Unlawful Metadata Access Is Easy When We’re Flogging a Dead Law

in practice, the legislation was passed.

It committed Australia to a data retention scheme at a time when a similar scheme in Europe was ruled invalid for being incompatible with fundamental rights.

Confusing Laws Mean Safeguards Don’t Work
Law enforcement and intelligence agencies should have access to metadata, but the current system does not strike the right balance between privacy and law enforcement.

The gaps between the two laws that regulate the scheme allow the agencies and police to exploit them for their own purposes.

The first act, originally enacted in 1979 and amended at least 105 times over the last 40 years, was originally drafted to permit telephone intercepts.

The second act, Telecommunications Act 1997 originally contained provisions permitting access to metadata. But some elements were transferred to the 1979 act, leaving a broken and contradictory system of access and loopholes spread across the legislation.

These “logistical” issues result in a metadata access and retention scheme with very few safeguards.

Other safeguards are flawed: access to a journalist’s metadata under a “journalist information warrant” doesn’t actually protect sources, especially since the Public Interest Advocate isn’t bound to make a submission.

And others were deemed unnecessary, like restrictions on access to a lawyer’s metadata, despite professional secrecy obligations; or a requirement beyond a “self-authorization” to access metadata in general.

So, What Should We Do to Fix the Australian System?
Put simply, Australian communications have changed, so our metadata access laws need to change too. We can start by recognizing modern metadata retention and access has large scale privacy implications, surpassing those surrounding telephone intercepts.

We need to assess those implications based on what metadata – now collected and processed via very different technologies – can reveal.

Accessing particularly sensitive types of metadata should require a judicial warrant and an investigation of a sufficiently serious offence that leads to imprisonment.

On the other hand, access to subscriber details, such as name and address, may be available under a less rigorous system of access, but still must be more restricted than the current regime. Even name and address information can be open to abuse.

Past parliamentary inquiries and reviews held throughout 2000s and 2010s have recommended a complete reform of the metadata regime. But these calls have gone unanswered.

We hope the current review also recommends a complete overhaul. A new review to redesign the scheme should be commissioned as soon as possible.

Above all, the government should consider the impact of such system on human rights. Australians deserve to know that access to their metadata is limited, and that metadata access will not be used to prosecute whistle-blowers and journalists for doing their jobs.

Genna Churches is Ph.D. Candidate, UNSW. Monika Zalnieriute is Research Fellow, Lead of ‘Technologies and Rule of Law’ Stream, UNSW. This article is published courtesy of The Conversation.