The Parliamentary Joint Committee on Intelligence and Security is currently conducting an inquiry into reforms to Australia’s interception and security legislation.
The inquiry relates to the Telecommunications (Interception and Access) Act 1979; Telecommunications Act 1997; Australian Security Intelligence Organisation Act 1979; and Intelligence Services Act 2001 and began in July this year.
One of the most contentious aspects of the terms of reference include "tailored data retention periods for up to two years for parts of a data set, with specific timeframes taking into account agency priorities and privacy and cost impacts".
Below, Computerworld Australia presents a selection of concerns about the proposals raised during the inquiry.
John Stanton, CEO, Communications Alliance: “We certainly believe that carriers should not be required to create or hold data that they would not otherwise be creating or holding for commercial purposes. And, so far as data retention is concerned, we believe that any move down the track of additional data retention requirements should be based on full cost-recovery from government, just as is occurring today in the UK.”
We just do not see any adequate justification in the proposal as it is put before us now
Chris Althaus, CEO, AMTA: “This discussion on data retention has been going on for some time. To the department's credit and the agency's credit it has taken a range of twists and turns and we have always had a full and frank discussion about it. However, it has tended to be a discussion on the agency's terms.”
Althaus: “Just blindly following Europe, where there have been substantial critiques of this approach, is not something we support.”
Electronic Frontiers Australia
Andrew Pam, board member: “…similar data retention requirements in Europe are now being challenged on constitutional grounds and a number of countries because they are really very difficult to effectively address. We just do not see any adequate justification in the proposal as it is put before us now. It is not that it may not be possible to justify, but no evidence of any serious justification has as yet been put forward.”
Pam: “The longer the system exists, if it exists for a period of decades, then over that time it is a near certainty that there will be some abuses of the system. And then you have to weigh up the consequences of those abuses against the potential good that has come out of having the system in place. It is sometimes a difficult judgement to make, but history has shown that there are known negative consequences of introducing these systems.”
Pam: “It can be corrosive to a democracy when the view of the public is that they are living in a surveillance state.”
Steve Dalby, chief regulatory officer: “The estimated cost for us would be about $20 million for the IT equipment and about $10 million for the building itself to meet the current traffic levels operating over our network … If we take that cost and determine what it will cost our customers when we pass it through, we are assuming an increase in the cost of a service – any one of our services – of about $5 per month.”
Dalby: “I could not imagine that only one portion of telecommunications services would be covered by such proposed data retention leaving the rest empty, because that would leave an open house for anybody who wants to bypass those things that are being retained.”
Dalby: “To suggest that we want the IP addresses but not the content is not true because you cannot have that cake and eat it too.”
John Lindsay, chief technology officer: “I would also note that that data is a very tasty prize and that the approaches from commercial organisations to gain access to that data stream are very lucrative.”