Critics of the mandatory data retention proposal say consumers will end up paying for it. Credit:Mayu Kanamori Australian Consumer Communications Action Network CEO Teresa Corbin said mandatory data retention was ''likely to impose a significant cost to consumers, with unproven benefits to law enforcement''. ''We're concerned about the lack of oversight on how this scheme might operate and there are also significant privacy concerns,'' she said. Telecommunications companies say ASIO and other government agencies should pay for any scheme to ease concerns about excessive requests for customer data.

Critics of the mandatory data retention proposal say consumers will end up paying for it. Credit:Pawel Kopczynski Visiting former National Security Agency executive Thomas Drake warned Australia against introducing compulsory data retention, saying the benefits to security agencies were outweighed by privacy concerns. Mr Dalby told a Senate inquiry on Tuesday that a confidential briefing paper from the Attorney-General's Department had indicated a broad definition of ''metadata'' that extended beyond telephone records to internet access, email and internet telephony. Up to $100 a year could be passed on to internet users in Australia if George Brandis' mooted compulsory data-retention scheme is adopted. Credit:Glenn Hunt Metadata can include the time, location, sender and receiver, and some have argued it could also include URLs and IP addresses.

Mr Dalby said it was difficult to estimate what compulsory data retention would cost without clarification from the government on what it considers metadata. ''iiNet does not agree that it should accept the role proposed by those calling for an onerous data retention regime,'' he said. ''If we are ultimately compelled by law to collect such data, the government must be responsible for its storage and protection,'' Mr Dalby said. ''iiNet has no use for surveillance data, so there is no commercial driver to collect a massive volume of data, indexed to individuals, that we'll never use.'' ASIO chief David Irvine told the inquiry last week that increased data retention powers were needed to tackle terrorism and that ''the public should not be concerned that there's going to be gross misuse'' of them. ''For the life of me I cannot understand why it is correct for all your privacy to be invaded for a commercial purpose, and not for me to do so to save your life,'' he said.

Mr Irvine said the actual content of communications - for example the text of emails - would continue to be accessible only by a warrant. Former NSA chief legal adviser Stewart Baker told the Senate inquiry on Tuesday that ''an unholy alliance of business and privacy activists'' was preventing authorities from combating terrorism. Mr Baker said there should not be limits on what data is collected but there should be limits on how authorities access and use it. Liberal senator Ian MacDonald said he would ''rather be alive and lack privacy than dead with my privacy intact''. Thomas Drake, who was indicted by the Obama administration for leaking information about the NSA, told Fairfax Media he was concerned telcos holding vast amounts of data about customers would be targeted by hackers.

''Metadata is extremely rich information - it can give you an index on a person's entire life,'' he said. ''This would let the government off the hook by forcing the telcos to hold on to the data.'' John Stanton, CEO of peak telecom body the Communications Alliance, said many telecommunications companies lacked the expertise to deal with complicated surveillance requests. ''It's not just the shifting of costs that we're worried about, but also obligations to service providers who at the end of the day are not police and can sometimes struggle to deal with requests if they're required to process issues in which frankly they're not trained,'' he said. He said security agencies should bear the cost of companies storing any additional data or storing data for longer than they already would.