The Attorney-General’s Department says it is still working on the latest edition of an annual report that gives the most in-depth public picture of the use of telecommunications interception powers by Australian law enforcement organisations.
The department is tasked with releasing an annual report on the administration of the Telecommunications (Interception and Access) Act 1979 (TIA Act) and Surveillance Devices Act 2004.
The report for the 2014-15 financial year was released in December 2015. The report for the 12 months ending 30 June 2016 is still being prepared, however.
The 2015-16 edition will be the first TIA annual report to cover the operation of Australia’s data retention regime.
“The Telecommunications (Interception and Access) Amendment (Data Retention) Act 2015 introduced a number of new reporting requirements for accessing telecommunications data,” a spokesperson for the Attorney-General’s Department said.
Data retention obligations for Australia’s telcos kicked in on 13 October 2015.
“The department is currently reviewing the integrity of data submitted by agencies for the 2015-16 annual report to ensure it complies with both the old and new reporting requirements,” the spokesperson said.
The report will include details about the accessing of telco data that haven't been revealed in previous editions, such as the offences for which telco data has been sought and the number of requests for subscriber data and traffic data.
The most recent edition of the TIA report revealed a startling array of government agencies had authorised access to telecommunications data, sometimes dubbed ‘metadata’ — that is, data about a communication but not the contents of a communication (so it may include a communication's participants, data, time, location and so on, but not the contents of a message or conversation).
The Australian Communication and Media Authority’s most recent Communications report said that during 2015-16 the number of disclosures of customer information by telcos, as reported to it under section 308 of the Telecommunications Act, was 667,792.
The ACMA said that represented a decrease of 157,049 (19 per cent) from 2014–15.
“Of these, 81 per cent were covered by an authorisation in force to access existing information or documents for the enforcement of the criminal law under section 178 of the TIA Act,” the report states.
Under the pre-data-retention regime, metadata could be accessed by any agency that met the definition of “enforcement agency” under the TIA Act.
That definition included any organisation that enforced a criminal law, a law imposing a pecuniary penalty or a law that protected public revenue; even certain non-government organisations such as the RSPCA could authorise the disclosure of data, as long as they had power to enforce a law that met those requirements.
The 2014-15 TIA annual report revealed that 83 organisations accessed telco data. Alongside police forces, those organisations included the Civil Aviation Safety Authority; the Victorian Department of Economic Development, Jobs, Transport and Resources; the WA Department of Environment Regulation; Roads and Maritime Services NSW; Primary Industries and Regions (South Australia); the Taxis Services Commission in Victoria; and the RSPCA in Tasmania.
The data retention regime pared down the agencies that could use the warrant-free authorisation process to access metadata.
Those organisations currently authorised include the Australian Federal Police, state police forces and anti-corruption commissions, the Australian Border Force, the Australian Crime Commission, the Australian Commission for Law Enforcement Integrity (ACLEI), the Australian Competition and Consumer Commission (ACCC), and the Australian Securities and Investments Commission (ASIC).
At least 61 additional agencies have applied to be made authorised agencies for the purposes of the data retention scheme.
In October, the ABC revealed that that a number of organisations including the Australian Taxation Office (ATO), the Department of Foreign Affairs and Trade (DFAT), the Department of Agriculture, the Department of Education and the Department of Social Services (DSS) had requested the AFP to obtain metadata on their behalf.
The government recently launched a public consultation on what information covered by the data retention scheme should be able to be used in civil court disputes.