ACT Territory and Municipal Services (TAMS) has admitted to surreptitiously tracking and recording the movements of residents in Canberra’s South through the interception of the private Bluetooth emissions of their mobile phones and car hands-free systems.
TAMS has collected these data as part of its evidence base in support of the highly controversial plan to implement more than 82 traffic calming devices across the southern suburbs of Chisholm, Gilmore, Richardson, Macarthur, Fadden and Gowrie.
The data were reportedly used to map traffic flows and to measure ‘rat-running’ of traffic through the aforementioned suburbs. Collection apparatuses were placed by the side of the road at all entrance and exit points to each suburb. Under the project, if the same signal was received at two collection points, it was inferred that the vehicle had ‘rat-runned’ through the suburb.
All traffic with Bluetooth devices entering or leaving each suburb was tracked as part of the study, conducted jointly by Purdons Consulting and TAMS, in December 2012. This capability would normally require obtaining a warrant under the Telecommunications Interception and Access Act 1979, which was intended to restrict the activities of domestic law enforcement agencies. Further, there is a reasonable expectation of privacy whilst utilising Bluetooth, as well as the possibility of the information being personally identifying. As such the collection of these data is likely to be in contravention of the Privacy Act 1988.
Residents were not advised about their intentions to conduct this activity, nor has TAMS offered residents the opportunity to review their private data collected under the study. When questioned about the legality of the program by concerned residents at a recent public consultation on 13 March, Mr Rifaat Shoukrallah, Roads ACT Senior Manager of Traffic Management and Safety, stated that he considered the actions of the department to be “completely legal”. The event was also attended by ACT Greens Minister Shane Rattenbury.
The activities of TAMS are eerily similar to the blunder of Google’s Street View project, where the company recorded Wi-Fi access point location data of millions of users worldwide. This lead to the company being fined for breaching user privacy. However, unlike Wi-Fi, where broadcasts are expected to be received by surrounding users attempting to locate and connect to home networks, Bluetooth beacons are private signals intended only for the target user. This makes the suspected breach all the more serious.
Similar activities have been conducted in Queensland, where investigations concluded that information collected was not personally identifying, and as such, not a breach of the Privacy Act. However, most readers will be aware that by default, Bluetooth devices often use the owner’s name as the identifier. The trend towards law enforcement abroad and domestically increasingly using similar methods as a mechanism for tracking the location of criminals (under warrant) also suggests that the legality of this technology needs to be reviewed before use in the ACT.
ED – We were rather surprised by this story so asked TAMS for comment. They had this reply:
Bluetooth data collection is used for traffic studies across Australia and worldwide. Please be assured that this technology is not able to collect any personal data and there is no way to identify individuals through Bluetooth devices. If the technology could in any way contravene the Privacy Act or other legislation, TAMS would not use it.
The Bluetooth technology allows for information to be collected about the movement of cars through a suburb. Data receivers collect an electronic signature at the entry and exit points to suburbs and by looking at the time it takes vehicles to travel that distance it can be determined whether they are ‘rat running’ or whether they were instead going to the local shops or dropping their kids off at school. If data is captured only at the entry point then it can be determined that the owner of the vehicle must live in the suburb.
TAMS has received many safety and complaints relating to rat running in Chisholm, Gilmore, Richardson, Macarthur, Fadden and Gowrie and is responding with detailed traffic studies. Bluetooth technology is being used instead of manual counting as it much more accurately records traffic flows. It also offers a greater degree of privacy than that which can be provided with toll tag tracking or license plate surveys due to the fact that there are no databases of Bluetooth addresses that can be used to associate addresses with individual owners or their vehicles.
The Minister has asked TAMS to include information on Bluetooth data collection on its website, as we understand people may have concerns or questions about how it works.
UPDATE 29/03/13 10:31: Good grief we’ve made The Register who seem to have blurred the line on user generated content into an editorial line.