Metadata net will only get wider

Communications Alliance chief John Stanton has warned smaller telcos will struggle to implement the necessary infrastructure and procedures to comply with controversial data retention legislation.

Mr Stanton told a Melbourne metadata forum last night that the Communications Alliance, which represents telecommunications industry players like Telstra and Optus, was working with the government to define the data sets they will be forced to keep, which was not yet clear.

"There's a real risk around scope creep in the data retention,” he said.

"One of the things we're doing is taking the 13 most commonly offered communications services in Australia, and actually mapping out every element and data component that needs to be retained with each service.

"And this is important, because there are more than 400 service providers in Australia. Many of them are small businesses; more than 300 of them share 1 per cent of the market share."

He said it was a daunting prospect for bit players to take the time to work through the controversial legislation, and he was in contact with the government to help prescribe to smaller telcos exactly what data to keep, as well as providing them with an easy way to do so.

"We also guard against scope creep and stop there from being a broader set of information needed,” he said. "So hopefully the work we’re doing will help guard against that."

As ZDNet reported the Department of Immigration and Border Protection has been granted the power to access the telecommunications data of all Australians after the government quietly amended legislation it passed just two months ago.

The data retention legislation was passed earlier this year and means telecommunications providers and ISPs need to hold certain data including call logs and network logs for a minimum of two years.

Last night's forum coincided with the launch of the Melbourne Networked Society Institute, which was launched by Adem Somyurek, Minister for Small Business, Innovation and Trade.

The recent metadata case between Fairfax journalist Ben Grubb and Telstra was also raised. Mr Grubb had lodged an application with Telstra in order to obtain his call, text message and network logs, and then appealed to the Privacy Commissioner after Telstra refused to hand the information over.

Privacy Commissioner Timothy Pilgrim found that had Telstra breached the National Privacy Principles in deciding to prohibit Mr Grubb access to his telecommunications metadata. Mr Pilgrim's decision effectively means metadata can now be seen as personal information, which for legal purposes must be treated in accordance with the Australian Privacy Principles.

“The Privacy Commissioner has now extended our obligation by declaring all metadata is now personal,” Telstra CTO Vish Nandlall told forum attendees last night. "But how do you govern that? Obviously we're in some dispute about that, so we've made an appeal to clarify that obligation."

Mr Stanton said if a person wants access to their own metadata, they've got to be willing to contribute to cost recovery.

"Certainly the ruling in the recent case makes the definition of personal information much broader and that creates a lot of complexities and significantly adds to the costs and regulation. If that has to be provided by service providers free of charge, not only would that be enormously disruptive for the service provider, it would also be not of great value to recipients," he said.

For more on the ongoing data retention debate and implications see Technology Spectator's feature 'Telcos left holding the bag on data retention.'