The Australian Taxation Office has reiterated its frustration at being excluded from the list of government agencies able to obtain warrant-free access to telecommunications ‘metadata’ as part of the data retention regime.
However, the ATO has acknowledged using other provisions of Australian telecommunications legislation to access the same records covered by the data retention scheme, but objects to the costs that it incurs as a result.
The legislation governing data retention authorises metadata metadata access by federal, state and territory police forces, the Australian Criminal Intelligence Commission, a number of anti-corruption and law enforcement integrity bodies, the Department of Home Affairs, the Australian Securities and Investments Commission (ASIC), and the Australian Competition and Consumer Commission (ACCC).
There are two pathways for authorising additional agencies to access data retained as part of the scheme. One is through legislation, the other is via ministerial declaration. However, authorisation via declaration expires at the end of 40 sitting days of the House of Representatives after it comes into effect.
Prior to the data retention legislation, scores of federal and state agencies, including the ATO, used provisions in the Telecommunications (Interception and Access) Act to compel telcos to hand over so-called non-content (or ‘historical’) data to help inform investigations.
After the data retention act came into effect, the ATO was one of dozens of agencies deprived (at least in theory) of access to metadata that sought government authorisation to resume demanding it from telcos.
That effort has so far been to no avail, the ATO states in a submission to a parliamentary inquiry examining the operation of the data retention regime.
“The ATO has a demonstrated ongoing operational need for TD [telecommunications data] in order to effectively administer the taxation and superannuation system which are directly related to the protection of public revenue,” the ATO argues. “TD is crucial for timely investigation of frauds being committed against the tax and super systems.”
Since losing its status as an enforcement agency in October 2015 thanks to the data retention legislation, the agency says it “has experienced adverse effects on its compliance activities in a number of different ways, including in circumstances which were unforeseen.”
Telecommunications data can help the ATO make “compelling connections between electronic devices and the commission of an offence” as well as snare accomplices in tax fraud schemes, the agency states.
The ATO says it is not a fan of the ministerial declaration process because of the temporary nature of the resulting authorisation.
The agency also raises the possibility of reinstating its authorisation to access stored communications (rather than just ‘metadata’), although notes it never used its power to do so in the past.
(“On one hand, this could be seen as a tacit admission that the ATO did/does not need access to stored communications,” the ATO submission states. “We would argue that the better view is that this is a powerful example of the restraint and good governance practices that the ATO exercises, coupled with the high threshold in order to apply for a stored communication warrant.”)
Making the ATO an enforcement agency was a recommendation of a 2015 report by parliament’s Joint Committee on Law Enforcement.
The ATO admits, however, that it has not been shut out of access telecommunications data: Instead it has been using the Commissioner’s formal information gathering powers in conjunction with Section 280 of the Telecommunications Act to obtain data from telcos.
In fact the ATO is one of more than 100 agencies using Section 280 to obtain metadata. (The Department of Home Affairs has endorsed the use of Section 280 in such a manner.) However, the ATO argues that use of Section 280 has “administrative and financial burdens” because telcos are permitted to charge an agency for the costs they incur when complying with a direction under the legislation.