AFP did not de­stroy copies of jour­nal­ist's phone records it un­law­fully ac­cessed

The Guardian Australia - - Headlines - Katharine Murphy Po­lit­i­cal ed­i­tor

The Aus­tralian fed­eral po­lice did not de­stroy all copies of phone records it ob­tained un­law­fully, with­out a war­rant, for the pur­pose of iden­ti­fy­ing a jour­nal­ist’s source, ac­cord­ing to a new au­dit by the com­mon­wealth om­buds­man.

In April 2017, the AFP com­mis­sioner, Andrew Colvin, con­firmed such a breach had oc­curred within the pro­fes­sional stan­dards unit and apol­o­gised, say­ing the ac­cessed meta­data had been de­stroyed.

But the om­buds­man con­tra­dicted that ac­count, say­ing its in­spec­tion of the AFP’s records “iden­ti­fied that not all copies of records containing the un­law­fully ac­cessed data had been de­stroyed by the AFP”.

“In re­la­tion to the de­struc­tion of all copies of records containing the un­law­fully ac­cessed data, the AFP ad­vised our of­fice that it had de­stroyed all of the ma­te­rial that was pro­vided to it as a re­sult of the breach,” the new re­port said.

“How­ever, to con­firm that this had been done, we arranged to re­visit the AFP with tech­ni­cal as­sis­tance, ap­pre­ci­at­ing the com­plex­i­ties of the AFP’s systems. This visit prompted PRS [pro­fes­sional stan­dards] to con­duct fur­ther checks of its systems with tech­ni­cal as­sis­tance, which iden­ti­fied ad­di­tional records.

“We con­firmed that these records were sub­se­quently de­stroyed”.

The om­buds­man has rec­om­mended the AFP im­me­di­ately re­view its ap­proach to meta­data aware­ness and train­ing to en­sure all staff in­volved in ex­er­cis­ing meta­data pow­ers had a thor­ough un­der­stand­ing of the leg­isla­tive frame­work and their re­spon­si­bil­i­ties.

The au­dit con­cluded that at the time of the breach, “there was in­suf­fi­cient aware­ness sur­round­ing jour­nal­ist in­for­ma­tion war­rant re­quire­ments” within the pro­fes­sional stan­dards unit.

It said within that unit, “a num­ber of of­fi­cers did not appear to fully ap­pre­ci­ate their re­spon­si­bil­i­ties when ex­er­cis­ing meta­data pow­ers”.

“In any large, de­cen­tralised agency, there will in­evitably be a risk that aware­ness-rais­ing does not reach ev­ery of­fi­cer who is re­quired to be in the know,” the au­dit said. “In recog­nis­ing this risk, all law en­force­ment agen­cies that can ac­cess meta­data have im­ple­mented com­ple­men­tary mea­sures to mit­i­gate leg­isla­tive non-com­pli­ance.”

“Un­for­tu­nately, the com­ple­men­tary mea­sures adopted by the AFP were not strong enough to pre­vent this breach from oc­cur­ring.”

But the om­buds­man said it was of the view that “the AFP as a whole” re­spected that jour­nal­ists had a higher thresh­old for ac­cess­ing meta­data cour­tesy of jour­nal­ist in­for­ma­tion war­rant pro­vi­sions, which en­sured that ac­cess to meta­data to iden­tify a jour­nal­ist’s source was per­mit­ted only if the pub­lic in­ter­est in do­ing so out­weighed the pub­lic in­ter­est in main­tain­ing the con­fi­den­tial­ity of a jour­nal­ist’s source.

The au­dit said the AFP took “se­ri­ously” its leg­isla­tive obli­ga­tions, par­tic­u­larly in re­la­tion to its use of covert and in­tru­sive pow­ers.

AFP com­mis­sioner Andrew Colvin said in April the ac­cessed meta­data had been de­stroyed. Pho­to­graph: Mike Bow­ers for the Guardian

Newspapers in English

Newspapers from Australia

© PressReader. All rights reserved.