Government contradicts on data retention: iiNet

Government contradicts on data retention: iiNet

Summary: iiNet's chief regulatory officer Steve Dalby has called on the Australian government to clearly state what data it is considering forcing telecommunications companies to retain, claiming confidential briefing documents contradict what the government is telling the public.

SHARE:

iiNet's chief regulatory officer Steve Dalby has said that the Attorney-General's Department's confidential briefing on the data telcos would be required to retain under law enforcement proposals is far wider than that being explained to the public.

Last week, the head of the Australian Security Intelligence Organisation, David Irvine, told the parliamentary committee investigating telecommunications interception and access legislation that a controversial proposal supported by ASIO to require telecommunications companies to retain customer data for up to two years for law enforcement investigation was similar to the call record and billing data already stored by telcos for customer records today, and not more.

But Dalby today contradicted Irvine's statement, telling the committee in Sydney that the Attorney-General's department has asked for much more than what he says the government refers to as "just metadata".

He said if it was just limited to call records "we can probably pack up today and we won't speak again", but said that confidential documents provided to the industry by the Attorney-General's department highlight a much more expansive collection of data required.

"This broader data set has been described as consistent with that adopted in the European Data Retention Directive and is the data necessary to trace and identify the source and destination of communications (including unsuccessful or un-tariffed communications) on fixed network and mobile network telephony as well as Internet access, Internet email and Internet telephony," he said in iiNet's submission (PDF).

"It is further described as necessary for agencies to have access to the data to 'reveal the daily habits of targets to enable targeted surveillance.' We were also told that the additional data collection results from '… the use of new technologies, such as Voice over Internet Protocol (VoIP) and encryption, increases among agency targets.'"

He said the government had an inconsistent and contradictory message about the data it is considering forcing ISPs to retain, creating uncertainty for the telecommunications industry.

"A definitive statement outlining the government's requirements would reduce uncertainty," he told the committee.

Under the confidential definition, Dalby said he has revised his original estimation of AU$60 million per year to retain the data up to $100 million per year for the first two years, and increasing after that as more data is collected.

He said iiNet would also need to hire someone to strip out petabytes of content from the metadata collected every day.

"If the suggestion that content is not required, someone will be required to process the metadata that is collected to ensure content is stripped out," he said.

"You will need super computers to strip out that data."

iiNet would only collect data on "inoffensive Australian citizens" when required to by law, but it must be up to the government to store the data.

"Law enforcement is the responsibility of governments. They carry the costs of such work, on behalf of the population. It is inappropriate to impose costs and obligations on unwilling commercial entities in order to create an intrusive police state," he said.

"A regime obsessed with surveillance of the general population, and the compilation of digital dossiers on every citizen, including children and the innocent, is incongruous in Australia. In the event that a police state is established, we accept we will have no option. In the meantime, we find it 'off brand' for iiNet and in conflict with our corporate values."

iiNet's view that it should be the government's responsibility to store the data is in contrast with ASIO's, with Irvine stating last week that telcos retaining responsibility for storing the data would ensure it wouldn't evolve into a "Big Brother" type regime of government data collection similar to that operating in the United States by the NSA.

"We're not seeking a Big Brother arrangement where the government itself stores all that data. We want the companies to keep that data. The problem is that as technology advances, the companies don't have the commercial need to keep that data as they once did," he said last week.

Communications Alliance CEO John Stanton said that it would cost the industry upwards of AU$500 million to implement a mandatory data retention regime, and it would have to be stored externally to protect the data.

"We'd have to duplicate the data because this data comes from a multitude of IT systems within carriers, aggregated, and then we'd have to store it," he said.

"I'm sure there's a vacant suburb somewhere where we can build a datacentre," Australian Mobile Telecommunications Association CEO Chris Althaus said.

Stanton said it would be easy for a large company like Telstra to build a way to meet the requirements for mandatory data retention, but smaller telcos would struggle.

"If you go down to the smallest of players, you've got a simpler task, but you've got the situation where they may end up doing this manually," he said.

He suggested that individual agencies that make data access requests to agencies be required to pay for it, to ensure that it is not over used in a tight budgetary environment."

Liberal Senator Ian Macdonald told the executives providing evidence at the committee that he often didn't understand what they were talking about.

"When I log on to my cloud, I don't quite know what it means, but I thought it was something in heaven," he said.

Topics: Telcos, Government, Government AU, Privacy, Australia

About

Armed with a degree in Computer Science and a Masters in Journalism, Josh keeps a close eye on the telecommunications industry, the National Broadband Network, and all the goings on in government IT.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

4 comments
Log in or register to join the discussion
  • Data Retention

    The ISP / RSP can keep those data on their end, but extracting those meta data should be done by a data centre which will be funded and run by the Government. I agree to the point that smaller ISP/RSP will suffer if they will be required to strip out the metadata and it will be expensive.
    Alexmartin11
    • Not workable

      To send the raw data outside the ISP will have two effects:
      1) the volume of data will be orders of magnitude greater, vastly increasing the costs of transmission and storage
      2) the government is then being supplied with *complete*, not meta data. Why would they then strip it down if they suddenly had access to every tiny detailed bit of data being sent by every Australian? They would just say they were, without actually doing it.

      Sorry, your suggestion is beyond flawed.
      TrevorX
  • Still Relevant

    "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." (Ben Franklin 1755, Reply to the Governor)

    Enough said.
    Draxlx
  • VPN

    Amen to the Swiss VPN & Email - that's all I can say!
    matdodgson