It might have only cost AU$35 million this year, but the cumulative cost of Australia’s metadata retention scheme are now over AU$211 million, against total recuperations of AU$39 million.
The numbers were contained with the Telecommunications (Interception and Access) Act 1979 – Annual Report for the year ending 30 June 2018 [PDF], with the reading consistent with past issues.
Of the 301,113 metadata requests made in the year, enforcing criminal law took up the majority of requests, with 295,779 made. Drug offences still top the table for most authorisations with 67,600, while homicide had 33,000 authorisations, followed by fraud, miscellaneous criminal acts, robbery, and abduction.
As previously revealed by enforcement agencies in submissions to the Parliamentary Joint Committee on Intelligence and Security (PJCIS) review of the data retention regime, the most requested data set age is 3 months or younger.
The report revealed that almost a third of the authorisations made were for subscriber data, which includes categories such as name, address, phone number, email address, whether an account is active or suspended, or if the account is roaming.
Beyond metadata, for the period of the report, enforcement agencies gained 3,524 interception warrants which where used for 2,429 arrests, 5,415 prosecutions, and 3,516 convictions.
“Law enforcement agencies made 412 arrests, conducted 611 proceedings,and obtained 356 convictions based on evidence obtained under stored communications warrants,” the report said.
NSW Police accounted for a third of authorisations with 99,200, followed by Victoria Police with 90,100, then WA Police with 21,300, and the Federal Police with 19,400 metadata authorisations.
In another submission to the PJCIS review, the Law Council of Australia has called for the introduction of warrants and a crime threshold for agencies to have access to two years’ worth of customers’ call records, location information, IP addresses, billing information, and other data stored by carriers without the need for a warrant.
“The Law Council considers that access to the telecommunications data by a particular agency should only be accessible by warrant unless the access is strictly necessary due to an emergency situation,” the Council wrote.
The Council also called for the existing journalist protections to be extended to the population as a whole.
“There is requirement for a warrant to be issued before access can be permitted to the telecommunications data of a journalist, the same requirement for a warrant should apply in relation to accessing the metadata of all members of the Australian community,” the submission said.
Agencies that are allowed to view metadata should be spelled out in legislation, Law Council of Australia states.
Use of legacy applications allow Optus to seek an exemption from the rules.
Agencies are very happy with Australia’s data retention scheme, with one using it in 90% of investigations.
The Communications Alliance has listed 27 other agencies that have tried to access metadata following the introduction of Australia’s data retention regime.
Detrimental effects are both real and perceived, according to Australian cloud provider.