Data-retention laws to contain statutory metadata specification

Data-retention laws to contain statutory metadata specification

Summary: Attorney-General George Brandis has said that there is no definition of 'metadata', but a 'statutory specification' of metadata will be included in mandatory data-retention legislation to be introduced in this sitting period of parliament.


While there is no set definition of metadata that telecommunications will be required to retain under legislation due to be introduced in the current sitting of the Australian parliament, the legislation will have a "statutory specification" of metadata, according to Attorney-General George Brandis.

(Image: Screenshot by Josh Taylor/ZDNet)

Following the government's early mishandling of its announced plans to require telecommunications companies to retain customer data for two years for warrantless access in law enforcement investigations, late last week, a confidential policy paper was issued to the telecommunications companies in a bid to detail exactly what sort of data they would be required to retain.

The document, leaked to Fairfax Media today, explains that the companies would be required to retain customer details including name, address, registered devices, identification used on the account, billing details, and even the "available bandwidth" and "upload and/or download volumes" on a user's broadband service.

A spokesperson for the attorney-general has not responded to requests for comment on why such data would be required to be retained, or whether the policy document will be officially released. However, in parliament today, Brandis confirmed that the department is in discussion with the telecommunications companies, and said that legislation for mandatory data retention would be introduced in the current sitting period of parliament.

"It is the intention of the government to legislate in this regard later in this sitting," he said.

When pressed by Greens Senator Scott Ludlam to provide a definition on the exact data required to be retained, Brandis said that there is no definition of metadata.

"This is a term that does not have a precise definition. It is a description rather than a definition," he said. "The essential concept is that metadata is information about the communication, not the content or the substance of the communication.

"The specific definition, which will be a statutory definition — the technical specification will be included in the legislation."

Ludlam also asked Brandis to table a week's worth of his own metadata into the parliament; however, Brandis said he would only comply with his legal obligations.

ZDNet has sought access to Brandis' metadata in his time as attorney-general under Freedom of Information. However, a decision on access to that metadata has been delayed 30 days from yesterday, while the Attorney-General's Department consults with third parties that have "personal information" contained in the metadata.

Topics: Privacy, Government, Government AU, Australia


Armed with a degree in Computer Science and a Masters in Journalism, Josh keeps a close eye on the telecommunications industry, the National Broadband Network, and all the goings on in government IT.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Data retention?

    What are they going to do with all this data? Getting ready for the New world order are we?
  • PII data is Metadata? Megadata is more accurate.

    It seems on mans metadata is another mans PII.

    That's the good thing about being a lawyer, a term is whatever you define it to be. You don't have to be logical or consistent.
    "We are only interested in harmless Metadata (*1)"
    Notes: (*1) All/any data we are interested in, including sensitive PII data, is now called Metadata."