NewsBite

Loophole in metadata retention laws could leak Aussie data

Non-law enforcement agencies have been able to ask for access to your data under an Australian law meant to thwart terrorists.

Jack Gramenz
less than 2 min read
October 29, 2020 - 7:15PM
What do the data retention laws mean for you?

Australia’s telco operators are calling on the government to close a loophole in controversial metadata retention laws that have allowed non-law enforcement agencies to ask for the data for years.

“Closing this dangerous loophole – under which Australians can have their personal data exposed without their knowledge and without a warrant as part of investigations into crimes such as littering – is a vital security fix that the Government must act on,” telco peak body Communications Alliance’s CEO John Stanton said.

A section in the Telecommunications Act has allowed state-based, non-law enforcement agencies to access metadata that telcos are required to retain for two years.

RELATED: Schools evacuated over email threat

RELATED: Tourist funded holiday selling child porn

Telcos are required to keep certain information on the way customers use their services for two years under the metadata retention laws. Picture: Supplied
Telcos are required to keep certain information on the way customers use their services for two years under the metadata retention laws. Picture: Supplied

RELATED: Right-wing extremist threat grows

RELATED: Alarming rise of ‘dangerous’ neo-Nazi group

The availability of access has “concerned” the Parliament’s Intelligence and Security Committee, which has recommended the section 280(1)(b) of the Telecommunications Act to be repealed, one of 22 recommendations from a review of the mandatory data retention rules.

“Our recommendations are aimed at improving mandatory data retention in a way that does not have a great effect on law enforcement and ASIO’s ability to do their very important work,’ Committee chair Andrew Hastie said.

Committee chair Andrew Hastie. Picture Gary Ramage
Committee chair Andrew Hastie. Picture Gary Ramage

Communications Alliance has called on the government to implement the recommendations.

“This Committee has done a lot of the ‘heavy lifting’ on behalf of the parliament and the Australian people when it comes to complex national security issues in recent years and has again managed to land on rational, evidence-based and bipartisan recommendations to Government,” Mr Stanton said.

“Federal Ministers must endorse and implement the recommendations. Doing so will go a long way to restoring public confidence in the operation of the data retention framework.”

The metadata collected is supposed to help ASIO thwart terrorists, but agencies investigating illegal dumping and construction workers are asking for it too.
The metadata collected is supposed to help ASIO thwart terrorists, but agencies investigating illegal dumping and construction workers are asking for it too.

Other recommendations from the committee include new guidelines to control the way enforcement agencies request metadata, and tighter rules around which agencies can seek metadata without a warrant.

The Committee also recommended stricter rules for the Government to table annual reports on the scheme, clarification on what data is regarded as metadata and what is considered content, and excluding data from connected devices that make up the Internet of Things from mandatory collection.

More related stories

Original URL: https://www.news.com.au/technology/online/security/loophole-in-metadata-retention-laws-could-leak-aussie-data/news-story/17026b3f48487d1d906a40438a46c60a