Telstra contradicts Brandis on data retention

Contrary to the claims of Australia's Attorney-General George Brandis, telcos will be required to store information that they don't currently store as part of mandatory data-retention legislation, Telstra's chief information security officer Mike Burgess has said.
Written by Josh Taylor, Contributor

Australian telecommunications companies will be forced to store data they have not had any need to retain in the past, according to Telstra's chief information security officer Mike Burgess.

(Image: ParlView screenshot by Josh Taylor/ZDNet)

The Australian government is seeking to pass legislation this fortnight that will force Australian telecommunications companies to retain customer data -- such as call records, IP addresses, text message history, and billing information -- for two years for warrantless access by law-enforcement agencies.

The Labor opposition has agreed to pass the legislation, provided a set of amendments are made, including a new section requiring agencies to obtain a warrant if they are seeking to determine a source speaking to a journalist.

In announcing the new amendment on Tuesday, Brandis downplayed the impact of mandatory data retention, stating that the government is just seeking to ensure that data retained today is retained into the future.

"This law does not change the status quo. That is the first point to be made. Telecommunications companies have always retained this information, it has always been accessible to ASIO, to state and federal law-enforcement authorities without warrant. At its heart, all this legislation does is to mandate the continuation of the status quo," Brandis told the ABC.

However, this claim was contradicted not only by the legislation itself, but also by the telecommunications companies that will be retaining the data. Speaking at a Cisco Live panel on cybersecurity on Monday, Burgess said that Telstra will be required to retain data under the legislation that it has no need to -- and doesn't -- retain today.

"We're not saying 'give us the money because security is going to be an issue'. There is data required under this new law ... that we don't collect today, that we have no reason to collect today, and we will be collecting it," he said.

Telstra CEO David Thodey, along with the CEOs and top executives of Optus, Vodafone, iiNet, Macquarie Telecom, and others, signed a letter to Brandis and Communications Minister Malcolm Turnbull on Monday demanding that the government set out how much it is willing to contribute to the estimated AU$300 million cost to the industry to set up systems to retain the data.

To date, the government has yet to provide detail on how much it will pay for the telcos to retain the data.

On Wednesday, Burgess also reiterated his previous argument that mandatory data retention would create a goldmine for hackers by pooling 13 separate Telstra data systems into one location for the purposes of data retention, but he said that he is up for the task of ensuring that Telstra's systems are secure.

The legislation was debated in the House of Representatives on Tuesday night, ahead of amendments being made. Former Telstra employee and Labor MP Tim Watts said that the amendments made to the legislation as a result of the parliamentary committee investigating the legislation has greatly improved the privacy of the scheme.

"The final product is a Bill that, while certainly not perfect and certainly not developed in a way that Labor would have chosen had it been in government, addresses both the security priorities of Australia's law-enforcement and intelligence agencies, while also substantively increasing the safeguards and oversight of the use of metadata currently in place. We should be very clear: This Bill provides better protections of liberties of Australians in the collection and accessing of metadata than the status quo," he said.

Government Whip Andrew Nikolic argued that the legislation is "vital", and that only those who wish to harm Australians would gain from it being delayed. He said that journalists should also not be exempt from the scheme.

"My view is that we must not exempt categories of people from the law. Let's face it: Journalists are just as likely as to commit crimes as others -- lawyers, priests, and doctors -- who also engage in privileged private communications," he said.

Labor MP Alannah MacTiernan, who reportedly argued against the legislation in the Labor caucus, said that the government is only pushing the legislation through to help a prime minister ailing in the polls.

"I see this Bill as one of those unfortunate legacies of Tony Abbott as prime minister. This is a Bill that has been driven by this guy's need to try to ramp up his credentials, to try to get national security on the agenda," she said.

On Tuesday, the Senate also passed a motion ordering Brandis to table the Telecommunications (Interception and Access) Act report for the 2013-14 financial year by Thursday.

This report details how many times all government agencies -- except intelligence agencies -- requested telecommunications data in the financial year. It is generally tabled in November the following financial year, but has yet to be made public.

Josh Taylor travelled to Melbourne as a guest of Cisco.

Editorial standards