Greens Senator Scott Ludlam has slammed the Attorney-General’s Department (AGD) over what he called the information “vacuum” surrounding its secretive discussions with internet service providers (ISPs) and other bodies over a data retention scheme for law enforcement. Such a scheme would see ISPs keep records of customers’ online activities, potentially for years.
Appearing before the Senate inquiry into ‘The adequacy of protections for the privacy of Australians online’ late on Friday afternoon, AGD representatives Catherine Smith and Wendy Kelly said they had consulted “broadly” about data retention, including with the Internet Industry Association, telecommunications industry lobby group the Communications Alliance, law enforcement agencies, the Department of Prime Minister and Cabinet, and the Privacy Commissioner.
“I would accept your definition of ‘broad’ if we were talking about a purely commercial proposition, but we seem to have inadvertently missed out all of civil society, the public and the parliament,” Ludlam responded, clearly unimpressed.
A data retention scheme would require ISPs to keep a record of the metadata of everything done online. This would include the Internet Protocol (IP) address at each end of the connection, the date, time, duration and the customer’s location, but not the content of the communication.
Such a scheme already operates in some European countries under the EU Directive on Data Retention. But it remains controversial. A German court declared that country’s data retention laws unconstitutional. Sweden’s proposed laws have been stalled following the election of members of the Pirate Party to parliament.
The AGD representatives told the Senate inquiry that the proposal would not grant any new powers. A warrant would still be required to access the content of communications. “All we’re asking for here is for the status quo to remain,” said Assistant Commissioner Neil Gaughan of the Australian Federal Police.
“From a law enforcement perspective ideally we would all be walking around with video cameras attached to ourselves,” Ludlam said. “Is anybody at the table willing to acknowledge that there are very important privacy implications in effectively treating the entire Australian population as suspects … to retain that data just in case any one of us at any given time turns out to be a child abuser?”
The AGD’s confidential meetings with ISPs, which took place in March this year, were revealed in June by then-ZDNet technology journalist Ben Grubb. Industry sources told Grubb the discussions had also covered the possible recording of users’ complete web browsing history — the individual pages visited, not just the sites. This was denied by the Attorney-General’s office.
In July Grubb, now at Fairfax, obtained the AGD’s 18-page discussion paper on the topic. It was heavily redacted. The list of data that might be captured was obscured. Seven pages were completely blacked out, as well as the table of contents entry explaining what they were even about.
Explaining the extensive redaction, AGD legal officer Claudia Hernandez wrote at the time that the release of those sections “may lead to premature unnecessary debate and could potentially prejudice and impede government decision making”.
“I think it’s a peculiar definition of ‘broad’ in my book in that there is no reliable information in the public domain apart from a document obtained under FOI that had been splattered with black felt marker,” Ludlam said on Friday.
“Rumours flourish in a vacuum, and you’ve created a vacuum,” he told the AGD’s witnesses. “If you don’t trust us to tell us about what it is that you’re doing, why should we trust you to have all this data in the first place. And maybe we’ll leave you with that to ponder.”