“The only thing the data-retention law is requiring is that types of metadata which are currently retained will be retained in the future for at least two years,” Turnbull told ABC radio on Wednesday.
Back in October last year, the Attorney-General also stated that the data retention laws will not “involve anything beyond what the telcos do at the moment.”
These false assurances from our senior politicians is infuriating spin.
Australia’s data retention scheme is also a data creation scheme.
There is an express requirement in the Bill, set out in proposed section 187A(6), to create data when the service provider does not already capture data that falls within the yet to be finalised data set.
Why is such a requirement necessary if data retention is “only” requiring retention of data currently being retained?
The proposed data set includes categories of data that some providers do not currently retain and have no business need to retain for the 2 year period.
Have the Attorney-General and Communications Minister not read the Bill?
Have they both over-looked the Attorney-General Department’s own industry consultation paper which explained that data which falls within the defined data set will be required to be retained “even if this exceeds business needs” and that “the policy recognises that providers may need to modify some systems to ensure they meet the minimum standard”.
Requirements to retain the data concerning ISP-provided email would, as iiNet has explained, require material extension of existing retention periods and in some instances even the creation of data.
And this isn’t me just having a rant ….
In December last year, CEO of Communications Alliance commented:
The telecom industry “has grown a little weary of hearing this proposal described as a requirement to do no more than service providers do today,” said Stanton.
“It’s in most cases far from that. It is a data creation regime as well as a data retention regime.”
“There are elements of the dataset, for example, that require data to be collected and manipulated in ways it’s not today. Historical aggregate records of upload and download volumes, for example – I don’t know of any provider who manages to put that material today. There’s no business requirement for it, and the feedback from some of our members is that will be quite difficult to do.
And while I’m here, yesterday, 11 March, a Dutch court suspended the country’s data retention laws.
The “safeguards” to protect rights such as privacy were insufficient. Relevantly to the Australian context, the Dutch law as does the proposed law in Australia failed to:
- restrict access to retained data to investigation or prosecution of defined “serious” crimes
- provide for any form of court approval or independent oversight before access to retained data is permitted
This helpful summary of the Dutch ruling also includes a link to an English (unofficial) translation of the judgment.
On the so-called “safeguards” in Australia’s scheme, do check out this excellent article by Adam Molnar and Angela Daly.
With Australia’s data retention bill likely to be back before the House of Representatives next week it is not too late to have your say. If you haven’t already, do call, visit or write to your local MP and make sure they have fully considered the implications of this far-reaching new law.
Want to know more?
I’ve previously written about data retention in formal submissions as well as in the posts and articles below:
Data retention: too many unknowns, too many unanswered questions for The Guardian
Data retention will hurt you, not criminals, here’s how, with Bernard Keane for Crikey
So what’s missing from the Australian government’s new website on data retention (on my blog).