ASIC seeks to be added to Metadata Access List

The Australian Securities and Investments Commission (ASIC) and other government agencies left out of the mandatory data-retention access legislation will be able to apply to be re-added in the six months after the legislation passes the parliament.

As part of the Telecommunications (Intercept and Access) Amendment (Data Retention) 2014 Bill, telecommunications companies will be required to retain a set of customer data, such as time of call, call duration, the number dialled, assigned IP address, email addresses, and other information, for a period of two years.

Although a wide array of government agencies can access the data today, in order to allay privacy concerns about mandatory data retention, the government has proposed as part of the legislation to limit the access to the data to law-enforcement agencies, such as the Australian Federal Police and state police.

There is, however, a major exception. Through ministerial direction, the attorney-general can add agencies to the list after assessing a request made by an agency.

ASIC, the government agency charged with investigating investment fraud, insider trading, and other white-collar criminal activity, has already voiced its displeasure with effectively being removed from the list. Speaking before the Senate Committee for Corporations and Financial Services, ASIC commissioner Greg Tanzer said that ASIC can apply after the legislation has been passed, but it is unclear whether it would be a permanent addition.

“My understanding, from subsequent discussions with the department, is that the intention is that the Bill would not be brought into effect for six months after it has passed, during in which time there would be the ability for agencies such as ours to make an application to the attorney-general for a declaration of that kind,” he said.

“What is not very clear … is whether that declaration might be limited by time, or by particular offences.

Tanzer said that access to metadata is “absolutely essential” for ASIC to discharge its law-enforcement responsibilities for insider trading, market manipulation, and superannuation fraud.

He pointed to the recent case of an AU$7 million insider trading case between a National Australian Bank employee and an Australian Bureau of Statistics employee.

Read Full Article on ZDNET

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

The Complete OSINT Tutorial to Find Personal Information About Anyone

This article mainly focuses on how to discover a person's digital footprint and gather personal data by using open-source intelligence (OSINT). So, in its...

How to find the password of hacked email addresses using OSINT

Open-source intelligence or OSINT is a potent technique, and it can give a lot of valuable information, if implemented correctly with the right strategy...

How to Identify Company’s Hacked Email Addresses Using Maltego & HaveIbeenPawned

This article is part of the Maltego OSINT tutorial, where you will learn to identify the already hacked account, and it’s password using the...

5 Key Vulnerabilities in Global Payroll

The cyber threat against payroll is growing in sophistication and frequency, according to the latest FBI cybercrime report. Many of these attacks exploit fixable...