<div dir="ltr"><div dir="ltr"><div class="gmail-rich-link gmail-tone-news--item gmail-rich-link--pillar-news"><div class="gmail-rich-link__container"><div class="gmail-rich-link__image-container gmail-u-responsive-ratio"><br>
</div></div></div><p><a href="https://www.theguardian.com/australia-news/2019/sep/11/home-affairs-unlawfully-accessed-stored-metadata-ombudsman-reveals">Home affairs unlawfully accessed stored metadata, ombudsman reveals</a></p><p><br></p><p>The home affairs department ordered companies to preserve metadata and used warrants to access it “without proper authority”<i><b> </b></i>and twice unlawfully accessed stored communications, according to an ombudsman’s report.</p>
<p>In a sequel to <a href="https://www.theguardian.com/australia-news/2019/jul/23/police-made-illegal-metadata-searches-and-obtained-invalid-warrants-targeting-journalists" class="gmail-u-underline">the report revealing 116 illegal metadata searches by the ACT police</a>, later <a href="https://www.theguardian.com/australia-news/2019/jul/26/act-police-admit-unlawfully-accessed-metadata-more-than-3000-times" class="gmail-u-underline">admitted to number more than 3,000</a>, the Commonwealth Ombudsman has declared that unlawful access by government agencies has “reduced significantly” since 2016-17.</p>
<p>But despite improved compliance, the ombudsman still found a litany
of errors between 1 July 2017 and 30 June 2018 such as 31 instances of
agencies receiving data outside the parameters of the authority,
including 26 at the home affairs department.</p>
<p>In 2015 law enforcement agencies gained the power to access
individuals’ metadata – information about a communication which does not
include its content – when investigating certain offences, subject to
oversight from the ombudsman.</p>
<div class="gmail-rich-link gmail-tone-news--item gmail-rich-link--pillar-news">
<div class="gmail-rich-link__container">
<div class="gmail-rich-link__image-container gmail-u-responsive-ratio">
</div></div></div><p></p><p>In its latest report, tabled in parliament on Tuesday, the ombudsman
concluded that agencies were “generally exercising their powers …
appropriately” but highlighted lapses including:...</p></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, 13 Aug 2019 at 15:53, Paul Wilkins <<a href="mailto:paulwilkins369@gmail.com">paulwilkins369@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">I found this rather cryptic observation in the <a href="https://www.aph.gov.au/DocumentStore.ashx?id=0076905f-bd1c-4536-8ff3-a90dd3ac6b18&subId=668584" target="_blank">submission</a> from the Inspector General of Intelligence and Security. It points out where metadata retained under the Data Retention regime, may be accessed without a warrant, where the data in question is not content. Such would obviously be the case where LEAs sought access to metadata datastreams using a TCN as the enabling authorisation. After due consideration of a number of other PJCIS submissions, I'm yet more confident than where I first laid out the case to PJCIS back last November, that a combination of s280/s313 or s177 and TCN would be sufficient for LEAs to gain access to metadata datastreams without warrant or any judicial or parliamentary oversite.<br><br><div style="margin-left:40px">It should also be noted that although the obligations in the Telecommunications Act 1997 prevent carriers and carriage service providers from disclosing telecommunications data without a warrant or authorisation in place, these obligations do not prevent agencies from accessing that data using other means. Any access by an agency to telecommunications data that does not require disclosure by a carrier or carriage service provider would therefore not require a warrant or authorisation, unless it also involved accessing content or unauthorised access to a computer.<br><br><b>Access to telecommunications data outside Chapter 4 of the TIA Act<br><br>The Committee may wish to discuss with relevant agencies the extent, if any, to which telecommunications data is accessed outside the framework provided by Chapter 4 of the TIA Act.</b><br></div><br>The Australian Information Commissioner's <a href="https://www.aph.gov.au/DocumentStore.ashx?id=8e675437-b875-4863-87cc-71b721280d8f&subId=668240" target="_blank">submission</a><a> </a>could also be regarded as making the case that s280/s313 substantiate warrantless access to metadata.<br><br><div style="margin-left:40px">The OAIC recommends that the Committee consider implementing an enforceable restriction on the agencies that are permitted to access telecommunications data, noting this was a safeguard that provided privacy protections in the absence of more formal mechanisms such as a warrant-based access regime. As the law currently stands, there appears to be mechanisms for accessing telecommunications data outside of the TIA Act that, while permitted, have the practical impact of reducing the effectiveness of safeguards in the TIA Act.<br></div><br>Kind regards<br><br>Paul Wilkins<br></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Sat, 27 Jul 2019 at 14:56, Paul Wilkins <<a href="mailto:paulwilkins369@gmail.com" target="_blank">paulwilkins369@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">Report in the Guardian today of judicial and governance experts increasingly concerned Australia is stifling journalism and State accountability playing the security trump card.<br><div><br></div><div><a href="https://www.theguardian.com/australia-news/2019/jul/27/national-security-being-used-to-stifle-public-interest-journalism-former-judges-warn" target="_blank">National security being used to stifle public interest journalism, former judges warn</a><br></div><div><br></div><div></div>As regards the consequences of this, Data Retention means that conventional avenues for whistleblowers to contact national media are severely curtailed, where the Feds can apply for journalist warrants, as they have recently, to go after the ABC et al. And as has been pointed out, no warrant is required to access data retention of non journalist sources suspected of leaking, which gives police an end around the journalist warrant process anyway.<br><br>Now from a jurisprudential prism within the Australian jurisdiction, this looks like a simple conflict of security versus accountability, but not so. Because of the reach of the internet beyond Australia's jurisdiction, the Data Retention regime creates a situation where whistleblowers have options. They can either leak their concerns to an Australian media organisation, and run the gambit of being exposed, or, they may prefer to leak to organisations outside the Australian jurisdiction, to organisations who won't have the national interest as a concern, nor the constraints of operating as a media organisation within the Australian jurisdiction. Which is kind of germane if you were say, inclined towards leaking matters pertaining to national security.<br><br>Kind regards<br><br>Paul Wilkins<br></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Wed, 17 Jul 2019 at 11:29, Mark Smith <<a href="mailto:markzzzsmith@gmail.com" target="_blank">markzzzsmith@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div><br></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Wed, 17 Jul 2019 at 10:32, Paul Wilkins <<a href="mailto:paulwilkins369@gmail.com" target="_blank">paulwilkins369@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><a href="https://www.aph.gov.au/DocumentStore.ashx?id=10156360-86ba-4fff-93c9-f2caa3577dd6&subId=668168" target="_blank">Comms Alliance submission</a> makes the case that the costs of Data Retention are not being properly compensated, with substantial incurred costs being a carrier expense. <br><br><div style="margin-left:40px">The initial capital costs incurred by industry to meet the requirements of the regime were<br>partially – but not fully – met via grants from Government. As has been highlighted in<br>information presented to the committee, industry has incurred a net cost to meet its<br>obligations under the regime of <b>at least $171m over a four year period</b>, despite cost-recovery mechanisms being in place.<br></div><br><div>This gets more interesting still, when you begin to consider the substantially more expensive and complex TCNs/TANs.</div></div></blockquote><div><br></div><div>The less carriers there are, the better suited it is to the government's surveillance agenda. It must have been really easy for LEAs to only have to deal with PMG and then Telecom. So if they cost a carrier out of business, they'll only be crying crocodile tears.<br></div><div><br></div><div>There are many threats to many parties in this agenda, that's perhaps one not really recognised. </div><div><br></div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div><br></div>Kind regards<br><br><br>Paul Wilkins</div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, 11 Jul 2019 at 11:50, Paul Wilkins <<a href="mailto:paulwilkins369@gmail.com" target="_blank">paulwilkins369@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">This enquiry has data retention back in the news, that and recent AFP execution of search warrants on journalists.<br><br><a href="https://www.aph.gov.au/Parliamentary_Business/Committees/Joint/Intelligence_and_Security/Dataretentionregime/Submissions" target="_blank">Link to PJCIS submissions</a><br><br>Kind regards<br><br>Paul Wilkins<br></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, 2 Jul 2019 at 11:38, Paul Wilkins <<a href="mailto:paulwilkins369@gmail.com" target="_blank">paulwilkins369@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">News this morning that the Victorian government is developing plans to use mobile apps to track commuters. The government argues the data will be used to improve travel times. This however, ignores the larger picture, that across all Australian governments, both State and Federal, there's a forward going agenda to widen the meta data kept on citizens - CCTV facial recognition, license plate capture, and that these data bases are being integrated by law enforcement.<br><br>So where there exists the theoretical possibility that data retention metadata can now, under existing law, be integrated into other law enforcement databases under TANs/TCNs, there is a genuine concern that blandishments by law enforcement that "we wouldn't do that" may not actually be an effective check on creeping extensions of police powers, and that there should in fact be legislated protections against the use of data retention datasets.<br><br>Kind regards<br><br>Paul Wilkins<br></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Fri, 21 Jun 2019 at 17:05, Paul Wilkins <<a href="mailto:paulwilkins369@gmail.com" target="_blank">paulwilkins369@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">Submissions close 1st July for those so foolhardy as to throw their random stream of consciousness into the void of Dep't Home Affairs' accountability.<br><br>And when you throw your random stream of consciousness into the void, the void throws its random stream of consciousness back at you, or something.<br><br>Kind regards<br><br>Paul Wilkins<br></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Sat, 13 Apr 2019 at 11:26, Paul Wilkins <<a href="mailto:paulwilkins369@gmail.com" target="_blank">paulwilkins369@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div dir="ltr">I raised the point in my PJCIS submissions regarding the Assistance and Access Act, that TANs/TCNs are potentially sufficient grounds to serve as authorisation under s280/s313 of the Telecommunications Act for the access of Data Retention datasets, and so provide the necessary enabling legislation for law enforcement to institute access to metadata datastreams.<br><br>I had thought with the election announced, there'd be some respite from this rinse/repeat cycle of calling for public submissions. Just when you thought it was safe to go back in the water.<br><br>Kind regards<br><br>Paul Wilkins<br><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Fri, 12 Apr 2019 at 19:29, Robert Hudson <<a href="mailto:hudrob@gmail.com" target="_blank">hudrob@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><br><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">---------- Forwarded message ---------<br>From: <b class="gmail_sendername" dir="auto">ITPA President</b> <span dir="ltr"><<a href="mailto:president@itpa.org.au" target="_blank">president@itpa.org.au</a>></span><br>Date: Wed, 10 Apr 2019 at 20:27<br>Subject: Fwd: PJCIS: REVIEW OF THE MANDATORY DATA RETENTION REGIME, INVITATION TO MAKE A SUBMISSION<br>To: <<a href="mailto:exec@itpa.org.au" target="_blank">exec@itpa.org.au</a>><br></div><br><br><div dir="ltr">FYI<br><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">---------- Forwarded message ---------<br>From: <b class="gmail_sendername" dir="auto">Little, Robert (REPS)</b> <span dir="ltr"><<a href="mailto:Robert.Little.Reps@aph.gov.au" target="_blank">Robert.Little.Reps@aph.gov.au</a>></span><br>Date: Fri, 5 Apr 2019 at 13:23<br>Subject: PJCIS: REVIEW OF THE MANDATORY DATA RETENTION REGIME, INVITATION TO MAKE A SUBMISSION<br>To: <br></div><br><br>
<div>
<font size="3" face="Calibri"><span style="font-size:12pt">
<div style="text-align:center" align="center"><b>PARLIAMENTARY JOINT COMMITTEE ON INTELLIGENCE AND SECURITY</b></div>
<div style="text-align:center" align="center"> </div>
<div style="text-align:center" align="center"><b>REVIEW OF THE MANDATORY DATA RETENTION REGIME</b></div>
<div style="text-align:center" align="center"> </div>
<div style="text-align:center" align="center"><b>INVITATION TO MAKE A SUBMISSION</b></div>
<div style="margin-top:5pt;margin-bottom:5pt"><font color="#222222">The Parliamentary Joint Committee on Intelligence and Security has commenced a review of the mandatory data retention regime proscribed by Part 5-1A of the <a href="https://www.legislation.gov.au/Details/C2019C00010" target="_blank"><font color="#1F538D"><i>Telecommunications
(Interception and Access) Act 1979 (TIA Act).</i></font></a> On behalf of the Committee I am writing to invite you to make a submission to the Committee’s review.</font></div>
<div style="margin-top:5pt;margin-bottom:5pt"><font color="#222222">The mandatory data retention regime is a legislative framework which requires carriers, carriage service providers and internet service providers to retain a defined set of telecommunications
data for two years, ensuring that such data remains available for law enforcement and national security investigations.</font></div>
<div style="margin-top:5pt;margin-bottom:5pt"><font color="#222222">Section 187N of the TIA Act provides for the review and requires the Committee to report by 13 April 2020. Terms of reference are available <a href="https://www.aph.gov.au/Parliamentary_Business/Committees/Joint/Intelligence_and_Security/Dataretentionregime/Terms_of_Reference" target="_blank"><font color="#1F538D">here</font></a>. </font></div>
<div style="margin-bottom:10pt"><font color="#222222">The Committee has resolved to focus on the following aspects of the legislation:</font></div>
<ul style="margin:0px;padding-left:36pt">
<font color="#222222">
<li style="margin-bottom:10pt">the continued effectiveness of the scheme, taking into account changes in the use of technology since the passage of the Bill;</li><li style="margin-bottom:10pt">the appropriateness of the dataset and retention period;</li><li style="margin-bottom:10pt">costs, including ongoing costs borne by service providers for compliance with the regime, any potential improvements to oversight, including in relation to journalist information warrants;</li><li style="margin-bottom:10pt">any regulations and determinations made under the regime;</li><li style="margin-bottom:10pt">the number of complaints about the scheme to relevant bodies, including the Commonwealth Ombudsman and the Inspector-General of Intelligence and Security;</li><li style="margin-bottom:10pt">security requirements in relation to data stored under the regime, including in relation to data stored offshore;</li><li style="margin-bottom:10pt">any access by agencies to retained telecommunications data outside the TIA Act framework, such as under the Telecommunications Act 1997; and</li><li style="margin-bottom:10pt">developments in international jurisdictions since the passage of the Bill.</li></font>
</ul>
<div style="margin-top:6pt;margin-bottom:6pt"><font color="#222222"><b>Making a submission</b></font></div>
<div style="margin-bottom:10pt"><font color="#222222">The Committee invites written submissions addressing any or all of the areas of focus for the Committee’s inquiry. Submissions should clearly identify which areas of focus are being addressed.</font></div>
<div style="margin-bottom:10pt"><font color="#222222">Prospective submitters are advised that any submission to the Committee’s inquiry must be prepared solely for the inquiry and should not be published prior to being accepted by the Committee. Documents
do not attract parliamentary privilege until they are accepted by the Committee. Documents submitted during the election period will be held by the Secretariat and provided to the Committee as established in the 46th Parliament.</font></div>
<div style="margin-bottom:10pt"><font color="#222222">Submissions are requested by <b>1 July 2019</b>. Further information about making a submission to a parliamentary committee inquiry is available <a href="https://www.aph.gov.au/Parliamentary_Business/Committees/House/Making_a_submission" target="_blank"><font color="#1F538D">here</font></a>. </font></div>
<div><font face="Calibri">Regards</font></div>
<div><font face="Calibri"> </font></div>
<div><font face="Calibri">Robert</font></div>
<div><font face="Calibri"> </font></div>
<div><font color="#006A4D"><b>Robert Little</b><font color="#E36C0A"><b> |</b></font><b> </b><font color="#E36C0A"><i>Inquiry Secretary</i></font></font></div>
<div><font size="2"><span style="font-size:11pt"><img src="cid:16a06c964b56d227b41"> </span></font></div>
<div><font size="2" color="#1F497D"><span style="font-size:10pt"><b>Parliamentary Joint Committee on Intelligence and Security</b></span></font></div>
<div><font size="2" color="#1F497D"><span style="font-size:9pt"><b>Department of the House of Representatives</b></span></font></div>
<div><font size="2" color="#665E56"><span style="font-size:9pt">PO Box 6021<font color="#A3A86B"> |</font> Parliament House<font color="#A3A86B"> |</font> Canberra ACT 2600</span></font></div>
<div><font size="2" color="#665E56"><span style="font-size:9pt">Ph. (02) 6277 4589<font color="#A3A86B"> |</font> <a href="http://www.aph.gov.au/pjcis" target="_blank"><font color="blue"><u>www.aph.gov.au/pjcis</u></font></a> </span></font></div>
<div><font size="2" color="#E36C0A"><span style="font-size:9pt"><b>Facebook:</b><font color="#006A4D"> </font><a href="http://www.facebook.com/aushouseofrepresentatives" target="_blank"><font face="Times New Roman" color="#665E56">@AusHouseofRepresentatives</font></a> | <b>Twitter:</b><font color="#006A4D"><b>
</b></font><font color="#665E56">@</font><a href="http://twitter.com/aboutthehouse" target="_blank"><font face="Times New Roman" color="#665E56">AboutTheHouse</font></a></span></font></div>
<div><font size="2" color="#1D1B11"><span style="font-size:11pt">Don’t take your organs to heaven, heaven knows we need them here. Register to be an organ donor <a href="http://www.medicareaustralia.gov.au/public/services/aodr/index.jsp" target="_blank"><font face="Times New Roman" color="blue"><u>here.</u></font></a></span></font></div>
<div><font size="2" color="#335A89"><span style="font-size:11pt"> </span></font></div>
<div><font size="2"><span style="font-size:11pt"> </span></font></div>
<div><font size="2"><span style="font-size:11pt"> </span></font></div>
<div><font size="2"><span style="font-size:11pt"> </span></font></div>
<div><font size="2"><span style="font-size:11pt"> </span></font></div>
<div><font size="2"><span style="font-size:11pt"> </span></font></div>
</span></font>
</div>
</div><br clear="all"><div><br></div>-- <br><div dir="ltr" class="gmail-m_-4787018788600927286gmail-m_948333541850979197gmail-m_3336166722032343368gmail-m_-3274210172175396238gmail-m_-97737782753200003gmail-m_1571230814365679130gmail-m_2271949781370823345gmail-m_-6908245961627283207gmail-m_-4555603965308785876m_740087192463200011gmail_signature"><div dir="ltr"><div><div dir="ltr">Regards,<div><br></div><div>Robert Hudson</div><div>President, ITPA</div><div><a href="mailto:president@itpa.org.au" target="_blank">president@itpa.org.au</a></div><div>0408 860 595<br></div></div></div></div></div></div>
</div></div>
_______________________________________________<br>
AusNOG mailing list<br>
<a href="mailto:AusNOG@lists.ausnog.net" target="_blank">AusNOG@lists.ausnog.net</a><br>
<a href="http://lists.ausnog.net/mailman/listinfo/ausnog" rel="noreferrer" target="_blank">http://lists.ausnog.net/mailman/listinfo/ausnog</a><br>
</blockquote></div>
</blockquote></div>
</blockquote></div>
</blockquote></div>
</blockquote></div>
_______________________________________________<br>
AusNOG mailing list<br>
<a href="mailto:AusNOG@lists.ausnog.net" target="_blank">AusNOG@lists.ausnog.net</a><br>
<a href="http://lists.ausnog.net/mailman/listinfo/ausnog" rel="noreferrer" target="_blank">http://lists.ausnog.net/mailman/listinfo/ausnog</a><br>
</blockquote></div></div>
</blockquote></div>
</blockquote></div>
</blockquote></div></div>