Re: [AusNOG] Fwd: PJCIS: REVIEW OF THE MANDATORY DATA RETENTION REGIME, INVITATION TO MAKE A SUBMISSION

2019-11-05 Thread Paul Wilkins 
Upcoming Public Hearings


*06 Dec 2019:* Canberra, ACT




On Thu, 19 Sep 2019 at 10:21, Paul Wilkins  wrote:

> NSW Police Force submission #39
> 
>
> On Wed, 11 Sep 2019 at 10:51, Paul Wilkins 
> wrote:
>
>>
>> Home affairs unlawfully accessed stored metadata, ombudsman reveals
>> 
>>
>>
>> The home affairs department ordered companies to preserve metadata and
>> used warrants to access it “without proper authority” and twice
>> unlawfully accessed stored communications, according to an ombudsman’s
>> report.
>>
>> In a sequel to the report revealing 116 illegal metadata searches by the
>> ACT police
>> ,
>> later admitted to number more than 3,000
>> ,
>> the Commonwealth Ombudsman has declared that unlawful access by government
>> agencies has “reduced significantly” since 2016-17.
>>
>> But despite improved compliance, the ombudsman still found a litany of
>> errors between 1 July 2017 and 30 June 2018 such as 31 instances of
>> agencies receiving data outside the parameters of the authority, including
>> 26 at the home affairs department.
>>
>> In 2015 law enforcement agencies gained the power to access individuals’
>> metadata – information about a communication which does not include its
>> content – when investigating certain offences, subject to oversight from
>> the ombudsman.
>>
>> In its latest report, tabled in parliament on Tuesday, the ombudsman
>> concluded that agencies were “generally exercising their powers …
>> appropriately” but highlighted lapses including:...
>>
>> On Tue, 13 Aug 2019 at 15:53, Paul Wilkins 
>> wrote:
>>
>>> I found this rather cryptic observation in the submission
>>> 
>>> from the Inspector General of Intelligence and Security. It points out
>>> where metadata retained under the Data Retention regime, may be accessed
>>> without a warrant, where the data in question is not content. Such would
>>> obviously be the case where LEAs sought access to metadata datastreams
>>> using a TCN as the enabling authorisation. After due consideration of a
>>> number of other PJCIS submissions, I'm yet more confident than where I
>>> first laid out the case to PJCIS back last November, that a combination of
>>> s280/s313 or s177 and TCN would be sufficient for LEAs to gain access to
>>> metadata datastreams without warrant or any judicial or parliamentary
>>> oversite.
>>>
>>> It should also be noted that although the obligations in the
>>> Telecommunications Act 1997 prevent carriers and carriage service providers
>>> from disclosing telecommunications data without a warrant or authorisation
>>> in place, these obligations do not prevent agencies from accessing that
>>> data using other means. Any access by an agency to telecommunications data
>>> that does not require disclosure by a carrier or carriage service provider
>>> would therefore not require a warrant or authorisation, unless it also
>>> involved accessing content or unauthorised access to a computer.
>>>
>>>
>>>
>>> *Access to telecommunications data outside Chapter 4 of the TIA ActThe
>>> Committee may wish to discuss with relevant agencies the extent, if any, to
>>> which telecommunications data is accessed outside the framework provided by
>>> Chapter 4 of the TIA Act.*
>>>
>>> The Australian Information Commissioner's submission
>>> 
>>>  could
>>> also be regarded as making the case that s280/s313 substantiate warrantless
>>> access to metadata.
>>>
>>> The OAIC recommends that the Committee consider implementing an
>>> enforceable restriction on the agencies that are permitted to access
>>> telecommunications data, noting this was a safeguard that provided privacy
>>> protections in the absence of more formal mechanisms such as a
>>> warrant-based access regime. As the law currently stands, there appears to
>>> be mechanisms for accessing telecommunications data outside of the TIA Act
>>> that, while permitted, have the practical impact of reducing the
>>> effectiveness of safeguards in the TIA Act.
>>>
>>> Kind regards
>>>
>>> Paul Wilkins
>>>
>>> On Sat, 27 Jul 2019 at 14:56, Paul Wilkins 
>>> wrote:
>>>
 Report in the Guardian today of judicial and governance experts
 increasingly concerned Australia is stifling journalism a

Re: [AusNOG] Fwd: PJCIS: REVIEW OF THE MANDATORY DATA RETENTION REGIME, INVITATION TO MAKE A SUBMISSION

2019-09-18 Thread Paul Wilkins 
NSW Police Force submission #39


On Wed, 11 Sep 2019 at 10:51, Paul Wilkins  wrote:

>
> Home affairs unlawfully accessed stored metadata, ombudsman reveals
> 
>
>
> The home affairs department ordered companies to preserve metadata and
> used warrants to access it “without proper authority” and twice
> unlawfully accessed stored communications, according to an ombudsman’s
> report.
>
> In a sequel to the report revealing 116 illegal metadata searches by the
> ACT police
> ,
> later admitted to number more than 3,000
> ,
> the Commonwealth Ombudsman has declared that unlawful access by government
> agencies has “reduced significantly” since 2016-17.
>
> But despite improved compliance, the ombudsman still found a litany of
> errors between 1 July 2017 and 30 June 2018 such as 31 instances of
> agencies receiving data outside the parameters of the authority, including
> 26 at the home affairs department.
>
> In 2015 law enforcement agencies gained the power to access individuals’
> metadata – information about a communication which does not include its
> content – when investigating certain offences, subject to oversight from
> the ombudsman.
>
> In its latest report, tabled in parliament on Tuesday, the ombudsman
> concluded that agencies were “generally exercising their powers …
> appropriately” but highlighted lapses including:...
>
> On Tue, 13 Aug 2019 at 15:53, Paul Wilkins 
> wrote:
>
>> I found this rather cryptic observation in the submission
>> 
>> from the Inspector General of Intelligence and Security. It points out
>> where metadata retained under the Data Retention regime, may be accessed
>> without a warrant, where the data in question is not content. Such would
>> obviously be the case where LEAs sought access to metadata datastreams
>> using a TCN as the enabling authorisation. After due consideration of a
>> number of other PJCIS submissions, I'm yet more confident than where I
>> first laid out the case to PJCIS back last November, that a combination of
>> s280/s313 or s177 and TCN would be sufficient for LEAs to gain access to
>> metadata datastreams without warrant or any judicial or parliamentary
>> oversite.
>>
>> It should also be noted that although the obligations in the
>> Telecommunications Act 1997 prevent carriers and carriage service providers
>> from disclosing telecommunications data without a warrant or authorisation
>> in place, these obligations do not prevent agencies from accessing that
>> data using other means. Any access by an agency to telecommunications data
>> that does not require disclosure by a carrier or carriage service provider
>> would therefore not require a warrant or authorisation, unless it also
>> involved accessing content or unauthorised access to a computer.
>>
>>
>>
>> *Access to telecommunications data outside Chapter 4 of the TIA ActThe
>> Committee may wish to discuss with relevant agencies the extent, if any, to
>> which telecommunications data is accessed outside the framework provided by
>> Chapter 4 of the TIA Act.*
>>
>> The Australian Information Commissioner's submission
>> 
>>  could
>> also be regarded as making the case that s280/s313 substantiate warrantless
>> access to metadata.
>>
>> The OAIC recommends that the Committee consider implementing an
>> enforceable restriction on the agencies that are permitted to access
>> telecommunications data, noting this was a safeguard that provided privacy
>> protections in the absence of more formal mechanisms such as a
>> warrant-based access regime. As the law currently stands, there appears to
>> be mechanisms for accessing telecommunications data outside of the TIA Act
>> that, while permitted, have the practical impact of reducing the
>> effectiveness of safeguards in the TIA Act.
>>
>> Kind regards
>>
>> Paul Wilkins
>>
>> On Sat, 27 Jul 2019 at 14:56, Paul Wilkins 
>> wrote:
>>
>>> Report in the Guardian today of judicial and governance experts
>>> increasingly concerned Australia is stifling journalism and State
>>> accountability playing the security trump card.
>>>
>>> National security being used to stifle public interest journalism,
>>> former judges warn
>>> 
>>>
>>> As rega

Re: [AusNOG] Fwd: PJCIS: REVIEW OF THE MANDATORY DATA RETENTION REGIME, INVITATION TO MAKE A SUBMISSION

2019-09-10 Thread Paul Wilkins 
Home affairs unlawfully accessed stored metadata, ombudsman reveals



The home affairs department ordered companies to preserve metadata and used
warrants to access it “without proper authority” and twice unlawfully
accessed stored communications, according to an ombudsman’s report.

In a sequel to the report revealing 116 illegal metadata searches by the
ACT police
,
later admitted to number more than 3,000
,
the Commonwealth Ombudsman has declared that unlawful access by government
agencies has “reduced significantly” since 2016-17.

But despite improved compliance, the ombudsman still found a litany of
errors between 1 July 2017 and 30 June 2018 such as 31 instances of
agencies receiving data outside the parameters of the authority, including
26 at the home affairs department.

In 2015 law enforcement agencies gained the power to access individuals’
metadata – information about a communication which does not include its
content – when investigating certain offences, subject to oversight from
the ombudsman.

In its latest report, tabled in parliament on Tuesday, the ombudsman
concluded that agencies were “generally exercising their powers …
appropriately” but highlighted lapses including:...

On Tue, 13 Aug 2019 at 15:53, Paul Wilkins  wrote:

> I found this rather cryptic observation in the submission
> 
> from the Inspector General of Intelligence and Security. It points out
> where metadata retained under the Data Retention regime, may be accessed
> without a warrant, where the data in question is not content. Such would
> obviously be the case where LEAs sought access to metadata datastreams
> using a TCN as the enabling authorisation. After due consideration of a
> number of other PJCIS submissions, I'm yet more confident than where I
> first laid out the case to PJCIS back last November, that a combination of
> s280/s313 or s177 and TCN would be sufficient for LEAs to gain access to
> metadata datastreams without warrant or any judicial or parliamentary
> oversite.
>
> It should also be noted that although the obligations in the
> Telecommunications Act 1997 prevent carriers and carriage service providers
> from disclosing telecommunications data without a warrant or authorisation
> in place, these obligations do not prevent agencies from accessing that
> data using other means. Any access by an agency to telecommunications data
> that does not require disclosure by a carrier or carriage service provider
> would therefore not require a warrant or authorisation, unless it also
> involved accessing content or unauthorised access to a computer.
>
>
>
> *Access to telecommunications data outside Chapter 4 of the TIA ActThe
> Committee may wish to discuss with relevant agencies the extent, if any, to
> which telecommunications data is accessed outside the framework provided by
> Chapter 4 of the TIA Act.*
>
> The Australian Information Commissioner's submission
> 
>  could
> also be regarded as making the case that s280/s313 substantiate warrantless
> access to metadata.
>
> The OAIC recommends that the Committee consider implementing an
> enforceable restriction on the agencies that are permitted to access
> telecommunications data, noting this was a safeguard that provided privacy
> protections in the absence of more formal mechanisms such as a
> warrant-based access regime. As the law currently stands, there appears to
> be mechanisms for accessing telecommunications data outside of the TIA Act
> that, while permitted, have the practical impact of reducing the
> effectiveness of safeguards in the TIA Act.
>
> Kind regards
>
> Paul Wilkins
>
> On Sat, 27 Jul 2019 at 14:56, Paul Wilkins 
> wrote:
>
>> Report in the Guardian today of judicial and governance experts
>> increasingly concerned Australia is stifling journalism and State
>> accountability playing the security trump card.
>>
>> National security being used to stifle public interest journalism, former
>> judges warn
>> 
>>
>> As regards the consequences of this, Data Retention means that
>> conventional avenues for whistleblowers to contact national media are
>> severely curtailed, where the Feds can apply for journalist warrants, as
>> they have recently, to go after the ABC et al. And as has been pointed out,
>> no warrant is req

Re: [AusNOG] Fwd: PJCIS: REVIEW OF THE MANDATORY DATA RETENTION REGIME, INVITATION TO MAKE A SUBMISSION

2019-08-12 Thread Paul Wilkins 
I found this rather cryptic observation in the submission

from the Inspector General of Intelligence and Security. It points out
where metadata retained under the Data Retention regime, may be accessed
without a warrant, where the data in question is not content. Such would
obviously be the case where LEAs sought access to metadata datastreams
using a TCN as the enabling authorisation. After due consideration of a
number of other PJCIS submissions, I'm yet more confident than where I
first laid out the case to PJCIS back last November, that a combination of
s280/s313 or s177 and TCN would be sufficient for LEAs to gain access to
metadata datastreams without warrant or any judicial or parliamentary
oversite.

It should also be noted that although the obligations in the
Telecommunications Act 1997 prevent carriers and carriage service providers
from disclosing telecommunications data without a warrant or authorisation
in place, these obligations do not prevent agencies from accessing that
data using other means. Any access by an agency to telecommunications data
that does not require disclosure by a carrier or carriage service provider
would therefore not require a warrant or authorisation, unless it also
involved accessing content or unauthorised access to a computer.



*Access to telecommunications data outside Chapter 4 of the TIA ActThe
Committee may wish to discuss with relevant agencies the extent, if any, to
which telecommunications data is accessed outside the framework provided by
Chapter 4 of the TIA Act.*

The Australian Information Commissioner's submission

could
also be regarded as making the case that s280/s313 substantiate warrantless
access to metadata.

The OAIC recommends that the Committee consider implementing an enforceable
restriction on the agencies that are permitted to access telecommunications
data, noting this was a safeguard that provided privacy protections in the
absence of more formal mechanisms such as a warrant-based access regime. As
the law currently stands, there appears to be mechanisms for accessing
telecommunications data outside of the TIA Act that, while permitted, have
the practical impact of reducing the effectiveness of safeguards in the TIA
Act.

Kind regards

Paul Wilkins

On Sat, 27 Jul 2019 at 14:56, Paul Wilkins  wrote:

> Report in the Guardian today of judicial and governance experts
> increasingly concerned Australia is stifling journalism and State
> accountability playing the security trump card.
>
> National security being used to stifle public interest journalism, former
> judges warn
> 
>
> As regards the consequences of this, Data Retention means that
> conventional avenues for whistleblowers to contact national media are
> severely curtailed, where the Feds can apply for journalist warrants, as
> they have recently, to go after the ABC et al. And as has been pointed out,
> no warrant is required to access data retention of non journalist sources
> suspected of leaking, which gives police an end around the journalist
> warrant process anyway.
>
> Now from a jurisprudential prism within the Australian jurisdiction, this
> looks like a simple conflict of security versus accountability, but not so.
> Because of the reach of the internet beyond Australia's jurisdiction, the
> Data Retention regime creates a situation where whistleblowers have
> options. They can either leak their concerns to an Australian media
> organisation, and run the gambit of being exposed, or, they may prefer to
> leak to organisations outside the Australian jurisdiction, to organisations
> who won't have the national interest as a concern, nor the constraints of
> operating as a media organisation within the Australian jurisdiction. Which
> is kind of germane if you were say, inclined towards leaking matters
> pertaining to national security.
>
> Kind regards
>
> Paul Wilkins
>
> On Wed, 17 Jul 2019 at 11:29, Mark Smith  wrote:
>
>>
>>
>> On Wed, 17 Jul 2019 at 10:32, Paul Wilkins 
>> wrote:
>>
>>> Comms Alliance submission
>>> 
>>> makes the case that the costs of Data Retention are not being properly
>>> compensated, with substantial incurred costs being a carrier expense.
>>>
>>>
>>> The initial capital costs incurred by industry to meet the requirements
>>> of the regime were
>>> partially – but not fully – met via grants from Government. As has been
>>> highlighted in
>>> information presented to the committee, industry has incurred a net cost
>>> to meet its
>>> obligations under the regime of *at least $171m over a four year period*,
>>> despite cost

Re: [AusNOG] Fwd: PJCIS: REVIEW OF THE MANDATORY DATA RETENTION REGIME, INVITATION TO MAKE A SUBMISSION

2019-07-26 Thread Paul Wilkins 
Report in the Guardian today of judicial and governance experts
increasingly concerned Australia is stifling journalism and State
accountability playing the security trump card.

National security being used to stifle public interest journalism, former
judges warn


As regards the consequences of this, Data Retention means that conventional
avenues for whistleblowers to contact national media are severely
curtailed, where the Feds can apply for journalist warrants, as they have
recently, to go after the ABC et al. And as has been pointed out, no
warrant is required to access data retention of non journalist sources
suspected of leaking, which gives police an end around the journalist
warrant process anyway.

Now from a jurisprudential prism within the Australian jurisdiction, this
looks like a simple conflict of security versus accountability, but not so.
Because of the reach of the internet beyond Australia's jurisdiction, the
Data Retention regime creates a situation where whistleblowers have
options. They can either leak their concerns to an Australian media
organisation, and run the gambit of being exposed, or, they may prefer to
leak to organisations outside the Australian jurisdiction, to organisations
who won't have the national interest as a concern, nor the constraints of
operating as a media organisation within the Australian jurisdiction. Which
is kind of germane if you were say, inclined towards leaking matters
pertaining to national security.

Kind regards

Paul Wilkins

On Wed, 17 Jul 2019 at 11:29, Mark Smith  wrote:

>
>
> On Wed, 17 Jul 2019 at 10:32, Paul Wilkins 
> wrote:
>
>> Comms Alliance submission
>> 
>> makes the case that the costs of Data Retention are not being properly
>> compensated, with substantial incurred costs being a carrier expense.
>>
>>
>> The initial capital costs incurred by industry to meet the requirements
>> of the regime were
>> partially – but not fully – met via grants from Government. As has been
>> highlighted in
>> information presented to the committee, industry has incurred a net cost
>> to meet its
>> obligations under the regime of *at least $171m over a four year period*,
>> despite cost-recovery mechanisms being in place.
>>
>> This gets more interesting still, when you begin to consider the
>> substantially more expensive and complex TCNs/TANs.
>>
>
> The less carriers there are, the better suited it is to the government's
> surveillance agenda. It must have been really easy for LEAs to only have to
> deal with PMG and then Telecom. So if they cost a carrier out of business,
> they'll only be crying crocodile tears.
>
> There are many threats to many parties in this agenda, that's perhaps one
> not really recognised.
>
>
>
>>
>> Kind regards
>>
>>
>> Paul Wilkins
>>
>> On Thu, 11 Jul 2019 at 11:50, Paul Wilkins 
>> wrote:
>>
>>> This enquiry has data retention back in the news, that and recent AFP
>>> execution of search warrants on journalists.
>>>
>>> Link to PJCIS submissions
>>> 
>>>
>>> Kind regards
>>>
>>> Paul Wilkins
>>>
>>> On Tue, 2 Jul 2019 at 11:38, Paul Wilkins 
>>> wrote:
>>>
 News this morning that the Victorian government is developing plans to
 use mobile apps to track commuters. The government argues the data will be
 used to improve travel times. This however, ignores the larger picture,
 that across all Australian governments, both State and Federal, there's a
 forward going agenda to widen the meta data kept on citizens - CCTV facial
 recognition, license plate capture, and that these data bases are being
 integrated by law enforcement.

 So where there exists the theoretical possibility that data retention
 metadata can now, under existing law, be integrated into other law
 enforcement databases under TANs/TCNs, there is a genuine concern that
 blandishments by law enforcement that "we wouldn't do that" may not
 actually be an effective check on creeping extensions of police powers, and
 that there should in fact be legislated protections against the use of data
 retention datasets.

 Kind regards

 Paul Wilkins

 On Fri, 21 Jun 2019 at 17:05, Paul Wilkins 
 wrote:

> Submissions close 1st July for those so foolhardy as to throw their
> random stream of consciousness into the void of Dep't Home Affairs'
> accountability.
>
> And when you throw your random stream of consciousness into the void,
> the void throws its random stream of consciousness back at you, or
> something.
>
> Kind regards
>
> Paul Wilkins
>
> On Sat, 13 Apr 2019 at 1

Re: [AusNOG] Fwd: PJCIS: REVIEW OF THE MANDATORY DATA RETENTION REGIME, INVITATION TO MAKE A SUBMISSION

2019-07-16 Thread Mark Smith 
On Wed, 17 Jul 2019 at 10:32, Paul Wilkins  wrote:

> Comms Alliance submission
> 
> makes the case that the costs of Data Retention are not being properly
> compensated, with substantial incurred costs being a carrier expense.
>
>
> The initial capital costs incurred by industry to meet the requirements of
> the regime were
> partially – but not fully – met via grants from Government. As has been
> highlighted in
> information presented to the committee, industry has incurred a net cost
> to meet its
> obligations under the regime of *at least $171m over a four year period*,
> despite cost-recovery mechanisms being in place.
>
> This gets more interesting still, when you begin to consider the
> substantially more expensive and complex TCNs/TANs.
>

The less carriers there are, the better suited it is to the government's
surveillance agenda. It must have been really easy for LEAs to only have to
deal with PMG and then Telecom. So if they cost a carrier out of business,
they'll only be crying crocodile tears.

There are many threats to many parties in this agenda, that's perhaps one
not really recognised.



>
> Kind regards
>
>
> Paul Wilkins
>
> On Thu, 11 Jul 2019 at 11:50, Paul Wilkins 
> wrote:
>
>> This enquiry has data retention back in the news, that and recent AFP
>> execution of search warrants on journalists.
>>
>> Link to PJCIS submissions
>> 
>>
>> Kind regards
>>
>> Paul Wilkins
>>
>> On Tue, 2 Jul 2019 at 11:38, Paul Wilkins 
>> wrote:
>>
>>> News this morning that the Victorian government is developing plans to
>>> use mobile apps to track commuters. The government argues the data will be
>>> used to improve travel times. This however, ignores the larger picture,
>>> that across all Australian governments, both State and Federal, there's a
>>> forward going agenda to widen the meta data kept on citizens - CCTV facial
>>> recognition, license plate capture, and that these data bases are being
>>> integrated by law enforcement.
>>>
>>> So where there exists the theoretical possibility that data retention
>>> metadata can now, under existing law, be integrated into other law
>>> enforcement databases under TANs/TCNs, there is a genuine concern that
>>> blandishments by law enforcement that "we wouldn't do that" may not
>>> actually be an effective check on creeping extensions of police powers, and
>>> that there should in fact be legislated protections against the use of data
>>> retention datasets.
>>>
>>> Kind regards
>>>
>>> Paul Wilkins
>>>
>>> On Fri, 21 Jun 2019 at 17:05, Paul Wilkins 
>>> wrote:
>>>
 Submissions close 1st July for those so foolhardy as to throw their
 random stream of consciousness into the void of Dep't Home Affairs'
 accountability.

 And when you throw your random stream of consciousness into the void,
 the void throws its random stream of consciousness back at you, or
 something.

 Kind regards

 Paul Wilkins

 On Sat, 13 Apr 2019 at 11:26, Paul Wilkins 
 wrote:

> I raised the point in my PJCIS submissions regarding the Assistance
> and Access Act, that TANs/TCNs are potentially sufficient grounds to serve
> as authorisation under s280/s313 of the Telecommunications Act for the
> access of Data Retention datasets, and so provide the necessary enabling
> legislation for law enforcement to institute access to metadata 
> datastreams.
>
> I had thought with the election announced, there'd be some respite
> from this rinse/repeat cycle of calling for public submissions. Just when
> you thought it was safe to go back in the water.
>
> Kind regards
>
> Paul Wilkins
>
>
> On Fri, 12 Apr 2019 at 19:29, Robert Hudson  wrote:
>
>>
>>
>> -- Forwarded message -
>> From: ITPA President 
>> Date: Wed, 10 Apr 2019 at 20:27
>> Subject: Fwd: PJCIS: REVIEW OF THE MANDATORY DATA RETENTION REGIME,
>> INVITATION TO MAKE A SUBMISSION
>> To: 
>>
>>
>> FYI
>>
>> -- Forwarded message -
>> From: Little, Robert (REPS) 
>> Date: Fri, 5 Apr 2019 at 13:23
>> Subject: PJCIS: REVIEW OF THE MANDATORY DATA RETENTION REGIME,
>> INVITATION TO MAKE A SUBMISSION
>> To:
>>
>>
>> *PARLIAMENTARY JOINT COMMITTEE ON INTELLIGENCE AND SECURITY*
>>
>> *REVIEW OF THE MANDATORY DATA RETENTION REGIME*
>>
>> *INVITATION TO MAKE A SUBMISSION*
>> The Parliamentary Joint Committee on Intelligence and Security has
>> commenced a review of the mandatory data retention regime proscribed by
>> Part 5-1A of the *Telecommunications (Interception and Access) Act
>> 1979 (TIA Act).* 
>>

Re: [AusNOG] Fwd: PJCIS: REVIEW OF THE MANDATORY DATA RETENTION REGIME, INVITATION TO MAKE A SUBMISSION

2019-07-16 Thread Paul Wilkins 
Comms Alliance submission

makes the case that the costs of Data Retention are not being properly
compensated, with substantial incurred costs being a carrier expense.


The initial capital costs incurred by industry to meet the requirements of
the regime were
partially – but not fully – met via grants from Government. As has been
highlighted in
information presented to the committee, industry has incurred a net cost to
meet its
obligations under the regime of *at least $171m over a four year period*,
despite cost-recovery mechanisms being in place.

This gets more interesting still, when you begin to consider the
substantially more expensive and complex TCNs/TANs.

Kind regards


Paul Wilkins

On Thu, 11 Jul 2019 at 11:50, Paul Wilkins  wrote:

> This enquiry has data retention back in the news, that and recent AFP
> execution of search warrants on journalists.
>
> Link to PJCIS submissions
> 
>
> Kind regards
>
> Paul Wilkins
>
> On Tue, 2 Jul 2019 at 11:38, Paul Wilkins 
> wrote:
>
>> News this morning that the Victorian government is developing plans to
>> use mobile apps to track commuters. The government argues the data will be
>> used to improve travel times. This however, ignores the larger picture,
>> that across all Australian governments, both State and Federal, there's a
>> forward going agenda to widen the meta data kept on citizens - CCTV facial
>> recognition, license plate capture, and that these data bases are being
>> integrated by law enforcement.
>>
>> So where there exists the theoretical possibility that data retention
>> metadata can now, under existing law, be integrated into other law
>> enforcement databases under TANs/TCNs, there is a genuine concern that
>> blandishments by law enforcement that "we wouldn't do that" may not
>> actually be an effective check on creeping extensions of police powers, and
>> that there should in fact be legislated protections against the use of data
>> retention datasets.
>>
>> Kind regards
>>
>> Paul Wilkins
>>
>> On Fri, 21 Jun 2019 at 17:05, Paul Wilkins 
>> wrote:
>>
>>> Submissions close 1st July for those so foolhardy as to throw their
>>> random stream of consciousness into the void of Dep't Home Affairs'
>>> accountability.
>>>
>>> And when you throw your random stream of consciousness into the void,
>>> the void throws its random stream of consciousness back at you, or
>>> something.
>>>
>>> Kind regards
>>>
>>> Paul Wilkins
>>>
>>> On Sat, 13 Apr 2019 at 11:26, Paul Wilkins 
>>> wrote:
>>>
 I raised the point in my PJCIS submissions regarding the Assistance and
 Access Act, that TANs/TCNs are potentially sufficient grounds to serve as
 authorisation under s280/s313 of the Telecommunications Act for the access
 of Data Retention datasets, and so provide the necessary enabling
 legislation for law enforcement to institute access to metadata 
 datastreams.

 I had thought with the election announced, there'd be some respite from
 this rinse/repeat cycle of calling for public submissions. Just when you
 thought it was safe to go back in the water.

 Kind regards

 Paul Wilkins


 On Fri, 12 Apr 2019 at 19:29, Robert Hudson  wrote:

>
>
> -- Forwarded message -
> From: ITPA President 
> Date: Wed, 10 Apr 2019 at 20:27
> Subject: Fwd: PJCIS: REVIEW OF THE MANDATORY DATA RETENTION REGIME,
> INVITATION TO MAKE A SUBMISSION
> To: 
>
>
> FYI
>
> -- Forwarded message -
> From: Little, Robert (REPS) 
> Date: Fri, 5 Apr 2019 at 13:23
> Subject: PJCIS: REVIEW OF THE MANDATORY DATA RETENTION REGIME,
> INVITATION TO MAKE A SUBMISSION
> To:
>
>
> *PARLIAMENTARY JOINT COMMITTEE ON INTELLIGENCE AND SECURITY*
>
> *REVIEW OF THE MANDATORY DATA RETENTION REGIME*
>
> *INVITATION TO MAKE A SUBMISSION*
> The Parliamentary Joint Committee on Intelligence and Security has
> commenced a review of the mandatory data retention regime proscribed by
> Part 5-1A of the *Telecommunications (Interception and Access) Act
> 1979 (TIA Act).* 
> On behalf of the Committee I am writing to invite you to make a submission
> to the Committee’s review.
> The mandatory data retention regime is a legislative framework which
> requires carriers, carriage service providers and internet service
> providers to retain a defined set of telecommunications data for two 
> years,
> ensuring that such data remains available for law enforcement and national
> security investigations.
> Section 187N of the TIA Act provides for the review and requires the
> Committee to report

Re: [AusNOG] Fwd: PJCIS: REVIEW OF THE MANDATORY DATA RETENTION REGIME, INVITATION TO MAKE A SUBMISSION

2019-07-10 Thread Paul Wilkins 
This enquiry has data retention back in the news, that and recent AFP
execution of search warrants on journalists.

Link to PJCIS submissions


Kind regards

Paul Wilkins

On Tue, 2 Jul 2019 at 11:38, Paul Wilkins  wrote:

> News this morning that the Victorian government is developing plans to use
> mobile apps to track commuters. The government argues the data will be used
> to improve travel times. This however, ignores the larger picture, that
> across all Australian governments, both State and Federal, there's a
> forward going agenda to widen the meta data kept on citizens - CCTV facial
> recognition, license plate capture, and that these data bases are being
> integrated by law enforcement.
>
> So where there exists the theoretical possibility that data retention
> metadata can now, under existing law, be integrated into other law
> enforcement databases under TANs/TCNs, there is a genuine concern that
> blandishments by law enforcement that "we wouldn't do that" may not
> actually be an effective check on creeping extensions of police powers, and
> that there should in fact be legislated protections against the use of data
> retention datasets.
>
> Kind regards
>
> Paul Wilkins
>
> On Fri, 21 Jun 2019 at 17:05, Paul Wilkins 
> wrote:
>
>> Submissions close 1st July for those so foolhardy as to throw their
>> random stream of consciousness into the void of Dep't Home Affairs'
>> accountability.
>>
>> And when you throw your random stream of consciousness into the void, the
>> void throws its random stream of consciousness back at you, or something.
>>
>> Kind regards
>>
>> Paul Wilkins
>>
>> On Sat, 13 Apr 2019 at 11:26, Paul Wilkins 
>> wrote:
>>
>>> I raised the point in my PJCIS submissions regarding the Assistance and
>>> Access Act, that TANs/TCNs are potentially sufficient grounds to serve as
>>> authorisation under s280/s313 of the Telecommunications Act for the access
>>> of Data Retention datasets, and so provide the necessary enabling
>>> legislation for law enforcement to institute access to metadata datastreams.
>>>
>>> I had thought with the election announced, there'd be some respite from
>>> this rinse/repeat cycle of calling for public submissions. Just when you
>>> thought it was safe to go back in the water.
>>>
>>> Kind regards
>>>
>>> Paul Wilkins
>>>
>>>
>>> On Fri, 12 Apr 2019 at 19:29, Robert Hudson  wrote:
>>>


 -- Forwarded message -
 From: ITPA President 
 Date: Wed, 10 Apr 2019 at 20:27
 Subject: Fwd: PJCIS: REVIEW OF THE MANDATORY DATA RETENTION REGIME,
 INVITATION TO MAKE A SUBMISSION
 To: 


 FYI

 -- Forwarded message -
 From: Little, Robert (REPS) 
 Date: Fri, 5 Apr 2019 at 13:23
 Subject: PJCIS: REVIEW OF THE MANDATORY DATA RETENTION REGIME,
 INVITATION TO MAKE A SUBMISSION
 To:


 *PARLIAMENTARY JOINT COMMITTEE ON INTELLIGENCE AND SECURITY*

 *REVIEW OF THE MANDATORY DATA RETENTION REGIME*

 *INVITATION TO MAKE A SUBMISSION*
 The Parliamentary Joint Committee on Intelligence and Security has
 commenced a review of the mandatory data retention regime proscribed by
 Part 5-1A of the *Telecommunications (Interception and Access) Act
 1979 (TIA Act).* 
 On behalf of the Committee I am writing to invite you to make a submission
 to the Committee’s review.
 The mandatory data retention regime is a legislative framework which
 requires carriers, carriage service providers and internet service
 providers to retain a defined set of telecommunications data for two years,
 ensuring that such data remains available for law enforcement and national
 security investigations.
 Section 187N of the TIA Act provides for the review and requires the
 Committee to report by 13 April 2020. Terms of reference are available
 here
 
 .
 The Committee has resolved to focus on the following aspects of the
 legislation:

- the continued effectiveness of the scheme, taking into account
changes in the use of technology since the passage of the Bill;
- the appropriateness of the dataset and retention period;
- costs, including ongoing costs borne by service providers for
compliance with the regime, any potential improvements to oversight,
including in relation to journalist information warrants;
- any regulations and determinations made under the regime;
- the number of complaints about the scheme to relevant bodies,
including the Commonwealth Ombudsman and the Inspector-General of
Intelligence and Security;

Re: [AusNOG] Fwd: PJCIS: REVIEW OF THE MANDATORY DATA RETENTION REGIME, INVITATION TO MAKE A SUBMISSION

2019-07-01 Thread Paul Wilkins 
News this morning that the Victorian government is developing plans to use
mobile apps to track commuters. The government argues the data will be used
to improve travel times. This however, ignores the larger picture, that
across all Australian governments, both State and Federal, there's a
forward going agenda to widen the meta data kept on citizens - CCTV facial
recognition, license plate capture, and that these data bases are being
integrated by law enforcement.

So where there exists the theoretical possibility that data retention
metadata can now, under existing law, be integrated into other law
enforcement databases under TANs/TCNs, there is a genuine concern that
blandishments by law enforcement that "we wouldn't do that" may not
actually be an effective check on creeping extensions of police powers, and
that there should in fact be legislated protections against the use of data
retention datasets.

Kind regards

Paul Wilkins

On Fri, 21 Jun 2019 at 17:05, Paul Wilkins  wrote:

> Submissions close 1st July for those so foolhardy as to throw their random
> stream of consciousness into the void of Dep't Home Affairs' accountability.
>
> And when you throw your random stream of consciousness into the void, the
> void throws its random stream of consciousness back at you, or something.
>
> Kind regards
>
> Paul Wilkins
>
> On Sat, 13 Apr 2019 at 11:26, Paul Wilkins 
> wrote:
>
>> I raised the point in my PJCIS submissions regarding the Assistance and
>> Access Act, that TANs/TCNs are potentially sufficient grounds to serve as
>> authorisation under s280/s313 of the Telecommunications Act for the access
>> of Data Retention datasets, and so provide the necessary enabling
>> legislation for law enforcement to institute access to metadata datastreams.
>>
>> I had thought with the election announced, there'd be some respite from
>> this rinse/repeat cycle of calling for public submissions. Just when you
>> thought it was safe to go back in the water.
>>
>> Kind regards
>>
>> Paul Wilkins
>>
>>
>> On Fri, 12 Apr 2019 at 19:29, Robert Hudson  wrote:
>>
>>>
>>>
>>> -- Forwarded message -
>>> From: ITPA President 
>>> Date: Wed, 10 Apr 2019 at 20:27
>>> Subject: Fwd: PJCIS: REVIEW OF THE MANDATORY DATA RETENTION REGIME,
>>> INVITATION TO MAKE A SUBMISSION
>>> To: 
>>>
>>>
>>> FYI
>>>
>>> -- Forwarded message -
>>> From: Little, Robert (REPS) 
>>> Date: Fri, 5 Apr 2019 at 13:23
>>> Subject: PJCIS: REVIEW OF THE MANDATORY DATA RETENTION REGIME,
>>> INVITATION TO MAKE A SUBMISSION
>>> To:
>>>
>>>
>>> *PARLIAMENTARY JOINT COMMITTEE ON INTELLIGENCE AND SECURITY*
>>>
>>> *REVIEW OF THE MANDATORY DATA RETENTION REGIME*
>>>
>>> *INVITATION TO MAKE A SUBMISSION*
>>> The Parliamentary Joint Committee on Intelligence and Security has
>>> commenced a review of the mandatory data retention regime proscribed by
>>> Part 5-1A of the *Telecommunications (Interception and Access) Act 1979
>>> (TIA Act).*  On
>>> behalf of the Committee I am writing to invite you to make a submission to
>>> the Committee’s review.
>>> The mandatory data retention regime is a legislative framework which
>>> requires carriers, carriage service providers and internet service
>>> providers to retain a defined set of telecommunications data for two years,
>>> ensuring that such data remains available for law enforcement and national
>>> security investigations.
>>> Section 187N of the TIA Act provides for the review and requires the
>>> Committee to report by 13 April 2020. Terms of reference are available
>>> here
>>> 
>>> .
>>> The Committee has resolved to focus on the following aspects of the
>>> legislation:
>>>
>>>- the continued effectiveness of the scheme, taking into account
>>>changes in the use of technology since the passage of the Bill;
>>>- the appropriateness of the dataset and retention period;
>>>- costs, including ongoing costs borne by service providers for
>>>compliance with the regime, any potential improvements to oversight,
>>>including in relation to journalist information warrants;
>>>- any regulations and determinations made under the regime;
>>>- the number of complaints about the scheme to relevant bodies,
>>>including the Commonwealth Ombudsman and the Inspector-General of
>>>Intelligence and Security;
>>>- security requirements in relation to data stored under the regime,
>>>including in relation to data stored offshore;
>>>- any access by agencies to retained telecommunications data outside
>>>the TIA Act framework, such as under the Telecommunications Act 1997; and
>>>- developments in international jurisdictions since the passage of
>>>the Bill.
>>>
>>> *Making a submission*
>>> The Committee invites written submissions addressing any or all of
>

Re: [AusNOG] Fwd: PJCIS: REVIEW OF THE MANDATORY DATA RETENTION REGIME, INVITATION TO MAKE A SUBMISSION

2019-06-21 Thread Paul Wilkins 
Submissions close 1st July for those so foolhardy as to throw their random
stream of consciousness into the void of Dep't Home Affairs' accountability.

And when you throw your random stream of consciousness into the void, the
void throws its random stream of consciousness back at you, or something.

Kind regards

Paul Wilkins

On Sat, 13 Apr 2019 at 11:26, Paul Wilkins  wrote:

> I raised the point in my PJCIS submissions regarding the Assistance and
> Access Act, that TANs/TCNs are potentially sufficient grounds to serve as
> authorisation under s280/s313 of the Telecommunications Act for the access
> of Data Retention datasets, and so provide the necessary enabling
> legislation for law enforcement to institute access to metadata datastreams.
>
> I had thought with the election announced, there'd be some respite from
> this rinse/repeat cycle of calling for public submissions. Just when you
> thought it was safe to go back in the water.
>
> Kind regards
>
> Paul Wilkins
>
>
> On Fri, 12 Apr 2019 at 19:29, Robert Hudson  wrote:
>
>>
>>
>> -- Forwarded message -
>> From: ITPA President 
>> Date: Wed, 10 Apr 2019 at 20:27
>> Subject: Fwd: PJCIS: REVIEW OF THE MANDATORY DATA RETENTION REGIME,
>> INVITATION TO MAKE A SUBMISSION
>> To: 
>>
>>
>> FYI
>>
>> -- Forwarded message -
>> From: Little, Robert (REPS) 
>> Date: Fri, 5 Apr 2019 at 13:23
>> Subject: PJCIS: REVIEW OF THE MANDATORY DATA RETENTION REGIME, INVITATION
>> TO MAKE A SUBMISSION
>> To:
>>
>>
>> *PARLIAMENTARY JOINT COMMITTEE ON INTELLIGENCE AND SECURITY*
>>
>> *REVIEW OF THE MANDATORY DATA RETENTION REGIME*
>>
>> *INVITATION TO MAKE A SUBMISSION*
>> The Parliamentary Joint Committee on Intelligence and Security has
>> commenced a review of the mandatory data retention regime proscribed by
>> Part 5-1A of the *Telecommunications (Interception and Access) Act 1979
>> (TIA Act).*  On
>> behalf of the Committee I am writing to invite you to make a submission to
>> the Committee’s review.
>> The mandatory data retention regime is a legislative framework which
>> requires carriers, carriage service providers and internet service
>> providers to retain a defined set of telecommunications data for two years,
>> ensuring that such data remains available for law enforcement and national
>> security investigations.
>> Section 187N of the TIA Act provides for the review and requires the
>> Committee to report by 13 April 2020. Terms of reference are available
>> here
>> 
>> .
>> The Committee has resolved to focus on the following aspects of the
>> legislation:
>>
>>- the continued effectiveness of the scheme, taking into account
>>changes in the use of technology since the passage of the Bill;
>>- the appropriateness of the dataset and retention period;
>>- costs, including ongoing costs borne by service providers for
>>compliance with the regime, any potential improvements to oversight,
>>including in relation to journalist information warrants;
>>- any regulations and determinations made under the regime;
>>- the number of complaints about the scheme to relevant bodies,
>>including the Commonwealth Ombudsman and the Inspector-General of
>>Intelligence and Security;
>>- security requirements in relation to data stored under the regime,
>>including in relation to data stored offshore;
>>- any access by agencies to retained telecommunications data outside
>>the TIA Act framework, such as under the Telecommunications Act 1997; and
>>- developments in international jurisdictions since the passage of
>>the Bill.
>>
>> *Making a submission*
>> The Committee invites written submissions addressing any or all of
>> the areas of focus for the Committee’s inquiry. Submissions should clearly
>> identify which areas of focus are being addressed.
>> Prospective submitters are advised that any submission to the Committee’s
>> inquiry must be prepared solely for the inquiry and should not be published
>> prior to being accepted by the Committee. Documents do not attract
>> parliamentary privilege until they are accepted by the Committee. Documents
>> submitted during the election period will be held by the Secretariat and
>> provided to the Committee as established in the 46th Parliament.
>> Submissions are requested by *1 July 2019*. Further information about
>> making a submission to a parliamentary committee inquiry is available
>> here
>> 
>> .
>> Regards
>>
>> Robert
>>
>> *Robert Little** |* *Inquiry Secretary*
>> *Parliamentary Joint Committee on Intelligence and Security*
>> *Department of the House of Representatives*
>> PO Box 6021 | Parliament House | Canberra ACT 2600
>> Ph. (02) 6277 4589 | *www.aph.gov.a

Re: [AusNOG] Fwd: PJCIS: REVIEW OF THE MANDATORY DATA RETENTION REGIME, INVITATION TO MAKE A SUBMISSION

2019-04-12 Thread Paul Wilkins 
I raised the point in my PJCIS submissions regarding the Assistance and
Access Act, that TANs/TCNs are potentially sufficient grounds to serve as
authorisation under s280/s313 of the Telecommunications Act for the access
of Data Retention datasets, and so provide the necessary enabling
legislation for law enforcement to institute access to metadata datastreams.

I had thought with the election announced, there'd be some respite from
this rinse/repeat cycle of calling for public submissions. Just when you
thought it was safe to go back in the water.

Kind regards

Paul Wilkins


On Fri, 12 Apr 2019 at 19:29, Robert Hudson  wrote:

>
>
> -- Forwarded message -
> From: ITPA President 
> Date: Wed, 10 Apr 2019 at 20:27
> Subject: Fwd: PJCIS: REVIEW OF THE MANDATORY DATA RETENTION REGIME,
> INVITATION TO MAKE A SUBMISSION
> To: 
>
>
> FYI
>
> -- Forwarded message -
> From: Little, Robert (REPS) 
> Date: Fri, 5 Apr 2019 at 13:23
> Subject: PJCIS: REVIEW OF THE MANDATORY DATA RETENTION REGIME, INVITATION
> TO MAKE A SUBMISSION
> To:
>
>
> *PARLIAMENTARY JOINT COMMITTEE ON INTELLIGENCE AND SECURITY*
>
> *REVIEW OF THE MANDATORY DATA RETENTION REGIME*
>
> *INVITATION TO MAKE A SUBMISSION*
> The Parliamentary Joint Committee on Intelligence and Security has
> commenced a review of the mandatory data retention regime proscribed by
> Part 5-1A of the *Telecommunications (Interception and Access) Act 1979
> (TIA Act).*  On
> behalf of the Committee I am writing to invite you to make a submission to
> the Committee’s review.
> The mandatory data retention regime is a legislative framework which
> requires carriers, carriage service providers and internet service
> providers to retain a defined set of telecommunications data for two years,
> ensuring that such data remains available for law enforcement and national
> security investigations.
> Section 187N of the TIA Act provides for the review and requires the
> Committee to report by 13 April 2020. Terms of reference are available
> here
> 
> .
> The Committee has resolved to focus on the following aspects of the
> legislation:
>
>- the continued effectiveness of the scheme, taking into account
>changes in the use of technology since the passage of the Bill;
>- the appropriateness of the dataset and retention period;
>- costs, including ongoing costs borne by service providers for
>compliance with the regime, any potential improvements to oversight,
>including in relation to journalist information warrants;
>- any regulations and determinations made under the regime;
>- the number of complaints about the scheme to relevant bodies,
>including the Commonwealth Ombudsman and the Inspector-General of
>Intelligence and Security;
>- security requirements in relation to data stored under the regime,
>including in relation to data stored offshore;
>- any access by agencies to retained telecommunications data outside
>the TIA Act framework, such as under the Telecommunications Act 1997; and
>- developments in international jurisdictions since the passage of the
>Bill.
>
> *Making a submission*
> The Committee invites written submissions addressing any or all of
> the areas of focus for the Committee’s inquiry. Submissions should clearly
> identify which areas of focus are being addressed.
> Prospective submitters are advised that any submission to the Committee’s
> inquiry must be prepared solely for the inquiry and should not be published
> prior to being accepted by the Committee. Documents do not attract
> parliamentary privilege until they are accepted by the Committee. Documents
> submitted during the election period will be held by the Secretariat and
> provided to the Committee as established in the 46th Parliament.
> Submissions are requested by *1 July 2019*. Further information about
> making a submission to a parliamentary committee inquiry is available here
> 
> .
> Regards
>
> Robert
>
> *Robert Little** |* *Inquiry Secretary*
> *Parliamentary Joint Committee on Intelligence and Security*
> *Department of the House of Representatives*
> PO Box 6021 | Parliament House | Canberra ACT 2600
> Ph. (02) 6277 4589 | *www.aph.gov.au/pjcis* 
>
> *Facebook:* @AusHouseofRepresentatives
>  | *Twitter:* @
> AboutTheHouse 
> Don’t take your organs to heaven, heaven knows we need them here. Register
> to be an organ donor *here.*
> 
>
>
>
>
>
>
>
>
> --
> Regards,
>
> Robert Hudson
> President, ITPA
> presid...@itpa.org.au
> 0408 860 595
> ___