news Australia’s highest-ranking cybercrime police officer yesterday acknowledged he had not followed the controversial news which broke in June that the nation’s largest telco Telstra had been archiving the web browsing activity of its users, despite the fact that his organisation, the Australian Federal Police, received requests by concerned citizens to investigate the issue.
In June it was revealed that Telstra was developing a new cyber safety tool dubbed ‘Smart Controls’, using technology from US company Netsweeper to build an Internet database that would allow customers of its broadband services to set categories of content which their children could access online. A spokeswoman for the telco at the time said the system had “absolutely nothing to do” with Telstra’s marketing or billing divisions, but was a new platform which Telstra would offer parents to help manage their children’s use of the Internet.
However, a number of Telstra customers expressed concern after it was found that Telstra had been developing the system’s database partly by archiving web addresses visited by users of its Next G mobile network, with the data heading offshore to be stored in the US. Greens Senator and Communications Spokesperson Scott Ludlam issued a terse request on Twitter to Telstra to explain the behaviour, and the Pirate Party issued an extensive statement stating that it was “outraged” at what it described as Telstra’s “underhanded scheme”. Electronic Frontiers Australia also publicly complained about the issue, and Telstra eventually announced it had canned the scheme, following the public outcry.
Speaking in a Senate Estimates committee hearing yesterday (the video is available online), Ludlam referred to the issue in a session with Neil Gaughan, the National Manager of the Australian Federal Police’s High-Tech Crime Operations. Gaughan is an extremely high-profile figure in Australia’s cybercrime law enforcement community, frequently appearing before Parliament and collaborating with the Federal Attorney-General’s Department in the development of police in areas such as cybercrime, Internet filtering (including the much more limited version of Labor’s controversial Internet filter policy which Telstra and Optus have implemented) and copyright infringement.
“Are you aware Telstra were recently logging all 3G users’ web access over their mobile network and were sending the information to an overseas server for the development of some kind of new filtering product?” asked Ludlam. “There have been suggestions that this behaviour by Telstra was in breach of the [Telecommunications (Interception and Access)] act and warranted investigation by the Federal Police. Can you fill us in: firstly, are you aware of the breach I am referring to?”
Gaughan responded: “Senator, this is the first I have heard of that, and I am in regular contact with Telstra … It is the first I have heard of the data breach.”
Ludlam referred to Gaughan’s response as “interesting”, pointing out that he was aware that a number of Australians did make complaints to the Australian Federal Police on the matter.
“It was effectively transferring traffic on Telstra’s network to a cloud-hosting provider in the United States, which then potentially exposed Australian data to the Patriot Act, which obviously has very different ideas around privacy protection than we do here,” Ludlam said. “A number of constituents that I am aware of did receive traffic back from the AFP saying, ‘We have to prioritise. Our case load is very heavy; we will not be investigating this one.’ But, if you are not aware of that, I might come back to that later and give you some material to work with.”
At the time, the Federal Privacy Commissioner told ZDNet that it was making inquiries with Telstra about the tracking issue, but would not say at the time whether an investigation would be launched into the issue.
I find Gaughan’s lack of awareness about the Telstra logging issue quite disturbing. On the one hand, the police officer – Australia’s top cybercrime cop – is working closely with Telstra, Optus and Federal Government departments such as the Attorney-General’s Department and the Department of Broadband, Communications and the Digital Economy on issues such as helping the telcos to implement voluntary Internet filtering of child pornography. Yet when one of those same telcos is enmeshed in a damaging public controversy after it has been found to be logging the Internet traffic of its users – a potential breach of telecommunications laws – and a number of Australian citizens complain directly to the AFP about it – Gaughan knows nothing about it … despite the fact that the issue was reported widely by both the mainstream and specialist media.
Gaughan’s admission yesterday in the Senate Estimates committee gives the impression that he may be somewhat distanced from current events in Australia’s Internet community, despite the fact that they are directly pertinent to his role, and also that he may be distanced from community engagement in his area at the Australian Federal Police. This isn’t an ideal situation. I would expect a top law enforcement officer, who is directly engaged in helping to guide and implement government policy, to have his ear a little closer to the ground.
Image credit: Australian Parliament