Note: Where available, the PDF/Word icon below is provided to view the complete and fully formatted document
Joint Standing Committee on Electoral Matters
11/11/2016
Conduct of the 2016 federal election and matters related thereto

ALTHAUS, Mr Chris, Chief Executive Officer, Australian Mobile Telecommunications Association

STANTON, Mr John, Chief Executive Officer, Communications Alliance Ltd

[13:17]

Evidence was taken via teleconference—

CHAIR: I welcome, by phone, representatives of the Communications Alliance and the Australian Mobile Telecommunications Association to give evidence today. Although the committee does not require you to give evidence under oath, I advise you that this hearing is a legal proceeding of the parliament and therefore has the same standing as proceedings of the respective houses. The giving of false or misleading evidence is a serious matter and may be regarded as contempt of parliament. The evidence given today will be recorded by Hansard and attracts parliamentary privilege. I now invite you to make a brief opening statement before we proceed to discussion.

Mr Stanton : Chair, I want to start by thanking you and the committee for allowing us to appear via audio conference. Both Mr Althaus and I had a longstanding commitment to our regulator in Melbourne today, so we appreciate the flexibility that you have shown us in letting us join by phone.

I would like to make a brief opening statement. We are involved in these proceedings in response to an email that we received from the committee back on 26 October ,which raised the question whether carriers or carriage service providers are or could be responsible for ensuring that electoral content that is carried over telecommunications networks—for example, SMS—is appropriately authorised or whether the industry might have an obligation to assist authorities if communications are noncompliant. Certainly the answer the industry would submit to both of those questions is no. We do not believe it is appropriate for industry to have content-monitoring powers or to check for authorisations. That is what we have regulators for. But, more importantly perhaps, to do so would be prohibited by law under several acts that we have cited in our submission to the committee. What is more, it would also be technically infeasible.

It is important, we think, to recognise that there is a fundamental difference between a message like an SMS and normal broadcast content—for example, a TV advertisement. The difference is that to send a broadcast SMS or an individual SMS requires no active participation by the carrier or carriage service provider other than having a network in place. When a TV ad is submitted for broadcast, the broadcaster actually has to take a positive action to put it to air. So our members do not see the content of SMSes as they come through, so any monitoring of compliance really can only happen after the fact, if at all, which perhaps is not what good policy objectives might be.

I also want just to provide a bit of clarity about what is and is not retained by carriage service providers in respect of SMS messages, because they are a form of communication that is captured under the data retention regime that was put in place by the government in recent times, but what needs to be retained by the carriers is not the content of the message. As with other forms of communication subject to that regime, the providers need to keep a record of the source of the communication, the destination of the communication, the date, the time, the duration of it, and the communication time. They are not required to retain the content of the message.

It is the case that SMS is not always a real-time communications path; it is what is known as a 'store and forward' technology, whereby the message may be transmitted in real time or it may be held for a very short time, until the system provides space for it to be transmitted. The import of that is that typically a carriage service provider will keep the content of an SMS for a short period, typically less than 30 days, just for operational purposes in case there is a glitch in the system or whatever, but then that content is deleted. So there is no existing large warehouse full of SMS content. It disappears as soon as operational needs no longer require it to be kept.

I will pause there if I may. We would be happy to respond to questions from committee members if there are any.

CHAIR: Thank you very much, Mr Stanton. I will start the questions. Thank you very much for accommodating us today via phone. The committee is very grateful. Thank you also for your submission. Some of the issues you raise and some of the complications really go to the heart of the considerations of this committee in terms of how we make requirements, particularly authorisation requirements, for political communications. How do we make them medium-agnostic so we can keep up with technology but also make it consistent across printed, internet and telecommunication forms of communication?

In relation to the carriage of messages across telecommunication networks, I note that in your briefing you say that, as you have just reinforced, you do not have any editorial or programming control. But, from evidence that we have had from the AEC immediately prior to you, the issue for them, and also for the public, is to make sure that, if there is a complaint that it may have breached some part of the Electoral Act, we can locate the person who authorised and, in this case, paid a service provider to transmit that message.

In light of the complications that you have in terms of broadcasting act restrictions and now data retention regime requirements, do you have any particular thoughts on how you see that we can navigate through this to get consistency in terms of being able to access the person who authorised the communication?

Mr Stanton : There are established paths, I guess, by the taking out of a warrant, which enforcement agencies can do and do do when they are looking for access to content, be that the content of emails, for example, or the content of telephone conversations. So there is a path to do that. If it were the case that there was a breach of the Electoral Act because of something that had happened in an SMS, provided the action was taken quickly—for example, by the commission—and a warrant was obtained quickly, it is conceivable that they could get the information they need. If they were to come back a year later with such a request, they would find that the content was simply no longer there.

CHAIR: As you just said, under the data retention regime now, it is the source, destination, date and time, which would arguably be sufficient for a law enforcement agency to locate the authoriser and payer of that communication. Is that correct?

Mr Stanton : That is right. There would be a metadata record—who had sent a message to whom—and they could always pursue the device at either end of that communication, as opposed to trying to get it out of a data centre in the service provider's premises.

CHAIR: Presumably that would include SMSs and what we are calling robocalls. Would that also cover actual person phone calls from phone banks, where you get someone live ringing from a phone bank with these messages? Would all three be covered under that?

Mr Stanton : I would believe so. I would like to take that on notice, if I may, and just confirm that I am not misleading you.

CHAIR: I am happy for you to take that on notice. Thank you.

Mr Althaus : If I could add another dimension to this discussion. Technology is moving very rapidly, and so are the applications which are used by consumers for messaging. There are instant messaging platforms. There is an enormous amount of messaging taking place within social media platforms. When you think, for example, that in every month there are about 15 million unique Australian actions taken over Facebook, 14 million on YouTube et cetera, the enormity of the internet world in terms of transmission of messages is only going to make the complexity of what is being discussed here go to another dimension, in a sense.

CHAIR: Thank you for that. Can you expand further on what you see as being some of the challenges from the multitude of social media messaging platforms?

Mr Althaus : From our industry's point of view, this goes to the points we have made already around content. The over-the-top use of internet applications in association with our networks is something that we are unable to control. The control factors that you are seeking are other than those that are located within Australia, captured by data retention and able to be sourced under warrant. The broader internet environment is enormously challenging.

Mr Stanton : If a service provider is offering an over-the-top product—let us call it a VoIP service—that a large carrier decides to offer as a carrier-grade product, then that is subject to the data retention regime, and they have to retain all the information about it. But, if it is simply an over-the-top application—let us call it WhatsApp—that rides on their network but is not operated by the service provider, there is no obligation to retain those data, and they are, as Chris said, enormous in volume.

CHAIR: So we have to look at over-the-top products in two different categories—that is basically what you are saying?

Mr Stanton : Yes.

Mr GILES: Thank you very much for your submission and your evidence. This is really a reflection rather than a question. I guess your members want us to be mindful of further increasing any regulatory burden on you and presumably also of the potential commercial impact of acting without proper thought to your members and without keeping in mind what you put very strongly in your submission—that the ultimate responsibility should be with the people responsible for the communication, not those who are the vehicle for it. Is that fair?

Mr Althaus : That is fair.

Mr Stanton : Indeed.

Mr GILES: Thank you very much.

CHAIR: Just to help the deliberations of the committee, I think from your evidence and from previous evidence from the AEC, what is clarifying in my mind is that the committee has got two challenges. The first is to work out across all the different communication platforms how to have consistent and clear authorisation whether it is printed material and printing authorisation or telecommunications carriage. The second is how we track down the person who, in this case, did not print it but who authorised it through the person who communicated it. There are two separate issues. Would that be a fair characterisation, Mr Stanton?

Mr Stanton : Yes. I think you have summarised it well.

Mr MORTON: Thank you both for attending. My issues are pretty much the same as what have been raised. Perhaps you would be able to come back to the committee with further information. On the issue of authorisation, I understand and I support the fact that the printed details are part of the authorisation process in order to verify if need be the person who is actually making the authorisation. What is in my mind that I am interested in is how we apply that to technology like text messages. Whether you would like to take this on notice or would like to answer it now is up to you.

The short period for operational purposes that you retain text message data, what does 'short period' mean? In some cases you have talked about warrants and law enforcement agencies but it may well be a civil matter between two parties. We may resolve that text messages should be authorised. There may be a text message in the future that goes out that has the authorised details of J Smith in there somewhere. They cannot be identified. I am keen to know from you, in a civil matter, what would be the process that they could find out from the carrier who the actual sender of that material was because that is the challenge, I think, we have got before us. Feel free to answer now or perhaps you have got a flavour of some of the things we are thinking of that you might like to add to your submission in the future.

Mr Stanton : Typically the period for which the content of SMSs is retained for operational purposes is 30 days or less. There is no standard across the industry for each provider. It is of that magnitude. In terms of civil access to the metadata that is retained under the data retention regime, I will come back with a written response on that because we have taken a look at some of the complexities around that. It is clear that the regime was designed to assist law enforcement rather than civil proceedings. But there are other factors involved including the Australian Privacy Principles so I was asking for permission to give you a written response on that one.

Mr MORTON: I do accept from your submission you do not want to become the authoriser, the checker, the police officer of every communication that someone might want to use in a political campaign. My concern is in relation to if we require they be authorised, in the event that the authorisation is false or incorrect or does not enable an individual or organisation to track down who is actually responsible for that message, we need a mechanism that is equivalent to the 'printed by' line that goes on printed material. You might be able to help us with that.

The other important factor you might consider in that additional submission is the speed in which it can be obtained. There could well be a text message that is sent on the morning of an election campaign, but it takes a long time in order to ascertain who was the sender of that text message. I would be keen to know in relation to civil matters not just how we obtain that meta detail but also at what speed you think that would be able to be obtained?

Mr Stanton : Okay. I will take that up with some of our members and just get a sense as to how rapidly they typically could respond to a request that came in for the source metadata on an SMS and provide that to the committee.

Mr Althaus : Just a comment in addition to that: you are quite correct insofar as the authorisation statement goes to the point of content and should be a requirement placed on the person putting the content forward. The other issue is in terms of time limits. Again, just to underscore the volume of messaging that is going on: typically in a mobile context, for example, we are experiencing data traffic on our networks that doubles annually. We are now sending in the order of 50 billion text messages in a year, so the requirement and the ability to search and obtain information is an ever-increasing challenge. A regulatory burden onto this industry to be able to do that outside of what currently exists in data retention is an extremely serious matter to be contemplated by the committee.

CHAIR: Thank you very much. We have one more question from Senator Leyonhjelm.

Senator LEYONHJELM: This may be just replicating what Mr Morton has asked you, but my proposition to you is: if the committee was to seek a platform-agnostic way in which people who issued, published, or whatever, political or electoral material in the context of where there was a view that the people who were responsible for that political material needed to be identified in case they needed to be sued or have some sort of legal action taken against them, to what extent could your members contribute to that process? If you want to take that on notice, that is fine. If you want to answer now, that is also fine.

Mr Stanton : It would depend on the timing of the request. Certainly, the metadata that is retained for data retention can be made available to authorities. That happens about a thousand times a day, every day, in respect of other metadata, so I do not see that as a particular challenge. In terms of verifying the content in advance, that is just not feasible. In terms of hanging onto it long term, that is typically not going to happen. We do have a requirement under section 313 of the Telecommunications Act to provide all reasonable assistance to the Commonwealth, the states and their agencies in matters of legal proceedings, and the industry operates very effectively under that regime today.

CHAIR: Thank you very much, Mr Althaus and Mr Stanton, for your evidence here today. Thank you also for taking a number of issues on notice to provide us further information. It is information that we will look forward to receiving because it goes to a number of issues that are really at the heart of this part of the inquiry. Could I ask that you forward it to the secretary by Friday, 18 November. You will be sent a copy of the transcript of your evidence here today and you will have an opportunity to request corrections to transcription errors.

Mr Stanton : Thank you, Madam Chair, and to members of the committee.

Mr Althaus : Thank you, Chair.

CHAIR: Thank you very much.