• Great articles on other sites
  • RSS Great articles on other sites

  • Renai's other site: Sci-fi + fantasy book news and reviews
  • RSS Renai LeMay

  • Analysis, Digital Rights - Written by on Monday, April 14, 2014 9:30 - 1 Comment

    Europe says no to data retention, so why is it an option in Australia?


    This article is by Angela Daly, Research Fellow in Media and Communications Law at Swinburne University of Technology, and Sean Rintel, Lecturer in Strategic Communication at University of Queensland. Both are involved with digital rights group Electronic Frontiers Australia. It originally appeared on The Conversation.

    analysis There has been plenty of technology-related legal activity in the European Union this month. Last week the Court of Justice of the EU (CJEU) ruled that data retention regulations, as they currently stand, are not in accordance with EU law and the European Parliament voted in favour of introducing net neutrality into EU telecoms regulation the week before.

    As Australia is currently in the midst of a data retention inquiry – the second in three years – what effects will this ruling have on the debate?

    What is the data retention directive?
    The particular law at issue is the data retention directive from 2006. The directive applies to data generated by users of electronic communications services and networks, and stipulates that the operators of these services and networks must keep this data on all users for a period of time between six months and two years.

    The kind of data that should be kept includes telephone numbers, account holders’ and recipients’ names and addresses, IP addresses, and location data, but not information about the content of the communications. The purpose of these rules is to ensure that this information is available for “the investigation, detection and prosecution of serious crime”.

    What did the CJEU decide?
    For some time there has been concern that the data retention directive was too intrusive of law-abiding European citizens’ privacy. This resulted in privacy campaigners in Austria and Digital Rights Ireland mounting a challenge to the measures. They argued that the rules were disproportionate and unnecessary to achieve the aim of ensuring data was available for the purposes of fighting serious crime.

    They also argued that the rules were incompatible with the rights to privacy, data protection and free expression contained in the EU’s Charter of Fundamental Rights.

    The CJEU found that, although the retention of data “genuinely satisfies an objective of general interest” (the fight against crime), the data protection rules went beyond what was strictly necessary to achieve this goal. In practice, the rules entailed an “interference with the fundamental rights of practically the entire European population”, with the vast majority of those people not being “even indirectly in a situation which is liable to give rise to criminal prosecutions”.

    The CJEU also condemned the lack of limitations to the access of this data by national authorities and their subsequent use. For instance, there was no restriction on the access and use of the data to the purpose of fighting serious crime. Also of concern to the CJEU was the weakness of security measures around the data, and the fact there was no requirement to retain this data within the EU.

    It’s unclear what exactly is going to happen now since the CJEU declared the data retention rules invalid. Different European countries have had different reactions to the CJEU’s decision. A Finnish government minister responded by saying that Finland must revise its laws on data protection and retention, but it seems that the legislation implementing the data retention directive in Luxembourg will still apply and bind telecoms operators.

    Furthermore, the day after the CJEU’s decision, the Romanian government issued a new draft law that would increase surveillance of its citizens.

    What’s going on in Australia?
    The decision comes at an important point in the data retention debate in Australia. We are currently in the midst of the second inquiry within three years from two successive Commonwealth governments.

    In 2012 the Labor government’s inquiry into potential reforms of National Security Legislation received 240 submissions and 29 exhibits. Many responses pointed to a significant shortcoming in the 2012 discussion paper’s vague proposal for up to two years of mandatory data retention by internet service providers.

    Despite the prominence of the need for mandatory data retention in pro-surveillance arguments, the discussion paper’s proposal for data retention managed to be both so short and so broad as to allow egregious overreach. The proposal was: “… tailored data retention periods for up to 2 years for parts of a data set, with specific timeframes taking into account agency priorities, and privacy and cost impacts.”

    The accompanying definition of data retention was equally vague: “The storage of telecommunications data for prescribed periods of time.” No further information was supplied.

    The 2012 inquiry resulted in a May 2013 report of the inquiry into Potential Reforms of Australia’s National Security Legislation, but no actual reforms were carried out due to the proximity of the looming 2013 election. Just a month later NSA whistle-blower Edward Snowden’s revelations demonstrated that various forms of data retention and mass surveillance were already happening.

    In this climate of increasing disquiet over surveillance overreach, Labor and the Greens initiated another inquiry into the comprehensive revision of the Telecommunications (Interception and Access) Act 1979. This current inquiry asks for responses to the May 2013 Report and the recommendations of the Australian Law Reform Commission’s For Your Information: Australian Privacy Law and Practice report.

    The May 2013 report contains an entire chapter on data retention. While it notes the public backlash against data retention, and recommends oversight mechanisms and an exposure draft of any legislation, it nevertheless treats data retention as a critical part of Australian security policy. At core, the report perpetuates distinctions between “metadata” and “content” that many civil liberties groups argue are increasingly impoverished in the age of “pattern-of-life” searches.

    Implications for Australia
    The May 2013 report spent quite some time discussing the European experience of data retention. The Attorney-General put forward the same data retention directive as the CJEU has just declared invalid as an appropriate model for Australia. The May 2013 report notes that a voluntary scheme was implemented in the UK while controversies occurred in countries with “human rights frameworks that are significantly different to those in Australia”.

    Australia tends to follow rather than lead in security issues, and tends to try to follow traditional allies and those with whom it believes it has most in common. If the UK decides to include more accountability its data retention implementation as a result of the CJEU ruling, this might bode well for Australian civil liberties – but given the fragmented response so far from European countries, arguably the time to look for models is over. It is time for Australians to take their own rights seriously.

    Angela Daly is a former board member of Electronic Frontiers Australia and is currently a general member of the organisation. Sean Rintel is the current Chair of Electronic Frontiers Australia. This article was originally published on The Conversation. Read the original article.

    The Conversation

    Print Friendly

    1 Comment

    You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

    1. Karl
      Posted 14/04/2014 at 1:12 pm | Permalink |

      “Europe says no to data retention, so why is it an option in Australia?”
      Because Australian law doesn’t give a damn about human rights.

  • Get our weekly newsletter

    All our stories, just one email a week.

    Email address:

    Follow us on social media

    Use your RSS reader to subscribe to our articles feed or to our comments feed.

  • Enterprise IT stories

    • Govt blows $14.4m on Windows XP, Server 2003 support nadella-1

      The Federal Government has paid Microsoft more than $14.4 million for custom support of the outdated Windows XP and Windows Server 2003 operating systems, in a costly move which further demonstrates the extreme cost of running operating systems which are no longer formally supported by their vendors.

    • [ad] Tatts Group optimises business performance with StruxureWare software schneider

      Tatts Group is one of Australia’s largest lottery and gaming companies, operating the majority of lotteries within Australia, as well as wagering, telephone betting and online transactions. Their online transactions make them one of the highest trafficked sites in the country.

    • Legacy health software lands SA Govt in court doctor

      In which the South Australian Government comes up with complex legal arguments as to why it should be able to continue to use a 1980’s software package.

    • Microsoft wants to win you back with Windows 10 windows-10

      The latest version of Microsoft’s Windows operating system will begin rolling out from Wednesday (July 29). And remarkably, Windows 10 will be offered as a free upgrade to those users who already have Windows 7 and 8.1 installed.

    • Qld Govt Depts have no disaster recovery plan brisvegas2

      Two sizable Queensland Government departments have no central disaster recovery plan, the state’s Auditor-General has found, despite the region’s ongoing struggles with extreme weather conditions that have previously knocked out telecommunications and data centre infrastructure.

  • Featured, opinion/analysis, Policy + Politics - Aug 3, 2015 13:40 - 20 Comments

    Turnbull’s NBN hiring spree is pure election fodder

    More In Policy + Politics

    Enterprise IT, News - Aug 3, 2015 16:03 - 1 Comment

    Govt blows $14.4m on Windows XP, Server 2003 support

    More In Enterprise IT

    Industry, News - Aug 3, 2015 15:25 - 2 Comments

    Uber takes ATO to court over GST

    More In Industry

    Consumer Tech, News - Jul 29, 2015 17:14 - 11 Comments

    Telstra integrates Netflix, Stan, Presto into re-badged Roku box

    More In Consumer Tech