During our morning tech news briefing on Wednesday last week, we included some information about a new data-matching project Centrelink was undertaking, one that involved using telecommunications metadata and password-bypassing software to investigate welfare recipients suspected of claiming single payments while in relationships.
The project was brought to our attention by the good people over at iTnews, who published an article explaining everything back on April 4. As the majority of information from the article was the result of a lot of work from the journalist, we decided in that morning briefing in question to just include a blurb on the project and link out to the publication if our readers wanted to learn more, rather than cover it as a separate piece altogether.
In introducing the project, we said Centrelink was “back at it with bad ideas”. As you can imagine, Services Australia, the government department responsible for Centrelink, didn’t appreciate that and took the opportunity to clarify what the new project is all about. So we thought we’d offer a little bit of explanation.
Let’s start at the top.
The report noted that Services Australia was using telco metadata (data that provides info about other data) and software that can bypass passwords to look into welfare recipients that were claiming single payments, despite being in relationships.
The tools to do such a thing are provided by Israeli vendor Cellebrite. Services Australia clarified with Gizmodo Australia that it’s only in serious cases where such tools are used, such as criminal investigations.
“Telecommunications metadata is only used to support potential criminal cases,” a spokesperson said.
“It is not used in our compliance activities, which aim to prevent avoidable debt as a result of customers being overpaid due to changes of their circumstances.”
The spokesperson reiterated that Centrelink isn’t using telecommunications metadata or Cellebrite when conducting ‘member of a couple’ reviews and that, “Cellebrite technology is only used to support the interrogation of ICT devices seized in accordance with Commonwealth Search Warrants issued in relation to an offence against a Commonwealth Law”.
Those warrants, the spokesperson said, are issued in accordance with the Crimes Act 1914, and are executed by the Australian Federal Police.
“We conduct our fraud investigations in accordance with Commonwealth law, with briefs of evidence prepared for consideration by the Commonwealth Director of Public Prosecutions where there is sufficient evidence of an offence,” they added.
Back to iTnews’ article for a second and it noted that Since Services Australia started accessing telecommunications metadata indirectly through the AFP, it is unclear how many investigations involved fraud claims based on relationship status. The federal government in February flagged its intention to close a loophole that allowed access to telco metadata, but Centrelink/Services Australia weren’t flagged as using it inappropriately.
The reason we were sceptical is, of course, that whole robodebt thing we haven’t forgotten about. Unleashing tech onto vulnerable members of our communities should be met with questions, and hopefully, this project stays well within the confines of acceptable.