[AusNOG] (Abuse of) mandatory data retention information.

Wed May 2 11:56:39 EST 2018

Yes Ross, as droll as it seems, I've read some of the pertinent
legislation, prior to posting my opinions in public.

However I doubt even experts have read all the legislation.

The guidelines don't specify paragraph that entitles the state to demand
retained data. As far as I'm aware, the only mechanism would be judicial
writ. That was (apart from security agencies) the case prior to the Data
Retention legislation, and as the guidelines say, not much has changed.

If someone cares to point out where in the legislation authorised officers
can request data retained under Data Retention without a judicial writ, I'd
be grateful, and it would be news to me.

Kind regards

Paul Wilkins

On 2 May 2018 at 11:23, Ross Wheeler <ausnog at rossw.net> wrote:

>
>
> On Wed, 2 May 2018, Paul Wilkins wrote:
>
> I am not a lawyer. This is not legal opinion.
>>
>
> I don't mean to be irritating, but have you actually read the legislation,
> Paul?
> From https://www.ag.gov.au/dataretention
>
> Access to telecommunications data under the Act is subject to a number of
> safeguards. In particular:
>
>     access to data is limited to a defined list of law enforcement and
> national security agencies
>     agencies that may access data are subject to independent oversight by
> the Commonwealth Ombudsman, or by the Inspector-General of Intelligence and
> Security in the case of the Australian Security Intelligence Organisation
> (ASIO)
>     the Attorney-General reports to Parliament on the operation of the
> data retention scheme each year
>     where ASIO or enforcement agencies require access to a journalists
> data for the purpose of identifying a source, those agencies are required
> to obtain a warrant, and report all such requests to their independent
> respective oversight body.
>
>
>
> So the only ones requiring a warrant is where the information sought is
> known to be that of a journalist.
>
>
> From https://www.ag.gov.au/NationalSecurity/DataRetention/Documen
> ts/DataRetentionGuidelinesForServiceProviders.pdf
>
> 12. Access by law enforcement
> Access to telecommunications data by law enforcement and national security
> agencies is substantively unchanged by the data retention obligations.
>
> The legislation continues to enable a limited group of enforcement and
> security agencies to authorise the disclosure of telecommunications data in
> certain circumstances. Providers are required by the Telecommunications Act
> to give such help as is reasonably necessary in responding to those
> requests.
>
> Service providers must provide help to agencies requesting access to
> retained
> data on the basis that the service provider neither profits from nor bears
> the cost of giving that help.
>
> Where access to data is required an authorised officer of an enforcement
> agency or an eligible person in a security agency will approach the service
> provider and request the data that is subject to an authorisation.
> If the provider is uncertain about the credentials of the authorised
> officer or eligible person, the provider can contact the requesting agency
> or the CAC to confirm whether the person has the authority to make the
> request.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20180502/6beb17ba/attachment.html>