A submission by intelligence agency ASIO to the Joint Parliamentary Committee on Intelligence and Security's inquiry on new data retention laws has been made public, with the organisation stating the interception of telecommunications data is critical for law enforcement agencies to do their job.
In its five-page submission, ASIO outlined the power law enforcement agencies already have when it comes to accessing communications data.
ASIO can currently access the content of communications relevant to investigations by seeking a warrant, but can access the information about communications -- such as parties involved in the communication and the date time and duration of communication of the parties -- with just internal authorisation.
The submission states that this metadata, or ‘communications associated data (CAD)’, as ASIO describes it, has become increasingly scarce due to changes in the telecommunications industry such as the shift to increased use of IP for communications and volume billing instead of transaction-based (per message or per call) billing.
“For many years law enforcement and security agencies (as well as many others) have been able to request CAD [communications associated data] from any carrier or carriage service provider. Agencies access … this information through an internal authorisation. This power already exists; a brand new power is not being sought,” ASIO stated in its submission.
"To the extent possible, agencies are seeking greater certainty that the information needed to protect the community will be there when they need it.
"In that sense agencies are looking to access the same general information they have been accessing for many years; information that would enable them to trace the participants of a communication in retrospect, when the communication occurred and ideally where the parties were."
This information could include information about the parties involved in the communication; the date, time and duration of communication; the method of communication, such as an email or phone call; and identify the location of the parties involved.
“In this context, agencies are not seeking access to the content of communications,” it says in its submission.
Like Attorney-General Nicola Roxon, who has stepped up her campaign to quell public and industry concern over the data retention proposals, ASIO has indicated that it is not seeking new powers to access the content of communications.
ASIO devotes several pages of its submission detailing its requirement to seek warrants when it wishes to access the content of communication, with warrants to be approved by the Attorney-General or authorised under the Telecommunications (Interception and Access) Act.
However, accessing communications metadata is "vital to law enforcement and security intelligence agencies for pre-warrant checks, investigative leads, intelligence and evidentiary corroboration,” ASIO’s submission states.
ASIO has also backed the proposals to retain data for two years due to investigations typically taking years to complete – shorter time periods could pose a risk to agencies not being able to progress an investigation properly, it said.
“The reform proposals are about properly equipping our law enforcement, security and intelligence professionals to do the job that Australians have entrusted to them. They are also about continuing to ensure that the Australian telecommunications sector is properly protected,” ASIO said.
ASIO’s submission also highlights the potential privacy implications of data retention, with it suggesting new penalties be introduced for people misusing stored data and a data breach notification scheme to be set up.
Follow Stephanie McDonald on Twitter: @stephmcdonald0
Follow Computerworld Australia on Twitter: @ComputerworldAU
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.