Cops get powers to freeze telco subscriber data

Law enforcement agencies have gained the ability to demand internet service providers (ISPs) store data on subscribers after Senate passed amendments to several existing laws.

Under the Cybercrime Legislation Amendment Bill 2011, which passed the Senate today, police will be able to force telcos to retain data on persons of interest for a set period while a warrant was sought.

That data may have been previously jettisoned by ISPs, which generally retain only enough subscriber information for customer service and billing.

The reforms were akin to a “lite” and “targeted” version of the Federal Government’s proposed data retention laws but with more oversight, Greens senator Scott Ludlam told SC.

“It is a narrow and targeted form of data retention that allows law enforcement to target, for instance, persons suspected of serious crime and ask ISPs to retain their data,” Ludlam said.

Ludlam fiercely opposed the proposed data retention laws, but said he backed this reform to police power.

The legislation introduced amendments made to the Mutual Assistance in Criminal Matters Act 1987, the Criminal Code Act 1995, the Telecommunications (Interception and Access) Act 1979 and the Telecommunications Act 1997.

The changes were couched as necessary for Australia to accede to the 2004 Council of Europe Convention on Cybercrime, designed to assist with international cybercrime investigations through sharing of information on persons of interest, among other avenues.

The Federal Government said in May 2010 that it intended to accede to the treaty, which calls for procedures that allow authorities to force service providers to surrender information about subscribers, and intercept and record traffic.

The legal changes have been lauded by law enforcement and intelligence agencies as key to cracking down on international cybercrime.

Should Australia accede, it would join 34 other nations, including the US, that were already party to the convention.

Ludlam said the sharing of data between overseas agencies was troubling due to an increase in the number of requests within Australia for subscriber data by law enforcement and intelligence agencies.  

“There were a quarter of a million requests to telcos for people’s data and metadata [between 2010 and 2011],” he said.

“This will be shared all over the world and I don’t think the safeguards are there.”

Attorney-General Nicola Roxon said the reforms were necessary to help curb cybercrime.

“Cybercrime is a growing threat that touches all aspects of modern life.  It poses complex policy and law enforcement challenges, partly due to the transnational nature of the internet,” Roxon said in a statement.

“The convention promotes a coordinated approach to cybercrime by requiring countries to criminalise these computer related offences.

"The convention also establishes procedures to make investigations more efficient to improve international cooperation.

In May last year, Australia's Joint Standing Committee on Treaties recommended that “binding treaty action be taken” on the accession plans. 

The recommendation came despite concerns raised in a separate Senate Inquiry into online privacy and opposition from civil liberties groups.

While that Committee was aware that surveillance raised “fears about the invasion of privacy, with potential threat to human rights and civil liberties”, it expected sufficient safeguards to be in place.

Updated at 6pm on July 22 to include Senator Ludlam's comments.

Copyright © SC Magazine, Australia