Corporate watchdog eyes telecommunications interception powers
- 27 September, 2012 17:34
The Australian Securities and Investments Commission would like reforms to the Telecommunications (Interception and Access) Act 1979 to make it possible for the corporate regulator to obtain telecommunications intercepts and gain access to information that other law enforcement agencies have obtained through such means.
Commissioner Greg Tanzer told the Parliamentary Joint Committee on Intelligence and Security that ASIC felt hamstrung because at the moment, although it can obtain access to stored communications by obtaining a warrant, it can't get warrants for intercepts. Nor can other law enforcement agencies share lawfully obtain intelligence gathered through intercepts.
The joint committee is currently examining reforms to the Telecommunications (Interception and Access) Act 1979, the Telecommunications Act 1997, the Australian Security Intelligence Organisation Act 1979 and the Intelligence Services Act 2001.
"We propose that consideration be given to enhancing ASIC's ability to receive and use lawfully intercepted information for the purposes of its investigations and prosecutions," Tanzer said. "In particular, to be clear, ASIC would like to have the ability to seek telecommunications interception warrants just like we can currently seek stored communication warrants.
"If the interceptions authorised by those warrants have to be undertaken by an existing interception agency, such as the Australian Federal Police rather than ASIC itself ... such an arrangement would basically replicate the current arrangement, the current model that is in place for search warrants issued under the Crimes Act, which ASIC considers to be highly effective."
ASIC can currently apply to a magistrate for a search warrant that is then executed by the Australian Federal Police with the assistance of ASIC, Tanzer said.
"In the past there's been a number of cases where other law enforcement agencies in the course of conducting their own investigations into other offences have lawfully recorded telecommunications which relate to alleged serious offences against the Corporations Act but they've been prohibited from sharing that information with ASIC because of existing restrictions in the TIA Act; in particular that we are not an interception agency.
"We consider that situation to be highly inefficient and unjustifiable in principle."
Tanzer told the inquiry that ASIC would also "strongly support" a mandatory minimum retention period for both telecommunications data and stored communications.
"We note that the introduction of a mandatory retention period wouldn't actually increase law enforcement powers in this field, but it would assist in ensuring that the existing powers retain their utility and reverse some of the lost utility that has occurred in recent years as a result of telecommunications service providers no longer routinely retaining relevant information for as long as they used to."
A letter from the attorney-general Nicola Roxon claims that the government is only interested in so-called metadata about communications, not content.
Steve Dalby, chief regulatory officer at iiNet, told the inquiry that data retention could cost the ISP $60 million. Representatives of Telstra and and Vodafone both appeared before the inquiry today.
Follow Rohan on Twitter: @rohan_p
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.
Larry Page wants to see your medical records
Dual-Persona Smartphones Not a BYOD Panacea
After two-year hiatus, EFF accepts bitcoin donations again
CIOs struggle to deliver timely mobile business apps: survey
Spiceworks' free management software gets integrated MDM
Choice and Control – Considerations for Developing Enterprise Cloud Strategies
Enterprise-wide cloud implementation can be a challenging process, requiring a thoughtful, strategic approach. In this whitepaper, IBM® shares considerations for developing enterprise cloud strategies. It looks into how the rapid-scale enterprise-class environment can help enable the type of agile infrastructure that aids organisations in quickly meeting the demands of an ever-evolving marketplace, thereby providing true business value. Read now.
New Demands for Real-time Threat Management
Many organisations are evaluating a new security model based upon IT risk management best practices. This is a good idea, but not enough for today’s dynamic and malevolent threat landscape. To keep up with IT changes and external threats, large organisations need to embrace two new security practices: real-time risk management for day-to-day security adjustments and real-time threat management to detect and remediate sophisticated, stealthy, and damaging security breaches (i.e., advanced persistent threats, or APTs). Learn more.
Accelerate Cloud and Composite Application Delivery
Are your requirements the need for faster release cycles, you have reduced budgets required to run and manage a complex test environment, and you want to decrease your third party expenses? HP Service Virtualisation, designed to enable your teams to create, develop and test against virtual services that simulate real service behaviour with no constraints, available anytime.