It is a stinker in terms of policy, and unconvincing in effect, but the wholesale, indiscriminate retention of telecommunications data continues to excite legislators and law enforcement.
In 2015, when the Data Retention Bill was introduced, advocates and those in the telecommunications industry had reason to be worried. In testimony to the Parliamentary Joint Committee on Intelligence and Security, Telstra Director of Government Relations, James Shaw, noted that the telco’s practice over peak times such as New Year’s Eve was to only retain some data for a few hours before being overwritten. This was markedly shorter than the Bill’s proposed two-year retention period.
Telstra’s Chief Information Security Officer Michael Burgess also issued a warning that such legislative requirements would embolden hackers. “We would have to put extra measures in place … to make sure that data was safe from those that should not have access to it.”
Electronic Frontiers Australia Executive Office Jon Lawrence was even more trenchant in explaining to the Joint Committee that such data retention requirements were an “unnecessary and disproportionate invasion of privacy” and would “literally be a honeypot to organised crime, to any sort of person who can potentially access it.”