The data retention inquiry in Canberra may have been overshadowed by the broader kerfuffle around the fate of Prime Minister Tony Abbott, but the three-days of discussion have at least clarified the salient points.
The scheme, as its stands, has no backers other than the security agencies that seemingly just can’t do without greater access to metadata.
While the issue of cost is a major point of discussion, the laundry list of why the proposed scheme needs to go back to the drawing board is steadily growing.
The latest salvo comes from Greens senator Scott Ludlam, whose persistent questioning revealed that the proposed legislation will leave platforms like Gmail, Twitter and Facebook untouched.
And it’s not just the over-the-top services that are getting a free pass, according to the Attorney General’s office. Third-party providers like universities, libraries and internet cafes are also excluded.
According to the Attorney-General’s department, while the ISP offering the connectivity would retain some of the information, there is no obligation for the institution providing its Wi-Fi services “to record the individual use of that service by the individual people who come into their premises".
As Ludlam also points out, if a Bigpond or iiNet account is captured by the data retention scheme but a Gmail or Facebook message isn’t, then avoiding ISP-based mail provides a viable means to circumvent the proposed regime.
For the telecom industry, that’s already chaffing at the prospect of securing the data, still waiting for answers on cost of implementation, this is another complication it could do without.
The Coalition government should be under no illusions about just how unpopular the proposed metadata retention regime is and while Attorney-General George Brandis and Abbott spout the rhetoric of terrorism and national security, perhaps the best course of action for the government would be to provide a modicum of clarity on the issue of cost.
But then again, any elucidation on the cost issue is likely to confirm the worst fears of those opposed to this pernicious regime that they say rides roughshod over the privacy of Australian citizens, poses a security headache for service providers tasked with retaining the data, and won’t make us any safer.
Implementing any government regulation always costs money, so the fact that the proposed regime will cost the telecoms industry is no surprise. However, it’s the secrecy around the issue that’s galling, says consumer advocacy group ACCAN.
Whoever ends up bearing the cost of creating the new framework, ACCAN says it’s paramount that customers are made aware of what they are in for.
However, the Attorney-General’s Department representative has indicated that costing information will not be released in any form.
“This is counter to the social contract with consumers,” says Narelle Clark, deputy chief executive of ACCAN.
“Consumers are being asked to accommodate a considerable invasion of privacy and bear additional costs, either passed on via their phone and internet bills if industry has to carry the cost, or as taxpayers if the government picks up the tab,” she says.
“Either way, we should be told what we’re in for.”
ACCAN has asked that the PricewaterhouseCoopers report into costs be released, at least in redacted form, saying that a balance can be struck on protecting commercially sensitive information and providing some clarity to consumers.
Consumers are yet to be advised whether there is to be simply a one-off capex reimbursement, as was intimated by Optus in its testimony, or a different regime that ensures both the initial and ongoing costs are covered.
For now, the government is unlikely to relent but it will be interesting to see how long it can hold that position, and whether the inflexibility proves to be counterproductive.
Combating criminality and terror threats are worthy pursuits but balancing these demands while protecting individual privacy has been a perennial challenge for law enforcement agencies.
It’s not a new problem but the department’s position on Gmail, Twitter and Facebook highlights just how complicated the theatre of operations has become.
From the definition of metadata, the role of OTT providers, to encryption, the response from the government and the security agencies is one of anxiety. It may or may not be justified, but it’s certainly being used to pass a framework that is beset with loopholes and has caused no small measure of anxiety to service providers, privacy watchdogs and citizens.
The government is banking on broad support from the Labor opposition on data retention, and it’s likely to get its wish. But the onus should be on the government to convince the community that its proposed scheme successfully balances the needs of the agencies and the public’s right to privacy.
That doesn’t seem to be case, judging from the submissions and the recent hearings, and the rhetoric must be accompanied with signs of prudence.