LEAN Times Ahead?


Roger Clarke
Australian National University

Published in Policy

© Australian National University, 1992

Introduction

The Federal Attorney-General's Department is spearheading a proposal to establish a system called the Law Enforcement Access Network (LEAN). This system, in addition to its potential benefits in relation to law enforcement, represents a very serious threat to the information privacy of all Australians. This paper outlines why.

What Is LEAN?

LEAN is "a function-specific computer system with capability to access, search, analyse and match data, irrespective of the formatting of the data or type of data base management involved, and to make that functional capability and contents of public databases available to Commonwealth agencies with law enforcement and revenue protection responsibilities" (RFT at 1.3.6).

What this means is that:

What Databases About People Are Involved?

Initially, it is proposed that data will be acquired from: It is claimed that it "requires only Government direction to extend it to other databases" (A/G's, p.8). The proposal uses the term "publicly available databases" (e.g. A/G'S, p.8), and it is reasonable to assume that the scheme will be extended in due course to such databases as: and perhaps also to:

Size and Growth Path

In mid-1991, it was reported that 500-3000 terminals would be connected to the system. The initial size of the system is already much greater than this, with 10 agencies involved, with a total of 6500 terminals to be connected. Moreover, at peak times each day, 1500 terminals would be actually in use (RFT at 5.2.1). The initial total storage being sought is very large, at 62.5 thousand million characters (RFT at 6.5.2).

The scope of the scheme is clearly intended to increase significantly, as the following points show:

In addition, it is not clear whether there is anything to prevent the provision of the service to companies.

What Justification Has Been Given For the System?

The origins of the proposal are traced to a 1987 Government Report entitled 'Review of Systems for Dealing With Fraud on the Commonwealth' (Fraud).

Despite the time spent in developing the proposal, there appears to be no economic justification in any public document. Instead, the limited material available depends on such assertions as:

The closest to an analysis of the means whereby benefits will be gained is "The number of cases resulting in unsuccessful prosecutions will decline, with more resulting in success ('penalty') or (for those which should not proceed) appropriate termination. Termination decisions should also be made earlier in the process... Recoveries of proceeds of crime should also increase" (p.8, and PilotEval, pp.11-12).

The sole quantified estimate provided is "(One agency estimates its average search time using LEAN is less than one-quarter of the time taken per search without LEAN)" (PilotEval, p.12). No attempt appears to be made at any point in the publicly available documents to estimate financial, other quantifiable and qualitative costs, and match them against estimates of financial, other quantifiable and qualitative benefits.

Moreover, there are significant causes for doubt about the system's value, even within the documents provided:

What Privacy Issues Arise?

* New Threats in Old Bottles

The Attorney-General's Department claims that the scheme has very limited privacy implications, because it involves only publicly available databases (referred to in the Privacy Act 1988 as 'generally available publications'). This claim is spurious.

It is true that there has been a general right of access to the databases involved. The form of access has been limited, however, to searches based on very specific 'keys', such as the name of the company, or the property details. Moreover, the time and cost involved in searches has been such that they were seldom done frivolously.

Organisations using LEAN would have access to the databases it contains in a manner utterly different from that which was possible in the past. Data may be accessed using additional keys. For example a person's name may be used to find out what companies he or she is associated with, or what other people he or she is associated with by way of common directorships. Similarly, all properties owned by any individual now or in the past can be quickly, easily and cheaply discovered. This is identical to the capability offered by Telecom's Electronic White Pages, whereby the registered subscriber and his or her address can be discovered from their telephone number.

It is disingenuous for the Attorney-General's Department to suggest that LEAN is merely automating 'publicly available databases'. The Department claims, possibly correctly, possibly incorrectly, that the system is exempt from the Privacy Act 1988, on the grounds that it is concerned with "law enforcement and protection of public revenue". Whether or not it is exempt is in the end irrelevant. It is a scheme which drastically alters long-standing arrangements concerning personal data, has very significant implications for privacy, and should be subjected to careful and public assessment prior to being implemented.

* Mixed Purposes and Wide Availability

LEAN is targetted at two distinct populations: The power provided by LEAN is arguably necessary for the first purpose, but is frightening in the hands of inadequately trained staff dealing with large numbers of routine cases involving many errors, misunderstandings and forgetfulness on the part of members of the public (and sometimes errors, misunderstandings and forgetfulness on the part of public servants).

* Many Additional Privacy Considerations

Additional factors which highlight the privacy significance of the system include:

An additional concern is that most of the data involved in this first phase of LEAN is to be sourced entirely from State Government agencies, and none of those agencies are themselves subject to privacy regulation. This raises doubts about the conditions of collection, storage, use and disclosure, and the quality of the data which will be provided.

The appreciation of the concept of privacy shown in the publicly-available LEAN documents is slight. The terms 'privacy' and 'security' are used in close association throughout, and the only 'privacy safeguards' mentioned are security measures (pp.8-9). In fact, security represents only one of a dozen aspects of privacy protection, and one of the few in which the interests of data users and data subjects coincide.

A Tool of Mass Surveillance

Of especial concern is the intention to use the data for computer matching (RFT at 6.1.3, 6.6.3, 7.2(h)). Computer matching's primary purpose is as a mass surveillance technique, which is a means of 'trawling' or 'drift-net fishing' in order to discover people about whom to be suspicious.

Data matching is distinctly different from investigative techniques which begin with a person or persons about whom suspicion already exists. For this reason the Privcy Act 1988 drew especial attention to the technique, and the Privacy Commissioner has invested considerable effort in developing Guidelines constraining its use. It is vital that all agencies using matching be subject to these Guidelines, yet some of them, and perhaps even the whole of LEAN, may be outside the jurisdiction of the Act, the Guidelines, and the Privacy Commissioner.

Conclusions

LEAN represents a substantial reduction in the privacy of Australians: LEAN should not proceed on the present basis. Implementation should be deferred pending the following:

References

A/G's 'Law Enforcement Access Network' Fraud Policy and Prevention Branch, Attorney-General's Department, December 1991, 9 pp. plus 10 pp. of Attachments

Fraud 'Review of Systems for Dealing With Fraud on the Commonwealth' Austral. Govt. Publ. Serv., 1987

PilotEval 'A Report on the Evaluation of the LEAN Pilot' Fraud Policy and Prevention Branch, Attorney-General's Department, October 1991, 12 pp. plus 11 pp. of Attachments

RFT 'Request for Tender for Supply of Hardware, Software and Services to Implement a Law Enforcement Access Network (LEAN) for the Attorney-General's Department' Request No. A00025, December 1991, 127 pp.

Navigation

Go to Roger's Home Page.

Go to the contents-page for this segment.

Send an email to Roger

Last Amended: 13 October 1995

These community service pages are a joint offering of the Australian National University (which provides the infrastructure), and Roger Clarke (who provides the content).

The Australian National University
Visiting Fellow, Faculty of
Engineering and Information Technology,

Information Sciences Building Room 211

Xamax Consultancy Pty Ltd, ACN: 002 360 456

78 Sidaway St
Chapman ACT 2611 AUSTRALIA

Tel: +61 6 288 6916 Fax: +61 6 288 1472