Mandatory Data Retention laws pass Australian Parliament

Telecommunications and internet service providers will now be required to store their customers' metadata for at least two years under laws that passed the Australian parliament with little opposition.

Claire Reilly Former Principal Video Producer
Claire Reilly was a video host, journalist and producer covering all things space, futurism, science and culture. Whether she's covering breaking news, explaining complex science topics or exploring the weirder sides of tech culture, Claire gets to the heart of why technology matters to everyone. She's been a regular commentator on broadcast news, and in her spare time, she's a cabaret enthusiast, Simpsons aficionado and closet country music lover. She originally hails from Sydney but now calls San Francisco home.
Expertise Space | Futurism | Robotics | Tech Culture | Science and Sci-Tech Credentials
  • Webby Award Winner (Best Video Host, 2021), Webby Nominee (Podcasts, 2021), Gold Telly (Documentary Series, 2021), Silver Telly (Video Writing, 2021), W3 Award (Best Host, 2020), Australian IT Journalism Awards (Best Journalist, Best News Journalist 2017)
Claire Reilly
4 min read

Attorney-General George Brandis. CeBIT

Australian Internet Service Providers and telecommunications carriers will now be required to retain customer metadata for a minimum period of two years under new laws passed by the Australian Senate.

Under the Telecommunications (Interception and Access) Amendment (Data Retention) Bill 2015, service providers will be required by law to store data such as account holder names and addresses; date, time and duration of communications; the recipient of communications; and the location of equipment used for communications, including cell towers and Wi-Fi hotspots.

Similar to the UK's Data Retention and Investigatory Powers Act 2014 (also known as DRIP), The Data Retention legislation was introduced in 2014 as part of a suite of bills designed to address growing national security threats, though politicians later couched the reforms in terms of giving police powers to investigate a broad range of crimes, not just terrorism.

Civil liberties advocates and legal experts raised concerns about the privacy implications of the bill, while journalists and Australia's media union protested the potential impacts on press freedom, journalists' privacy and whistleblower protections.

Prime Minister Tony Abbott later announced that police and security personnel would be required to obtain a warrant to access journalists' metadata, and that this warrant process would be overseen by a Government-appointed "public interest advocate." These amendments helped the legislation pass Australia's lower parliamentary house, with opposition coming from just a handful of cross-bench ministers.

A further six amendments put forward by minority Greens party Senator Scott Ludlam and independent Senators Nick Xenophon, David Leyonhjelm and Dio Wang, were also rejected.

These amendments sought to introduce greater safeguards in the legislation, including requiring warrants for access to metadata of legal and medical practitioners as well as journalists, to require ISPs to destroy data after the two-year retention period, and to bring in a full definition of "content" to clarify what carriers would not be required to store.

After these amendments were voted down, data retention laws finally passed with 43 votes in favour and 16 votes against.

Before the final vote, the instigator and driving force behind the legislation, Attorney-General George Brandis, thanked members of both the Government and the opposition for working to get the bill passed.

"I wanted to thank the Senate for the debate that we've had through a long committee stage -- nobody could say this has been a rushed process," said Senator Brandis. "This legislation does contain protections that weren't there before. It does provide a capability for police and national security [officials]...that were on the verge of being lost."

Similarly, Australian Labor Party Senator Jacinta Collins also spoke to the Senate about the "critical concessions" that the ALP had managed to secure in the House of Representatives to ensure that the final Bill was for "a strong system with checks and balances."

"Mandatory Data Retention is not mass surveillance," Senator Collins said. "The Labor Party has not caved in on this matter."

Her comments came in response to the scathing remarks of Senator Scott Ludlam, who has long been a vocal opponent of the legislation and who said before the vote that politicians would be "judged" at the next election for their actions in passing the Bill.

"The Government won't disclose the costs of the scheme, is silent on the risks of unauthorised disclosure, and at no stage has it been able to point to evidence that collecting information on 23 million non-suspects [is effective]," he said.

"The Abbott Government has failed this test...The only people who did end up satisfied were in the ALP. The ALP has caved into the Coalition's fear campaign.

"We had the numbers to defeat this bill, but you never turned up."

Noting that Federal Communications Minister Malcolm Turnbull had made a number of references in mainstream media about how to use technology to avoid data retention -- "Amazing! Tips on how to avoid mandatory data retention by the guy who introduced the bill," he said -- Senator Ludlam provided his own crib notes on skirting the new laws.

Among these he suggested internationally-based email services such as Gmail and over-the-top services that are specifically excluded from the legislation, adding that concerned Australians should "use one of the services Mr Turnbull recommends." He also provided a laundry list of precautions that whistleblowers should take when leaking information to ensure that legal action doesn't "rain down like fire".

"I'm deeply sorry that we weren't able to prevent this from passing into law," he said.

Updated on March 27 at 10:00 a.m. AEDT to include further background and international context.