Australian Federal Police (AFP) assistant commissioner, Tim Morris, has moved to allay fears the government’s metadata reforms will involve around-the-clock surveillance of citizens.
Commissioner Morris told delegates at an Annual Tech Leaders Forum in the Blue Mountains that the Telecommunications (Interception and Access) Amendment (Data Retention) Bill 2014, is designed to tackle serious crime, rather than use up resources on day-to-day surveillance of citizens.
He said the collection, use and analysis of metadata remains critical for criminal investigations, especially in a cyber-world. This does not impact citizens who have nothing to hide.
“Data retention elicits a strong reaction from wider communities,” Morris said. “But this data, sitting on carriers’ networks, is not about mass surveillance.”
No Stasi state
Organised crime has reached a tipping point, Morris warned. The use of metadata is to target organised crime, manage terror investigations, or seek better ways to protect children from global paedophile networks.
“The (metadata) bill obliges telcos to retain data for limited periods. This is not about mass surveillance, and big brother is not watching you,” Morris said.
A new regime does not involve “people just sitting there and trawling through personal information.” Moreover, agencies can only access data, under limited and tightly-controlled circumstances, he said.
This data collection does not catapult Australia into a “Stasi state,” with secret police tracking the day-to-day movements of citizens, Morris said.
There are an estimated 42 million telecommunications connections in Australia. The metadata access will account for a minuscule of the communication traffic flowing through networks across Australia.
“This is not a Stasi state in Australia. We’re only asking to keep limited information, and agencies will require a warrant to access this data,” Morris said.
Watching the watchman
Morris foreshadowed robust accountability, including ministerial oversight, and extended powers involving the Commonwealth Ombudsman. The ombudsman will have expanded powers to investigate, monitor and authorise access, and follow through on complaints.
Historical metadata remains crucial to fighting crime, Morris said. This information helps determine the size and scope of terror cells, can identify covert phone-calls, or confirm communication between cell members.
Without this access, “we’re relying on chance,” Morris said. “We understand personal privacy, but cannot support the right to carry out unlawful activity.
“Data retention offers us access to better tracking tools, in light of the new technology. There’s a two-year mandatory retention period to hold this data.”
The total cost to roll out Australia’s metadata retention program is estimated at $400 million. Telcos are required to cover bulk of the cost of this retention, including investing in storage capacity, or access to data centres.
To date, the AFP said it would contribute $1 million to the cost. "We will offset reasonable cost through additional government funding,” Morris said.
He added that Australia’s metadata program is not built around “Hollywood fiction,” or an imaginary concept of 24-hour surveillance.
There are an estimated 44 million IP connections, and law enforcement wants to investigate serious crime – without compromising citizen or business privacy.
Old boys club
According to Senator Scott Ludlam, Australia’s metadata program has been canvassed since 2008. He told delegates that governments need to strike a balance between privacy and law enforcement needs.
He noted that this metadata program was crafted by an “old boys club” with input from the major political parties. “There’s an uncritical acceptance of the rollout now.”
Ludlam accused the administration of “doing sneaky things and demanding bi-partisanship. Moreover, the total costing has never been made public.”
Digital white pages
He noted that no-one disputes the importance of metadata, but there are serious violations of privacy, and lack of clarity around the judicial oversight. “There’re 580,000 metadata authorisations – the digital equivalent of opening up the white pages.”
A senate judicial estimates committee is due to hand down its final finding on 27th February – drawing on community and industry feedback. “This involves more than a year’s worth of work,” Ludlum said.
If the bill is adopted in its current format, the cost of managing the metadata will send many ISPs “up the wall,” Ludlam said.
There are concerns around the cost of running an expanded retention scheme – with telcos meeting the costs. The smaller ISP will be most affected, Ludlam said.
He added that new changes involve creating a brand new archive, to be mined and looked at, across domestic and international jurisdictions.
“This is dragging us down the path of surveillance dystopia,” Ludlam warned.
Follow Shahida Sweeney on Twitter: @ShahidaSweeney
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.