AGD team behind data retention collects gong for 'exceptional quality'

For implementing a policy that is without a breach-notification scheme, or potentially a working implementation despite it being in force, the Attorney-General's Department has awarded the team behind Australia's data-retention scheme.
Written by Chris Duckett, Contributor

The Telecommunications Data Retention Team inside of the Attorney-General's Department (AGD) has collected one of four secretary awards handed out by the department in August last year.

In speaking notes released in response to Senate Estimates Questions on Notice, AGD Secretary Chris Moraitis said the team had delivered a fundamental and giant leap in the telco industry, and worked to prepare legislation in extraordinary timeframes.

Throughout the creation of the legislation that prescribed Australia's data-retention scheme, the government was often criticised for rushing the process.

"They delivered a product of exceptional quality under extreme pressure," Moraitis said in August in a speech first spotted by Crikey. "The team were a credit to themselves and this department, and a true demonstration of both teamwork and AGD's ability to deliver ground-breaking reform in testing circumstances."

Moraitis said the team had encountered policy obstacles that had to be "experienced to be believed".

In other answers posted today, the department said it had received 232 applications to extend the time needed to implement a data-retention scheme.

"As at 30 October 2015, the department had received 232 applications, including Data Retention Implementation Plans and/or Data Retention Exemption/Variation applications," the department said.

"Not all service providers who have submitted a Data Retention Implementation Plan or Data Retention Exemption/Variation application have requested additional time to comply."

"For example, some service providers are already compliant with their data-retention obligations and submit a Data Retention Implementation Plan to seek the Communications Access Co-ordinator's endorsement of their compliance."

In October last year, Telstra said it is possibly the only Australian telco with an approved data-retention implementation plan, but that it would take 18 months to be built.

At the time, former iiNet CTO John Lindsay downplayed the data-retention Act coming into force.

"Data retention actually started months ago," he said on Twitter. "All that starts this week is the obligation to back it up securely."

AGD also revealed today that its AU$128m data-retention grants program would begin paying telcos in the second quarter of 2016.

Under the grants program, telecommunications companies are able to apply to cover some of the costs caused by upfront compliance with Australia's data-retention legislation, which dictates that telcos store customer call records, location information, IP addresses, billing information, and other data for two years for warrantless access by law-enforcement agencies.

The department was also unable to nail down the number of carriage service providers operating in the country.

"The Australian Bureau of Statistics reports that 419 internet service providers were operating in Australia in June 2013," it said. "The Australian Communications and Media Authority recorded that 236 carrier licences were active in Australia as at 6 November 2015.

"Many licensed carriers also operate as internet service providers, meaning that these figures may overlap."

Last month, under a Freedom of Information request, the department disclosed the names of 57 agencies seeking to gain access to telecommunications metadata stored on Australian residents without a warrant.

The names of four agencies were redacted, with the department saying that disclosing the names of these agencies would be contrary to the public interest.

Editorial standards