ISPs must keep some data under new law

ISPs must keep some data under new law

Summary: Australian telcos will soon be required to retain some customer traffic data under a new law proposed to allow Australia to accede to the Council of Europe Convention on Cybercrime.


Australian telcos will soon be required to retain customer traffic data under a new law proposed to allow Australia to accede to the Council of Europe Convention on Cybercrime.

The Council of Europe Convention on Cybercrime is a treaty designed to foster cooperation and common policy between nations for dealing with multi-national crimes committed on computer networks across the globe such as online fraud or child pornography offences. It has been in place since 2004; however, the Australian Government first flagged its intention to become a signatory to the treaty in May 2010, releasing a discussion paper on the convention in February 2011.

In its report handed down to Parliament yesterday (PDF), the joint committee on treaties said that privacy concerns raised about internet service providers (ISPs) being required to retain all email and communication information from customers under the convention were addressed as part of the Convention itself, and would be covered under Australian legislation.

"The Convention itself does ... contain guarantees for human rights protection and judicial review, and there is reason to be confident that these protections will be enforced: the framework of domestic law effected by Australia's accession to the Council of Europe Convention on Cybercrime provides robust privacy safeguards and accountability mechanisms," the report said.

According to the Attorney-General's Department, the convention will require ISPs to preserve email and other communication data for users that law enforcement agencies are investigating for criminal activities.

"In some cases that may be as small as one text message, in other cases it might be two months worth of emails. It'll differ depending on the case," Catherine Smith, assistant secretary in the telecommunications and surveillance law branch of the Attorney-General's Department, told a committee hearing in March.

The actions would be targeted, according to Smith, and ISPs would not be required to keep all data on all users under the convention, as had been suggested.

ISPs already keep data on users for various lengths of time; however, this would regulate under what circumstances and for how long they need to hold information in case law enforcement requires it.

The committee recommended that the government accede to the convention, but raised concerns over a lack of transparency from the government while it was investigating the treaty. The committee has subsequently recommended that the government report to the committee on any potential legislative changes that need to be made in order to accede to the convention.

According to the committee's report, the following pieces of Commonwealth legislation will need to be changed:

  • the Criminal Code Act 1995 will need to have computer offences expanded;
  • the Mutual Assistance in Criminal Matters Act 1987 and the Telecommunications (Interception and Access) Act 1979 will need to be changed to allow law enforcement to require ISPs preserve and collect traffic data and stored computer data at the request of another country; and
  • the Copyright Act 1968 will have to be expanded to cover extended jurisdiction obligations in the convention.

The Attorney-General's Department today told ZDNet Australia that these laws will be amended under the Cybercrime Convention Amendment Bill 2011, which the government is planning to introduce in the winter sittings of parliament.

Attorney-General Robert McClelland welcomed the findings of the report yesterday.

"This recommendation is an important step towards Australia acceding to the Convention, which will enhance international cooperation whilst providing Australian agencies with necessary tools to combat cybercrime," McClelland said in a statement.

"It criminalises certain types of conduct committed via computer networks and contains a series of powers and procedures such as the search of computer networks and interception."

Topics: Government, Government AU, Privacy, Security


Armed with a degree in Computer Science and a Masters in Journalism, Josh keeps a close eye on the telecommunications industry, the National Broadband Network, and all the goings on in government IT.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • I wonder how many Aussies use ISP provided email services? Gmail email wouldn't even appear to be email, particularly going through https.
  • Who cares about Australia acceding to some foreign convention? I believe the interests of foreign agencies must be behind that of the Australian government protecting the interests of their citizens.

    I read the Parliamentary report and it basically says "We looked at the concerns outlined and decided they weren't significant". In essence they have accepted the perceived benefits whilst dismissing the perceived problems it may cause. Of course, it's Joe Citizen who suffers as a result...
    Scott W-ef9ad
  • Logging encrypted streams is a waste of time. If I had a secret I wouldn't email it through my local ISP email service. Duh!
  • @Ptr: Well, using a keyword system like Echelon (is reputed to) wouldn't work for an encrypted stream. I'd wish them joy of storing and decrypting all the spam that is flowing.
  • If you've got nothing to hide, you've got nothing to worry about.

    The worst my inbox contains is probably some grubby joke emails and the occasional bit of spam. And I certainly don't use my ISP e-mail service, either.
    • 'techkid' your alias is a perfect example of inexperienced youth (not implying you are).

      If you've got nothing to hide then post your credit card details, name and address here, and leave your house unlocked tonight.
      Scott W-ef9ad
  • Seems this is more about criminalising copyright infringement (expanding the computer offences part of the Criminal Code Act and extending/expanding the Copyright Act 1968) more than anything else.

    If we keep adjusting our copyright laws (via "Free" trade agreements and similar junk) to "align with other jurisdictions" we'll end up with the worst of everything...
    • I agree its more about criminalising copyright infringement.
      Seems our government is more interested in pandering to the demands of big multinational media and movie corporations than respecting basic human rights of its own citizens. Makes you wonder what kickbacks are being paid to whom to get this through.
      It is like forcing the post office to open every letter sent to you, photocopying it and storing that photocopy. If that happened there would be a public revolt.
      For some reason, the public regard email differently and are totally apathetic about this government snooping.
      The other thing is, are the snoopers going to store these emails securely (I doubt it) or will they eventually find their way onto dodgy websites for all the identity thieves to use.
  • The Coverlook by Jay Lynn is the premiere photographer of Salt Lake City UT. We offer Wedding Photography, Family Portraits, Glamour Photography and even Senior Pictures!

    It is our mission to give our clients the best experience possible and by the end of the photo shoot, make every client feel like they are part of the Jay Lynn Family. All our photographers are highly experienced and are trained to capture our client's at their best during milestones and special occasions.