On 26 March 2015, the Senate passed a new law requiring Australia Internet Service Providers (ISPs) and telecommunication companies to retain metadata for two years.

Discussions around data retention laws first surfaced in the Australian Government around 2008. Seven years later, the Telecommunications (Interception and Access) Amendment (Data Retention) Bill 2015 (“the Act”) was voted in the Senate 43 ‘for’ and 16 ‘against’. The bill needs only to receive royal assent (a mere formality) before it becomes a fully-fledged Act.

In summary the Act: 

  • requires ISPs and telecommunications companies to retain customers’ metadata (extracted from their phones and/or computers) for 2 years;
  • outlines the type of data that must be retained;
  • specifies the agencies which have access to the metadata;
  • outlines the circumstances which access can be attained; and
  • creates an independent oversight process involving the Commonwealth Ombudsman.

Metadata includes but is not limited the following:

  • names, addresses, birthdays and financial information;
  • traffic data (eg number of phone calls made);
  • IP addresses; and
  • location of devices.

Though the Act was introduced to counter threats of terrorism and crime, it has the potential to impede on privacy in a general sense. As foreshadowed by George Orwell, Big Brother is watching…