Mandatory data retention scheme inches closer to reality

A controversial mandatory data retention regime in Australia has inched closer to reality, with the Prime Minister’s National Security Committee (NSC) reportedly signing off on laws that will compel telcos and internet service providers to keep customer data for two years.

According to The Daily Telegraph, the NSC approval comes after a marathon meeting yesterday and the Coalition government will take a bill to the parliament later this year, pending another meeting with the NSC.

However, the Daily Telegraph reports that Attorney-General George Brandis and Communications Minister Malcolm Turnbull will pursue an interim data retention measure, which could to be introduced as early as next month.

The prospect of mandatory data retention has been sternly opposed by the telecommunications sector, with internet service provider iiNet saying last week that the government’s proposed scheme could see consumers slugged with an extra $100 a year as service providers pass on the cost of compliance to their customers.

The $100 figure was revealed by the listed ISP’s chief regulatory officer Steve Dalby, who told a Senate committee hearing into telecoms law reform last week that mandatory data retention regimes turn commercial companies like iiNet into "unwilling agents of the state".

The latest cost estimate is significantly higher than the $60-a-year figure put forward by iiNet in 2012. According to Mr Dalby, the price projection takes into account the increased volume of data that ISPs will have to collect, duplicate and store under the proposed retention regime.

He added that the federal government should not only provide a clear definition of what it means by metadata but also take responsibility for the storage and protection of the data held as part of its proposed regime.



Defining just what is and isn’t metadata is fundamental to the scheme. Not only does it have an impact on the cost of compliance for ISPs but, more importantly, it sets the boundaries of intrusion on the privacy of citizens.

The metadata being proposed for retention pertains to information contained in the signalling used to connect phone calls, resolve web queries, send email and engage in other online activities. It would include items like date and time stamps, location, phone numbers, IP addresses and email addresses.

While the government argues warrants are not required as metadata doesn't include content, critics of the scheme have consistently pointed out that telephony metadata reveals a lot more than what the security agencies contend.