news The Federal Government’s data retention proposal was still largely incomplete and being internally evaluated as of late 2011, new documents released under Freedom of Information laws have shown, despite the fact that the controversial plan is several years old and has become part of a concrete package of reforms aimed at increasing surveillance powers.

Bear with this article; it will get a little complex at times ;) These are murky waters. But it’s worth sticking with it to understand what is going on here.

The proposal — known popularly as ‘OzLog’ — first came to light in June 2010, when the Federal Attorney-General’s Department confirmed it had been examining the European Directive on Data Retention (PDF) to consider whether it would be beneficial for Australia to adopt a similar regime. The directive requires telcos to record data such as the source, destination and timing of all Australian emails and telephone calls – even including internet telephony, meaning that it would be a relatively simple matter for Australian law enforcement agencies to gain access to a great deal of extremely detailed data regarding communications between Australians suspected of breaking laws.

Further details of the plan were revealed in October that year in a tense session of the Senate’s Environment and Communications References Committee, where Greens Senator and Communications Spokesperson Scott Ludlam was able to coax a group of nervous bureaucrats from the Attorney-General’s Department into discussing the proposal at length.

In early May, it was revealed that the data retention proposal would become part of a major new package of reforms which would deliver Australian law enforcement agencies a wide tranche of new and modernised surveillance and telecommunications interception powers. However, the Federal Government has never detailed what the proposal precisely entails, and the Greens and digital rights groups have described the proposal as representing an “unjustified paranoia” that all Australians are potential criminal suspects.

Since January, Delimiter has been seeking information on the proposal under Freedom of Information laws, specifically targeting information held by senior AGD bureaucrats such as Catherine Smith, assistant secretary of AGD’s Telecommunications and Surveillance Law Branch, and Wendy Kelly, director of the same branch.

In general, the department has consistently signalled that there was too much information on the issue of data retention as a whole to easily be able to respond to the wide-ranging FoI requests which Delimiter had filed, seeking to ascertain what the Government is actually proposing with the scheme. However, several weeks ago Delimiter was successful in retrieving the Government’s proposed response to a series of criticisms outlined by the Senate’s Environment and Communications References Committee, in a recent report the committee produced into the adequacy of protections for the privacy of Australians online.

That report, published last year, was strongly critical of the data retention idea.

It recommended that before any such scheme was initiated, the Government should undertake an extensive cost/benefit/risk analysis into it; justify the collection and retention of personal data by demonstrating the necessity of that data to law enforcement activities; quantify and justify the expense to ISPs of the data collection and storage; assure the nation that data retained under any such scheme will be subject to appropriate accountability and monitoring mechanisms; and consult with a range of stakeholders about it.

The Government has not yet published its response yet to that privacy inquiry, although documents released by the Attorney-General’s Department under FoI show that the Government’s response, being coordinated by the Department of Prime Minister Julia Gillard, was expected to be finalised by October 2011.

However, the FoI request has retrieved the response by the Attorney-General’s Department to the recommendations of the Senate report regarding data retention. You can download that response in full by clicking here (PDF).

According to the Department, at that stage (September 2011) it remained in “evaluation phase” with respect to data retention proposals, despite the fact that the issue had been being investigated for several years — and despite the fact that in May 2012, data retention would form a core part of a wide-ranging modernisation proposed to telecommunications interception legislation. The Department also noted that should these proposals advance, it would undertake a cost/benefit/risk analysis into the proposal, and would also assess the accountability and monitoring mechanisms contained within the current telecommunications interception legislation and their accountability to a data retention regime.

However, despite the fact that new data retention legislation is currently being proposed, the Attorney-General’s Department has not publicly detailed any such cost/benefit/risk analyses or assessments. They would have needed to have been carried out in the time between September 2011 and May 2012, when the legislative reforms were proposed.

Secondly, the Department noted that it had not made any decision as to “a public consultation process or details of any future data retention proposal”. If a data retention proposal was “sufficiently developed”, the Department noted, it would undertake “broad consultation” with a range of stakeholders, including “the broader community”. At that stage, the Department was already consulting with “industry” — believed to mean Internet service providers — to seek their views on the impacts of such a proposal.

The Department wrote that — as eventuated in May this year — the concept of data retention was being progressed as part of a wide-ranging package of telecommunications interception reforms. “It is intended that options for data retention regime will be put forward in the public discussion paper produced as part of the reform process,” the Department wrote in September 2011. However, no public discussion paper has been published by the Attorney-General’s Department into the matter — and neither has the final proposed form of the data retention proposal.

In May, when the Attorney-General’s Department signalled its intention for a wide-ranging package of telecommunications surveillance reforms, Attorney-General Nicola Roxon said that the “potential” reforms would be examined by the Parliamentary Joint Committee on Intelligence and Security through public hearings, noting that this was “the beginning of the process”, and that the Government was seeking “diverse views” before determining which legislative reforms it would pursue.

That Committee has broadly consented to examining the matter. However, it has also already reportedly knocked back the terms of reference which the Government has given it.

opinion/analysis

OK, let’s sum up for those that got lost during this article.

The Government, specifically, the Attorney-General’s Department, wants Australian ISPs to keep records on all phone calls made and all emails sent in Australia, for law enforcement purposes. Despite the fact that this proposal has been floating around for years, as recently as September 2011, that proposal was still being evaluated, with significant work needing to be undertaken, including a cost/benefit/risk analysis before it could be finalised. Just seven months later, the data retention proposal was introduced as part of a package of wide-ranging reforms to law enforcement surveillance powers.

However, the final form of that proposal has never been published, no public consultation has been undertaken into it, no cost/benefit/risk analysis has been published into it, despite the Attorney-General’s Department stating that it would do one, and the Federal Government has delayed for six months its response to a Senate Committee report strongly criticising the idea of data retention as a whole. In addition, the only reason we know about any of this is because the basics of the proposal were leaked in June 2010, because several bureaucrats were hauled before a Senate Committee by Greens Senator Scott Ludlam a few months later, and because of Freedom of Information requests like this one.

Sound fishy to you? Sounds fishy to me. If you care at all about Australians’ right to privacy and the presumption of innocence, I recommend that you write to your MP, requesting that:

The data retention proposal as currently proposed be made public

There be a public consultation into it

Any costs/benefit/risk analysis into it be made public

The Government publish its response to the Senate Environment and Communications References Committee’s report into the adequacy of protections for the privacy of Australians online

If Australia doesn’t get more information about this proposal soon, it is very likely, given the Coalition’s regular support for the Government on matters of law enforcement, that we will all soon be having all of our phone calls and emails logged, without our consent, without our knowledge and without any semblance of transparency. Welcome to 1984, redux.