NSW Police has requested telecommunications metadata that is up to 14 years old to verify new evidence that emerges in protracted investigations and cold cases.
Australia’s largest police force revealed the scope of some of its previous metadata applications in a submission to the first review of the government’s mandatory data retention regime.
Under the scheme, service providers are required to retain a particular set of customer metadata for at least two years, though in some instances telcos opt to hold particular information for longer.
“A review of the statistical and information holdings of this agency reveal that historical metadata has in fact been requested for up to a period of 14 years from the requested data of application,” detective superintendent Arthur Kopsias said.
While the submission does not indicate the number of requests for data older than two years or if they were successful, the force did provide an example of an investigation where telco data had been obtained for a seven year period.
In this instance, NSW Police said the data “obtained over approximately seven years ... played a crucial role in the investigation, prosecution and conviction” for the murder of a mother and daughter in December 2008.
The force also said historical metadata was crucial for corroborating evidence for serious crimes where NSW Police might only find a DNA match through the National Automated Fingerprint Identification System (NAFIS) years later.
This data could be used to prove or disprove a person’s presence in a particular area at the time of the offence or refute evidence of an alibi.
“Telecommunications data becomes of significant value to assist in corroboration of the evidence on hand. That is, the movement of the offender before, during, after the offence, and their network etc,” the submission states.
“Basically, at an unknown point in time, a NAFIS match can be made, requiring telco data to corroborate evidence to assistance (sic) in the prosecution of the offender.”
However, unlike Queensland Police, which used the review to ask that the mandatory retention of telecommunications metadata be more than tripled to seven years, NSW Police did not specifically ask for a longer retention period.
This is despite providing evidence that effectively calls for the retention of data beyond a two year period to help it solve more complex criminal investigations and missing persons cases.
Three years, 300,000 requests
NSW Police also used the submission to provide a complete history of the agency’s telco metadata requests in the first three years of the mandatory data retention regime.
“Records of this agency show that between October 2015 and June 2018 there were a reported 300,000 requests for metadata,” Kopsias said.
Under one percent of these requests (2755) were for “data aged over two years”.
However, in its detailed breakdown of the last three financial years, the total number of historic and prospective authorisations amounted to just under 320,000.
In its detailed breakdown of the 2017-18 financial year, police records show that 101,472 authorisations were made for historical metadata and 1043 for prospective metadata.
The numbers were 106,657 (historic) and 1042 (prospective) in the previous year, while the first 9 months in 2015-16 generated 108,279 (historic) and 898 (prospective).
NSW Police also said that 18,269 evidentiary certificates were requested for metadata between October 2015 and June 2018. Around 14 percent of these (2608) occurred during 2017-18.
According to the Australian Commission for Law Enforcement Integrity, such certificates may be needed for police disciplinary proceedings or proceedings to terminate police officer employment.