Why the kilo cops want access to ‘metadata’

Frozen yoghurt fraudsters beware: The National Measurement Institute wants your telecommunications data

The most recent report on the use of the Telecommunications (Interception and Access) Act 1979 revealed a startling array of organisations that employed the TIA Act to obtain warrant-free access to historical telecommunications data, such as call records.

The report on the operation of the act is issued annually by the Attorney-General’s Department.

Alongside police and security agencies, organisations that accessed so-called ‘metadata’ in 2014-15 included the Civil Aviation Safety Authority, Roads and Maritime Services NSW, Primary Industries and Regions (South Australia), and the RSPCA.

The coming into effect in October of the data retention regime meant that for most of these organisations, accessing historical telco data without a warrant is now an investigative tool they no longer have access to.

However, some 61 agencies have applied to be listed as authorised enforcement agencies under the provisions of the data retention scheme.

Alongside a swathe of federal and state government departments are some more unusual applicants, ranging from Bankstown City Council to Victoria’s Taxi Services Commission.

One applicant that caught the attention of many commentators was the National Measurement Institute: A federal agency that sits under the Department of Industry, Innovation and Science.

The NMI describes itself as “Australia’s ‘one-stop shop’ for measurement and sits at the peak of Australia’s measurement system”.

“NMI is responsible for maintaining Australia's units and standards of measurement and for realising those units of measurement through the development and maintenance of standards of measurement, reference materials and reference techniques,” the organisation says on its website.

“On 1 July 2010, NMI became responsible for trade measurement. NMI is now responsible for the full spectrum of measurement, from the peak primary standards of measurement to measurements made at the domestic trade level.”

The organisation is not new to ‘metadata’; the TIA Act annual reports reveal that in 2014-15 the NMI authorised access to telecommunications data on one occasion. In 2013-14 it also authorised access on one occasion.

On both occasions the access was related to “enforcement of a law imposing a pecuniary penalty or the protection of the public revenue”, the TIA Act report states.

(The NMI didn’t access any data in 2012-13, that year’s report reveals.)

At the time of the release of 2014-15 report, the NMI did not respond to repeated requests for comment on why it was accessing telecommunications data and whether it had applied to be an authorised agency for the purposes of the data retention scheme.

Documents obtained by Computerworld under freedom of information and made available online (see below) outline the NMI’s justifications for seeking to be part of the data retention regime.

The agency is seeking ongoing access to telco data in its efforts to ensure a kilo is a kilo when consumers and businesses make purchases. In particular, it has argued that it requires access to telecommunications data to identify rogue traders.

“The continued ability to access telecommunications data, specifically the name and address of a trader suspected of breaching trade measurement law, will be a valuable tool for the Institute's trade measurement inspectors investigating alleged breaches of the law, issuing pecuniary penalties, and making referrals to the Commonwealth Director of Public Prosecutions,” the NMI’s chief executive, Dr Peter Fisk, wrote in the organisation's submission to the Attorney-General’s Department seeking to be an authorised agency.

The NMI is seeking access to telecommunications data to help it enforce the provisions of the National Measurement Act 1960 and the National Trade Measurement Regulations 2009, the submission states.

“Australian businesses and consumers purchase millions of goods every day expecting that they will receive the correct weight, volume or length of the goods they've paid for,” Fisk’s submission states.

“NMI's national trade measurement compliance program supports the economic well-being of the country and the efficient operation of the market by helping to ensure that businesses and consumers can have confidence that they are receiving fair measure.”

“Trade measurement inspectors may be hindered in their investigation of breaches of trade measurement law by being unable to identify a trader suspected of breaching the law or establishing their place of business,” the submission states.

“It is not uncommon for traders to provide only a mobile/landline phone number when advertising their products,” the document states.

“When investigating an alleged short measure or other breach of the law in a transaction where the only contact information provided by the trade is a telephone number, inspectors are unable to identify and locate the alleged perpetrator. The increase in on-line trading is exacerbating this difficulty. This impedes the investigation and, in some cases, places NMI inspectors in a position where they are unable to proceed and alleged breaches of the law are allowed to continue.”

The submission says NMI inspectors would use ongoing access to telecommunications data to obtain the name and address of traders suspected of breaching the National Measurement Act 1960 or the National Trade Measurement Regulations 2009 in order to conduct interviews, inspect premises (including measuring instruments, trading practices, and pre-packaged goods) as well as undertake enforcement actions including issuing fines or referring traders to the Director of Public Prosecutions.

In a supplementary submission lodged with the Attorney-General’s Department, the NMI states that compliance monitoring is likely to lead to an increased need for access to telecommunications data in the future.

The supplementary submission adds that the growth in online commerce is “also likely to result in an increased need for access to telecommunications data in the future”.

The NMI summary of its 2014-15 compliance activity reveals it inspected more than 11,000 business premises and tested more than 10,000 measuring instruments.

During the year the agency issued 3962 non-compliance notices, issued 139 warnings, imposed 98 fines (totalling $92,660) and referred four matters for possible prosecution.

The NMI had two areas of focus during the year, the summary states: Trading practices relating to use of scales in retail businesses; and remote locations, with an emphasis on Aboriginal and Torres Strait Islander communities.

“As part of the targeted inspection program directed to proper use of scales, NMI inspectors made anonymous ‘trial purchases’ at more than 720 businesses,” the summary report states.

“Inspectors issued non-compliance notices for incorrect use of scales and/or not properly accounting for the weight of packaging at almost a third (241) of those premises. The program identified particular issues among franchise businesses in the confectionary and dairy products (frozen yoghurt) sectors.”



Join the Computerworld newsletter!

Error: Please check your email address.

Tags data retentiondata retention planprivacy

More about Attorney-GeneralBankstown City CouncilCivil Aviation Safety AuthorityCommonwealth Director of Public ProsecutionsMaritime ServicesNational Measurement Institute

Show Comments

Market Place