Key issues with the proposed mandatory data retention law


There’s a post up on Labor leader Bill Shorten’s site addressing Labor’s position in regards to the draft mandatory metadata retention legislation and specifically to recommendations included in the Parliamentary Joint Committee report, released late Friday.

Honestly, it’s not very encouraging.  I really think Labor should be outright blocking the passage of the bill (ideally it should be scrapped altogether) until many of the key issues are directly addressed in the legislation itself.  For example, the PJCIS report highlights some glaring problems, notably:

  • The Bill does not explicitly require data to be destroyed at the end of the retention period,
  • The Bill is silent on the issue of data security,
  • The Bill does not prevent offshore storage

.and undoubtedly plenty more. 

The main problem is that the PJCIS report doesn’t make any specific recommendations to address these shortcomings.  For example,  this:  “To give effect to this recommendation, the Committee recommends that the Data Retention Implementation Working Group develop an appropriate standard of encryption to be incorporated in to regulations” is fairly useless.

..and this gem, which offloads details until a later date (a common theme in most of the report’s recommendations):  “The Committee recommends that the Explanatory Memorandum to the Telecommunications (Interception and Access) Amendment (Data Retention) Bill 2014 clarify the requirements for service providers with regard to the retention, de-identification or destruction of data once the two year retention period has expired”.

Based on the above alone, detailed data about Australians could be stored unencrypted offshore and still be compliant with the legislation.  The risk of a data breach is almost palatable!  Imagine all the potential for identity theft, fraud, disclosure of confidential business information (most emails are sent unencrypted), blackmail…. the list of threats goes on.  If this legislation is passed without serious rework the Government shall be  guilty of severe negligence.

How can anyone with a functioning brain seriously support a bill with such glaring issues that even a joint committee appear lost in the woods?  This is dire stuff, folks.


About Rob Sanders

IT Professional and TOGAF 9 certified architect with nearly two decades of industry experience, 18 years in commercial software development and 11 years in IT consulting. Check out the "About Rob" page for more information.

Leave a comment

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>