Friday, 14 November 2014 18:42

Data retention: Divining the metadata of the Govt’s true intention Featured


Data retention is a hot topic, so much so that the Parliamentary Joint Committee on Human Rights has included several pages examining the proposed legislation in its fifteenth report of the 44th Parliament. Suggestions put forward are that TIA Amendment Data Retention bill invades privacy, doesn’t properly define data, goes too far and needs further amendment.

Page 10 to page 22 of The Parliamentary Joint Committee on Human Rights 79 page report (PDF here) is where you’ll find the Committee’s specific report on the Telecommunications (Interception and Access) Amendment (Data Retention) Bill 2014.

As you’d expect, the report looks at the purpose of the bill, which includes mandatory data retention of telecommunications data (and not actual content data, as well as the concept being reviewed by the Parliamentary Joint Committee on Intelligence and Security after three years, who has oversight and the number of agencies that would get access to the data.

Sadly, the Government is not obliged to adopt the recommendations, but the detailed report should make for sobering reading for any government member wishing to be re-elected by their constituencies in future elections.

The detailed report looks at the right to privacy in terms of Article 17 of the International Covenant on Civil and Political Rights, which ‘prohibits arbitrary or unlawful interferences with an individual’s privacy, family, correspondence or home’, but also at the ‘permissible limitations which are provided by law and are not arbitrary’.

We also get the previously announced detail on the types of metadata the Bill’s amendment wishes to retain for up to two years, and how the Bill ‘argues that the scheme’s limitation of the right to privacy is justified due to the ‘pressing social need’ for enforcement agencies to effectively prosecute crime’.

However, the report in section 1.34 notes that the categories of data (metadata) the bill proposes to retain ‘may provide significantly identifying details about an individual, and therefore may significantly limit an individual’s right to privacy’.

In section 1.35, the Committee notes its concern ‘that the types of data to be collected remain unspecified until such time as the relevant regulation is made’, and thus in section 1.36 recommends that, ‘to avoid the arbitrary interference with the right to privacy that would result from reliance on regulations, the bill be amended to define the types of data that are to be retained’, with section 1.36 calling for an ‘exposure draft of the regulation specifying the types of data to be retained for the purposes of the scheme’, which appears to be the Committee’s first slap at the Government for a bill that lacks the (programmatic?) specificity such a bill should have come with in the first place.

Indeed, in section 1.36, the Committee recommends that ‘the bill be amended to include an exclusive definition of ‘content’ for the purposes of the scheme’.

When we get to section 1.43, we can see the Committee raising concerns over the two-year data retention period, and requesting ‘the further advice of the Attorney-General as to whether the two year retention period is necessary and proportionate in pursuit of a legitimate objective’ - which seems clearly yet another slap in the Federal Government’s face.

As the term ‘data’ is undefined in the original TIA act, and because ‘of the significant developments in technology since the TIA Act was first passed, the Committee notes that ‘the types of data that can now be accessed without a warrant is considerably broader than was the case when the access provisions under the TIA Act were enacted’, among other observations.

In section 1.51, the Committee recommends the bill be amended ‘to avoid the disproportionate limitation on the right to privacy that would result from data that is disclosed for an authorised purpose being used for an unauthorised purposes’, so that accessed to retained data can be restricted on ‘defined objective grounds’ including ‘where it is ’necessary for investigations of specific serious crimes’ and ‘used only by the requesting agency for the purpose for which the request was made and for a defined period of time’.

Reading through this report, it is good to see that someone in Government has some common sense when it comes to taking privacy seriously, as it is so clearly being eroded by governments, corporations, advertising agencies, websites and other parties!

But wait, there’s more!

The TIA Amendment Data Retention Bill of 2014 currently has ‘no exceptions for the retention and accessing of data on persons whose communications are subject to obligations of professional secrecy, such as lawyers’ as stated in section 1.52.

Given the Attorney-General is a lawyer, you do have to wonder why the Attorney-General wasn’t consulted on precisely this part of the Bill himself before it ever came to be, so it comes as no surprise to see that in section 1.54, the Committee is requesting yet again ‘the advice of the Attorney General as to whether such data could, in any circumstances, impact on legal professional privilege, and if so, how this is proportionate with the right to privacy’.

Then we get to a whole section on oversight, with the Committee in section 1.59 recommending ‘a warrant approved by a court or independent administrative tribunal’ be granted first before access to retained data is made available, which again in my view seems like a no-brainer for a world where privacy is of the utmost importance, rather than the plaything of politicians seeking power at the expense of the hard fought and hard won rights to privacy that we in the modern western world take utterly for granted - even as it appears to be slipping through our fingers.

The clever committee then goes on in section 1.61 to recommend ‘the establishment of a mechanism to provide close prior oversight of the recommended warrant process for access to retained metadata under the scheme’, which in my mind simply begs the question as to why the Bill’s creators just didn’t think was necessary in the first place.

The Committee shows its deep commitment to privacy in section 1.74 where it recommends that individuals be ‘notified when their telecommunications data is subject to an application for authorisation for access or one it has been accessed noting that there may be circumstances where delayed notification would be appropriate, such as in the context of a serious crime’, and also ‘a process to allow individuals to challenge such access’ with the same caveat in the case of serious crime.

The privacy-minded and forward thinking should definitely take a look at the PDF report for themselves as it makes for fascinating reading while showing there are genuine efforts being made to ensure privacy is a concept retained by future generations, and not one that died a sad and lonely death in the early part of the 21st century.

Read 5831 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here


If you're looking at enabling Microsoft Teams for your contact centre, you should bookmark this webinar.

Marketing budgets are now focused on Webinars combined with Lead Generation.

Our panellists from Whangarei District Council (NZ) and Maurice Blackburn Lawyers (Aus) were closely involved in recent projects to enable Microsoft Teams for their own contact centres.

They have kindly agreed to join Enghouse and Microsoft to talk about some of the things they would recommend as most critical for IT and CX professionals planning a Teams Contact Centre migration.

Date: 11 May 2022
Time: 12pm AEST | 2pm NZST | 10am SGT

We look forward to having you join us. Please click the button below to register.



The past year has seen a meteoric rise in ransomware incidents worldwide.

Over the past 12 months, SonicWall Capture Labs threat researchers have diligently tracked the meteoric rise in cyberattacks, as well as trends and activity across all threat vectors, including:

Encrypted threats
IoT malware
Zero-day attacks and more

These exclusive findings are now available via the 2022 SonicWall Cyber Threat Report, which ensures SMBs, government agencies, enterprises and other organizations have the actionable threat intelligence needed to combat the rising tide of cybercrime.

Click the button below to get the report.



It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.


Alex Zaharov-Reutt

Alex Zaharov-Reutt is iTWire's Technology Editor is one of Australia’s best-known technology journalists and consumer tech experts, Alex has appeared in his capacity as technology expert on all of Australia’s free-to-air and pay TV networks on all the major news and current affairs programs, on commercial and public radio, and technology, lifestyle and reality TV shows. Visit Alex at Twitter here.

Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News