Government considers greater access to your data

Way back in 2012 – four governments ago – Attorney General Nicola Roxon proposed that Internet Service Providers (ISPs) be required to retain some of their users’ communications data. The reason? To fight organised crime and terrorism. Not for lawyers and courts when people sue each other, surely? Well, not then. But the government’s thinking about it now.

Who could object to fighting crime and terrorism? The grinding wheels in the great sausage factory on the hill in Canberra started turning. Slowly. Two governments later the legislation was ready and on 13 October 2015 the mandatory data retention scheme commenced. The main features were:

  • the data could only be accessed in “serious criminal and national security investigations” by government “law enforcement and security agencies”.
  • the data is not the content of the communications, but the identities of the people and devices having the communication, along with the duration in the case of phone calls and includes IP addresses and phone numbers.

So, it’s all about axe murders and drug cartels and terrorists then, eh? But once the information is there, it looks wonderfully tempting. Why shouldn’t it be used in other court cases? I mean, apart from the various governments promising that this would never happen.

In a wonderfully obtuse announcement made four days before Christmas, the Attorney General’s Department announced that a parliamentary committee considers it “inappropriate for data retained under the scheme to be drawn on as … evidence in civil proceedings”, but worries about “the potential for unintended consequences”. So the committee asked AGs to “review” the prohibition on use of the retained data in civil cases. You know, the kind of thing when A sues B for damages.

The upshot, if I’ve managed to wade through the confusing prose correctly, is that a new law is already set to take effect on 13 April this year which will introduce this prohibition, but at the same time include “a regulation making power to enable appropriate exceptions to be made”.

Regulations are made by the bureaucracy, not by Parliament.

A review is continuing into the arrangement and computer privacy group Electronic Frontiers Australia is worried. It’s calling on Australians to make their own submissions to the review. Originally the period for submissions was set to close on 13 January, but perhaps a bit of shame set it and it has now been extended to 27 January.

If you’re interested in privacy matters, you might want to get involved. You can email your submission to CommunicationsSecurity@ag.gov.au or post it to:

Retained data in civil proceedings consultation
Communications Security Branch
Attorney-General’s Department
3-5 National Circuit
BARTON ACT 2600