This article is more than 1 year old

Parliamentary committee says data retention should need a warrant

Australia's 'Brandistan' under fire

An Australian parliamentary committee has taken aim at the nation's proposed data retention regime, saying it fails tests of privacy, necessity and proportionality on several grounds, and called on the government to require warrants for data collection.

The bipartisan Parliamentary Joint Committee on Human Rights last Friday (November 14) delivered its verdict on the bill (beginning page 23 of the PDF here), and is critical on several points.

Warrantless data collection, invasion of privacy, the two-year collection period, and the lack of definition of what constitutes “content” all come in for criticism.

“The committee notes that the proposed scheme would require private service providers to collect and retain data on every customer,” the report states. “A requirement to collect and retain data on every customer just in case that data is needed for law enforcement is very intrusive of privacy, and raises an issue of proportionality”.

Noting the European Court of Justice's recent decision on the same matter, the committee says collected data can allow the intimate details of peoples' private lives to be revealed even without content-snooping.

“The committee therefore considers that the scheme must be sufficiently circumscribed to ensure that limitations on the right to privacy are proportionate (that is, are only as extensive as is strictly necessary)”, it states.

The report also criticises the government for leaving the details of what's to be collected to regulation rather than legislation. While attorney-general Senator George Brandis has said the collected data would not include (for example) URLs visited by users, the committee believes that's not enough, since any future government could expand the regime without returning to parliament.

“To avoid the arbitrary interference with the right to privacy that would result from reliance on regulations, the bill be amended to define the types of data that are to be retained” the report states, or alternatively, the government should at least “release an exposure draft of the regulation specifying the types of data to be retained”.

Likewise, the committee notes that while the government has made reassuring noises that content won't be retained, it hasn't gone so far as to define “content” in the legislation, another item it says needs to be fixed.

Other items raised by the committee include:

  • Whether two-year retention is necessary or proportionate;
  • Whether the authorisation for warrantless disclosure of information by carriers and service providers should be limited to serious crime;
  • The report suggests that access to data should be limited to the requesting agency, and should be grandfathered; and
  • Whether the data retention regime impacts on legal professional privilege (that is, client-lawyer confidentiality.

According to the Sydney Morning Herald, Senator Brandis has said the report will be considered “in due course”.

Greens Senator Scott Ludlam issued a statement saying the flaws in the legislation are too numerous, and that it should be abandoned. ®

More about

More about

More about

TIP US OFF

Send us news


Other stories you might like