ACT police have revealed they illegally accessed metadata thousands of times more than previously thought.

The Commonwealth Ombudsman had reported that there were 116 instances from 2015 in which ACT police officers accessed metadata without the authorisation to do so.

This was generally because the person signing off on the access did not have the authorisation to do so.

It is the Australian Federal Police Commissioner's responsibility to delegate powers to senior officers to allow them to authorise requests for metadata, but in March 2015 the AFP inadvertently failed to assign a delegate to ACT Policing, leaving an unauthorised person managing the requests.

It has now emerged that ACT Policing officers attempted to access stored metadata without authorisation more than 3,000 times.

While re-examining the 116 authorisations, a further 3,249 instances where data requests had been made were uncovered. All were subject to the same authorisation problem.

The data requested included identifying who owns a given telephone number in order to enforce the law, and to help find missing persons.

The authorities say none of the requests were about uncovering a journalist's sources.

“It is important to note that while the delegation was not in place, all authorisations and requests were managed in accordance with the relevant policies and procedures, including security, storage and disclosure,” a police statement said.

“Once the issue was discovered, ACT Policing notified the Ombudsman's office to seek advice on how to remedy this administrative oversight.”

ACT Policing is seeking legal advice.