australian federal police data breach Andrew Colvin

Even if you ignore the evidence about ineffectiveness of data retention and believe it is necessary, there are a number of ways in which the Australian Federal Police's "accidental" breach of the journalist information warrant requirements for investigating journalists could have been avoided, or handled differently.

In a supplementary submission to the Joint Committee on Intelligence and Security inquiry into the data retention bill in 2014, Professor George Williams responded to a request from the committee during his evidence about the use of a "Single Point of Contact" (SPoC) within an organisation, as occurs under the United Kingdom's data retention regime. Such a scheme would be a "useful addition", according to Williams, even if it didn't address the major flaws of data retention. "For example, if a junior police officer wanted to access communications data under Part 1, Chapter 2 of the Regulation of Investigatory Powers Act 2000 (UK), he or she would first submit an application to the SPoC. The SPoC would then consider the merits and lawfulness of that request, and provide advice on its drafting, before sending it to a senior designated officer to be authorised."