A report has highlighted ACT Policing’s ‘cavalier’ approach to accessing telecommunications data.

The Commonwealth Ombudsman has released a report into the Australian Federal Police's use of telecommunications data.

“The internal procedures at ACT Policing and a cavalier approach to exercising telecommunications data powers resulted in a culture that did not promote compliance with the Telecommunications (TIA) Act,” ombudsman Michael Manthorpe said in his report.

“This contributed to the non-compliance identified in this report.”

The Ombudsman’s office found that just nine out of more than 1,700 individual accesses to data reviewed were fully compliant with the law.

The privacy of individuals appears to have been routinely breached, with the possibility that unauthorised ‘pings’ have been used to prosecute people.

‘Pings’ are a shorthand for using location-based services (LBS), which cannot identify an exact location, but do identify the general area a phone is in.

Many of the LBS authorisations made by ACT Policing between October 2015 and 2019 were not properly authorised or reported.

“This means LBS could have been accessed unlawfully,” Mr Manthorpe said.

“This could have a number of potential consequences, for example, the privacy of individuals may have been breached and we have been unable to rule out the possibility that unauthorised LBS may have been used for prosecutorial purposes.”

The investigation found ACT Policing was accessing LBS outside the AFP's approved process, and both agencies had missed opportunities to address it.

ACT Policing has issued a statement saying it is “committed to ensuring access to mobile device locations during an investigation is conducted appropriately and transparently”.

“The Commonwealth Ombudsman has made eight recommendations, and we accept all of them,” ACT Chief Police Officer Neil Gaughan said.

“We acknowledge that poor internal processes regarding the administration of these powers were not up to community expectations, and my expectation is that we do better.

“Since January last year, ACT Policing has worked closely with the AFP and the Commonwealth Ombudsman to make a number of improvements to our processes to enhance compliance.

“All location requests on mobile devices are now centralised through the AFP Covert Analysis and Assurance business area, with consideration to urgent requests required by ACT Policing to support our operations and community safety.

“The AFP has updated internal policies and alerted all employees who use these laws for investigation to be aware of their obligations and requirements.

“The AFP will continue to review these policies and practices to ensure ongoing compliance and identify further training requirements.”