Under Australia’s data retention laws, the number of enforcement agencies able to warrantlessly access customer call records, location information, IP addresses, billing information, and other data stored for two years by telecommunications carriers is restricted to 21.
But in a submission [PDF] released today, the Communications Alliance (CA) has said a number of government agencies are skirting the restrictions and remain able to call upon telcos to produce data they are interested in.
According to CA, because the metadata laws force telcos to respond to any lawful information requests, some agencies have been able to cite powers contained in their own statutes to demand data.
“Such agencies include local councils (who request access to data to manage minor traffic offences, unlawful removal of trees, illegal rubbish dumping, and billposters), the RSPCA, the Environment Protection Authority, and state coroners, to name a few,” CA said.
“The use of these other powers to access communications data appears to circumvent protections in the Act and TIA Act.”
Since these agencies are accessing data and bypassing the data retention laws, they are not reimbursing carriers for the costs incurred in providing the data, CA said, nor are they required to consider privacy, maintain records, or only make requests for the enforcement of criminal law.
After the passage of Australia’s data retention laws, 61 agencies that were denied continuing access to telco data applied to reinstate their former powers.
In November 2015, Victorian Attorney-General and Minister for Racing Martin Pakula requested access to metadata in order to prevent corruption in the racing industry.
“I can confirm that his previous access to historical telecommunications data has been critical in the effective conduct of his functions under the Racing Act 1958 (Vic), and I would respectfully request that you give urgent consideration to reinstating access as was authorised prior to 13 October 2015,” Pakula said in a letter to Attorney-General George Brandis.
The Attorney-General’s Department and the Department of Communications are currently conducting a review of the use of metadata in civil court cases.
From April 13, any data stored solely for compliance with the data retention laws will not be able to be used in a civil court case. Data that is used for other purposes by carriers will remain available for civil proceedings.
A report on the review is due to be tabled in Parliament on the same day.