An article in today’s Australian highlights how local councils are using telephone data to investigate people suspected of littering and having unregistered pets:
Federal surveillance laws enable enforcement agencies — such as police, corruption watchdogs and the Australian Taxation Office — to seize telecommunications data to conduct criminal investigations, enforce fines or protect public revenue. But the laws are increasingly being used by other public bodies, such as local governments and Australia Post, which have collectively made more than 800 self-authorisations for personal data in the past three financial years.
A total of 10,936 authorisations for metadata were made last financial year to enforce fines or protect public revenue, up from 6704 two years earlier.
It’s important to point out the law that allows local councils to collect this data doesn’t compel telecommunications companies to hand it over – at least without a warrant. They can say no. The significant increase in authorisations indicates government authorities are becoming more willing to make an application for data. This should be resisted by companies that value the privacy of their customers – in most cases, they should probably refuse.
But more importantly, government agencies simply shouldn’t have the power to ask for data merely to “protect the public revenue.” Such an exception to the general rule that information cannot be disclosed to third parties is so broad as to justify almost any government agency asking for any data they want. There may be an argument in favour of such a power where police are investigating a crime but even then the better safeguard for privacy is to require a warrant in all cases.
And as I’ve written previously, the proliferation of government agencies collecting our data presents a significant security risk in itself.