Carriers have not met their legal obligations for government interception capabilities, the Australian Communications and Media Authority (ACMA) has revealed in its Communications Report 2017-18.
During the year, the Department of Home Affairs (DHA) Communications Access Coordinator (CAC) referred 36 carriers to the ACMA for enforcement after they did not have an interception capability plan by July 1, according to the report [PDF].
As of June 30, 2018, 23 of these telcos had submitted their ICP; two surrendered their carrier licences; and two were under administration and being monitored.
"The ACMA is continuing to engage with nine carriers to facilitate compliance," the report said.
The cost to telcos of developing, installing, and maintaining an interception capability on their networks reduced during the year, from AU$22.6 million in 2015-16 down to AU$22 million in 2016-17, and then further down to AU$21.5 million in 2017-18.
Under data retention obligations -- which mandates that customers' call records, location information, IP addresses, billing information, and other data be stored for two years by telcos, and is accessible without a warrant by law-enforcement agencies -- the cost of compliance was AU$35.4 million during the year.
The government provided AU$2.5 million in data detention industry grants over that time to 27 recipients, with AU$12.5 million in costs also recovered from criminal law enforcement agencies.
The ACMA's report also revealed that during 2017-18, almost 2.3 million disclosures of customer information were made by carriers,
The majority of these -- 1.7 million -- were made under Part 13 of the Telecommunications Act, with 248,913 made to assist the ACMA itself, 55,843 to assist the Telecommunications Industry Ombudsman (TIO), and nine to assist the Australian Competition and Consumer Commission (ACCC),
One disclosure was made for communications for maritime purposes; 17,014 to avert a threat to a person's life or health; 11,976 were "authorised by or under law"; 520 were made as a witness under summons; and 1.4 million were made with the knowledge or consent of the person involved.
"Section 289 disclosures increased by 1,187,104 in the 2017-18 reporting year. This was largely due to the way one provider used customer information to perform data analytics on new commercial offerings," the ACMA explained.
"In relation to the rise in Section 284(1) from 479 to 248,913, this was the result of investigations which are part of the ACMA's compliance work."
Under the Telecommunications (Interception and Access) Act (TIA Act), 563,670 disclosures were made during the financial year, up slightly from 527,546 a year prior.
Of these, 487,407 were authorisations for access to existing information and documents -- 482,800 for enforcement of criminal law, 3,602 for locating missing persons, and 1,005 for enforcing a law with a pecuniary penalty or protection of public revenue.
Also under the TIA Act, 75,794 authorisations were made for access to prospective information and documents; 327 voluntary disclosures; and 142 disclosures for criminal law enforcement in foreign countries.
Following ACMA investigations, 31 telcos face enforcement action for failing to meet the new NBN standards for complaints-handling.
The ACMA is looking into how to implement new networking technologies to prevent scam calls from coming through to Australians.
The ACMA kicked off an audit of compliance with its new NBN complaints-handling process rules, finding that all 41 telcos investigated were in breach of the standard.
Telstra's May fibre outage meant 1,433 Triple Zero calls did not get through to the emergency services operator, the ACMA has revealed.