Data retention could send small ISPs to the wall, warns Internet Australia

Systems implementation and the ongoing costs for internet service providers (ISPs) to comply with Australia's data-retention laws may send smaller ISPs broke, the self-described peak body for Australian internet users has said.

Under the data-retention laws passed in March, all customer call records, location information, IP addresses, billing information, and other data will be stored for two years, accessible without a warrant by law-enforcement agencies.

The laws are due to come into effect from October 13, after the Labor party voted with the government to pass the legislation.

As part of this year's federal Budget, AU$131 million was set aside to help fund the costs of creating and maintaining systems to store all Australians' telecommunications data. However, that amount is expected to cover only between one-third and 50 percent of the actual estimated cost.

Over the weekend, Internet Australia called for "urgent clarification" of the government's funding arrangements.

"[There is a] very real prospect of ISPs going out of business if they are not adequately reimbursed for the costs of implementation and the ongoing operating costs incurred in complying with this questionable law," said Internet Australia CEO Laurie Patton.

"There is a risk that some, perhaps many, of the smaller ISPs will simply go out of business as a result of this new law. This is especially unfortunate for rural internet consumers who rely on local ISPs because they offer a specialised and personalised service.

"At the very least, the government needs to commit to funding the costs incurred by ISPs if it insists on retaining this onerous law."

In June, an industry event to discuss implementation details of the data-retention scheme produced confusion and anger towards the Attorney-General's Department (AGD), which is responsible for approving and overseeing the telecommunication companies' implementations.

At the time, the telcos were only six weeks away from a deadline to submit their plans to the AGD for approval, yet the guidelines were still in flux.

"We seem to be bullied and pushed down a specific path with the dates and the time frames that are being thrown at us," Skeeve Stevens from Eintellego Networks said. "There is such a mess, and so many unanswered questions, and [AGD] needs what I am going to do in six weeks? Get serious, people, this is just ridiculous."

During the event, it was clarified that any Australian carrier or carriage service provider that offers on-shore DNS to its customers would be required to store the metadata of the DNS requests.

Speaking to the ABC on Friday, Communications Alliance CEO John Stanton said that with telcos at various states of readiness to comply with the data-retention laws, the AGD would not be looking to apply penalties in the short term.

"We've had some encouraging feedback from the Attorney-General's Department, they say that their focus in that period immediately after October 13 will be on collaboration and encouragement, and on helping companies to get to a state of compliance or to complete their implementation plans," Stanton said.

"So I'm reasonably confident we won't see anyone dragged into enforcement procedures, at least in the early stages."