Leading privacy advocates are calling on Australians to pay more attention to how they use their devices, following revelations Australian law enforcement officials are gaining access to the metadata of thousands of mobile phone users, regardless of whether they're under investigation or not.
A Fairfax Media report today said Australian government authorities had requested metadata from telco providers in a process known as “tower dumps,” which have been prevelant in the US but are only now coming to light in Australia.
'Tower dumping' happens when, generally following a crime, law enforcement officials locate nearby mobile reception towers and request all of the call, text, and data transmissions that occurred during the crime from the tower’s provider.
The majority of the data collected by police in fact belongs to individuals with no connection to the crime.
Subjecting yourself to data seizure through tower dumps is easy. Most mobile phone phone activity connects you to a tower in a way that police can collect: making phone calls, texting, and using social media, such as Tweeting or logging into Facebook.
"So for example if you have a smart phone and you're checking your email, that would cause some communication between your cell phone and one or more cell towers," Christopher Sogohian, a principal technologist for the ACLU, said.
"The police can then go back to the phone company and ask for identifying information.”
NSW Police told Fairfax Media it had used the practice as investigative tool, and a number of telcos confirmed they had received requests for metadata from government agencies.
In an interview with the news outlet WA Senator Scott Ludlam, a long-time advocate for stronger privacy laws and the new employer of former iTWire writer Renai Lemay, said a lawful warrants process should be introduced for practises like 'tower dumping.'
“It’s another example where [agencies] are collecting the entire haystack in order to find the needle,” Ludlam said.
Meanwhile According to Electronic Frontiers Australia, any government authority with some role in law enforcement or that collects public money - such as city councils and the RSPCA - is able to lawfully undertake tower dumps under the Telecommunications (Interception and Access) Act 1979.
The Act is currently under review by the Senate Legal and Constitutional Affairs References Committee.
EFA executive officer Jon Lawrence said the legislation currently does not provide sufficient regulation around interception of mobile phone metadata.
"We’re not opposed to surveillance per se, what we’re concerned about is the ubiquitous vacuuming up of data that has serious risks," Lawrence said.
"It allows them to go on a fishing expedition and that’s really worrying and very difficult to justify in anything but the most extreme circumstances."
Lawrence told journalists the practice should only be allowed in the most serious of criminal investigations and should be restricted to certain organisations.
"It's clearly open to far too wide a range of organisations," he said.
"The RSPCA, Wyndham City Council and Australia Post have used this power. That needs to be tightened up quite dramatically and I believe law enforcements have actually called for that.
"There are no requirements on these organisations to delete the data and there's a real danger of people's privacy getting trampled over. Also presumption of innocence is being turned on its head."
In order to protect privacy, users should disable GPS and WiFi wherever possible, Lawrence told iTWire.
“If you’re just walking around, I’d recommend people turn GPS off at all times unless you actually really do need to use it,” Lawrence advises.
“It’s potentially giving a whole bunch of app developers access to your location, as well as your telco, who can get it regardless. And, of course, when you’re walking around with your WiFi on, you’re broadcasting lots of information about your device to all sorts of people in the area.”
The most efficient fix is to install a battery manager, says Lawrence. “The simple way to disable it is an app like Juice Defender, that turns everything off while the screen is dark so that when your phone is in your pocket, it’s not communicating with anything except for the GSM or 3G network.”
For more information on the EFA or to join its cause visit its website.