Communications Minister Malcolm Turnbull has today introduced controversial laws that would require telecommunication services to keep customer data for two years.
The bill, which serves as an amendment to the Telecommunications Interception and Access Act 1979 (interception act) and the Telecommunications Act 1997 (telecommunications act), will allow law enforcement and national security agencies to access two years’ worth of data without the need of a warrant.
Mr Turnbull said the metadata referred to in the scheme refers to “information about a communication but not its content”.
“In the IP world it reveals that a particular IP address, which may have been observed to have been engaged in some unlawful activity, had been at the relevant time allocated to a particular account. In the context of messaging—email, for example—it reveals the sender, recipient, time and date, but again not the content. Access to content, I stress, requires a warrant,”
The Minister said the misuse of technology by criminals highlighted the need for a longer period of data retention.
“Access to metadata plays a central role in almost every counter-terrorism, counterespionage, cybersecurity and organised crime investigation,” he said. “It is also used in almost all serious criminal investigations, including investigations into murder, serious sexual assaults, drug trafficking and kidnapping. The use of this kind of meta data, therefore, is not new.”
Mr Turnbull told parliament more telecommunication services were keeping records for shorter periods of time, thus affecting law enforcement and national security capabilities.
As an example, the Minister said the Australian Federal Police had been powerless in identifying 165 out of 463 potential suspects in a current child exploitation investigation due to internet providers not retaining IP address allocation records.
“These records are critical to link criminal activity online back to a real world human being,” Mr Turnbull said.
The Australian business community is eying the bill with caution, with privacy, cybercrime, and cost implications named as key areas of concern.
Of the 40 Australian organisations surveyed by global risk consulting firm, Protiviti, 64 per cent said they supported the legislation. However, 62 per cent of respondents said they believed longer data retention would increase data security risks in the form of more targeted hacking and cybercrime activity.
“The business community appreciates that national security risks are a legitimate focus for the government at present,” Mark Harrison, managing director of Protiviti, said in a press release.
“However they also feel that retaining customer ‘metadata’ can amount to a significant privacy incursion as it can reveal a great deal about a person’s movements, relationships and day to day lives.”