Data retention creep: Border Force granted metadata access

The Federal Government this week has given its newly formed Australian Border Force the power to access metadata stored under Data Retention laws, in what has been labelled as the first example of "scope creep" under the scheme.

In March this year, the both major parties of the Federal Parliament voted to pass mandatory data retention laws that would require Australian ISPs and telecommunications providers to store metadata on all their customers for two years.

The Coalition previously ""="" shortcode="link" asset-type="article" uuid="dfbc3dce-71de-4129-b8f8-03966aa2a615" slug="metadata-retention-laws-introduced-to-parliament" link-text="insisted that the bill would " section="news" title="Metadata retention laws introduced to parliament" edition="us" data-key="link_bulk_key" api="{"id":"dfbc3dce-71de-4129-b8f8-03966aa2a615","slug":"metadata-retention-laws-introduced-to-parliament","contentType":null,"edition":"us","topic":{"slug":"online"},"metaData":{"typeTitle":null,"hubTopicPathString":"Tech^Services and Software^Online","reviewType":null},"section":"news"}"> the number of enforcement agencies with the ability to access retained metadata. However, this week the Government quietly expanded access with the introduction of a completely new bill.

The change has been slammed by critics as an example of the Government's power to slowly change the strength and scope of its enforced Data Retention scheme, quietly beefing up the powers of Government agencies to surveil Australian citizens.

Among a vast array of amendments, new legislation officially establishing the Australian Border Force [PDF] includes an amendment to the Telecommunications (Interception and Access) Act that adds the Immigration and Border Protection Department to the list of enforcement agencies with access to metadata.

Greens Senator Scott Ludlam said the change "sidesteps" previously enshrined processes, which required the Attorney-General to declare any new agencies granted the power to access metadata before being approved by the Parliamentary Joint Committee on Intelligence and Security.

"Senator Brandis made a great show of narrowing the range of agencies that would be able to access this collected material; and here we are in parliament, on the very next sitting week after that mandatory data retention bill passed, and the first example of scope creep lies on the table," he said in a speech to the Senate this week. "It gives me absolutely no pleasure to say 'we told you so', but we did."

Senator Ludlam chastised the Labor Party for "waving this bill through as non-controversial" saying that it grants the power for border control authorities to "scrape" the communications of its employees, as well as journalists, asylum seekers and indeed anybody in the country.

The Greens Senator also raised the question of security of private information handed over to the Border Force, given "its terrible history of securing its own data"

"The Immigration Department last year accidentally disclosed the personal details of nearly 10,000 asylum seekers in one of the largest data breaches in Australian history," he said.

"You say if they have nothing to hide they have nothing to fear. But people do have things to fear from the Iranian secret police, or the Sri Lankan government or the Taliban...Now the successor agency to the one that let that material walk out the door and remain on a public website for days is asking to be able to access all Australians' private records as well.

Senator Ludlam said it was "extremely distressing" to learn that the "narrow checks and balances" written into the original Data Retention legislation were now being circumvented in another bill.

"We are going to need to keep a very careful watch on any machinery-of-government change that adds or subtracts or merges or demerges government departments to see if these kinds of riders are going to be contained in it," he said.