Privacy advocates are up in arms after revelations that Australian law enforcement authorities are trawling through the metadata of thousands of mobile phone users -- revealing their location and identity -- regardless of whether they are under investigation or not.
A Fairfax Media report found that government authorities had requested metadata from telco providers in what's known as a 'tower dump' -- acquiring data from mobile phone towers about the location and activity of mobile phone devices that connect to them over a specified time period. Mobile phones transmit data to towers whether or not a person is making a phone call.
NSW Police told the media outlet it had used the practice as investigative tool, while a number of telcos confirmed they had received requests for metadata from government agencies.
"Looking at cell tower data gives anyone who’s interested a rough approximation of your location," Swinburne University's Philip Branch told Business Spectator.
"If someone is evading police is will give a rough approximation; they can also perhaps put together some sort of evidence around if someone receives a phone call and then makes a dash immediately after," Dr Branch said.
However, privacy advocates are concerned about the use of the practice in 'fishing expeditions' that net the data of thousands of innocent people.
WA Senator Scott Ludlam, an outspoken advocate for online privacy, told Fairfax Media that a lawful warrants process should be introduced around the practice.
“It’s another example where [agencies] are collecting the entire haystack in order to find the needle,” Senator Ludlam told the media outlet.
According to Electronic Frontiers Australia, any government authority with some role in law enforcement or that collects public money -- such as city councils and the RSPCA -- is able to lawfully undertake tower dumps under the Telecommunications (Interception and Access) Act 1979.
Last year Wyndham City Council came under fire for using the practice to monitor residents for small infringements such as littering, unauthorised advertising and unregistered pets.
The Act is currently under review by the Senate Legal and Constitutional Affairs References Committee.
EFA executive officer Jon Lawrence said the legislation currently does not provide sufficient regulation around interception of mobile phone metadata.
"We’re not opposed to surveillance per se, what we’re concerned about is the ubiquitous vacuuming up of data that has serious risks," Mr Lawrence said.
"It allows them to go on a fishing expedition and that’s really worrying and very difficult to justify in anything but the most extreme circumstances."
Mr Lawrence said the practice should only be allowed in the most serious of criminal investigations and should be restricted to certain organisations.
"It's clearly open to far too wide a range of organisations," he said.
"The RSPCA, Wyndham City Council and Australia Post have used this power. That needs to be tightened up quite dramatically and I believe law enforcements have actually called for that.
"There are no requirements on these organisations to delete the data and there's a real danger of people's privacy getting trampled over. Also presumption of innocence is being turned on its head."
The revelations come as Federal Attorney-General George Brandis is set to introduce legislation into parliament next week that would increase the powers of national spy agencies.
A separate bill to establish a mandatory data collection regime requiring telcos to store customer metadata for up to two years is also due to be introduced.
The legislation is being formed in response to a report from the joint committee on intelligence and security, which was released in May last year.