The Executive Summary states
The Telecommunications (Interception and Access) 1979 Act Annual Report 2015–16 sets out the extent and circumstances in which eligible Commonwealth, State and Territory government agencies have used the powers available under the Telecommunications (Interception and Access) Act 1979 (TIA Act) between 1 July 2015 — 30 June 2016.
The primary function of the TIA Act is to allow lawful access to communications and data for law enforcement and national security purposes, in a way that protects the privacy of people who use the Australian telecommunications network. Serious and organised criminals and persons seeking to harm Australia’s national security routinely use telecommunications services and communications technology to plan and carry out their activities.
The TIA Act provides a legal framework for national security and law enforcement agencies to access the information held by communications providers that agencies need to investigate criminal offences and other activities that threaten safety and security. The access that may be sought under the TIA Act includes access to telecommunications data, stored communications that already exist or the interception of communications in real time. Each of the powers available under the TIA Act is explained below.
The use of warrants to intercept and access stored communications is independently overseen by the Commonwealth Ombudsman and equivalent state bodies. The independent oversight role of the Commonwealth Ombudsman was extended to access and use of telecommunications data under the TIA Act on 13 October 2015.
Data Retention Act
The Telecommunications (Interception and Access) Amendment (Data Retention) Act 2015 (Data Retention Act) came into effect on 13 October 2015. The Data Retention Act standardised the data telecommunications companies are required to retain and introduced a mandatory retention period of two years. It also introduced a requirement for carriers to encrypt and protect retained data.
The Data Retention Act significantly limited the range of agencies that can apply for a warrant to access stored communications or authorise the disclosure of telecommunications data under the TIA Act. The ability to apply for a stored communications warrant is limited to 20 designated ‘criminal law-enforcement agencies’. The ability for enforcement agencies to authorise the disclosure of telecommunications data has also been limited to the same 20 criminal law-enforcement agencies and the Australian Security Intelligence Organisation (ASIO).
The Data Retention Act also introduced additional record-keeping and reporting obligations relating to the access to and use of telecommunications data. This information is set out in Chapter 3 of this report.
Public interest advocate regulations
The Data Retention Act prohibits ASIO and enforcement agencies from authorising the disclosure of telecommunications data of a journalist or their employer where a purpose of making the authorisation is to identify a journalist’s source, unless a journalist information warrant has been obtained. The journalist information warrants regime recognises the public interest in protecting journalists’ sources while ensuring agencies have the investigative tools necessary to protect the community.
When considering an application for a journalist information warrant, the TIA Act requires that the Attorney-General or issuing authority is satisfied that the public interest in issuing the warrant outweighs the public interest in protecting the confidentiality of the identity of the source. The regime is supported by the Public Interest Advocates who promote the rights of a journalist to seek and impart information by independently considering and evaluating warrant applications and providing independent submissions in the warrant application process. The Telecommunications (Interception and Access) Regulations 1987 have been amended to set out the procedure for applying for a journalist information warrant. These Regulations support the role of Public Interest Advocates by ensuring effective consultation and allowing submissions to be made in warrant applications.
Key judicial decisions
In 2015, a jury convicted three parties for offences under section 45 of the Crimes Act 1900 (NSW), which prohibits female genital mutilation (FGM). The first party was convicted of performing FGM on two girls at the request of the second party, their mother. The third party was convicted as being an accessory after the fact in relation to the events. Electronic evidence gathered under the TIA Act and the Surveillance Devices Act 2007 (NSW) formed a critical part of the police investigation, the prosecution case and the subsequent sentencing of the offenders. This was NSW’s first successful prosecution for these types of offences and resulted in penalties ranging from home detention to imprisonment for 15 months.
• In 2015–16, 3,857 interception warrants were issued.
• During 2015–16, information obtained under interception warrants was used in: o 3,019 arrests o 3,726 prosecutions o 1,812 convictions.
• In 2015–16, 63 enforcement agencies made 333,980 authorisations for the disclosure of historical telecommunications data. Of these, 326,373 authorisations were made to enforce a criminal law. Due to the reduction in agencies authorised to request data, as a result of the Data Retention Act, 43 of these agencies only reported for the period between 1 July 2015 and 12 October 2015.
• From 13 October 2015 — 30 June 2016 the majority of criminal law offences for which historical data was requested was illicit drug offences (57,166 requests). 25,245 requests were made for homicide and related offences and 4,454 requests were made to assist in terrorism investigations.
• In 2015–16, 33 authorisations were made under two Journalist Information Warrants. This is the first year the Journalist Information Warrants scheme has been operating.
• In 2015–16, law enforcement agencies made 366 arrests, conducted 485 proceedings and obtained 195 convictions based on evidence obtained under stored communications warrants.
Access to the content of a communication
Accessing content, or the substance of a communication—for instance, the message written in an email, the discussion between two parties to a phone call, the subject line of an email or a private social media post—without the knowledge of the person making the communication is highly intrusive. Under the TIA Act, unless access occurs in certain limited circumstances, such as a life threatening emergency, access to stored communications or interception can only occur under either an interception or stored communications warrant. Access to a person’s communications is subject to significant oversight and reporting obligations. The annual report is an important part of this accountability framework.
Accessing communications is an effective investigative tool that supports and complements information obtained by other methods. In some cases, the weight of evidence obtained by either an interception or a stored communications warrant results in defendants entering guilty pleas, thereby eliminating the need for the intercepted information to be introduced into evidence.
A critical tool available under the TIA Act is access to telecommunications data.
Telecommunications data is often the first source of lead information for investigations, helping to eliminate potential suspects and to support applications for more intrusive investigative tools including search warrants and interception warrants. For example, an examination of call charge records can show that a potential person of interest has had no contact with suspects being investigated.
Telecommunications data gives agencies a method for tracing telecommunications from end-to-end. It can also be used to demonstrate an association between people, or to prove that two or more people spoke with each other at a critical point in time. Access to telecommunications data is regulated by Chapter 4 of the TIA Act, which permits an authority or body that is an ‘enforcement agency’ under the TIA Act to authorise telecommunications carriers to disclose telecommunications data where that information is reasonably necessary for the enforcement of the criminal law, a law imposing a pecuniary penalty, or the protection of the public revenue.
During the 2015–2016 reporting period all enforcement agencies could access historical data and only criminal law enforcement agencies could access prospective data to assist in the investigation of offences punishable by at least three years’ imprisonment. The Data Retention Act, passed by the Parliament in March 2015, reduced the number of enforcement agencies that may access telecommunications data to 20 specified agencies and ASIO. The Attorney-General may declare additional agencies in prescribed circumstances. No additional agencies were prescribed in the 2015–16 reporting period.