ASIO weighs in on data retention proposals

ASIO already has access to communications data through internal authorisation - but supports expanding the laws to provide greater certainty to law enforcement when it comes to communications metadata

A submission by intelligence agency ASIO to the Joint Parliamentary Committee on Intelligence and Security's inquiry on new data retention laws has been made public, with the organisation stating the interception of telecommunications data is critical for law enforcement agencies to do their job.

In its five-page submission, ASIO outlined the power law enforcement agencies already have when it comes to accessing communications data.

ASIO can currently access the content of communications relevant to investigations by seeking a warrant, but can access the information about communications -- such as parties involved in the communication and the date time and duration of communication of the parties -- with just internal authorisation.

The submission states that this metadata, or ‘communications associated data (CAD)’, as ASIO describes it, has become increasingly scarce due to changes in the telecommunications industry such as the shift to increased use of IP for communications and volume billing instead of transaction-based (per message or per call) billing.

“For many years law enforcement and security agencies (as well as many others) have been able to request CAD [communications associated data] from any carrier or carriage service provider. Agencies access … this information through an internal authorisation. This power already exists; a brand new power is not being sought,” ASIO stated in its submission.

"To the extent possible, agencies are seeking greater certainty that the information needed to protect the community will be there when they need it.

"In that sense agencies are looking to access the same general information they have been accessing for many years; information that would enable them to trace the participants of a communication in retrospect, when the communication occurred and ideally where the parties were."

This information could include information about the parties involved in the communication; the date, time and duration of communication; the method of communication, such as an email or phone call; and identify the location of the parties involved.

“In this context, agencies are not seeking access to the content of communications,” it says in its submission.

Like Attorney-General Nicola Roxon, who has stepped up her campaign to quell public and industry concern over the data retention proposals, ASIO has indicated that it is not seeking new powers to access the content of communications.

ASIO devotes several pages of its submission detailing its requirement to seek warrants when it wishes to access the content of communication, with warrants to be approved by the Attorney-General or authorised under the Telecommunications (Interception and Access) Act.

However, accessing communications metadata is "vital to law enforcement and security intelligence agencies for pre-warrant checks, investigative leads, intelligence and evidentiary corroboration,” ASIO’s submission states.

ASIO has also backed the proposals to retain data for two years due to investigations typically taking years to complete – shorter time periods could pose a risk to agencies not being able to progress an investigation properly, it said.

“The reform proposals are about properly equipping our law enforcement, security and intelligence professionals to do the job that Australians have entrusted to them. They are also about continuing to ensure that the Australian telecommunications sector is properly protected,” ASIO said.

ASIO’s submission also highlights the potential privacy implications of data retention, with it suggesting new penalties be introduced for people misusing stored data and a data breach notification scheme to be set up.

Follow Stephanie McDonald on Twitter: @stephmcdonald0

Follow Computerworld Australia on Twitter: @ComputerworldAU

Join the Computerworld Australia group on Linkedin. The group is open to IT Directors, IT Managers, Infrastructure Managers, Network Managers, Security Managers, Communications Managers.

References show all

Comments

scott2bfunlovin

1

Maybe they will open our snail mail as well and hold onto that info for a couple of years as well. Take any piece of infomation out of context and what good is it anyway. They will just make the Sh_t up as they go. Sound more like China then Australia to me.

anon

2

yeaaa... sure they'll be able to keep that stored data secure... uhuh.

Safeguard the community my back side.

Comments are now closed.
Related Whitepapers
Latest Stories
Community Comments
Whitepapers
All whitepapers

UPDATED: 4G in Australia: The state of the nation

READ THIS ARTICLE
DO NOT SHOW THIS BOX AGAIN [ x ]
Sign up now to get free exclusive access to reports, research and invitation only events.

Computerworld newsletter

Join the most dedicated community for IT managers, leaders and professionals in Australia