Services Australia rejects senator request for details of Cellebrite contract

Services Australia has rejected a senator's request to disclose its contract with Cellebrite for the company to provide technology to help prevent criminal activity.

Cellebrite, an Israeli digital intelligence company, is best known for its controversial phone-cracking technology, which it previously claimed could download most data from almost any device on behalf of government agencies.

During Senate Estimates in October, Greens Senator Janet Rice had asked Services Australia various questions about the agency's decision to procure vendor services from Cellebrite, with a request to see a copy of the Cellebrite contract being among them.

Services Australia at the time took that request on notice.

Rice had also asked about the scope of Services Australia's usage of the Cellebrite technology, which Services Australia acting-deputy CEO of payments and integrity Chris Birrer said has only been used in fraud and identity theft cases, such as when people have falsely claimed the government disaster relief payments, uploaded false information to commit fraud, and stolen the identities of actual customers to hijack payments.

Birrer added that his agency does not deploy these capabilities in relation to any general payment accuracy compliance activities.

In providing a response to Rice's request for the Cellebrite to be disclosed, Services Australia said disclosure of the requested documents would be contrary to the public interest as it would prejudice its criminal intelligence and investigation functions, and not be consistent with the agency's commercial interests.

"Specifically, disclosure of the agency's lawful methods or procedures for preventing, detecting, investigating, or dealing with matters arising out of breaches or evasions of the law would, or would be reasonably likely to, undermine the effectiveness of those methods or procedures," Services Australia said in its response.

"Disclosure would also reveal commercially sensitive information provided to the agency in confidence by Cellebrite, potentially causing the agency to be in breach of its contractual obligations, and commercially disadvantaging the Cellebrite in the marketplace."

Social Services hires Deloitte to assess Cashless Debit Card efficacy

As part of the responses to Senate Estimate questions taken on notice, Rice and Labor Senator Malarndirri McCarthy also received responses from the Department of Social Services about its progress in analysing the efficacy of the Cashless Debit Card program (CDC).

The CDC, which kicked off in 2016 as a trial, governs how some individuals in receipt of welfare spend their money, with the idea behind the program being to both prevent the sale of alcohol, cigarettes, and some gift cards and block the funds from being used on activities such as gambling.

The program has repeatedly been labelled as racist by the Opposition as it has disproportionately impacted Indigenous Australians. Labor Senators have also said there is no evidence that compulsory, broad-based income management actually works. 

In one of the responses, Social Services revealed most of its advertising of the CDC program in the Northern Territory, which is where most of the program trials have taken place, was put towards ads on 13 Indigenous radio stations, while only placed three regional and two national/metro radio stations received ads, respectively.

To address concerns about the CDC's efficacy, Social Services also revealed in responses to questions on notice that it has paid Deloitte AU$675,000 to undertake data repository services of the CDC program. This will entail analysing CDC data to provide a more complete evidence base of the program's success and inform policy decisions for the future of the program.

The department said the data that will be considered relates to changes in social harm and a range of data relating to social security, drug and alcohol use, gambling, financial management, child protection, police records relating to drug and alcohol-related crime, domestic violence hospital admissions, employment and training, and education data.

The procurement of Deloitte's services follows the Australian National Audit Office (ANAO) announcing last month it would commence a follow-up audit into the effectiveness of the CDC program.

The federal auditor is conducting another audit as Social Services did not have an adequate program for monitoring and evaluation CDC program's effectiveness, which meant it was difficult to conclude whether the program helped reduce social harm or whether the card was a lower cost welfare quarantining approach.

At the moment, CDC card providers like Indue are being paid AU$1,100 per participant in the program. In total, the federal government has paid AU$70 million to Indue since the program commenced. 

Related Coverage

• Services Australia testifies Cellebrite tech only used for fraud and identity theft cases
• Signal unveils how far US law enforcement will go to get information about people
  
• Signal rattles sabre and exposes crackable Cellebrite underbelly
  
• ANAO commences follow-up audit of Cashless Debit Card after initial audit was inconclusive
  
• Cashless Debit Card looking to move beyond Indue as sole issuer
  
• Two Cashless Debit Card outages and nearly 21,000 Australians on welfare quarantine