Australia's spy watchdog, Vivienne Thom, has defended the oversight of Australia's spy agencies. Photo: Lyn Mills
It is "quite wrong" to think that all Australians' phone and internet data is being collected and examined by Australian intelligence agencies, the spy watchdog says.
"I think this idea that it's all being hoovered up and stored with intelligence agencies – and they can browse it at their will – is quite wrong," Inspector-General of Intelligence and Security Dr Vivienne Thom said at the Law Society of NSW on Wednesday night last week.
Despite this, Thom wouldn't comment on whether Australians should be concerned about US intelligence agencies and the revelations by former US National Security Agency contractor Edward Snowden regarding mass phone and internet surveillance. The Snowden revelations make clear that US agencies mass-harvest data including the communications of non-US citizens using US-based data and social media services.
Thom said what was conducted by Australian agencies was "quite different" to what US agencies did.
"Data in Australia stays with telecommunications companies," she said. "Data from the Australian telecommunications network can only be accessed by [domestic spy agency the Australian Security Intelligence Organisation] and then only with a warrant in terms of content and only with authorisations for telecommunications data, or what we used to call metadata*."
Dr Thom was speaking about agencies she has oversight for, and not about the other Australian law enforcement agencies that can access telecommunications content and metadata, such as state and territory police, local councils, Australia Post, the RSPCA and others.
Federal and state government agencies accessed private telecommunications and internet data 330,640 times during criminal and financial investigations in 2012-13 - an 11 per cent increase in a year and a jump of 31 per cent over two years.
The agencies Thom has oversight for— which do not need to report metadata request figures or the number of warrants executed — include the Australian Security Intelligence Organisation, Australian Signals Directorate, Australian Secret Intelligence Service, Defence Imagery and Geospatial Organisation, Defence Intelligence organisation and Office of National Assessments.
Thom said that Australian intelligence agencies couldn't view intelligence collected by foreign spy agencies, such as the NSA, unless accessing such data would be allowed in Australia.
But Thom did say that intelligence sharing could occur with foreign agencies. However, she said there were "limits and boundaries" on what could be shared, which her office monitored.
Thom was responding to a call by Geoffrey Robertson, QC, in December to investigate alleged breaches of Australia's Intelligence Services Act after a document Snowden released revealed how Australia's Defence Signals Directorate (now the Australian Signals Directorate) was looking at ways to share information on Australians with foreign agencies without a warrant.
She said it wasn't necessary to set up an inquiry into Robertson's concerns as she looked into the matters he raised regularly.
Recommendations followed up
Thom also defended the recommendations her inquiries on agencies produce. She said that although she could only make recommendations, she always followed them up with agencies.
"I don't let agencies forget about recommendations," Thom said. "At the end of the financial year I ask them to report on those that are outstanding, or I might in a more regular way."
"They can't just accept them and forget about them," she said.
Nothing to hide
Thom also said that if agencies were trying to hide something from her it wasn't working.
"I think if anybody has read any of my recent inquiry reports on the [Inspector General for Intelligence and Security] website you'll see if agencies have been trying to hide things, they weren't that successful because I can be quite critical of agencies," she said.
"I don't think it's in their interests to hide things from me … If something does happen, I'll get a phone call and I'll be one of the first persons to be alerted that something's gone wrong."
While joking her department was a "boutique agency" with 12 staff members, Thom said it was "modest but adequate".
"Of course I would like – everybody would like – more funding ... but I think we can put up with the staff we have."
Despite this, she said she was able to get extra funding when required.
Thom also used the panel discussion to say that she could inspect warrant applications before they were approved by the Attorney-General, but said that reviewing them afterwards was proving fine as she did not see any systemic issues.
"I don't think that role is needed," Thom said.
The NSW Law Council recently proposed that Thom's office check warrants by agencies before they are approved by the Attorney-General. Unlike law enforcement agencies, intelligence agencies have their warrant applications approved by the Attorney-General and not by the courts.
From her experience looking at Australian Security Intelligence Organisation warrants, Thom said she "rarely" found anything "other than technical issues" wrong with agencies' warrants.
* Metadata is the basic information people generate when using technology, but not the content. Metadata stored about a phone call could include the parties to the call, location, duration and time of the call, but not what was said. Metadata stored about an internet activity can include uniform resource locators (URLs) visited, the time at which they were visited, the destination IP addresses, and other information that could identify where a person has been online.