National security laws designed to crack down on terrorism are being exploited for investigations into shoddy drivers, illegal rubbish dumpers and even people posting bill posters, it has been claimed.
The Communications Alliance, a top telco industry group which counts Telstra, Vodafone and Optus as members, has sounded the alarm about a major loophole in government metadata laws.
The laws, introduced two years ago, order telcos to collect and retain the ‘metadata’ of every Australian’s mobile and online communications.
But a legal loophole means the data is being ‘subverted’ by local councils and other government bodies for purposes which have little or nothing to do with national security.
Local councils have sought metadata for – of all people – bill posters, telco industry group the Communications Alliance said
Government agencies have also sought metadata from phone carriers for traffic matters, a parliamentary inquiry heard
Even experts admit the term ‘metadata’ can be confusing. But they warn it is an incredibly powerful tool for government agencies and investigators.
‘Metadata’ is background technical information about a phone call or online message.
For instance, the metadata of a phone call is information about who has called whom, at what time, and from where.
But doesn’t include what was said during the call.
The laws, passed in 2015, gave just 22 police and security organisations access to Australians’ metadata, without a warrant, for national security and crime fighting reasons.
But the Communications Alliance has revealed 60 further agencies have sought to access metadata in a submission to the joint parliamentary security and intelligence committee.
If someone’s sitting on top of the Harbour Bridge (according to location data) calling a suicide prevention provider, you don’t need the content for what’s going on
Digital expert Nigel Phair on why metadata is so important
Local councils, the Australian Sports Anti-Doping Authority (ASADA), Report Illegal Dumping NSW and the Veterinary Surgeons Board of WA are among the bodies that have applied to use metadata for their own purposes, the submission said.
State fisheries agencies, Racing Integrity Victoria, the NSW Office of State Revenue, Centrelink, the Australian Tax Office and coroner’s courts have also sought to exploit the information.
In its submission, the Alliance warned both the public and experts ‘often mistakenly believe that the telecommunications data of ordinary Australian people can be accessed, without a warrant, by only a very limited number of 22 law enforcement and security agencies.’
But the industry group said that is not the case and 60 entities had sought data by using a loophole provided by section 280 of the Telecommunications Act 1997.
The Australian Sports Anti Doping Agency – which is investigating Shayna Jack (above) for failing a drug test – is one agency to apply for metadata
Racing Integrity Victoria is another agency to have sought metadata (Melbourne Cup stock photo above)
‘Bodies/agencies include local councils who request access to data to, among other things, manage traffic offences, unlawful removal of trees, illegal rubbish dumping and billposters,’ the submission said.
‘The RSPCA, the Environment Protection Authority and state coroners are other examples of entities that have managed to subvert the intended scope of the legislation.’
Information sought reportedly included location data, call records and customer identification.
In a separate submission, Telstra, Australia’s largest telco, said the access ‘could erode public trust in the regime and undermine the relationship we have with out customers in relation to protection of their privacy’.
UNSW digital expert Nigel Phair said the government had wanted to wind back permission for government bodies like the RSPCA access metadata, under its 2015 laws.
WHAT IS METADATA AND WHY IS IT SO IMPORTANT?
Metadata is ‘data about the data’, and has become an immensely powerful tool for law enforcement agencies, a technology expert said.
Nigel Phair, director of the University of New South Wales’s Cyber department, explained the contentious topic simply.
UNSW Cyber’s Nigel Phair
‘If I send you an email, it’s not the content in the email.
‘It’s things like when the email was sent, the email identifier, the dates and time stamps, locations, those sorts of things.’
In today’s mobile phone saturated world, metadata also includes information such as geolocation and browsing websites.
Law enforcement agencies require warrants to access the content of communications.
But Mr Phair said access to metadata can often tell the story entirely itself.
‘If someone’s sitting on top of the Harbour Bridge (according to location data) calling a suicide prevention provider, you don’t need the content for what’s going on’.
‘If you have metadata that someone’s been out at a pub all night and the next day they’re searching on their device for STD clinics, again … where metadata is really powerful for law enforcement is you can put constructs of data together.’
Illegal rubbish dumping was another focus of metadata requests
‘They used to be able to do this, but then when the changes came out, it got narrowed to law enforcement,’ Mr Phair said.
But telcos said they while are banned from accessing metadata gathered solely under government retention laws, they may have to disclose it if they retain it for their own records as well.
‘(It is) a serious and persistent phenomenon, a problem that continues to grow in magnitude,’ the Communications Alliance warned.
The government committee is reviewing the metadata retention laws.
Daily Mail Australia contacted the Department of Home Affairs for comment.