that it is appropriate to make an order for preliminary discovery, I do regard s 280(1)(b) as undermining the utility of that order or as a reason in the circumstances of the present application to decline to exercise the discretion to make the order.

28    The way in which the Aussie Broadband system is configured is such that the response to preliminary discovery may involve it in providing the names and addresses of customers other than the likely sender(s) of the impugned communications and this gives rise to legitimate privacy concerns. In making orders for preliminary discovery, I have narrowed the scope of the category of documents to be produced and made ancillary orders directed to protecting the identity and privacy of those customers. The form of the orders differs from that proposed by the applicant. Accordingly, I have granted the parties leave to apply within three business days of these orders if they seek to be heard on the form of orders.

CONCLUSION

29    For these reasons, I will make orders requiring Aussie Broadband to give targeted preliminary discovery and for that disclosure to be subject to obligations as to confidentiality and limited to use in the potential proceedings that Knight Watch has identified in relation to the impugned communications.

I certify that the preceding twenty-nine (29) numbered paragraphs are a true copy of the Reasons for Judgment of the Honourable Justice Cheeseman.

Associate:

Dated:    18 April 2023

Top