PJCIS review of mandatory metadata retention

Pic: Christiaan Colen

Digital Rights Watch, Access Now and the Human Rights Law Centre provided evidence to the Parliamentary Joint Committee on Intelligence and Security review of the mandatory metadata retention scheme.

Alice Drury and Tess McGuire from the Human Rights Law Centre appeared before the committee.

Ms Drury : We all want to live in a country in a democracy where we have the freedom to live our lives without feeling watched, where the government respects our privacy and treats us as citizens, not suspects. There was a shift in this dynamic when parliament passed the mandatory metadata regime. Before 2015, you could call a friend, text your mum or go for a long drive without fear of being watched. Now every single time every one of us does this, this information is stored and kept on a database somewhere for two years or more. That data can tell a government your daily habits and who you know and can trace your movements. The metadata retention regime effectively turns all mobile phones into potential tracking devices for government agencies. ABC journalist Will Ockenden was reporting on his own metadata, which he managed to obtain, and he found that, on average, his phone logged his whereabouts every 20 minutes. That information is currently available to 87-plus non-law-enforcement government agencies including, as this committee has noted, local councils. They make 300,000-odd applications for our data each year. We will never know who has accessed it because, under the act, it is illegal to disclose when an authorisation has been made. This information is powerful. It’s the kind of information that should only be made accessible to law enforcement agencies for the purposes of investigating serious crimes and with a warrant—not at will by local councils chasing down parking fines.

Ms McGuire : The risk that the metadata retention regime poses to a free press has also made headlines this past year. Police have been using the regime to trawl through journalists’ data to find their sources. Democracy requires the free flow of information from government to the public. Sometimes we also rely on brave whistleblowers to come forward with stories in the public interest. The relationship of trust between journalists and their sources is the foundation for investigative journalists to uncover and reveal the truth. This is all the more important given that currently our laws do not adequately protect whistleblowers from criminal prosecution. The journalist information warrants are flawed and are a weak attempt at protecting what is a fundamental part of our democracy. This law should prohibit access to metadata of whistleblowers, journalists and human rights defenders who, in the legitimate course of their work, disclose government wrongdoing in the public interest. Of course the police should be able to use metadata to solve serious crimes, but that doesn’t require a system of mass surveillance over all of us.

The committee has an opportunity to fix the flaws with this regime. You could achieve this by: limiting access to metadata to the original 22 law enforcement agencies contemplated by this committee in 2015 for the purposes of investigating serious crimes only; requiring a warrant before those agencies can access metadata; and prohibiting access to journalists and public interest whistleblower metadata except in limited circumstances. These changes are necessary to ensure our democratic rights and freedoms are adequately safeguarded. We now welcome questions from members of the committee.

CHAIR: Thank you. You might have heard the evidence from the Uniting Church earlier. Dr Zirnsak made a moral case for retaining the existing metadata regime. I would be interested to hear your thoughts on his evidence.

Ms Drury : The question really always comes down to one of proportionality when we’re talking about human rights. As was noted by this committee in its report in 2015 and consistent with the European Court of Justice’s findings in two cases, keeping everybody’s metadata, regardless of whether or not there’s a link to a crime, is disproportionate to the investigation and fighting of serious crimes. We would say the same thing is very much the case here. Australia is already completely out of step with similar jurisdictions overseas in terms of its metadata retention regime. I’d also note that Dr Zirnsak referred to findings in Canada of how useful metadata has been for combating child abuse. Canada doesn’t have a metadata retention regime. So whatever policing has been so effective in Canada could presumably be done here without the incredibly onerous metadata retention regime that we have.

Mr TIM WILSON: You raised that you think the maintenance or collection of the metadata of every Australian regardless of whether they are under investigation or not is disproportionate. I’m just wondering if you could clarify for me your thinking on that. In the physical world, with the retention of any object or fingerprint or anything else that’s retained on a surface, regardless of whether somebody has been investigated or not, when you go back and look at it you establish whether there is evidence there or not if you’re completing an investigation. If the metadata is retained only for people who are under suspicion then you’re essentially denying yourself access to an incredibly large amount of information that you wouldn’t ordinarily deny yourself in the physical world. Why do you think the online world should be different?

Ms Drury : With respect, I think the metadata regime is more akin to if the police followed us and collected every single one of our fingerprints wherever we went just in case it was useful to a crime and stored them on a database.

Mr TIM WILSON: That would be true if it were the government, but it’s not the government doing it; it is those who have already voluntarily provided that information into systems.

Ms Drury : I would query whether or not people are actually mindfully voluntarily providing that information to the system. They want to call a friend. They want to go from A to B and carry their phone on them. They’re not saying each time, ‘I consent to my personal information being provided to the telco and being stored for two years by the telco, which can then be accessed by 87 government agencies, plus 22 law enforcement agencies.’ If you were to ask people if that is what they were consenting to each time they used their phone or carried their phone, there would be a resounding no. They think—

Mr TIM WILSON: Let’s just follow this through. This is the challenge I have with the whole structure of the system. If I, as a private citizen, don’t take my phone, get into a car and somebody witnesses me getting in the car at point A, I drive to point B and, say, it’s a public place and somebody witnesses me there, I haven’t consented to it but the information is still available if it can be established and I can be identified and it can then be used for an investigation, even though I’m not under investigation.

Ms Drury : Let’s say there were cameras around in public and everywhere we went was logged, tracked and kept for two years. I think people would have a huge issue with that; we’re seeing that currently with the proposal for facial recognition. I think—and this has been found by the European Court of Justice—that just the very fact of recording this information makes people feel watched, which will make them censor themselves. The retention and the gathering of this information is massively compounded by the lack of a warrant system, the extremely long period for which it is retained and the number of agencies which have access. I think the truth of the matter that we’re facing at the moment is it’s not just the gathering and storing of this information that’s the issue; it is also the access of it.

Mr TIM WILSON: I don’t think you’d find any argument from me around the access point. Can I just clarify: is the starting point of the Human Rights Law Centre that there should be no regime in place, that there should be but it should only be that information should be retained for those people under active investigation or that the current system should be operational but there should be a limitation on who can access it based primarily on the seriousness of the offence and the agency seeking the information?

Ms Drury : That’s right.

Mr TIM WILSON: No, I gave three different propositions. I am trying to clarify which one it is.

Ms Drury : They build on one another. Our first submission is that, consistent with the right to privacy and freedom of expression, there should be some connection—not necessarily suspicion but some connection—to a crime in order for that metadata to be retained. If there is a very brief period for which metadata needs to be retained in order for police to determine what is connected to a serious crime, then we would certainly find that palatable and more reasonable than this two-year retention period for everybody across the board.

Mr TIM WILSON: Thank you.

Mr DREYFUS: Thanks very much, Ms Drury and Ms McGuire, for appearing before the committee. I want to ask some basic questions. When we talk about metadata or telecommunications data, what is it that we’re talking about?

Ms Drury : What we’re talking about is information that can build a profile of a person. I think part of the difficulty we have in this area, and in getting public engagement in this area, is nobody really knows how to describe metadata. It’s better to talk about it in terms of the picture that it gives you about a person. We note that the Inspector-General of Intelligence and Security, Margaret Stone, said that this tells you a lot about a person. You can track their movements, you can track their social networks and you can also match this data with other data that is publicly available to build a very accurate picture of a person.

Mr DREYFUS: Just to clarify: metadata, you’ve said, can reveal about a person where they’ve been, their movements and their social networks. What else can metadata reveal about a person?

Ms Drury : I think that’s quite a lot about a person.

Mr DREYFUS: Put another way: is there a meaningful distinction that can be drawn between metadata on the one hand and content on the other?

Ms Drury : I think we’re increasingly seeing that there isn’t a meaningful distinction between the two. Data analysis is becoming increasingly sophisticated. I think that these trends of data being located to a particular person can tell you enough about them, without actually having to see the content of the data; that’s consistent with the European Court of Justice’s ruling on this. It’s on that basis that we say that if you need a warrant to access the content of a communication, you should likewise need a warrant to access all of the metadata or information surrounding that communication.

Mr DREYFUS: I might come back to that point. You’ve noted in your submission, at paragraph 80, that state and local government agencies are accessing metadata using sections 280(1B) and 313(3) of the Telecommunications Act. That’s a different act, of course, to the Telecommunications (Interception and Access) Act, which contains the mandatory data retention scheme. Can you explain how that legal mechanism, the one under the Telecommunications Act, sections 280 and 313, works?

Ms Drury : Certainly. Section 280(1B) allows the disclosure or use of information or a document if the disclosure or use is required or authorised under law. Essentially it means that, despite the TIA bill—as it then was—being heralded as a limiting act on those agencies that can access metadata, in fact, because of the retention of 280(1B) under the Telecommunications Act, metadata can still be accessed by basically any government agency when it has a sufficient purpose at law.

Mr DREYFUS: Just following on from that, why do you say in your submission:

The reality of how the metadata retention regime operates now bears little resemblance to the context in which this Committee reviewed the scheme in 2015.

That’s at paragraph 35. How was the scheme supposed to operate?

Ms Drury : The scheme was supposed to operate so that it was only those agencies that investigate serious crime that have access. That’s consistent with this committee’s recommendation in a May 2013 report as well, I might add. Because it was assumed that only those few agencies—22 agencies—would get access, other safeguards such as warrants were regarded to be unnecessary. Another really important safeguard in terms of reaching a threshold of the seriousness of crime was regarded as unnecessary. What we’ve seen is that in fact the safeguard of access only by those 22 agencies doesn’t apply, and nor do we have those other two safeguards as a result.

Mr DREYFUS: Could you elaborate on your submission at paragraph 32, where you say:

There is no proper threshold relating to the seriousness or nature of the offence to limit access to data.

Ms Drury : That’s right. We would say that this law was justified by Minister Turnbull at the time on the basis that it was needed to investigate serious crimes such as murder, terrorism, national security offences. That wasn’t actually written into the law itself, so law enforcement can access our metadata in order to protect public revenue, for instance, and, as we just discussed, of course access is not just limited to law enforcement.

Mr DREYFUS: If I can understand with precision what you’re saying, it is that, when this committee, in its 2015 report, recommended restricting to a defined, limited set of named agencies, there was, if you like, an implication—in restricting it to effectively a set of state and federal police agencies plus ASIO plus a couple of other agencies that are charged with investigating serious offences—that that would operate as the threshold, because it was only these crime-fighting agencies that would have access, and that was an implied threshold. But that hasn’t proved to be the case in practice?

Ms Drury : That’s exactly right. We say that both are necessary in terms of amending the act now. We think that only those 22 agencies should have access, but there should also be a threshold introduced.

Mr DREYFUS: Why do you say that there should be a higher threshold so that agencies can only access telecommunications data for the purpose of investigating the commission of serious crimes?

Ms McGuire : We accept that metadata can be an incredibly important tool for investigating serious crimes, but we know that, in order for metadata access to be proportionate, it needs to be limited to those serious crimes. That’s just in keeping with human rights principles, freedom of speech and privacy. To us it seems that, if the government justified this law publicly on the basis of investigating serious crimes, it ought to be limited to investigating serious crimes.

Mr DREYFUS: In relation to the other suggestion or recommendation you’ve made in your submission, which is about requiring agencies to obtain warrants, you’ve submitted that judicial warrants should be required for access to metadata. We have a submission from the Department of Home Affairs that sets out why, in its view, warrants should not be required. I’m wondering if I can get you to respond to the various arguments put forward by the department. At paragraph 99 of the department’s submission, first of all, they’ve said:

Warrant applications are resource intensive, and can take days, if not weeks, to prepare, review and issue.

For this reason, coupled with ‘the current number of authorisations issued to access telecommunications data’—298,691 in 2018-19 alone—they say:

… a warrant application process would become an investigative bottleneck.

Can you respond to that?

Ms McGuire : Of course. We agree that the volume of requests being made is incredibly high, as the Department of Home Affairs has pointed out. But we actually see this as a reason for the committee to have concern, not a reason to prevent a warrant mechanism being introduced. A warrant is a simple safeguard to ensure that there is a reasonable basis for the request to access this personal information. The fact that they’re pointing to this being resource intensive or taking, potentially, a mere few days or weeks is not a good enough reason, in our eyes, why the process of simply providing a reasonable basis as to why the request for a person’s metadata is legitimate should not be introduced in this legislation. Police require a warrant to search someone’s home or to gain access to their calendar or diary. As a society, we accept that this mechanism is necessary to protect our right to privacy, and we should extend this protection to metadata.

Mr DREYFUS: Thank you. I will just go on to a further reason that the department advances against a warrant requirement. They say:

It may also have a perverse effect by having agencies jump straight to seeking a warrant for more intrusive powers, rather than the current process whereby agencies use telecommunications data prior to seeking a warrant for … stored communications and telecommunications intercept—

for example. Can you respond to that?

Ms McGuire : Yes. It’s an interesting argument to make that law enforcement, if they were to require a warrant, would then want to actually request a warrant for more intrusive data on a person. If they truly needed that data then they could be obtaining a warrant to have access to that in the first place. But we do not see that as a reason that, within this legislative regime, there should not be a simple threshold that the police or law enforcement agencies point to a reasonable basis for the request to access. The fact that in the 2018-19 period there were nearly 300,000 requests for people’s metadata is a reason to introduce a basic threshold in this process. 

Ms Drury : I have two things to say as well. If the threshold of investigation were reduced to serious crimes only, presumably the enormous volume of requests would reduce in any case. In addition, just to echo what my colleague has said, what this point made by the Department of Home Affairs indicates to us is that metadata is currently being used as a fishing exercise to see whether or not a warrant for the content of communications or otherwise is required. We think that that is inappropriate given the sensitivity of the nature of metadata.

Mr DREYFUS: Finally, the department’s advanced this reason. I’m paraphrasing. They say that a warrant requirement could ‘fundamentally change the way investigations are conducted’, and they give examples of telecommunications data providing vital evidence for agencies to satisfy the legal test to obtain a warrant, such as a telecommunications interception warrant or law enforcement using metadata to rule out innocent parties from suspicion, without having to resort to more privacy-intrusive and costly investigative measures. Are you able to respond to that last reason that’s being advanced by the department as to why a warrant requirement shouldn’t be imposed?

Ms Drury : I think it’s always dangerous to say, ‘Unless you let us do this without a proper safeguard in place, we’re going to come down even harder.’ To me that doesn’t sound like a very comforting or convincing argument. I will also just add that warrants are part of common practice in policing, and they don’t necessarily take weeks; they can be granted quite quickly. I think this is a case where we now have an enormous amount of new information that is being provided to police. Traditionally, policing practices didn’t have access to this kind of data and presumably they were able to prosecute crimes then. We haven’t yet seen the case for the number of arrests and prosecutions that this data has led to and how important this data has been to those prosecutions.

Mr DREYFUS: I don’t ask for you to have a comprehensive knowledge of the law of the United States but, as I understand it, in the United States warrants are a requirement for the obtaining of this kind of metadata by police and law enforcement agencies.

Ms McGuire : That’s right; in both the United States and in the UK now as well. I should also note that the United States doesn’t have the comprehensive metadata retention regime that we have here.

ACTING CHAIR ( Mr Byrne ): Sorry; did you say the United Kingdom as well?

Ms McGuire : That’s right.

ACTING CHAIR: So there are two comparable jurisdictions that basically require warrants to access metadata?

Ms McGuire : That’s correct.

ACTING CHAIR: Thank you.

Mr DREYFUS: Finally, Ms Drury and Ms McGuire, I have a couple of questions about access to journalists’ metadata. For the benefit of those who may be listening to this hearing, can you elaborate on why you believe that the current journalist information warrant regime is ineffective?

Ms McGuire : Of course, and thank you for the question. The current regime is ineffective because it’s conducted in secret and without the journalists or their media organisations knowing or having a chance to respond and without adequate protection of sources and whistleblowers of those journalists. We’ve put forward the recommendation, though, that there should actually be a prohibition on the access of the metadata of whistleblowers, journalists and human rights defenders who, in the legitimate course of their work, disclose government wrongdoing in the public interest. An exception to this could allow law enforcement agencies to access their metadata with a warrant if necessary to prevent or mitigate an immediate threat to a person’s safety. But if this current process for obtaining a journalist information warrant is to be retained, then we think there needs to be key amendments made to ensure that there is a notification to the journalist or the media organisation and that there is a contested hearing, that it is public and less necessary for there to be a suppression order, to ensure that this is a transparent and accountable process.

Mr DREYFUS: As the chair did for the previous witness, I would like to thank you for the moral arguments that you’ve made before the committee today.

Dr MIKE KELLY: In relation to the ‘seriousness of offence’ barrier that you are advocating, how would that practically be done? What mechanism would you attach that to in terms of defining the seriousness of the offence, just as a practical matter?

Ms Drury : ‘Serious offence’ is already defined in the act under section 5(d) quite comprehensively. It lists a number of offences and goes on to say that a serious offence is one with a sentence of seven years or more. We’re aware of the Law Council’s submission that three years or more to be regarded as a serious offence in this instance. One of those two options would seem reasonable to us.

Dr MIKE KELLY: So which one are you advocating—the act definition or the Law Council’s submission?

Ms Drury : Given that it’s already in the act, that would seem to be the smoother option. We also have some concerns that some offences attract inappropriately high sentences. For instance, under the rule of law, making a prank call can attract a three-year sentence. But we are also sympathetic to the position that some offences—for instance, corruption offences—may not attract a seven-year sentence, and yet, in keeping with public expectation, metadata should be accessible for those sorts of offences.

Dr MIKE KELLY: But you’d be comfortable with the definition for the time being.

Ms Drury : That’s right, yes.

Dr MIKE KELLY: In relation to retention periods, you’re talking about the shortest period possible, noting that various crimes relate to different time frames. What sort of suggestion have you got to make in relation to the retention period?

Ms Drury : In keeping with jurisdictions in Europe, in those jurisdictions that have a mandatory metadata retention regime, most typically it’s six months; some have 12 months. We believe six months is reasonable, particularly given that that’s when the vast majority of authorisations for access are made.

Dr MIKE KELLY: So, in accordance with overseas practice, six months is what you’re recommending.

Ms Drury : That’s right. To add to that, if law enforcement did decide that they required a particular person’s metadata for longer because of a suspected connection to a crime, there should be a mechanism by which they apply to a court to have a warrant to have that metadata retained for longer.

Dr MIKE KELLY: So you’d have a mechanism to account for those longer time line offences where tracking is more difficult over an extended period?

Ms Drury : Yes.

Dr MIKE KELLY: Obviously there are a lot of issues associated with the requirement to notify the person who has their metadata accessed, in terms of the impact on the investigation. Is there a point at which you believe a person should be notified, or is that an aspect that could also have some flexibility around it, depending on the nature of the investigation and the offence?

Ms Drury : I think it’s certainly an area that can have some flexibility around it. Of course we would never advocate for anything to happen that would undermine an investigation. For instance, if there’s a risk of somebody destroying evidence, having been notified of their metadata being accessed, then, as is very common already in criminal procedures, we would say that those would be circumstances justifying not notifying the person, at least not immediately. But, particularly after an investigation has been completed, there seems to be no risk of that, and often, I imagine, there would be times when people could be notified where there’s no risk of undermining the investigation.

Dr MIKE KELLY: In relation to warrant regimes, there are obviously ways and means by which warrant regimes can be streamlined very effectively—having duty magistrates and processes by which things can be expedited. Have you looked at templates for that kind of process?

Ms Drury : We are, unfortunately, not experts in criminal law. I’ve been speaking about this to one of my colleagues who is, and we understand that there are many examples across the different state and territory jurisdictions in criminal law where warrants can be expedited. Warrants can be received over the phone if they’re urgently required; I think it’s uncontroversial to say that they’re a standard part of policing procedure.

ACTING CHAIR: On behalf of the committee, thank you for your evidence here today, Ms McGuire and Ms Drury.