A COMMONWEALTH Ombudsman report released today (April 27) revealed that a long-standing, cavalier attitude to the Telecommunications (Interception and Access) Act 1979 contributed to the unlawful accessing of telecommunications data by police. 

The report titled “Australian Federal Police’s (AFP) use and administration of telecommunications data powers 2010 to 2020”, identified that the internal procedures at ACT Policing and a cavalier approach to exercising telecommunications data powers resulted in a culture that did not promote compliance with the TIA Act.

The investigation was launched in response to a disclosure the AFP made to the Ombudsman that it had identified compliance issues affecting ACT Policing’s handling of requests for a certain type of telecommunications data — location-based services (LBS), colloquially known as “pings” dating back to 2007.

The investigation identified that many of the authorisations made by ACT Policing for LBS between October 13, 2015 and 2019 were not properly authorised or reported to the Ombudsman or the relevant commonwealth minister.

Commonwealth Ombudsman Michael Manthorpe said this means LBS could have been accessed unlawfully.

“This could have a number of potential consequences, for example, the privacy of individuals may have been breached and we have been unable to rule out the possibility that unauthorised LBS may have been used for prosecutorial purposes,” he said.

The investigation also found the AFP and ACT Policing missed a number of opportunities to identify and address that ACT Policing was accessing LBS outside the AFP’s approved process earlier.

Mr Manthorpe was also not satisfied that the scope of the breaches had been fully identified by the AFP nor the potential consequences and considered possible breaches have occurred in parts of the AFP other than ACT Policing.

“Law enforcement agencies rely on a wide range of covert and intrusive tools to do their work, but to maintain public trust these tools need to be properly deployed, in accordance with the legislation which governs their use,” Mr Manthorpe said.

“The parliament currently has before it proposed legislation which will further extend the powers of law enforcement agencies, in relation to being able to detect and disrupt criminal activity.

“A critical factor in effective oversight of such powers is that law enforcement agencies need to report to the Ombudsman about how the powers are being used, so that compliance can be assessed and publicly reported. In this case full reporting did not occur to the Ombudsman for a considerable period of time.”

The report makes eight recommendations to assist the AFP in addressing these issues and implementing processes to prevent recurrence of similar issues. The AFP has accepted all eight recommendations.

In response to the report, Law Council president Dr Jacoba Brasch regarded their ability to use intrusive powers to access telecommunications data as deeply troubling.

Many of the 135 breaches identified by the Ombudsman concern failure to comply with essential statutory requirements and are more extensive than the problems identified in the AFP’s internal audit commissioned in 2020, Dr Brasch said.

“For instance, the Ombudsman found evidence that the AFP officers responsible for internally authorising access to such data had, in several instances, only spent minutes assessing requests, and in some cases had approved access without any evidence suggesting they had been given sufficient information about the case to satisfy the statutory issuing requirements,” Dr Brasch said.

“The individual breaches identified by the Ombudsman, and their causes, are deeply troubling in isolation and appear to identify systemic failings in the exercise of a highly intrusive power and comes at a time with the government is moving to extend the powers of law enforcement and security agencies.

“The Law Council agrees with the Ombudsman that these breaches, and their underlying causes, need to be considered in the context of major proposed expansions of the AFP’s intrusive electronic surveillance powers.

“The Law Council has repeatedly called for stronger statutory safeguards to be applied to the major proposed expansions of the AFP’s intrusive electronic surveillance powers, including more rigorous issuing criteria and clear statutory limitations on the scope of powers, so that there is strong statutory guidance to officers.”

Following the release of the report, Canberra’s chief police officer Neil Gaughan has apologised for the situation that they have found themselves in.

“But I can give a guarantee to the community of the ACT that will do better next time and into the future,” he said.

“I’m not happy where we’ve got to, and we need to do better. We’re a community policing organisation and every time we do something that digs at that trust, we need to do a hundred things better to re-build at that trust.

“The Commonwealth Ombudsman has made eight recommendations and we accept all of them.”

Mr Gaughan also emphasised the desire to create a safe environment to make sure that if people have concerns about things that are being done that people have a place where they can go.

“I want to create an environment where people feel safe to report matters,” he said.