How agencies access personal phone data
Sep 23, 2022 •
Police and security agencies often have access to a wealth of personal information about the people they’re investigating — including phone calls, texts, emails and metadata.
Access to that information is supposed to occur under very controlled circumstances. But there’s evidence that’s not what’s happening.
How agencies access personal phone data
786 • Sep 23, 2022
How agencies access personal phone data
[Theme music starts]
RUBY:
From Schwartz Media. I’m Ruby Jones, this is 7am.
Police and security agencies often have access to a wealth of personal information about the people they’re investigating - including phone calls, texts, emails - and metadata.
Access to that information is supposed to occur under very controlled circumstances - but there’s evidence that’s not what’s happening.
In fact a new report has found that police and other agencies routinely break the law in handling private data, and - despite warnings - their conduct is getting worse rather than better.
Today, Chief Political Correspondent Karen Middleton, on what happens when the people in charge of law enforcement, act outside the law themselves.
It’s Friday, September 23.
[Theme music ends]
RUBY:
Karen, people probably aware by now that police do have the power under certain circumstances to intercept and record people's communications and also go through their stored data. So can you run me through exactly what it is that can be accessed by police?
KAREN:
Yes. Well, they can do both of those things. They can under certain circumstances, with the right permissions, intercept our communications so our phone calls and other kinds of communications messages. And then they can also access, under certain circumstances, data that's already stored. So emails that we've sent, text messages that we've sent, voicemail messages that we've left.
The powers also cover our metadata. So, that's the record of communications that we've made, where they originated from and where they were sent to, how long they lasted, how big a file might be, phone numbers, addresses, those kinds of things. If police and other agencies decide they need these for investigations, they can get a warrant and access this through telecommunications companies.
RUBY:
Okay. And so tell me what it is that we're learning then about exactly how police are actually using these powers then?
Archival Tape – Malcolm Turnbull (as Minister for Communications):
“Madam Speaker, I present the Telecommunications Interception and Access Amendment Data Retention Bill…”
KAREN:
The law they have to abide by in this instance is called the ‘Telecommunications Interception and Access Act’, sometimes known as the ‘TIA Act’ for short.
Archival Tape – Malcolm Turnbull (as Minister for Communications):
“The bill contains a package of reforms to prevent the further degradation of the investigative capabilities of Australia's law enforcement and national security agencies…”
KAREN:
And every year the Commonwealth Ombudsman has to have a look at how these agencies are performing under that act in relation to the interception of data and in relation to the stored data.
Archival Tape – Malcolm Turnbull (as Minister for Communications):
“Access to metadata plays a central role in almost every counter-terrorism, counter-espionage, cyber security and organised crime investigation. It is also used in almost all serious criminal investigations, including investigations into murder, serious sexual assaults, drug trafficking and kidnapping…”
KAREN:
Now most recently there's been a Commonwealth Ombudsman's report into the store data and how the agencies are going in upholding the law when they're seeking to access those emails, messages, voicemails. And his most recent report is pretty damning, suggesting that they are not actually upholding the laws very well. And in fact, they are continuing to fail to get properly valid warrants to access information. They're not storing the information properly. They're not destroying it when they're supposed to. They're not keeping good records of whether or not a warrant is still current. So when the warrant might end. And that makes it difficult to know whether the evidence that they've got and holding is able to be used lawfully in a prosecution or whether it's not lawful.
RUBY:
And when we talk about law enforcement agencies, who exactly are we talking about? Karen, how high up does this go?
KAREN:
Well, it's quite surprisingly broad, actually, Ruby. It goes across 20 different agencies at the federal and the state and territory level. These are police forces, their integrity bodies like ICAC's in New South Wales and I back in Victoria, the Securities and Investments Commission, the Triple C, the Competition and Consumer Commission that keeps a watch over retailers and price gouging and the like. So there are a whole lot of agencies that can get a warrant, either from an authorised member of the Administrative Appeals Tribunal or from a judge or magistrate and can access data to use in prosecutions. Now in the latest Ombudsman's report, he was looking at 19 of those 20 agencies because one of them, the Securities and Investments Commission, hadn't used the relevant powers in the 12 month period that the Ombudsman was looking at.
RUBY:
And so what about the people whose data is actually being accessed in this way? Presumably these agencies would say that these are people who they are looking into, who they're investigating. But how do we know how that works?
KAREN:
Well, a lot of the time they're people that they're investigating, but not all the time. And this is where it gets really tricky. They can sometimes access the data belonging to victims of a crime, and it is possible for them to do that without the victim being notified, and that's under certain circumstances.
But the Ombudsman's report suggests that they're not upholding the circumstances there either and of course they're also accessing the information of people that they suspect are involved in a crime. But there are some definitional questions about what level of crime, what kind of criminal offence should be covered by this. And so there's some grey areas in there as well.
But the overall problem with this is. Is that these criticisms the Ombudsman is making are not new. They've been made every year for years and things are not getting better. They're actually getting worse.
RUBY:
We'll be back in a moment.
[ADVERTISEMENT]
Archival Tape – Patricia Karvelas (ABC):
“Covert powers used by Australia's law enforcement agencies to access and retain electronic data, including personal emails and text messages, are being questioned after a damning review by the Commonwealth Ombudsman…”
RUBY:
Karen, we were just talking about how the problem of agencies using these data access powers seems to be getting worse each year, the Ombudsman keeps making more and more recommendations about these issues. So if that is the case, what can be done to stop these agencies, if they continue to act outside the rules?
KAREN:
Well, it's a very good question, because there are these penalties in the act for people within these agencies to be sent to jail if they're prosecuted. The agency we usually look to to prosecute crimes nationally is the Australian Federal Police, but it is amongst the agencies here that has been criticised. Now the police say that they have made all the changes that were required since the Ombudsman's report was finalised. But you know, there's a question I guess about, well, who is policing the police? Because the most serious recommendations in the Ombudsman's report are targeted at the police forces, the Federal police and police in the states and territories. So even though the provisions for accountability are there on paper in the Act, the mechanisms for delivering it aren't.
RUBY:
So Karen, is there a suggestion then that at this point in time, knowing what we do about what has happened so far, that these powers should be withdrawn, if these agencies are breaking the law, perhaps they shouldn't actually be allowed to access this kind of data anymore.
Archival Tape – Bret Walker SC:
“This is disappointing, but I see not surprising that we do have a pattern for some agencies of what I call it, a distinctly unenthusiastic and ineffective response to suggestions for improvement.”
KAREN:
I spoke to Bret Walker SC, who's one of the nation's most eminent barristers and was actually the original national security legislation monitor some 12 years ago. And he has that very concern.
Archival Tape – Bret Walker SC:
“I've been driven to the view that perhaps we should have almost real time monitoring of compliance, not just annually, so that agencies and more to the point, senior officers in agencies who are repeatedly delinquent lose their authority.”
KAREN:
And even since my interview with him, he's gone further and he's actually suggesting maybe that heads should roll.
Archival Tape – Bret Walker SC:
“Now, that means for some senior officers that they won't be able to do their jobs. And so, yes, I think there should be some resignations if this repeated pattern of non-observance of stipulated safeguards were to occur…”
RUBY:
And what about the Attorney General, Karen, because the hierarchy goes all the way up to him, doesn't it?
KAREN:
Yes. And the Attorney-General has said that he is concerned about these findings, that it's not good and not acceptable, that the things appear to be getting worse, going backwards. So it's now up to the Attorney-General to decide what to do about it. He was a member of the very powerful Parliamentary Joint Standing Committee on Intelligence and Security, known as the PJSCIS. That's a standing committee that has its own structure and status under the law and it examines all national security legislation. It only involves Liberal Party and Labor Party members. And he was a member of it. Under in. Last Parliament. And in that time, that committee actually made some recommendations about this very issue, the handling of data under the TIA Act and what should change. And amongst those recommendations it said that there should be national guidelines developed for the handling of data because it was too disparate and things were not streamlined enough. It made a number of recommendations, 22 in total, and the previous government did not respond at all to that report. It came out in 2022, two years on, there had been no response. So we know that there is now some pressure on the Attorney-General in the new Government to return to that report and to have a look at what should be done about it.
RUBY:
And I'm struck, Karen, by the fact that this isn't the first time that these agencies have been called out on this kind of conduct, but that has not seemingly acted as a deterrent at all. In fact, it would seem that previous recommendations for them to change have been disregarded. So does it seem to you that this moment, this report, will be a turning point?
KAREN:
Well, it seems that the Attorney-General is concerned and is serious about doing something now. How far he is prepared to go is not clear. There's been some rearranging of responsibilities since the new Government took office. The Australian Federal Police has been moved from in the Home Affairs Department to back under the umbrella of the Attorney-General's Department. So it is back in the Attorney-General's bailiwick. It seems like the Attorney-General is motivated to make some changes, but what they will be practically speaking is not clear. We know that the new chair of the Page ASIS, that committee I was talking about, Peter Khalil, the Victorian Labor MP, is also concerned about what's going on with data handling and was putting some extra pressure on the Attorney-General to do something about it. So it looks like the new Government will take some steps, we just haven't seen the detail yet.
RUBY:
Karen, thank you so much for your time.
KAREN:
Thanks, Ruby.
[ADVERTISEMENT]
[Theme music starts]
RUBY:
Also in the news today,
Protests took place during the national public holiday to mourn the passing of the Queen in Brisbane, Sydney, Melbourne and Canberra on Thursday.
Protest organisers said the marches were to protest the ongoing impact of British colonisation in Australia.
And...
Today, new British Prime Minister Liz Truss will announce her new ‘mini-budget’, the first major reform package of her prime ministership.
Britain is in the middle of an inflation crisis, and Truss has promised to ditch a planned corporation tax rise and is expected to announce the creation of a network of low-tax, low-regulation investment zones.
7am is a daily show from The Monthly and The Saturday Paper. It’s produced by Kara Jensen-Mackinnon, Alex Tighe, Zoltan Fecso, and Cheyne Anderson.
Our technical producer is Atticus Bastow.
Brian Campeau mixes the show. Our editor is Scott Mitchell. Erik Jensen is our editor-in-chief.
Our theme music is by Ned Beckley and Josh Hogan of Envelope Audio.
[Theme music ends]
Police and security agencies often have access to a wealth of personal information about the people they’re investigating — including phone calls, texts, emails and metadata.
Access to that information is supposed to occur under very controlled circumstances. But there’s evidence that’s not what’s happening.
A report has found that police and other agencies routinely break the law in handling private data, and despite warnings - their conduct is getting worse rather than better.
Today, chief political correspondent for The Saturday Paper Karen Middleton on what happens when the people in charge of law enforcement, act outside the law themselves.
Guest: Chief political correspondent for The Saturday Paper, Karen Middleton
7am is a daily show from The Monthly and The Saturday Paper. It’s produced by Kara Jensen-Mackinnon, Alex Gow, Alex Tighe, and Zoltan Fecso.
Our technical producer is Atticus Bastow.
Brian Campeau mixes the show. Our editor is Scott Mitchell. Erik Jensen is our editor-in-chief.
Our theme music is by Ned Beckley and Josh Hogan of Envelope Audio.
More episodes from Karen Middleton