In each case, it was rather decisions taken to not commence, or to cease, close surveillance of these individuals that arguably contributed to the failures of law-enforcement and intelligence agencies to prevent each attack. That's not to criticise with the benefit of hindsight – I'm sure in each case the relevant decision was entirely logical and taken based on a number of factors, presumably largely due to the need to prioritise the application of finite resources. It's also important to remember that each country involved – the US, Britain, France and Australia – all currently provide access to metadata. In Australia's case, this is not yet of course retained on a mandatory basis, but the latest figures from the Attorney-General's own department show that there were over 300,000 requests processed in the year to June 2013, excluding requests from ASIO, which are not reported on (the figures published by the ACMA, which are counted slightly differently, total almost double that amount). There is therefore no shortage of metadata currently available to Australian authorities. The three other countries currently have mandatory regimes. Research from Germany has shown that their mandatory data retention regime increased crime clearance rates by only 0.006 per cent, which is so statistically insignificant that it should probably be expressed simply as "zero". Similarly, in the US, the Privacy and Civil Liberties Oversight Board studied the impact of the National Security Agency's data retention activities and found that there is little evidence that the metadata program has made the US safer. So, the Attorney-General is going to have to try a lot harder if he is to make a compelling case that the mass invasion of privacy and subversion of the presumption of innocence that is inherent in any indiscriminate data retention scheme is both necessary and proportionate.

He also asserts that the "bill does not propose any additional powers for national ­security agencies. It requires telecommunications companies to retain information they have routinely kept but which they might not keep in future." It is clear that while the data set remains to be finalised (despite the Attorney-General's Department having been working on this issue for at least six years), its scope is significantly broader than what many internet providers currently retain. The statement is therefore demonstrably untrue. Steve Dalby, iiNet's chief regulatory officer, has made this point clear on a number of occasions. The reality is that iiNet, and other providers, do not currently store much of the vast range of data points that are included in the government's draft data set, because – consistent with the Australian Privacy Principles – they have no business reason to do so. Apart from anything else, this raises some significant competitive issues, and is likely to ensure that this legislation will lead to higher internet costs for Australian businesses and consumers if the government decides not to fully fund the implementation and operational costs, or an increased burden on taxpayers if they do. Or possibly both. The biggest concern with the data set, however, is that the government wants to leave it out of the legislation altogether. This is presumably because it's not finalised yet but primarily because defining it by regulation provides the greatest flexibility for the data set to evolve. By flexibility, I mean, without proper parliamentary scrutiny, and by evolve, of course, I mean expand. History tells us only too clearly that programs such as this almost inevitably increase in scope, often very quickly.