Today we have a reminder from Australia that when government collects massive amounts of private information abuse ultimately follows. The Australian Federal Police (AFP) admitted today that an officer illegally accessed a journalist's call records (metadata) in order to track down a source who was leaking confidential police information.
Remarkably, the AFP commissioner then subsequently described the breach in a press conference as a result of "human error." Clearly it was not some sort of mistake that a police officer just happened to get his or her hands on this information. What he really meant was that the proper rules were not followed. Apparently the investigator "failed in their obligation to know the law," the commissioner stated, according to The Guardian. But he also laid some of the blame on "the system," the extremely familiar argument that this is all a "training issue."
The timing is particularly interesting. In 2015 Australia passed a law mandating communication companies collect and store the metadata from their customers for two years so that authorities can access it. It was sold to Australians as a mechanism to fight terrorism and crime, just as similar mass surveillance authorities have been sold to citizens in other countries.
Media companies and journalists were worried that police would access their data in precisely this way. So the law included a provision that required police to get a warrant to access the metadata of journalists. Mind you, the journalist would not be informed that the police had requested or received access to said metadata, but at least there would be an additional layer of oversight.
But even that didn't happen here. The AFP official did not get a warrant. Furthermore, despite the breach of the law, they have not identified or told the journalist who was affected due to the ongoing investigation. The metadata has been destroyed, but the commissioner acknowledged that the officer who violated the law cannot unsee the information. He also said the officer would likely face no discipline because there was no "ill will or bad intent."
While the law was passed two years ago, the full data retention orders were just formally implemented just weeks ago in order to give internet and telecom companies time to comply.
Media and privacy advocates in the country are appalled. From The Guardian:
The Human Rights Law Centre legal advocacy director, Emily Howie, told Guardian Australia the breach showed that the metadata powers were putting "press freedom at risk".
"The fact that police can so easily access a honey pot of personal information at any time surely has a chilling effect on free speech," Howie said. "Let's not forget that it is not only journalists whose metadata might be accessed.
"Australia's metadata regime is the most oppressive in the western world. It effectively allows law enforcement bodies to watch everybody, all of the time, without them knowing."
It's also a reminder that metadata reveals an awful lot about who we are and what we're doing. Government officials who support this type of metadata collection are constantly reminding citizens that they're not eavesdropping on actual conversations or reading the content of emails. But in this case, just the government's access to a list of people who spoke to a journalist over a specific time frame has the potential to implicate them. Metadata is useful to the government entirely because it does actually reveal private behavior.
Libertarian (technically Liberal Democratic) Australian Senator David Leyonhjelm had been warning about expanding the government's access to citizen metadata back in 2014 when he joined the Senate. In response to this latest breach he told the Australian Associated Press the laws were fundamentally wrong, and "Governments are supposed to serve the people, not treat them as presumptive criminals."
Note that this sort of government snooping on journalists is one of the major reasons why organizations like Reporters Without Borders say media freedom is on the decline across the world.