- A Sydney grandmother receives a demand for $10,000 from an American “copyright troll” law firm, which threatens to sue her unless she pays. Using a preliminary discovery application directed to her Australian ISP, the firm obtained her contact details associated with the IP address detected as having downloaded a movie -- which her visiting grandson obtained via a file sharing site.
- A media company engaged in phone hacking and bribery of public officials hires a private detective to "compile a dossier" on the lawyer representing many of its victims. The detective bribes a police officer to secure the metadata of the lawyer, and a check of her phone calls records shows she has recently contacted an abortion clinic. The company is in a position to threaten to reveal the information unless she abandons litigation.
- A wealthy US-based religious cult is accused of keeping its members in “virtual slavery” by an Australian politician. The cult sues the politician making these claims and uses the litigation to subpoena his telephone records, thereby identifying the cult members who have contacted him to provide him with information. They are ostracised, sued and harassed by the cult.
- The estranged partner of a mother and children with an apprehended violence order against him initiates Family Court proceedings against his former wife alleging a breach of access orders and challenging custody arrangements. The proceedings allow him to subpoena the records her telephone company has retained on her, enabling him to identify that she is in a new relationship. He uses the data to track down her new partner and assault and threaten him.
- An Australian communications company, faced with significant costs to implement the data retention scheme, chooses a cheap foreign-based cloud storage service to store its customers phone and internet records. The service is poorly secured, and hackers obtain customers’ personal information. As there is no mandatory data breach notification law in Australia, the company does not reveal the breach. The first its customers learn of the breach is when their personal details appear on the internet and the incident is reported in the press.
- Chinese hackers target Australian communications companies in the search for information relating to Chinese dissidents living in Australia. Breaking into a phone company’s data retention records, they identify the phone records of their targets, including whom they have been calling in China. Their Chinese family members and friends are arrested and interrogated by Chinese authorities.
- ASIO bungles a “special intelligence operation”, resulting in the death of an undercover officer. The Attorney-General, reluctant to be seen to be less than supportive of his intelligence agency, agrees to the Director-General’s request that the matter be kept quiet. An ASIO officer, outraged that those responsible for the death will not be held accountable, provides an internal report to a journalist. The AFP obtain both the telephone and email metadata records of the journalist and discover email contact between the private home account of a serving ASIO officer and the journalist. Both are charged and imprisoned, with the media unable to report the details of the case.
Data retention will hurt YOU, not criminals. Here’s how
The government's data retention is far more likely to harm ordinary Australians than catch criminals or terrorists. Bernard Keane and senior IP and communications lawyer Leanne O'Donnell explain how.