The Australian Federal Police (AFP) says "human error" led to an officer illegally accessing a journalist's metadata without a warrant, commissioner Andrew Colvin said on Friday.
Earlier this year an AFP officer accessed the call records of a journalist without a warrant during an investigation into a leak of confidential information.
"What was accessed was the records of calls, not the content of those calls," Colvin said.
"Once the breach was confirmed, we immediately moved to destroy all of the material that was provided to us as a result of that breach. This was human error. It should not have occurred."
Colvin said the journalist had not been informed of the breach, and the officer responsible had not been punished.
The AFP has reviewed its internal practices and procedures and "significant changes" have been made, he said. The Commonwealth ombudsman will launch an audit into the breach next week.
"We have raised the level of internal authorisation required for access to data of this type," Colvin said. "We are limiting the number of authorised officers who can approve access of this type. We are also re-rolling out and stepping up mandatory training to all investigators and authorised officers to make sure they are fully aware of their obligations."
The AFP is allowed to access journalists' metadata with a warrant under the new metadata retention regime, but Colvin said the correct steps weren't taken in this instance.
Colvin took full responsibility for the breach and said it won't be repeated.
Scott Ludlam from the Greens Party said: “A scheme that was forced on to the public as a counterterror tool was instead used in exactly the way we've long feared – in pursuit of a journalist and their source... it is time this surveillance regime was overturned."