In a submission to the parliamentary inquiry into the data retention regime, ASIC revealed it had used the laws 4,982 times to investigate white-collar crimes.
The data retention laws require companies to retain phone and internet records for all Australians to assist law enforcement authorities like ASIC.
As part of the legislation, agencies must report how many times they access metadata in part to allay concerns about potential overreach.
ASIC, in revealing its access, said that the most common data accessed was data over a three-month period for investigations into suspected insider trading.
Of the 107 authorisations for three months of data in 2015-16, 54 per cent were on investigations into suspected insider trading, similarly in 2016-17 of the 149 authorisations, 70 per cent were for insider trading.
ASIC maintained that data older than 12 months was also crucial in obtaining successful convictions and provided a number of examples, including a recent investigation in which data older than 20 months enabled ASIC to prosecute a board member of a credit union.
ASIC said the law was vital to its ongoing operations into investigating serious offences against the Corporations Act.
“The types of white-collar crime investigated by ASIC are both notoriously difficult to prove and capable of causing immense harm to Australia’s financial system. This harm includes damage to the integrity of Australia’s financial markets and devastation to individual victims who risk losing their houses and life savings,” said ASIC.
Between the commencement of the regime in October 2015 and June this year, ASIC had secured criminal convictions against 72 people for indictable offences.
ASIC said it continued to support the metadata retention regime and said the inspections by the Ombudsman were appropriate and proportionate.
However, the commission did say that technological advancements meant that some uses of technology were not covered by the regime.
The datasets required to be retained by the act remain limited, particularly in the case of IP addresses, due to the rise of VPNs administered by overseas providers.
There was also increasing use of encrypted communication methods that fell outside of the scope of the act, including in one market manipulation investigation where ASIC obtained warrants for metadata only to discover the relevant communications were masked using encrypted messaging services.
“Although the scope and use of technology continues to change, the metadata retention regime remains a vital investigative tool for the offending that ASIC is tasked with investigating,” ASIC said.
