The consultation paper. It explicitly rules out the retention of data that indicates what sites internet customers access but it does not rule out agencies asking for a customer's web history if a telco does hold it for other purposes. Recently, it was revealed Telstra handed over URL information without a warrant to agencies. "Nothing in this data set applies to or requires the retention of destination web address identifiers, such as destination IP addresses or URLs," the consultation paper states. Information about the type of service a person is using over the internet is to be retained, according to the paper. Such information would help identify the use of communication services such as Skype or file-sharing applications such as Bittorrent. Providers would also be required to store "date of birth, financial, and billing information" of subscribers.

The paper also reveals they would be required to store source and destination telephone numbers from a phone call, the time of the call, its duration, and the location of all parties to the call. But it neglects to mention access to data that could point to the use of messaging apps such as WhatsApp and Viber. It does however rule out the need to keep the channel surfing habits of internet TV (IPTV) users. The paper also reveals that telecommunications companies would need to retain current and historical records that identify the names and addresses of internet and telephone ­account holders so as to provide an audit trail for law enforcement. Telecommunications providers would also need to "capture any metrics that describe the use" of an account. An example provided states this could include upload and download volumes of an internet user and their allocated bandwidth - their speed of connection - at any given time.

Although costs associated with storing the data are mentioned briefly, the paper does not go into detail on this. Internet and phone providers iiNet and Optus have previously estimated the costs could be in the hundreds of millions of dollars depending on the amount of data required. The paper states that input provided by industry in response to the paper will assist government to further develop policy "on a range of issues", including future versions of the data set and retention periods. Information security arrangements to protect the data from hackers would also be taken into account from industry feedback, the paper says.. The paper also concedes what many have known in industry circles for some time: that telecommunications data, commonly called metadata, is not defined in the Telecommunications (Interception and Access) Act 1979. Instead, the paper states that such data is "negatively defined".

"The TIA Act does not positively define what is data; only what is not data," it says. On Wednesday afternoon when pressed for a definition of metadata by Greens Senator Scott Ludlam, Attorney General George Brandis told parliament a "statutory definition" of metadata would be part of the legislation, meaning it would include technical specifications. The paper states it won't be the last word on what data is stored and says the proposed definitions are open for consultation. "We anticipate that this data set may be further refined during this consultation process." It reiterates the data is "vital to support law enforcement and security investigations".

"The declining availability of this information is degrading the ability of the commonwealth, state and territory governments to combat serious crime and protect public safety," it says. Fairfax Media asked NBN Co, the company building Australia's national broadband network, if it was involved with the discussions and if it would be subject to data retention. "NBN Co does and will abide by any relevant statutory or regulatory requirements," a company spokeswoman said. "Until the data retention policy is finalised, it wouldn't be appropriate for NBN Co … to discuss or speculate about proposed government policy." This is not the first time Canberra has sought to future-proof the Act. A similar paper distributed to telecommunications companies between 2009 and 2010 by the previous government explicitly included destination IP addresses in the data required to be stored.. A copy of the 2009-10 document was obtained under freedom of information but was highly redacted out of fear it could cause "premature, unnecessary debate".