Top cybercop had no idea about Telstra logging


news Australia’s highest-ranking cybercrime police officer yesterday acknowledged he had not followed the controversial news which broke in June that the nation’s largest telco Telstra had been archiving the web browsing activity of its users, despite the fact that his organisation, the Australian Federal Police, received requests by concerned citizens to investigate the issue.

In June it was revealed that Telstra was developing a new cyber safety tool dubbed ‘Smart Controls’, using technology from US company Netsweeper to build an Internet database that would allow customers of its broadband services to set categories of content which their children could access online. A spokeswoman for the telco at the time said the system had “absolutely nothing to do” with Telstra’s marketing or billing divisions, but was a new platform which Telstra would offer parents to help manage their children’s use of the Internet.

However, a number of Telstra customers expressed concern after it was found that Telstra had been developing the system’s database partly by archiving web addresses visited by users of its Next G mobile network, with the data heading offshore to be stored in the US. Greens Senator and Communications Spokesperson Scott Ludlam issued a terse request on Twitter to Telstra to explain the behaviour, and the Pirate Party issued an extensive statement stating that it was “outraged” at what it described as Telstra’s “underhanded scheme”. Electronic Frontiers Australia also publicly complained about the issue, and Telstra eventually announced it had canned the scheme, following the public outcry.

Speaking in a Senate Estimates committee hearing yesterday (the video is available online), Ludlam referred to the issue in a session with Neil Gaughan, the National Manager of the Australian Federal Police’s High-Tech Crime Operations. Gaughan is an extremely high-profile figure in Australia’s cybercrime law enforcement community, frequently appearing before Parliament and collaborating with the Federal Attorney-General’s Department in the development of police in areas such as cybercrime, Internet filtering (including the much more limited version of Labor’s controversial Internet filter policy which Telstra and Optus have implemented) and copyright infringement.

“Are you aware Telstra were recently logging all 3G users’ web access over their mobile network and were sending the information to an overseas server for the development of some kind of new filtering product?” asked Ludlam. “There have been suggestions that this behaviour by Telstra was in breach of the [Telecommunications (Interception and Access)] act and warranted investigation by the Federal Police. Can you fill us in: firstly, are you aware of the breach I am referring to?”

Gaughan responded: “Senator, this is the first I have heard of that, and I am in regular contact with Telstra … It is the first I have heard of the data breach.”

Ludlam referred to Gaughan’s response as “interesting”, pointing out that he was aware that a number of Australians did make complaints to the Australian Federal Police on the matter.

“It was effectively transferring traffic on Telstra’s network to a cloud-hosting provider in the United States, which then potentially exposed Australian data to the Patriot Act, which obviously has very different ideas around privacy protection than we do here,” Ludlam said. “A number of constituents that I am aware of did receive traffic back from the AFP saying, ‘We have to prioritise. Our case load is very heavy; we will not be investigating this one.’ But, if you are not aware of that, I might come back to that later and give you some material to work with.”

At the time, the Federal Privacy Commissioner told ZDNet that it was making inquiries with Telstra about the tracking issue, but would not say at the time whether an investigation would be launched into the issue.

I find Gaughan’s lack of awareness about the Telstra logging issue quite disturbing. On the one hand, the police officer – Australia’s top cybercrime cop – is working closely with Telstra, Optus and Federal Government departments such as the Attorney-General’s Department and the Department of Broadband, Communications and the Digital Economy on issues such as helping the telcos to implement voluntary Internet filtering of child pornography. Yet when one of those same telcos is enmeshed in a damaging public controversy after it has been found to be logging the Internet traffic of its users – a potential breach of telecommunications laws – and a number of Australian citizens complain directly to the AFP about it – Gaughan knows nothing about it … despite the fact that the issue was reported widely by both the mainstream and specialist media.

Gaughan’s admission yesterday in the Senate Estimates committee gives the impression that he may be somewhat distanced from current events in Australia’s Internet community, despite the fact that they are directly pertinent to his role, and also that he may be distanced from community engagement in his area at the Australian Federal Police. This isn’t an ideal situation. I would expect a top law enforcement officer, who is directly engaged in helping to guide and implement government policy, to have his ear a little closer to the ground.

Image credit: Australian Parliament


  1. Can you please put this article into one syllable words so I might better understand it?

    • How about “Australian Federal Police decide to not investigate crimes committed by companies they work with”. This is fun.
      “Feds too busy to investigate crime”
      “Top cop: ‘I know nuffing'”

      There is something seriously wrong with our law enforcement and our Government policy on the internet. Media linking to a site that links to a site that lists websites that may or may not be censored by Gov == massive fines. Violating customer privacy and likely infringement of federal law == nah we couldn’t be bother investigating.

  2. I’m inclined to go with this.

    How about “Australian Federal Police decide to not investigate crimes committed by companies they work with”. This is fun.

  3. How about ‘top fed says no to awareness of area of responsibility re large isp clusterf..k, Delimeter reader says words too big for me please explain in words top feds can understand too’? eg, cat, sat, mat…

  4. This whole thing is a storm in a tea cup.

    Anyone ever used google? Oh yeah, they track everything too.

    All your school records are stored down in Canberra too.

  5. Another high functioning retard in a position of power.

    Just because he can play the government game doesn’t mean he’s suitable for any sort of role. AFP’s “high tech crime unit” is a joke. Bunch of high ranking coppers with little to no real world experience, i’ve applied for both state and federal IT security positions both of which are a joke, scope of job descriptions are so far off the ball its worrying. And managements lack of technical ability really diminishes any crime fighting Potential.

    Atm we’re just throwing cash at govt bureaucrats who are giving jobs to mates. Total joke

    • It is not just those at the top. The press releases from the investigation into the death of the Brazilian student in Sydney raise concerns about the total absence of rational decision making from those at the bottom. It seems the only solution is to award the police greater powers so that such decisions are no longer a problem.

  6. “Telstra eventually announced it had canned the scheme, following the public outcry”

    Who in the fuck is “Telstra”?

    Someone there authorised the decision – who are they?

    What is there personal work phone number?

  7. This is a storm in a tea cup, and not the best reporting by the writer of the article. If you dont think pretty much every major telco in the world does this, at least in some manner, then you are ignorant of how the world and telecommunications works. When you sign up with a major provider, you sign a legal document that gives them the right to do this in accordance with telecommunications and privacy laws. Yes, thats right, within them. The only problem i see here is that Telstra literally transfered the data overseas – thats crossing the line and just silly.

  8. No, it does not. Sorry Renai but you it is you who is factually incorrect. You are incorrectly applying the context of the Interception Act. Im not a supporter of any of this just trying to encourage to more thorough and less alarmist reporting on the subject matter. Given you just refered to that Act in the context of this, its no wonder.

    I’ll tell you this, im a lot more concerned about what Google and Apple collate about me than anything a relatively tiny (think big, even Telstra is tiny) self interested telecommunications provider would have.

  9. It is the senate estimates committee he answered from ,not Q&A.

    He doesnt have to tell the truth ,it wouldnt be politically correct to
    provide the excuse that we asked them to do it because it circumvents
    AU law (only if the poor citizen finds out) ,hence we cannot acknowledge
    that we were involved in this from the beginning .

    What a nefarious creature of habit,and watching you since the birth of the
    internet,soon after the blue box events .

    Laughter is the best medicine ,because you wont hear the truth about this one.

    A poll on this would be interesting ,and the privacy laws it breaks .

    I would bet if this was optus there would be a hefty fine in the mail already .


    They cannot contact Telstra because the call centres are down ,or they cannot understand the operator,or
    they are sick of waiting on hold ?.

Comments are closed.