ASIC wants telco interception powers

The Australian financial regulatory agency that accidentally blocked 250,000 websites due to a lack of technical knowledge is now pushing to have the power to intercept telecommunications information to investigate financial crime.

The Australian Securities and Investment Commission (ASIC) is calling on the government to grant it powers to intercept telephone calls in order to investigate financial crime.

ASIC has oversight for Australian companies, financial organisations, and professionals, and is the first government agency to investigate financial-related crime.

In a submission to the parliamentary inquiry into financial-related crime, the regulator lamented that it is not included in a list of agencies, detailed in the Telecommunications (Interception and Access) Act, that are allowed to intercept telecommunications. It stated that this "seriously hinders" the agency's ability to enforce the law "in a modern corporate world".

"Access to intercepted telecommunications information can be a valuable investigative tool — particularly in the case of market misconduct, which is generally conducted opportunistically and with rapidity, via telephone or text messages (SMS), rather than being planned and documented in writing," ASIC said.

ASIC is, however, authorised to access stored communications information, or so-called metadata, held by telecommunications agencies such as call logs and locations of calls. This is some of the data that the federal government will soon legislate to require telecommunications companies to keep for up to two years. In the 2012-13 financial year (PDF), ASIC was granted access to this data for criminal investigations a total of 1,336 times, and for protection of public revenue on 114 occasions.

ASIC argued in its submission, however, that such metadata is not as useful to the organisation anymore.

"Given the increasing prevalence of the use of voice over internet protocol (VoIP) for telephones and social media applications such as Skype and Facebook for calls and instant messaging, we expect that traditional sources of telecommunications information such as call charge records will be of very little use in the near future, particularly with the advent of the National Broadband Network," ASIC stated.

ASIC said that in cases where the Australian Federal Police and other interception agencies believe that there are "possible market misconduct offences" through intercepted information, those agencies should be able to pass on that information to ASIC.

In April 2013, it was revealed that ASIC had accidentally blocked 250,000 websites when seeking to block websites associated with investment fraud, including the website of Melbourne Free University.

In August, in a submission to a parliamentary inquiry into the Telecommunications Act power that allows ASIC to request ISPs to block websites, ASIC said it was unaware that blocking a single IP address would lead to multiple websites being blocked due to a lack of knowledge in the agency of how IP addresses work.

"Our internal review identified that the ASIC teams requesting s313 blocks were not aware that a single IP address can host multiple websites," ASIC stated.