Fighting terrorism or piracy? Data retention floodgates open

At first, Australia's data retention laws were about terrorism.

Then, they were about capturing paedophiles and terrible criminals.

Now, just five days before Christmas, the Federal Government has quietly announced that it might just see about using all that metadata in civil lawsuits.

That means two years worth of data on every Australian with a phone or an internet connection could be opened up to the courts, not just for hunting down terrorists and serious criminals, but for chasing pirates or resolving family law disputes.

The Attorney-General's Department (AGD) has announced a review into mandatory data retention laws, asking members of the public to comment on whether metadata should be allowed to be accessed as part of civil lawsuits.

And sure, it's late in the year, but if you have a view on this, speak now or forever hold your peace.

Here's a bit of background to take you back to 2014 and the biggest story about the Australian internet since fibre-to-the-hell-node.

Data retention laws passed in 2014 require Australian telcos and internet service providers to retain information on the communications of all their customers, such as phone numbers dialled and internet sessions, for two years.

Data retention laws were brought in as part of a suite of national security legislation in the interests of better fighting terrorism. Here's how the big wigs sold us this bitter pill:

• "Access to metadata is vital to investigate terrorism and organised crime" -- Attorney-General George Brandis, January 2015
• "It's very important if we are to protect our kids that the police have access to appropriate telecommunications data" -- Former Prime Minister Tony Abbott, February 2015
• "The Government's introducing this to address vital needs of national security and law enforcement, not copyright" -- AFP Commissioner Andrew Colvin, October 2014

But the handful of parliamentarians opposing the bill warned that, once passed, these laws could easily be extended and data could be used for purposes other than chasing terrorists and paedophiles. The most common example cited was rights holders chasing pirates over copyright infringement, and using internet session data to bolster their case.

It's worth noting that a Parliamentary Committee reviewed the initial bill and recommended the laws "prohibit civil litigants" from being able to access metadata. But they also recommended the ability to make "appropriate exclusions."

So now, the Attorney-General's Department is calling for a review, asking whether there are particular circumstances when exclusions should apply.

The timing is noteworthy. It's not uncommon for Governments to "take out the trash" right before a big holiday, just to hide the news. It's not dissimilar to the Australian Bureau of Statistics quietly announcing this time last year that it would start storing Census data for four years, rather than just for a few months.

CNET contacted the Attorney-General's Department for comment on the timing of the announcement, its response to allegations of scope creep. The AGD did not respond to CNET's questions, but reiterated that submissions into the review "are encouraged and will be carefully considered."

So you could say, "Screw it" and hope your New Year's Eve downloading habits aren't used in some future court case. Or you could say, "No, I'm not going to sit back and watch anti-terrorism laws become a carte blanche for angry litigants in the court system and let the slippery slope of legislative scope creep take another victim -- especially this close to Christmas!"

Up to you really. Submissions are open until January 13. Hope you didn't have beach plans.

Updated on December 23 at 11:30 a.m. AEDT: Included comment from the Attorney-General's Department.