in

Australian law enforcement used encryption laws 11 times last year

Australia’s contentious encryption laws were used 11 times between 1 July 2019 and June 30 2020, by three of the nation’s law enforcement bodies.

Revealed in the Department of Home Affairs’ latest Telecommunications (Interception And Access) Act 1979 — Annual Report 2019-20, New South Wales Police used the powers seven times, the Australian Federal Police (AFP) three times, and the Australian Criminal Intelligence Commission (ACIC) once.

All 11 instances were Technical Assistance Requests (TAR), which are voluntary requests for the designated communications providers to use their existing capabilities to access user communications.

The laws, passed in 2018, also create Technical Assistance Notices and Technical Capability Notices, which are compulsory notices to compel communications providers to use or create a new interception capability, respectively.

NSW Police used the notices in six cases of illicit drug offences and one of robbery.

Two of the AFP’s three TARS given in the period were not given for specific offences, but rather were given to be used against all serious offences as the need arose. These two TARs were then revoked prior to assistance being utilised, the report said. The Federal Police’s remaining TAR was used for cybercrime offenses.

The ACIC, meanwhile, used its one TAR for illicit drug offences.

See also: Intelligence review recommends new electronic surveillance Act for Australia

During the reported period, there were just over 310,000 authorisations for retained data, up from the 296,000 issued last year. NSW Police had the most, with just shy of 120,000 authorisations, followed by Victoria Police with around 89,000, and WA Police with almost 27,000.

More than 227,000 of these authorisations involved subscriber data rather than traffic data.

Australia’s 20 enforcement agencies made 306,995 authorisations for the disclosure of historical telecommunications data, an increase of 17,358 from the 289,637 authorisations made in the previous year. NSW Police again accounted for the most authorisations with 116,968, followed by Victoria Police with 88,526, WA Police with 26,512, and Queensland Police with 25,221.

The report said of these, 306,995 were made to enforce the criminal law.

The majority of criminal law offences for which historical telecommunications data was requested were illicit drug offences, with 78,142 requests, followed by 32,827 requests for fraud and related offences, and 24,834 requests for robbery offences.

3,028 authorisations were made by agencies for the purpose of locating a missing person, and 1,209 for the enforcement of a law imposing a pecuniary penalty or for the protection of the public revenue.

3,677 interception warrants were issued to interception agencies, an increase of 116 from 2018-19. 737 were renewals of interception warrants and only 12 of the total requests were refused.

“The majority of serious offences that were specified in interception warrants issued were serious drug and trafficking offences (2,096 times specified), followed by loss of life or personal injury offences (616 times specified) and murder (303 times specified),” the report states.

NSW Police had all of its 1,613 requests issued; while WA Police had seven of its 364 requests refused.

Information obtained under interception warrants was used in 2,685 arrests, 5,219 prosecutions, and 2,652 convictions.

1,385 stored communications warrants were issued to criminal law-enforcement agencies, an increase of 132 on the 1,253 issued the year prior.

Law enforcement agencies made 542 arrests, conducted 568 proceedings, and obtained 298 convictions involving evidence obtained under stored communications warrants, the report said.

32,856 authorisations were made by criminal law-enforcement agencies for the disclosure of prospective telecommunications data, an increase of 5,085 on the 27,7712 authorisations made in 2018-19.

One journalist information warrant was issued to the QLD Crime and Corruption Commission, under which one historical data authorisation was made for the enforcement of the criminal law.

The report also revealed the cost of compliance since 2015-16 with Australia’s data retention scheme topped AU$238 million, with 2019-20 costs coming it a little over AU$21.2 million. Total costs recovered came in at AU$50.3 million.

The AFP and ACIC are gearing up to be issued three new computer warrants for dealing with online crime through the pending passage of the Surveillance Legislation Amendment (Identify and Disrupt) Bill 2020.

The first of the warrants is a data disruption one; the second is a network activity warrant; and the third is an account takeover warrant.

Senators have raised concerns with the “scope creep” the warrants could result in, the country’s privacy commissioner has called the powers “too wide-ranging”, while the Human Rights Law Centre and the Law Council of Australia have asked that the federal government redraft the Bill, calling its contents “particularly egregious” and “so broad”.

RELATED COVERAGE


Source: Information Technologies - zdnet.com

VMware acquires Mesh7 for cloud-native application security

ANAO finds two government departments inaccurately self-reported cyber compliance