Like all telecommunications companies operating in Australia, Telstra is legally obliged to assist law enforcement by providing information that can assist criminal investigations and uphold national security.
On its website, Telstra outlines its process for receiving and reviewing information requests.
What kind of information can be requested?
A range of information can be requested by government agencies, including:
- Personally identifiable information such as your name, address, phone number, email address and date of birth.
- Information relating to your use of the telecommunications service such as service number and connection dates, and records of communications such as calls, SMSs and emails.
- The location of the equipment you use to communicate, such as where you were when you made a mobile call.
- Internet records including the date, time and duration of internet sessions, as well as email logs.
- If a law enforcement agency has a warrant, they may request real-time access to communications, such as being able to intercept your phone call.
How does Telstra receive requests?
Telstra receives requests for information in a number of ways including through warrants, and court orders such as subpoenas and coronial requests.
In some cases, agencies may not make a formal request to Telstra, but rather access information available via the Integrated Public Number Database (IPND) which holds information on every phone number from every service provider in Australia. This database is managed by Telstra, and some agencies have access to it.
How are the requests reviewed?
While Telstra is required to comply with the law, it also has a responsibility to its customers to protect their privacy. Therefore, each request is carefully assessed to ensure that it complies with the law before the information is provided. Key considerations include:
- Is the information reasonably necessary for the enforcement of criminal law?
- Are the relevant legal instruments in place, such as a warrant in the case of accessing real time information?
- Have law enforcement considered the privacy implications of the disclosure?
How many requests does Telstra receive?
Between 1 July 2019 and 30 June 2020, Telstra responded to 80,366 requests for customer information:
- 68,418 involved providing customer information.
- 7,139 involved life-threatening situations and emergency calls.
- 3,394 were warrants for interception or access to stored communications.
- 338 were court orders.
- 1,077 were Domain Name System (DNS) blocking requests, which make it difficult for users to access specific websites.
Some requests do not seek the personal information of users, but are aimed at preventing a network from being used in the commission of a crime. For example, Telstra blocks the INTERPOL generated “worst of the worst” list of child abuse sites.
If you use Telstra as a communications provider and you become the subject of a criminal investigation, government agencies may request access to your personal information from the organisation. If law enforcement has a warrant, they may even be able to intercept your communications in real time.
This raises important human rights implications; it is critical to ensure that these requests for information are made legally, and are only granted when fully compliant with the law.