Incidents of non-compliance with the government's mandatory data retention scheme dropped by 25 per cent from 2016-17 to 2017-18, but the Commonwealth Ombudsman said law enforcement agencies appear to be skirting oversight of the scheme.
The Commonwealth Ombudsman oversees agencies like the Australian Federal Police and others who are able to request call records, location data and other telecommunication data from phone companies, previously detecting ACT Police were accessing data without the proper authorisations.
In the report for the 2017-18 year, finalised in March but tabled in Parliament on Wednesday, Ombudsman Michael Manthorpe said it appeared some agencies were accessing the data through other legislative means, restricting his oversight of their activities.
The ombudsman also reported some areas of the Australian Federal Police and ACT Policing didn't understand their obligations to co-operate with inspections of the system, with " several administrative obstacles that impeded inspection progress," including not getting access to records until halfway through an inspection.
There was also a request to subject a ombudsman staff member to security vetting by AFP Personnel Security. Inspection officers are already vetted, the ombudsman wrote and "further vetting by the AFP has the potential to undermine the Office's public standing as independent and impartial".
Similar authorisation issues to those identified at ACT Policing were also detected at Home Affairs and Tasmania Police, the report said.