0 Comments |  Technology |  PRINT | 

Data retention hearings off to nonsensical start

Thursday, 18 December 2014 | By Bernard Keane

In a ridiculous start to the Joint Committee on Intelligence and Security’s hearings into Attorney-General George Brandis’ mass surveillance proposal, the government has refused to even say whether the definition of data to be retained under its data retention system, or the cost of the scheme, will be finalised before the committee reports.


The committee thus faces the prospect that the single most critical issue that it will have to deal with in relation to data retention won’t even be resolved by the time it finishes its inquiry, currently due to report at the end of February.


The first hearings into a data retention regime were held this morning in Canberra, involving officers from the Attorney-General’s Department, the Australian Federal Police, the Australian Crime Commission and ASIO. It rapidly became clear that the hearing was, by and large, a waste of time. Missing from the hearing were the two heavy-hitters of the committee, Labor’s John Faulkner and Anthony Byrne (Faulkner remains on the committee until he formally resigns from the Senate in January); Faulkner was addressing a graduation ceremony and Byrne had a longstanding electorate commitment. But Labor shadow Attorney-General Mark Dreyfus, recently added to the committee for this inquiry, repeatedly pressed bureaucrats on when a full definition of the data to be retained under the regime would be finalised.


This has been a long-running problem for the Attorney-General’s Department, which has been pushing data retention for at least seven years and yet, despite repeated consultation with the industry and the involvement of consultant PWC, has been unable to determine what internet metadata it wants to retain in addition to telephone data, partly because of its own lack of competence in the area of online communications. The lack of definition proved a major source of frustration when the committee previously looked at data retention in 2012-13, when it specifically criticised AGD for its failure to explain what data it wanted retain. Yet Brandis was unable to include a workable definition in the bill he introduced earlier this year and which the committee is now considering. That left the issue to be settled by regulation, with a technical working group, headed by the Secretary of AGD Chris Moraitis, trying to finalise what AGD has been unable to finalise for years.


The working group provided the committee with a draft definition this week, but it remains unfinalised and Dreyfus was unable to extract a commitment from bureaucrats that it would be finalised before February.


The constant failure of AGD to address the issue of exactly what data it wants kept — many suspect it is because it wants as extensive a set of data, including content data, as possible — will undermine the capacity of JCIS to appropriately assess the proposal, and suggests the government is seeking to sneak through an expansive definition via regulation in the same way it tried to sneak its repeal of Future of Financial Advice reforms via regulation. The capacity of JCIS to properly vet the proposal is already in doubt after the committee chair, Liberal backbencher Dan Tehan, spoke in favour of data retention and linked it to the Sydney siege this morning, suggesting “every tool” is needed to prevent such attacks.


AGD officials were also unable to advise the committee of what the data retention scheme would cost, a staggering admission given the bill is currently before Parliament. The technical working group is said to be working through costings. As Dreyfus pointed out, the working group had noted that costings couldn’t be finalised until they had the definition of data to be retained — meaning there was no guarantee that the committee would be told what the scheme would cost. However, officials did yet again contradict both the Attorney-General and the Prime Minister by noting that some ISPs would have to create data, rather than merely, as the government has insisted, store existing data.


The AFP did, however, provide one fact of great interest: a warrant regime for oversight of access to metadata, against which the AFP and ASIO have long railed, would cost just $25 million, a tiny amount compared to the budgets of both organisations and a fraction of the $630 million the government handed to them earlier this year.


Otherwise, the hearing was a colossal waste of time: we still don’t know what data will be retained or how much it will cost, and neither does the committee charged with considering the scheme. The only sensible conclusion is that the hearing was purely for show, and the government has no interest in a credible inquiry.


This article was originally published at Crikey.


Follow StartupSmart on Facebook, Twitter, and LinkedIn.