Like all telecommunications companies that provide services in Australia, we are required by law to assist Australian Government agencies for defined purposes, such as investigating and solving crimes. We also provide assistance to emergency services agencies in response to life threatening situations and Triple Zero emergency calls.
Part of our obligation is to act on requests under law for our customer information and carriage service records, and warrants for communications travelling over or held in our network. We only disclose customer information in accordance with the law and we assess any request for information to ensure it complies with the law.
Between 1 July 2013 and 30 June 2014, Telstra received and acted on around 85,000 requests for customer information. Typically, a lawful request relates to a set of telecommunications data associated with a single unique service.
|Type of Law Enforcement Request||FY14|
|Telstra customer information, carriage service records and pre-warrant checks||75,448|
|Life threatening situations and Triple Zero emergency calls||6,202|
|Warrants for interception or access to stored communications||2,701|
These figures relate to activities by law enforcement agencies as well as regulatory bodies and emergency services organisations (‘the agencies’) for our business in Australia. They do not include figures on lawful requests for information by national security bodies as reporting figures relating to requests by national security agencies is prohibited under the Telecommunications (Interception and Access) Act 1979.
TYPE OF REQUESTS
Customer information refers to details that appear on a phone bill, such as the customer’s name, address, service number and connection dates. It can include other information we may hold such as a customer’s date of birth and previous address. Carriage service records relate to use of telecommunications services, including call records, SMS records, and internet records. These records include information such as details of a called party, and the date, time and duration of a call.
Internet session information includes the date, time and duration of internet sessions as well as email logs from Bigpond addresses. This does not include URLs. The Government has stated URLs are considered to be content and as such they will only request to access this information under a warrant or other court order.
A pre-warrant check confirms that telecommunication services of interest are still active with Telstra.
Life threatening situations
Telecommunications carriers act on requests from authorised emergency service agencies (e.g. police, fire, ambulance) where the release of customer information could prevent or lessen an imminent threat to the life or health of a person. Information may also be requested by law enforcement agencies where calls to emergency service numbers (i.e. 000, 112 and 106) have taken place.
Court orders such as subpoenas and coronial requests issued by a court or judge require us to provide customer information and carriage service records. Typically, court orders involve a civil dispute that involves individuals or organisations and related telecommunications data is required by the court to adjudicate on the matter.
A warrant is required for an agency to access the content of a communication. Warrants require us to provide the relevant agency with real time access to communications as they are carried over our network (e.g. a lawful interception). Warrants may also compel us to supply the content of communications after it has been delivered.
OTHER TYPES OF DISCLOSURES
Integrated Public Number Database
The Integrated Public Number Database (IPND) is a centralised database of all Australian telephone numbers including the service and directory addresses provided by the customer. The database is managed by Telstra, as required under our carrier licence issued by the Australia Government, and contains numbers from all telecommunications service providers in Australia.
The IPND is used most critically for the operation of the Triple Zero emergency call service and for law enforcement and national security purposes. Relevant agencies are able to access certain information, in particular the name and address associated with a particular phone number. The IPND Code and Telecommunications Act 1997 contain strict provisions on how information on the IPND can be accessed and used.
Between 1 July 2013 and 30 June 2014 the IPND was accessed by agencies approximately 104,000 times, excluding national security agencies. These figures do not relate to information of Telstra customers per se, as the IPND holds data on every phone number from every telecommunications service provider in Australia.
Telstra is an Australian company with a global footprint. Wherever Telstra operates, we have to comply with the laws of the land.
Our international arm, Telstra Global, provides managed network services, international data, voice and satellite services and manages our submarine cable networks and assets. Telstra Global is focused on providing services to large enterprise customers, rather than individual consumers.
Outside of Australia, across all the countries in which Telstra Global operates, we received less than 100 requests for customer information in 2013-14.
Networks and infrastructure
Under Section 313 of the Telecommunications Act, all carriers in Australia are obliged to do their best to prevent their networks and facilities from being used in the commission of a crime.
From time to time Telstra receives requests from Government agencies to take actions at an infrastructure level to prevent a crime. For example, Telstra blocks the Interpol generated ‘worst of the worst’ list of child abuse sites under a Section 313 request.
These network or infrastructure level requests are relatively infrequent and generally do not involve the disclosure of customer information.
FREQUENTLY ASKED QUESTIONS
1. Why does Telstra disclose customer information?
Like all telecommunications companies that provide services in Australia, we are required by law to assist Australian agencies for purposes such as enforcing criminal law, protecting public revenue and safeguarding national security. We also provide assistance to emergency services agencies for reasons such as responding to life threatening situations or dealing with matters relating to Triple Zero emergency calls.
We only disclose customer information in accordance with the law and we assess all requests for information to ensure it complies with the law. When acting on these lawful requests, we seek to never interfere with our customers’ legitimate use and enjoyment of our services.
2. Which agencies have requested customer information?
The relevant legislation in this area prohibits us from providing details of specific requests made by individual agencies for customer information. Additionally, Telstra does not want to do anything that might jeopardise any investigations. The Attorney General’s Department and the Australian
Communications and Media Authority do produce annual reports that provide details of requests at an industry-wide level.
3. Why doesn’t the report include figures relating to national security?
Our understanding of the Attorney-General’s Department’s position on requests by national security agencies is that reporting on these figures is prohibited under the Telecommunications (Interception and Access) Act, 1979. Any enquiries on matters of national security should be directed to the Attorney-General’s Department.
4. Can I find out if my information has been disclosed to a Government agency?
The relevant legislation in this area prohibits us from providing details of specific requests made by individual agencies for customer information. Any enquiries of the activities of Government agencies need to be directed to the agencies themselves.
5. What limits are placed on Australian Government agencies in terms of making requests?
The content of communications between individuals is strictly protected by law and if agencies wish to intercept communications to obtain their content or obtain a copy of the content once the communication has been delivered they need a warrant.
For other information an agency does not necessarily require a warrant but must meet the relevant legislative conditions. For example, the agency must have reasonable grounds to believe that disclosure is reasonably necessary for the enforcement of the criminal law as well as consider the privacy implications associated with the disclosure.
6. How do these issues relate to privacy law?
Under Australian privacy law personal and sensitive information is strictly protected. Consistent with this law, we can only provide customer information to defined Government agencies when we receive a lawful request to do so.
7. Does Telstra ever reject law enforcement requests?
We only disclose customer information in accordance with the law. If a request for information from an agency is invalid or seeks information that can only be obtained via a different process (e.g. requires a warrant and the requester does not have one), we will reject it. One important difference in the law enforcement environment in Australia compared to other countries is that agencies can undertake pre-warrant checks to make sure they are targeting their warrants accurately. This reduces the instances of mistakes leading to a rejection of a warrant.
8. Where can I find more information?
Consumers can find out more information from:
The Attorney-General’s Department on issues of national security and telecommunications interception and access arrangements
The Department of Communications on assistance to agencies under the Telecommunications Act
Information on Australia’s privacy regime at the Office of Australian Information Commissioner
The Australian Communications and Media Authority for information on the IPND