Australian spookhaus busted for warrantless tap of own phones
Stop laughing: it also messed up civilian telecoms intercepts and is about to get more powers
Australia's Inspector-General of Intelligence and Security (AIGIS) has found that the nation's Australian Security and Intelligence Agency (ASIO) spied on itself in contravention of local laws.
The Inspector-General's Annual Report [PDF] lists breaches of Australia's Telecommunications (Interception and Access) Act (TIA). The most comical breach played out as follows:
“ASIO intercepted, without warrant, calls made from one of its own regional offices due to a technical error. The data was deleted and processes put in place to ensure it does not happen again.”
In one breach of local laws, in this case the ASIO Act that governs the agency's operations, “an incorrectly configured device collected data that was not covered by a warrant over a period of several months.” The data was deleted.
A second breach of the ASIO Act meant “an incorrectly configured device collected data that was not covered by a warrant over a period of several months.”
The report also notes that ASIO has made increased use of “B-party notices”, a mechanism that allows surveillance of people thought to be in contact with those under investigation. That increase was attributed to “a growth in the number of Australians involved in foreign conflicts.”
ASIO conducts lots of operations, certainly more than than three bungled jobs recorded above. But those messes will make waves in Australia because ASIO, and other intelligence agencies, have recently been granted extended powers. The nation's government has also signalled an intention to legislate mandatory metadata retention by internet service providers and carriers.
That plan is opposed by internet service providers, civil libertarians and online rights campaigners. With ASIO demonstrably unable to comply with its governing legislation, those opposing metadata retention now have a powerful case study to present.
If they're balanced in their arguments, they'll also point out that ASIO's bungles came to public attention because of AIGIS' oversight. ®
Sponsored: The Nuts and Bolts of Ransomware in 2016