Police & criminals

Police online dumps

Data concerns: Law enforcement agencies are conducting ‘tower dumps’ to find criminals. AUSTRALIAN POLICE TRAWL PHONE DATA OF THOUSANDS.  Ben Grubb and Emma Partridge July 7, 2014.    Download a complete copy of the article by clicking on: AUSTRALIAN POLICE TRAWL PHONE DATA OF THOUSANDS

Australian federal and state police are ordering phone providers to hand over personal information about thousands of mobile phone users, whether they are targets of an investigation or not.  Fairfax Media has confirmed Australian law-enforcement agencies are using a technique known as a “tower dump”, which gives police data about the identity, activity and location of any phone that connects to targeted cell towers over a set span of time, generally an hour or two.

A typical dump covers multiple towers, and mobile providers, and can net information about thousands of mobile phones.  The dumps are usually used in circumstances when police have few leads and can be a useful, powerful tool in tracking down criminals.  But privacy advocates say that while they may be helpful to police, they also target thousands of innocent people and don’t have any judicial oversight.  In addition to no warrant being required to request a tower dump containing the mobile phone data of thousands of people to track down one or more criminals involved in a crime, privacy advocates also question what is being done to the data collected once an investigation is complete.  USA Today initially reported how US law-enforcement agencies were using the tower dump tactic earlier this year.  (Read below)

NSW Police, Victoria Police and the Australian Federal Police all declined to comment.  But Fairfax Media has been able to confirm that “tower dumps” were an investigation tool often used by NSW Police.  A NSW Police spokesman said it would “not comment” on its “operational capabilities”.  Victoria Police wouldn’t discuss tower dumps either, saying it did not comment on “police methodology”.  And the Australian Federal Police also said it would not comment on its “technical capabilities”.  Some phone companies receiving the requests, however, admitted that tower dumps occurred.

“On occasion mobile network operators receive requests from Australian law-enforcement agencies to provide communications information from a specific tower,” a Vodafone spokeswoman told Fairfax. “These requests usually cover short periods and the information provided is only metadata.” Metadata is information about the time, duration and destination of calls but not their content. Metadata can also include location data about a mobile phone, even when it’s not on a call. Telstra wouldn’t say whether it received tower dump requests but believed they were lawful. “A request for non-content information on the use of a particular tower during a specified period of time may be lawful under certain circumstances,” a Telstra spokeswoman said.

Meanwhile, Optus would not comment on the tower dump practice at all, saying instead that it assisted “law-enforcement and national security agencies as required in the legislation…”  Greens Party spokesman for communications, Scott Ludlam, said this was the first time the practice of tower dumps had been confirmed to occur in Australia.  “It’s another example where [agencies] are collecting the entire haystack in order to find the needle,” Senator Ludlam said in an interview with Fairfax.  “What we’ve seen with other techniques like this is there is no requirement to destroy the material that is collected incidentally after an investigation is complete,” Senator Ludlam said. He added that he would like to see more transparency around what type of crime needed to be committed in order for tower dumps to occur.

“What we need is transparency as to what’s being done and who is doing it,” he said. “Ultimately I think we need a lawful warranting process to start to apply to [requests for data] like this.”  Although the Attorney-General’s Department releases a once-a-year report detailing how many requests are made to telecommunications companies for metadata in Australia, it’s unclear whether a tower dump is counted as one metadata request or otherwise.  Considering thousands of users are affected by tower dumps, Ludlam argues that they should count for the number of those who are affected.  Around 330,000 requests for metadata were made by law-enforcement agencies in 2012-13, according to the latest report published by the Attorney-General’s Department.



HANNAH FRANCIS   JULY 07, 2014 11:45AM

Privacy advocates are up in arms after revelations that Australian law enforcement authorities are trawling through the metadata of thousands of mobile phone users — revealing their location and identity — regardless of whether they are under investigation or not.   A Fairfax Media report found that government authorities had requested metadata from telco providers in what’s known as a ‘tower dump’ — acquiring data from mobile phone towers about the location and activity of mobile phone devices that connect to them over a specified time period. Mobile phones transmit data to towers whether or not a person is making a phone call.

NSW Police told the media outlet it had used the practice as investigative tool, while a number of telcos confirmed they had received requests for metadata from government agencies.  “Looking at cell tower data gives anyone who’s interested a rough approximation of your location,” Swinburne University’s Philip Branch told Business Spectator.  “If someone is evading police is will give a rough approximation; they can also perhaps put together some sort of evidence around if someone receives a phone call and then makes a dash immediately after,” Dr Branch said.

However, privacy advocates are concerned about the use of the practice in ‘fishing expeditions’ that net the data of thousands of innocent people.  WA Senator Scott Ludlam, an outspoken advocate for online privacy, told Fairfax Media that a lawful warrants process should be introduced around the practice.  “It’s another example where [agencies] are collecting the entire haystack in order to find the needle,” Senator Ludlam told the media outlet.  According to Electronic Frontiers Australia, any government authority with some role in law enforcement or that collects public money — such as city councils and the RSPCA — is able to lawfully undertake tower dumps under the Telecommunications (Interception and Access) Act 1979.

Last year Wyndham City Council came under fire for using the practice to monitor residents for small infringements such as littering, unauthorised advertising and unregistered pets.  The Act is currently under review by the Senate Legal and Constitutional Affairs References Committee.  EFA executive officer Jon Lawrence said the legislation currently does not provide sufficient regulation around interception of mobile phone metadata.  “We’re not opposed to surveillance per se, what we’re concerned about is the ubiquitous vacuuming up of data that has serious risks,” Mr Lawrence said.

“It allows them to go on a fishing expedition and that’s really worrying and very difficult to justify in anything but the most extreme circumstances.”  Mr Lawrence said the practice should only be allowed in the most serious of criminal investigations and should be restricted to certain organisations.  “It’s clearly open to far too wide a range of organisations,” he said.  “The RSPCA, Wyndham City Council and Australia Post have used this power. That needs to be tightened up quite dramatically and I believe law enforcements have actually called for that.

“There are no requirements on these organisations to delete the data and there’s a real danger of people’s privacy getting trampled over. Also presumption of innocence is being turned on its head.”  The revelations come as Federal Attorney-General George Brandis is set to introduce legislation into parliament next week that would increase the powers of national spy agencies.  A separate bill to establish a mandatory data collection regime requiring telcos to store customer metadata for up to two years is also due to be introduced.  The legislation is being formed in response to a report from the joint committee on intelligence and security, which was released in May last year.


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.