news Federal Attorney-General Nicola Roxon has strongly defended the need for the Federal Government to enact controversial data retention laws making it mandatory for telcos to retain data on the Internet and telephone activities of all Australians for two years, despite the proposal having been described by privacy authorities as being akin to “a police state”.
The Federal Attorney-General’s Department is currently promulgating a package of reforms which would see a number of wide-ranging changes made to make it easier for law enforcement and intelligence agencies to monitor what Australians are doing on the Internet. For example, one new power is a data retention protocol which would require ISPs to retain data on their customers’ Internet and telephone activities for up to two years, and changes which would empower agencies to source data on users’ activities on social networking sites.
“As you will be aware, there has been a lot of press coverage about one component of the reforms – and that is data retention,” Roxon told a conference in Canberra this morning. Roxon’s full speech is available online here in Word docx format.
“Many of you will recall the disturbing murder of Cabramatta MP John Newman in Sydney in 1994. Call charge records and cell tower information were instrumental in the investigation and subsequent conviction on Phuong Ngo. These records allowed police to reconstruct the crime scene. Many investigations require law enforcement to build a picture of criminal activity over a period of time. Without data retention, this capability will be lost.”
“The intention behind the proposed reform is to allow law enforcement agencies to continue investigating crime in light of new technologies. The loss of this capability would be a major blow to our law enforcement agencies and to Australia’s national security.”
It is unclear whether Roxon’s comments with regard to the murder trial of Phuong Ngo are accurate.
In his 2009 report to the Chief Justice of NSW inquiring into the veracity of Phuong Ngo’s conviction, former judge David Patten found that mobile phone records supplied by Telstra during the trial had “very limited significance” to the verdict, although they went some way to supporting the case against Ngo and did not contradict the prosecution’s case in the matter.
“It is clear from the evidence of [Telstra employee] Mr Wilson and [telecommunications expert] Professor Coutts that mobile phone records have an extremely limited, if not non-existent, role to play in pinpointing the whereabouts of a person at a particular time,” wrote Patten in the report, available online in PDF format. “At most, they may provide an indication of the direction a person is travelling and, in this case, probably did so in relation to the movements of the white Camry in the period immediately after Mr Newman’s murder.”
In addition, the Government also already has the power to request ISPs and telcos to retain data on customers for up to 180 days for targeted users under existing cybercrime legislation introduced recently.
Roxon also defended other aspects of the Government’s wide-ranging surveillance proposal, which is currently being examined by the the Parliamentary Joint Committee on Intelligence and Security. “I want to strike a balance between ensuring we have the investigative tools needed to protect the community and individual privacy. This includes protecting individuals from activities that deeply affect their privacy, including hacking and identity theft,” Roxon told the conference.
“Gone are the days when we relied on landline phones, the odd fax or two and mail to keep us all connected. Smart phones allow us to engage with people in our workplace and across the world. Criminals and terrorists have also benefited from this leap in technology. Our police and national security agencies must be backed by solid legislation, to ensure we are all protected and that criminals can be prosecuted.”
“And it’s not only about strangers contacting your kids on the internet. It’s also about protecting the layers of hidden technology driving society like power, water and transport, banks and hospitals. Another part of the reform focusses on the management of these security risks in the telecommunications sector. Telecommunication networks are critical infrastructure that hold personal data and is an increasingly attractive target to unwanted intrusion.”
Roxon also described the Government’s consultation process on the issue as “open”.
“Unlike the Howard Government, I didn’t want to blindside the Parliament and the Australian people by introducing national security reforms into Parliament and rush them through without good advice and public scrutiny. The Government is putting all options on the table so the Australian public, experts and politicians can engage in this important national debate,” she said.
“That process has already started with more than 170 submissions from people and organisations of all walks of life having their say. This will ensure the Government has advice from the experts and will be informed by community views, before making final decisions on these important reforms.”
“I do want to reaffirm the intention of these reforms. We cannot live in a society where criminals and terrorists operate freely on the internet without fear of prosecution. We cannot allow technology to create a ‘safe haven’ for criminals, or a ‘no go’ zone for law enforcement. But, this does not mean unfettered access to private data either. What it does mean are carefully drafted, tested and oversighted national security laws – and this is what I’m focussed on delivering.”
The In general, the package of surveillance reforms discussed in this article has attracted a significant degree of criticism from the wider community over the past few months since it was first mooted. Digital rights lobby group Electronic Frontiers Australia has described the Federal Government’s proposed new surveillance and data retention powers as being akin to those applied in restrictive countries such as China and Iran, while the Greens have described the package as “a systematic erosion of privacy”.
In separate submissions to the Parliamentary Joint Committee on Intelligence and Security, inquiry, a number of major telecommunications companies including iiNet and Macquarie Telecom, as well as telco and ISP representative industry groups, have expressed sharp concern over aspects of the reform package, stating that “insufficient evidence” had been presented to justify them. And Victoria’s Acting Privacy Commissioner has labelled some of the included reforms as “being characteristic of a police state”.
The Institute of Public Affairs, a conservative and free market-focused think tank, wrote in its submission to the parliamentary inquiry on the matter that many of the proposals of the Government were “unnecessary and excessive. “The proposal … is onerous and represents a significant incursion on the civil liberties of all Australians,” wrote the IPA in its submission, arguing that the data retention policy should be “rejected outright”.
“Data retention would be a continuous, rolling, systematic invasion of the privacy of every single Australian,” it wrote, “only justified because a tiny percentage of those Australians may, in the future, be suspects in criminal matters. Indiscriminate data retention is an abrogation of our basic legal rights. Data retention regimes make internet users guilty until proven innocent.”
Instead of imposing a universal data retention regime, the IPA argued that “strictly limited, supervised, and transparent data preservation orders on targeted suspects would strike the right balance between individual rights and law enforcement”, although it added no at this time “no such correct balance has been struck” — with the recent Cybercrime amendment legislation giving all Commonwealth agencies — not just law enforcement agencies – the ability to issue orders that a certain telecommunications user’s data be retained.
In addition, the IPA pointed out that law enforcement authorities already had access to a large amount of data about telecommunications users. “Phone companies collected their customer’s data for billing purposes already; those existent records were available under warrant. By contrast, mandatory data retention policies would necessitate the creation of a massive new record of customer activity,” wrote the IPA.