Police raided a Perth office of heritage services in late May, arresting four people and confiscating three laptops.
The operation was part of a wider investigation into the potential misuse of digital data, including personal information, for political purposes.
The four men, all from Perth, are currently awaiting trial in the Perth Magistrates Court, accused of conspiracy to breach the Information and Privacy Act.
The company they are accused of working for is Heritage Services Corporation (HSCC), a private company that operates a range of digital rights management services.
The investigation into their alleged misuse of information and data was carried out by the Commonwealth Police Counter Terrorism Command (CPCTC), which is part of the Australian Federal Police.
The police also obtained the information from the Commonwealth Cyber Security Centre.
According to the CPCTC, HSCC is a non-profit organisation which provides information and services on the internet and social media, including monitoring of social media and email, and online privacy.
The organisation provides services to individuals and businesses to monitor and protect online privacy, and has been providing data monitoring and privacy services since 2014.
One of the individuals arrested is believed to be the head of the company, who is also the director of the Commonwealth Public Interest Advocacy Council (CPICA).
In a statement on the CPCC website, the organisation says it was informed about the investigation on April 4 and is cooperating with police.
It says the group “welcomes all inquiries from law enforcement and intelligence agencies in Australia, including investigations involving privacy issues”.
The organisation says its clients “have a right to privacy and protection online”.
The CPCTE said it was unaware of any cases in Australia where information had been unlawfully accessed by the group.
It said the CPICA was “aware of a number of cases” in which information was unlawfully accessed, including one where a person was subject to an order from the Federal Court.
It added: “The CPICA is aware of some cases in which individuals have been subject to unlawful or disproportionate search and seizure orders and, as a result, CPICA has been in contact with law enforcement to offer support and advice in relation to these matters.”
However, CPCTIA spokesperson David Dyson said that it had no evidence of any unlawful activity at HSCC.
He told Polygon: “HSCC is an independent company with a number-one client base in Australia.
We’ve never had any contact with HSCC or any of their employees.”
In a joint statement, the CPCCC and the Australian Police Cyber Crime Centre (APC), the body charged with investigating cyber crime, said they were “deeply concerned about the potential for the unlawful and disproportionate use of digital information”.
They said that the CPACC had been in touch with HSCT, and that the company was working with CPICA “to provide assistance to the police”.
The APC also said that a number people involved in the investigation had been “held for questioning” in the course of the investigation.
APC spokesperson Jason Williams said the investigation “is ongoing and ongoing”.
“This is an ongoing investigation into potential criminal activity, and our investigation will continue to investigate the circumstances and conduct of the individual, the information they accessed and the outcomes they obtained,” he said.
The APCC’s investigation into HSCC and CPICA had been launched in March 2018.
It had also been launched into the misuse of personal data by the private company, the same day it was accused of being the owner of a Facebook account which had more than 30,000 likes.
The Facebook page belonged to a person known as “Mr. H”.
The account was set up in July 2017 to promote the company’s “Bridget Jones” line of “digital books”, and featured photos of a blonde woman wearing a pink skirt and a yellow shirt.
The account had more then 30,200 likes.
An online search of the account led to a number that matched the name of a Perth woman, identified only as “B” on the social media site, who was a former secretary to the HSCC board.
The CPCC and APC allege that Ms Jones had been the subject of an order to delete “B’s” Facebook account from Facebook, but that her request for the account to be deleted was denied.
Ms Jones told the APC that she was only using the account for her personal purposes and that it was not an official account of the group, and had not been associated with the organisation for more than a year.
“I’ve been told it’s a private Facebook account, not an authorised account,” Ms Jones said.
“There’s nothing wrong with that, it’s just a personal one.
I’ve never been involved in any political activity, I’ve only been associated in the past with politics, so I’ve had nothing to do with the political stuff.”
The Facebook account was deleted within 24 hours, and Ms Jones posted a message to her Facebook account asking the account