Authorities accessed over 237,000 records in first 9 months of $198.5m metadata retention scheme

Long-term retention of telecommunications metadata helped law-enforcement authorities access 40,425 metadata records that were 3 months old or older, the Attorney-General’s Department has revealed in its first glimpse of the performance of its controversial telecommunications metadata retention scheme.

The figures outline the use of telecommunications intercepts that were heavily used across all manner of serious crimes. Bribery, corruption, dishonesty, serious fraud and serious drug offences were cited by the most law-enforcement agencies in all requests for telecommunications interception warrants, while NSW Police and the Australian Federal Police relied on such warrants while investigating the broadest range of offences.

Published within the department’s annual review of telecommunications interception legislation, the figures suggest very different investigative styles between states: NSW Police lodged 846 requests related to serious drug offences, for example, compared with just 57 such requests in Victoria and 212 in Queensland.

By comparison, interception data were requested in just 241 terrorism investigations – similar in volume to the 240 warrants related to investigations of organised crime.

Overall, telecommunications interception warrants led to 3019 arrests during the year – as well as 3726 prosecutions and 1812 convictions were recorded in which lawfully intercepted information was given in evidence. Reported enforcement costs across all agencies totalled $70.4m.

Lawfully intercepted information was used in 100 cybercrime prosecutions within NSW and no other cases across other police jurisdictions; some 22 cybercrime convictions were recorded in cases where the data was used.

By contrast, intercepted information on serious drug offences were 149 prosecutions and 77 convictions, while intercepted data was used in 2015 prosecutions for trafficking in prescribed substances, which resulted in 1112 convictions. The information was used in 12 terrorism-related prosecutions that resulted in 4 convictions.

While those figures reflect the use of telecommunications interception overall, the report also includes the first-ever breakdown of the usage of ‘retained data’ kept under Australia’s metadata retention scheme, which was introduced by the Turnbull government in 2015 with the support of police despite widespread concerns that it represented mass surveillance and a gross violation of privacy.

Agencies accessed metadata 237,071 times during the reporting period, of which 196,646 (82.9 percent) accesses came within 3 months of the data being generated; this information “is commonly used at the beginning of an investigation to identify and eliminate suspects”, the report says, and includes instantaneous requests such as subscriber checks.

Retaining data for a longer period proved useful to authorities, with 28,523 accesses to data that was 3 to 12 months old; 7403 accesses to data that was 1 to 2 years old; and 4499 accesses to data that was more than 2 years old.

Victoria Police were the biggest users of historical data, accessing 10,863 records that were 3 to 12 months old; this compares with 5590 by NSW Police, 4421 by the AFP, and 2249 by Queensland Police.

The Department of Immigration and Border Protection (DIBP) made 1905 requests for metadata during the year, while ASIC made 1383. Some 33 authorisations for journalist information were made under two journalist information warrants (JIWs) issued to the Western Australian Police; the JIW scheme has been controversial, especially after an AFP investigator controversially accessed a journalist’s call records earlier this year without a warrant.

Mass data retention remains contentious, with one European Union judge arguing that the powers should only be used to fight serious crime and an Austrian court invalidating metadata retention in 2014 on the grounds that it is unconstitutional.

Under the Australian legislation, around 70 percent of metadata requests related to ‘subscriber data’ – information identifying the user of a telecommunications service – while the remainder related to ‘traffic data’ that identifies details such as the time, duration and source of a communication. NSW Police made the most requests for subscriber data but Victoria Police requested traffic data most often.

The scheme was controversial amongst the telecommunications providers charged with enforcing it, which said the scheme would impose a significant cost on them. The annual report confirmed the data-retention scheme had imposed $198.5m in capital costs, with $128.4m in subsidies provided to 180 telecommunications providers; most received a government grant equal to up to 80 percent of their implementation costs.

The data cover the period from 13 October 2015, when the new Data Retention Act restricted access to telecommunications data to 21 named agencies and legislation introduced new reporting requirements.

During that time, criminal law-enforcement agencies made 332,639 authorisations for historical telecommunications data – most of which related to criminal investigations. That was a sharp decline from the previous year, with every jurisdiction except the ACC, ASIC, and South Australia and Victoria Police showing a decline in authorisations.

Despite patrolling the nation’s most populous state, NSW Police were well behind their peers in the use of prospective data authorisations – approvals to access information or documents that come into existence during an authorisation period. NSW police only lodged 898 such authorisations during the year, compared with 6733 in Victoria, 4191 in Queensland, 1073 in WA and 2592 by the Australian Federal Police.

The AFP was also revealed to have been sharing telecommunications data with foreign investigators, with 53 requests for data made and 23 granted to agencies in countries including Taiwan, Hong Kong, Serbia, Switzerland, Argentina, Indonesia, Ireland, China, Spain, and France.

Copyright © 2017 IDG Communications, Inc.

The 10 most powerful cybersecurity companies