Data retention: the case against

Several companies and organisations have now appeared at four public hearings into intelligence and security reform proposals.

Macquarie Telecom

Matthew Healy, national executive, industry and policy: “The easiest example [of what data we keep] would be a mobile phone record where we keep the details of the number that was called, who was called and [what] the duration of the call [was]. That is billing information. That is how we bill. We would keep that for more than two years and, in some circumstances, over seven years.”

It seemed to us to be a bit unusual that there was no draft legislation at this point. We asked whether we would expect to have that. The answer was, ‘Yes, we would expect that in due course’

Christopher Zull, Macquarie Telecom

Christopher Zull, senior manager, industry and policy: “The government has had a convergence review. We are still looking at the blurring lines between telecommunications and broadcasting and other forms of digital interaction. We think it is just an arbitrary way of carving that out.”

Zull: “It seemed to us to be a bit unusual that there was no draft legislation at this point. We asked whether we would expect to have that. The answer was, ‘Yes, we would expect that in due course’.”

Office of the Victorian Privacy Commissioner

Anthony Bendall, acting privacy commissioner: “I am not expressing that it is impossible that that might happen, but at this point of the discussion paper there has not been enough evidence given that either of these types of proposals are necessary for the purposes that have been set out or that the way they are proposed is the least intrusive and most protective that it could be.”

Bendall: “ impression is that it turns on its head the premise that underlies privacy legislation and the whole concept of privacy that you only collect and retain information that is necessary and that you only do that in the least intrusive way.”

Bendall: “It assumes that everybody's privacy should be invaded to the extent that that retention happens, on the off-chance, and even if it turns out that it is useful, it would be useful in a tiny proportion of cases.”


James Shaw, director, government relations: “What we know is it would cost several million dollars just to scope out the cost of preparing the data sets for the agencies under a data retention proposal.”

Shaw: “…agencies themselves will face significant costs in that they will have costs of accessing that data and then manipulating and investigating it in a way that makes it usable for them and also their own destruction costs at the end of the process.”

Shaw: “In terms of putting a firm proposal – and that would involve looking at the costs as well as the technology side – we think that it would take at least a year, and then the implementation of the scheme would be rolled out over the years from that point in time when there was a decision about what the final form would be.”

Darren Kane, director, corporate security and investigations: “The issue with this is that it is such a moving feast that there could not be agreement from the departments around the datasets. Each time a dataset was agreed upon [in Attorney-General’s Department talks], the complexity and the evolution of the network meant that that was expanded upon or contracted. The issue over many years has been exactly what datasets the departments and the agencies require from the industry.”

Kane: “…there are organised criminal gangs that are not using our services. I have made a note here that Telstra is probably a victim of our own success in relation to this. As I said, we have a long history of support for law-enforcement and national security agencies and as a result they know the quality of the reporting we are able to deliver and expert testimony in court. Common sense says they probably would not use our services.”

Kane: “The simple evolution of technology would mean that we could not capture or provide any metadata or any content around something like Gmail, because it is Google-owned, it is offshore and it is over the top on our network. The real value of what we might have in our data retention scheme would be greatly diminished as soon as the good, organised criminals and potential terrorist cells knew that we were not capturing that data.”

Shaw: “Regrettably, not all the intelligence rests on the good side of the equation. There are some smart people out there who want to do bad things and they will, invariably, find ways to utilise technology for their benefit.”


Matthew Lobb, general manager, industry strategy and public policy: “First, it would be very expensive to set it up and, second, it would start to become quite problematic information for us to be able to protect and store. So, from a principles point of view, what we would suggest is that we look at what is the minimum useful new storage requirement that emulates the current call storage arrangement. That might simplify resolving this issue.”

Follow Stephanie McDonald on Twitter: @stephmcdonald0

Follow Computerworld Australia on Twitter: @ComputerworldAU

Join the newsletter!

Error: Please check your email address.
Show Comments

Market Place