After failing to do so when the committee called for submissions earlier this year, the Australian Federal Police (AFP) submitted a request to the Parliamentary Joint Committee on Intelligence and Security (PJCIS) for its review of the nation’s pending Telecommunications Legislation Amendment (International Development Orders) Bill 2020 (IPO Bill).
The review sought to determine whether the IPO Bill, as drafted, is fit for purpose and appropriately addresses issues such as human rights in granting access to data on communications held overseas, specifically in the US.
The IPO Bill is intended to amend the Telecommunications (Interception and Access) Act 1979 (TIA Act) to create a mechanism for Australian agencies to obtain access to stored telecommunications data from international licensed communications providers in countries that have an Australian arrangement, and vice versa.
In order to implement the US Clarifying Lawful Overseas Use of Data Act (the CLOUD Act), the Bill is a precondition for Australia to obtain a proposed bilateral agreement with the United States.
In appearing earlier this month before the PJCIS, the AFP announced it had provided US telecommunications carriers with 44 data requests in 2019 to support investigations.
This received testimony that the current Mutual Assistant Request (MAR) process had made a total of 209 requests over the past five years.
In its [PDF] submission, which also served as a answer to questions taken on notice during the hearing, AFP further outlined its MAR past, disclosing that, from 1 July 2014 to 30 June 2019, 98 of its MARs had directly requested communications data from U.S. communications service providers (CSPs).
Of those 98, 91 have sought internet content data and internet non-content data, such as subscriber and traffic information. Six MARs requested internet data only for non-content, and one MAR requested subscriber data for telephone information.
“Although the type of assistance requested under a MAR is not classified in the same way as the IPO Bill (i.e. surveillance, communications data stored or telecommunications data), the above MARs will be classified as either ‘stored communications data’ or ‘telecommunications data’ under the IPO law,” wrote AFP. “None of those interception demands”
Of the 98 MARs, 29 were related to drug offenses, 26 were related to terrorism offenses, 24 were related to child sex offenses, 11 were related to money laundering, four were related to international bribery, three were related to human trafficking and one was identified as a “spectrum of extreme, unspecified offenses.”
One MAR may contain various forms of crime, and various CSPs can also look for data retained by a single MAR.
Deputy commissioner Karl Kent of Specialist and Support Operations at the AFP, repeating remarks made by others speaking before the committee, said the current MAR mechanism can sometimes cause considerable delays to investigations.
“We rely heavily on our Mutual Assistant Request scheme, which was introduced in 1987 when the internet was, of course, in its infancy, for accessing information beyond our borders,” Kent told the PJCIS.
He also said that the nature of the existing MAR process has actively discouraged its use and that by comparison, he expected the powers granted under the IPO Bill to be used more frequently.
“We wouldn’t be in a position to provide an exact figure of how many times it will be used … if we look at the existing phase there are 44 requests submitted in 2019, and we’d expect a substantial increase — I think it’s magnitude orders greater than 44 and it’s likely to increase over time as the phase ‘s familiarity and our investigators increased,” he said at the time.
The AFP used its submission for detailed case studies where it used the MAR method. It also highlighted where the powers of the IPO Bill to assist investigations would be better equipped.
The AFP said it is currently investigating an Australian person who has used a domain and related services to build, advertise, and sell malware, specifically a remote access trojan (RAT).
“While similar to the legitimate RAT software used by ICT helpdesks to serve remote clients, the RAT differed in that it contained unlawful features such as covert deployment, covert webcam operation and keylogging,” explained the AFP.
“The AFP first approached the Australian Central Authority in November 2018 to make a MAR in this matter. As of April 2020, the request remains ongoing and so far no material has been received.”
The AFP said the international provider was told not to offer email content unless it could show that the particular emails it requested were specifically linked to the offence.
“It in turn allowed the AFP to procure from the foreign provider the proof it needed before we could reach the evidentiary requirement for that information to be published under a MAR,” the AFP wrote.
“The data will only be kept by the telecommunications company concerned for 360 days before that data is destroyed. Under current MAR arrangements this may be insufficient time to secure the data.”
The AFP said it was sure for this particular investigation that there were “fair grounds to presume” that the US provider had information applicable to the full scope of the actions of the alleged offender. It clarified that if it had been able to receive an IPO from an Australian issuing authority, it would have made applications to the Australian Central Authority and then directly to the international service provider “much quicker” so that relevant content data could be supplied in order to begin the investigation with “less time for the risk of the person moving infrastructure to obstruct law”.
The AFP added that the ability to acquire evidence more quickly would also allow it to apprehend suspected criminals and ensure that international evidence needed for trial is available in time for the AFP to deliver briefs to the court.
Under the current domestic framework, an AFP authorized officer may access telecommunications data under the Interception and Access Act, but in order to obtain an IPO for telecommunications data under the IPO Bill scheme, an issuing authority would have to approve the AFP.
When asked earlier this month if it was unfair for the IPO applications to have an independent search but none for when AFP was seeking access to data kept in Australia, Kent said it was a requirement provided by the United States.
“It is my understanding that it is a US necessity that explains the need for that degree of authorisation to make them comfortable with the fact that their communications providers will receive an order directly,” he said.
Expert Reaction On Millions of LiveAuctioneers Passwords for Sale
Researchers at CloudSEK claim to have found evidence of the sale of a database containing 3.4 million users of online art and antique auction website.
Security firm G4S fined by Serious Fraud Office
Security firm G4S has been fined £44m by the Serious Fraud Office (SFO) as part of an agreement that will see it avoid prosecution for overcharging the Ministry of Justice for the electronic tagging of offenders, some of whom had died.
The SFO said G4S had accepted responsibility for three counts of fraud that were carried out in an effort to “dishonestly mislead” the government, in order to boost its profits.
Source: The Guardian
Highly-Critical SAP bug that could let attackers take over corporate servers patched
SAP has patched a critical vulnerability impacting the LM Configuration Wizard component in NetWeaver Application Server (AS) Java platform, allowing an unauthenticated attacker to take control of SAP applications.
The bug, dubbed RECON and tracked as CVE-2020-6287, is rated with a maximum CVSS score of 10 out of 10, potentially affecting over 40,000 SAP customers, according to cybersecurity firm Onapsis, which uncovered the flaw.
Source: The Hacker News
Educational Tool HistoryMaker VR Steps Onto Steam in August
PSVR Exclusive Iron Man VR Hangs Onto Top 10 In UK Sales Charts
2021 Ford Bronco First Edition reservations sell out, Bronco website overwhelmed
2021 Ford Bronco Sport vs Jeep Cherokee, Compass Trailhawks | How they compare on paper
Firmament’s 2020 Launch ‘Wildly Optimistic’, now Expected in 2022
Royal Bank of Scotland’s Tyl Contactless Payment Service Reports Solid Uptake
The mother Korean Air’s infamous ‘nut rage’ executive was convicted of assaulting her chauffeur
Square Announces Acquisition of Operations Management Platform Stitch Labs
BANK OF AMERICA: Buy these 7 pharma stocks now as they race to develop COVID-19 treatments and vaccines
2021 Ford Bronco trim breakdown | All seven trims and how they differ
The Canadian biotech Medicago is betting it can make a coronavirus vaccine out of plants, and it just started testing it in humans
6 in 10 US workers support going back to in-person learning in the fall, but a lot of people are worried schools aren’t ready
Under Thomas Kurian, Google Cloud is announcing some heavyweight enterprise customers and it’s a good sign for his ultimate ambitions (GOOG, GOOGL)
Update: Snowball Money Hits $600,000 Maximum Funding Goal Reached on Republic
Fintech in Need of Finance? Report States COVID-19 May Necessitate £825 Million in New Financing
Delta posts second-quarter net loss of $5.7 billion, biggest in more than a decade, driven by coronavirus
Coronavirus updates: Hong Kong grapples with new cluster; U.K. study says immunity may wane after two months
Citigroup is set to report second-quarter earnings. Here’s what Wall Street expects
JPMorgan shares jump after record trading revenue drives stronger-than-expected second quarter profit
Amazon is rolling out grocery carts that let shoppers skip checkout lines, bag their groceries and walk out
VC Funding – Outlook Bumpy, But Some Optimism
Pricefx raises $65M Series C for its cloud-based pricing software
UofL and Penn State bring immersion to education
Liteboxer, the Peloton for boxing, enters the ring
Valor Equity Partners passes $1bn in fifth flagship fundraise
India’s Flipkart secures $1.2 billion from Walmart and other shareholders
Here’s a breakdown of Delta’s Q2 earnings results
Here’s a breakdown JPMorgan’s Q2 earnings results
UK Fintech Lanistar Secures £15 Million in Additional Capital to Support Upcoming Launch this Year
Align Capital follows $450m Fund II close with deal for PE-backed-business advisory firm WilliamsMarston
Expert Reaction On Millions of LiveAuctioneers Passwords for Sale
News outlets will digitally watermark content to limit misinformation
Stock futures rise ahead of big bank earnings
Verizon partners with Airtel to launch BlueJeans in India
MAS completes multi-currency blockchain testing
Sterling headed to parity with euro if no Brexit deal is agreed, strategist says
EQT sells Fund VII investment to EQT VIII, IX and TA Associates in €3bn-plus deal
BYD Enviro400EV bus for National Express West Midlands
Covid-19 pandemic has only accelerated trends like lack of inclusion, WEF founder says
WEF founder: Must prepare for an angrier world
Start Ups1 week ago
Elon Musk tweeted a meme of “7 Things Every Kid Needs to Hear”
Business Insider1 week ago
A 36-year-old business owner saw her pandemic sales skyrocket without spending a dime on marketing. Here’s how she tweaked her Etsy shop and used word-of-mouth power to keep revenues high.
Gaming6 days ago
Where to farm Savathun’s Marionettes – Destiny 2
Publications6 days ago
Mary Kay Letourneau: Teacher who married boy she raped dies at 58
Publications1 week ago
Bank of America identifies 3 indicators that could make or break the stock market this summer â and warns they’re all deteriorating fast
Gaming5 days ago
Twitch streamer Ohlana has died by suicide at age 26
Esports7 days ago
Kilo vs M13 Warzone: Which is Better?
Esports7 days ago
Lillia, League of Legends new champion, full reveal