The Parliamentary Joint Committee on Intelligence and Security (Committee) has begun its planned review of the mandatory data retention regime under the Telecommunications (Interception and Access) Act 1979 (TIA Act) (Review). The Committee must produce a report on the outcome of the Review by 13 April 2020. As part of the Review, the Committee has invited written submissions from the public on the mandatory data retention regime.
The Department of Communications and the Arts (Department) has lodged a written submission, commenting on the protection of information and importance of disclosure only where permitted under the TIA. Types of information telecommunications companies have access to but where disclosure is restricted include:
- date, time and duration of a communication;
- device location during a communication;
- source and destination identifiers for a communication; and
- type of communication used (such as voice, SMS or email)
If disclosure is required under law, including the laws of a State or Territory, telecommunications companies are exempt from this restriction and may disclose the above information. However, if the law merely authorises disclosure but does not require it, telecommunications companies may refuse to disclose the information. The Department also confirmed that information which is retained solely under the obligations of the TIA Act (and not for the purposes of any other law) may only be disclosed as permitted by the TIA Act.
Some submissions express concern that it is impractical or onerous for telecommunications companies to distinguish between data retained specifically and solely under the TIA Act, and data retained under an obligation imposed by other legislation. This may make it difficult for telecommunications companies to determine whether or not to disclose information when requested by state agencies under the current TIA Act.
The Committee is continuing to take submissions. For more information, see the Committee's page on the Review here.