[AusNOG] Fwd: PJCIS: REVIEW OF THE MANDATORY DATA RETENTION REGIME, INVITATION TO MAKE A SUBMISSION

Paul Wilkins paulwilkins369 at gmail.com
Wed Nov 6 12:03:15 EST 2019


Upcoming Public Hearings
<https://www.aph.gov.au/Parliamentary_Business/Committees/Joint/Intelligence_and_Security/Dataretentionregime>

*06 Dec 2019:* Canberra, ACT




On Thu, 19 Sep 2019 at 10:21, Paul Wilkins <paulwilkins369 at gmail.com> wrote:

> NSW Police Force submission #39
> <https://www.aph.gov.au/DocumentStore.ashx?id=75170998-0442-4a5d-823e-3ed3898e44a1&subId=670049>
>
> On Wed, 11 Sep 2019 at 10:51, Paul Wilkins <paulwilkins369 at gmail.com>
> wrote:
>
>>
>> Home affairs unlawfully accessed stored metadata, ombudsman reveals
>> <https://www.theguardian.com/australia-news/2019/sep/11/home-affairs-unlawfully-accessed-stored-metadata-ombudsman-reveals>
>>
>>
>> The home affairs department ordered companies to preserve metadata and
>> used warrants to access it “without proper authority” and twice
>> unlawfully accessed stored communications, according to an ombudsman’s
>> report.
>>
>> In a sequel to the report revealing 116 illegal metadata searches by the
>> ACT police
>> <https://www.theguardian.com/australia-news/2019/jul/23/police-made-illegal-metadata-searches-and-obtained-invalid-warrants-targeting-journalists>,
>> later admitted to number more than 3,000
>> <https://www.theguardian.com/australia-news/2019/jul/26/act-police-admit-unlawfully-accessed-metadata-more-than-3000-times>,
>> the Commonwealth Ombudsman has declared that unlawful access by government
>> agencies has “reduced significantly” since 2016-17.
>>
>> But despite improved compliance, the ombudsman still found a litany of
>> errors between 1 July 2017 and 30 June 2018 such as 31 instances of
>> agencies receiving data outside the parameters of the authority, including
>> 26 at the home affairs department.
>>
>> In 2015 law enforcement agencies gained the power to access individuals’
>> metadata – information about a communication which does not include its
>> content – when investigating certain offences, subject to oversight from
>> the ombudsman.
>>
>> In its latest report, tabled in parliament on Tuesday, the ombudsman
>> concluded that agencies were “generally exercising their powers …
>> appropriately” but highlighted lapses including:...
>>
>> On Tue, 13 Aug 2019 at 15:53, Paul Wilkins <paulwilkins369 at gmail.com>
>> wrote:
>>
>>> I found this rather cryptic observation in the submission
>>> <https://www.aph.gov.au/DocumentStore.ashx?id=0076905f-bd1c-4536-8ff3-a90dd3ac6b18&subId=668584>
>>> from the Inspector General of Intelligence and Security. It points out
>>> where metadata retained under the Data Retention regime, may be accessed
>>> without a warrant, where the data in question is not content. Such would
>>> obviously be the case where LEAs sought access to metadata datastreams
>>> using a TCN as the enabling authorisation. After due consideration of a
>>> number of other PJCIS submissions, I'm yet more confident than where I
>>> first laid out the case to PJCIS back last November, that a combination of
>>> s280/s313 or s177 and TCN would be sufficient for LEAs to gain access to
>>> metadata datastreams without warrant or any judicial or parliamentary
>>> oversite.
>>>
>>> It should also be noted that although the obligations in the
>>> Telecommunications Act 1997 prevent carriers and carriage service providers
>>> from disclosing telecommunications data without a warrant or authorisation
>>> in place, these obligations do not prevent agencies from accessing that
>>> data using other means. Any access by an agency to telecommunications data
>>> that does not require disclosure by a carrier or carriage service provider
>>> would therefore not require a warrant or authorisation, unless it also
>>> involved accessing content or unauthorised access to a computer.
>>>
>>>
>>>
>>> *Access to telecommunications data outside Chapter 4 of the TIA ActThe
>>> Committee may wish to discuss with relevant agencies the extent, if any, to
>>> which telecommunications data is accessed outside the framework provided by
>>> Chapter 4 of the TIA Act.*
>>>
>>> The Australian Information Commissioner's submission
>>> <https://www.aph.gov.au/DocumentStore.ashx?id=8e675437-b875-4863-87cc-71b721280d8f&subId=668240> could
>>> also be regarded as making the case that s280/s313 substantiate warrantless
>>> access to metadata.
>>>
>>> The OAIC recommends that the Committee consider implementing an
>>> enforceable restriction on the agencies that are permitted to access
>>> telecommunications data, noting this was a safeguard that provided privacy
>>> protections in the absence of more formal mechanisms such as a
>>> warrant-based access regime. As the law currently stands, there appears to
>>> be mechanisms for accessing telecommunications data outside of the TIA Act
>>> that, while permitted, have the practical impact of reducing the
>>> effectiveness of safeguards in the TIA Act.
>>>
>>> Kind regards
>>>
>>> Paul Wilkins
>>>
>>> On Sat, 27 Jul 2019 at 14:56, Paul Wilkins <paulwilkins369 at gmail.com>
>>> wrote:
>>>
>>>> Report in the Guardian today of judicial and governance experts
>>>> increasingly concerned Australia is stifling journalism and State
>>>> accountability playing the security trump card.
>>>>
>>>> National security being used to stifle public interest journalism,
>>>> former judges warn
>>>> <https://www.theguardian.com/australia-news/2019/jul/27/national-security-being-used-to-stifle-public-interest-journalism-former-judges-warn>
>>>>
>>>> As regards the consequences of this, Data Retention means that
>>>> conventional avenues for whistleblowers to contact national media are
>>>> severely curtailed, where the Feds can apply for journalist warrants, as
>>>> they have recently, to go after the ABC et al. And as has been pointed out,
>>>> no warrant is required to access data retention of non journalist sources
>>>> suspected of leaking, which gives police an end around the journalist
>>>> warrant process anyway.
>>>>
>>>> Now from a jurisprudential prism within the Australian jurisdiction,
>>>> this looks like a simple conflict of security versus accountability, but
>>>> not so. Because of the reach of the internet beyond Australia's
>>>> jurisdiction, the Data Retention regime creates a situation where
>>>> whistleblowers have options. They can either leak their concerns to an
>>>> Australian media organisation, and run the gambit of being exposed, or,
>>>> they may prefer to leak to organisations outside the Australian
>>>> jurisdiction, to organisations who won't have the national interest as a
>>>> concern, nor the constraints of operating as a media organisation within
>>>> the Australian jurisdiction. Which is kind of germane if you were say,
>>>> inclined towards leaking matters pertaining to national security.
>>>>
>>>> Kind regards
>>>>
>>>> Paul Wilkins
>>>>
>>>> On Wed, 17 Jul 2019 at 11:29, Mark Smith <markzzzsmith at gmail.com>
>>>> wrote:
>>>>
>>>>>
>>>>>
>>>>> On Wed, 17 Jul 2019 at 10:32, Paul Wilkins <paulwilkins369 at gmail.com>
>>>>> wrote:
>>>>>
>>>>>> Comms Alliance submission
>>>>>> <https://www.aph.gov.au/DocumentStore.ashx?id=10156360-86ba-4fff-93c9-f2caa3577dd6&subId=668168>
>>>>>> makes the case that the costs of Data Retention are not being properly
>>>>>> compensated, with substantial incurred costs being a carrier expense.
>>>>>>
>>>>>>
>>>>>> The initial capital costs incurred by industry to meet the
>>>>>> requirements of the regime were
>>>>>> partially – but not fully – met via grants from Government. As has
>>>>>> been highlighted in
>>>>>> information presented to the committee, industry has incurred a net
>>>>>> cost to meet its
>>>>>> obligations under the regime of *at least $171m over a four year
>>>>>> period*, despite cost-recovery mechanisms being in place.
>>>>>>
>>>>>> This gets more interesting still, when you begin to consider the
>>>>>> substantially more expensive and complex TCNs/TANs.
>>>>>>
>>>>>
>>>>> The less carriers there are, the better suited it is to the
>>>>> government's surveillance agenda. It must have been really easy for LEAs to
>>>>> only have to deal with PMG and then Telecom. So if they cost a carrier out
>>>>> of business, they'll only be crying crocodile tears.
>>>>>
>>>>> There are many threats to many parties in this agenda, that's perhaps
>>>>> one not really recognised.
>>>>>
>>>>>
>>>>>
>>>>>>
>>>>>> Kind regards
>>>>>>
>>>>>>
>>>>>> Paul Wilkins
>>>>>>
>>>>>> On Thu, 11 Jul 2019 at 11:50, Paul Wilkins <paulwilkins369 at gmail.com>
>>>>>> wrote:
>>>>>>
>>>>>>> This enquiry has data retention back in the news, that and recent
>>>>>>> AFP execution of search warrants on journalists.
>>>>>>>
>>>>>>> Link to PJCIS submissions
>>>>>>> <https://www.aph.gov.au/Parliamentary_Business/Committees/Joint/Intelligence_and_Security/Dataretentionregime/Submissions>
>>>>>>>
>>>>>>> Kind regards
>>>>>>>
>>>>>>> Paul Wilkins
>>>>>>>
>>>>>>> On Tue, 2 Jul 2019 at 11:38, Paul Wilkins <paulwilkins369 at gmail.com>
>>>>>>> wrote:
>>>>>>>
>>>>>>>> News this morning that the Victorian government is developing plans
>>>>>>>> to use mobile apps to track commuters. The government argues the data will
>>>>>>>> be used to improve travel times. This however, ignores the larger picture,
>>>>>>>> that across all Australian governments, both State and Federal, there's a
>>>>>>>> forward going agenda to widen the meta data kept on citizens - CCTV facial
>>>>>>>> recognition, license plate capture, and that these data bases are being
>>>>>>>> integrated by law enforcement.
>>>>>>>>
>>>>>>>> So where there exists the theoretical possibility that data
>>>>>>>> retention metadata can now, under existing law, be integrated into other
>>>>>>>> law enforcement databases under TANs/TCNs, there is a genuine concern that
>>>>>>>> blandishments by law enforcement that "we wouldn't do that" may not
>>>>>>>> actually be an effective check on creeping extensions of police powers, and
>>>>>>>> that there should in fact be legislated protections against the use of data
>>>>>>>> retention datasets.
>>>>>>>>
>>>>>>>> Kind regards
>>>>>>>>
>>>>>>>> Paul Wilkins
>>>>>>>>
>>>>>>>> On Fri, 21 Jun 2019 at 17:05, Paul Wilkins <
>>>>>>>> paulwilkins369 at gmail.com> wrote:
>>>>>>>>
>>>>>>>>> Submissions close 1st July for those so foolhardy as to throw
>>>>>>>>> their random stream of consciousness into the void of Dep't Home Affairs'
>>>>>>>>> accountability.
>>>>>>>>>
>>>>>>>>> And when you throw your random stream of consciousness into the
>>>>>>>>> void, the void throws its random stream of consciousness back at you, or
>>>>>>>>> something.
>>>>>>>>>
>>>>>>>>> Kind regards
>>>>>>>>>
>>>>>>>>> Paul Wilkins
>>>>>>>>>
>>>>>>>>> On Sat, 13 Apr 2019 at 11:26, Paul Wilkins <
>>>>>>>>> paulwilkins369 at gmail.com> wrote:
>>>>>>>>>
>>>>>>>>>> I raised the point in my PJCIS submissions regarding the
>>>>>>>>>> Assistance and Access Act, that TANs/TCNs are potentially sufficient
>>>>>>>>>> grounds to serve as authorisation under s280/s313 of the Telecommunications
>>>>>>>>>> Act for the access of Data Retention datasets, and so provide the necessary
>>>>>>>>>> enabling legislation for law enforcement to institute access to metadata
>>>>>>>>>> datastreams.
>>>>>>>>>>
>>>>>>>>>> I had thought with the election announced, there'd be some
>>>>>>>>>> respite from this rinse/repeat cycle of calling for public submissions.
>>>>>>>>>> Just when you thought it was safe to go back in the water.
>>>>>>>>>>
>>>>>>>>>> Kind regards
>>>>>>>>>>
>>>>>>>>>> Paul Wilkins
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On Fri, 12 Apr 2019 at 19:29, Robert Hudson <hudrob at gmail.com>
>>>>>>>>>> wrote:
>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> ---------- Forwarded message ---------
>>>>>>>>>>> From: ITPA President <president at itpa.org.au>
>>>>>>>>>>> Date: Wed, 10 Apr 2019 at 20:27
>>>>>>>>>>> Subject: Fwd: PJCIS: REVIEW OF THE MANDATORY DATA RETENTION
>>>>>>>>>>> REGIME, INVITATION TO MAKE A SUBMISSION
>>>>>>>>>>> To: <exec at itpa.org.au>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> FYI
>>>>>>>>>>>
>>>>>>>>>>> ---------- Forwarded message ---------
>>>>>>>>>>> From: Little, Robert (REPS) <Robert.Little.Reps at aph.gov.au>
>>>>>>>>>>> Date: Fri, 5 Apr 2019 at 13:23
>>>>>>>>>>> Subject: PJCIS: REVIEW OF THE MANDATORY DATA RETENTION REGIME,
>>>>>>>>>>> INVITATION TO MAKE A SUBMISSION
>>>>>>>>>>> To:
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> *PARLIAMENTARY JOINT COMMITTEE ON INTELLIGENCE AND SECURITY*
>>>>>>>>>>>
>>>>>>>>>>> *REVIEW OF THE MANDATORY DATA RETENTION REGIME*
>>>>>>>>>>>
>>>>>>>>>>> *INVITATION TO MAKE A SUBMISSION*
>>>>>>>>>>> The Parliamentary Joint Committee on Intelligence and Security
>>>>>>>>>>> has commenced a review of the mandatory data retention regime proscribed by
>>>>>>>>>>> Part 5-1A of the *Telecommunications (Interception and Access)
>>>>>>>>>>> Act 1979 (TIA Act).*
>>>>>>>>>>> <https://www.legislation.gov.au/Details/C2019C00010> On behalf
>>>>>>>>>>> of the Committee I am writing to invite you to make a submission to the
>>>>>>>>>>> Committee’s review.
>>>>>>>>>>> The mandatory data retention regime is a legislative framework
>>>>>>>>>>> which requires carriers, carriage service providers and internet service
>>>>>>>>>>> providers to retain a defined set of telecommunications data for two years,
>>>>>>>>>>> ensuring that such data remains available for law enforcement and national
>>>>>>>>>>> security investigations.
>>>>>>>>>>> Section 187N of the TIA Act provides for the review and requires
>>>>>>>>>>> the Committee to report by 13 April 2020. Terms of reference are available
>>>>>>>>>>> here
>>>>>>>>>>> <https://www.aph.gov.au/Parliamentary_Business/Committees/Joint/Intelligence_and_Security/Dataretentionregime/Terms_of_Reference>
>>>>>>>>>>> .
>>>>>>>>>>> The Committee has resolved to focus on the following aspects of
>>>>>>>>>>> the legislation:
>>>>>>>>>>>
>>>>>>>>>>>    - the continued effectiveness of the scheme, taking into
>>>>>>>>>>>    account changes in the use of technology since the passage of the Bill;
>>>>>>>>>>>    - the appropriateness of the dataset and retention period;
>>>>>>>>>>>    - costs, including ongoing costs borne by service providers
>>>>>>>>>>>    for compliance with the regime, any potential improvements to oversight,
>>>>>>>>>>>    including in relation to journalist information warrants;
>>>>>>>>>>>    - any regulations and determinations made under the regime;
>>>>>>>>>>>    - the number of complaints about the scheme to relevant
>>>>>>>>>>>    bodies, including the Commonwealth Ombudsman and the Inspector-General of
>>>>>>>>>>>    Intelligence and Security;
>>>>>>>>>>>    - security requirements in relation to data stored under the
>>>>>>>>>>>    regime, including in relation to data stored offshore;
>>>>>>>>>>>    - any access by agencies to retained telecommunications data
>>>>>>>>>>>    outside the TIA Act framework, such as under the Telecommunications Act
>>>>>>>>>>>    1997; and
>>>>>>>>>>>    - developments in international jurisdictions since the
>>>>>>>>>>>    passage of the Bill.
>>>>>>>>>>>
>>>>>>>>>>> *Making a submission*
>>>>>>>>>>> The Committee invites written submissions addressing any or all
>>>>>>>>>>> of the areas of focus for the Committee’s inquiry. Submissions should
>>>>>>>>>>> clearly identify which areas of focus are being addressed.
>>>>>>>>>>> Prospective submitters are advised that any submission to the
>>>>>>>>>>> Committee’s inquiry must be prepared solely for the inquiry and should not
>>>>>>>>>>> be published prior to being accepted by the Committee. Documents do not
>>>>>>>>>>> attract parliamentary privilege until they are accepted by the Committee.
>>>>>>>>>>> Documents submitted during the election period will be held by the
>>>>>>>>>>> Secretariat and provided to the Committee as established in the 46th
>>>>>>>>>>> Parliament.
>>>>>>>>>>> Submissions are requested by *1 July 2019*. Further information
>>>>>>>>>>> about making a submission to a parliamentary committee inquiry is available
>>>>>>>>>>> here
>>>>>>>>>>> <https://www.aph.gov.au/Parliamentary_Business/Committees/House/Making_a_submission>
>>>>>>>>>>> .
>>>>>>>>>>> Regards
>>>>>>>>>>>
>>>>>>>>>>> Robert
>>>>>>>>>>>
>>>>>>>>>>> *Robert Little** |* *Inquiry Secretary*
>>>>>>>>>>> *Parliamentary Joint Committee on Intelligence and Security*
>>>>>>>>>>> *Department of the House of Representatives*
>>>>>>>>>>> PO Box 6021 | Parliament House | Canberra ACT 2600
>>>>>>>>>>> Ph. (02) 6277 4589 | *www.aph.gov.au/pjcis*
>>>>>>>>>>> <http://www.aph.gov.au/pjcis>
>>>>>>>>>>> *Facebook:* @AusHouseofRepresentatives
>>>>>>>>>>> <http://www.facebook.com/aushouseofrepresentatives> | *Twitter:*
>>>>>>>>>>> @AboutTheHouse <http://twitter.com/aboutthehouse>
>>>>>>>>>>> Don’t take your organs to heaven, heaven knows we need them
>>>>>>>>>>> here. Register to be an organ donor *here.*
>>>>>>>>>>> <http://www.medicareaustralia.gov.au/public/services/aodr/index.jsp>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> --
>>>>>>>>>>> Regards,
>>>>>>>>>>>
>>>>>>>>>>> Robert Hudson
>>>>>>>>>>> President, ITPA
>>>>>>>>>>> president at itpa.org.au
>>>>>>>>>>> 0408 860 595
>>>>>>>>>>> _______________________________________________
>>>>>>>>>>> AusNOG mailing list
>>>>>>>>>>> AusNOG at lists.ausnog.net
>>>>>>>>>>> http://lists.ausnog.net/mailman/listinfo/ausnog
>>>>>>>>>>>
>>>>>>>>>> _______________________________________________
>>>>>> AusNOG mailing list
>>>>>> AusNOG at lists.ausnog.net
>>>>>> http://lists.ausnog.net/mailman/listinfo/ausnog
>>>>>>
>>>>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20191106/1be93018/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Picture (Device Independent Bitmap) 1.jpg
Type: image/jpeg
Size: 1136 bytes
Desc: not available
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20191106/1be93018/attachment.jpg>


More information about the AusNOG mailing list