New Data Retention bill exposes Australians to risk of improper access and use of personal data without their permission or even knowledge

Proposed new data retention laws create significant risks that private information of Australians will be unlawfully accessed and misused, said the Human Rights Law Centre in a submission to the Senate inquiry into the draft legislation.

“The government is trying to force telecommunications companies to indiscriminately stockpile huge amounts of private data of people who have done nothing wrong, just in case it might need it down the track,” said HRLC Executive Director Hugh de Kretser. “This creates significant privacy risks around unlawful access and misuse. The risks outweigh the potential benefits. The bill shouldn’t be passed.”

The proposed changes in the Telecommunications (Interception and Access) Amendment (Data Retention) Bill 2014 (Cth) would require telecommunications providers to collect and retain certain “metadata” for a period of two years. Metadata is information about a communication, such as the name, address and contact details of customers, the phone, email or other source from which a communication was made and received, and the date, time and duration of a communication, but not the content of the communication.

Under existing legislation, no warrant or other independent approval process is needed for law enforcement bodies to access or use stored metadata.

“Agencies can effectively ‘self-authorise’ their own access to individuals’ metadata,” said Mr de Kretser. “This needs to change. An independent authorisation process, such as a warrant process, is essential to ensure law enforcement aims are properly balanced against the interference with an individual’s privacy.”

In its submission, the HRLC also recommended the introduction of a mechanism for individuals to be notified and have the opportunity to challenge the legality of access to their telecommunications data.

The HRLC also highlighted that much of the detail of the data retention and access regime will be left to regulations or Ministerial decisions which won’t be properly scrutinised by Parliament.

“The Government is effectively saying ‘trust us’ on key aspects of the proposed scheme including the types of information to be collected and the agencies that will access that information,” said Mr de Kretser. “It’s simply not appropriate.”

“The bill also fails to establish a proper seriousness threshold so that retained metadata can only be accessed where it is necessary for investigating serious crimes, not minor or trivial offences,” he added.

The HRLC’s submission recommends that the Bill not be passed.

A copy of the HRLC’s submission can be found here.

A copy of the Bill can be found here.

For more information:

Hugh de Kretser, Executive Director, Human Rights Law Centre: 0403 965 340