Data retention: Got nothing to hide?

It recently came to light (thanks to some good reporting) that the Government has been fishing around with ISPs for their support on a new and radical data retention policy. This would legally oblige telcos to retain large amounts of data about their customers’ communications activities in case law enforcement needed them at some point in the future.

We know this because some in the industry have spoken out, quietly, about the meetings. The Government, it would seem, would prefer to conduct them in complete and total secrecy.

Ben Grubb at the Sydney Morning Herald today shared some documents he obtained under Freedom of Information about the briefings between the Attorney-General’s department and the industry. The screenshot below is indicative of the rest of the document – besides the page numbers, nothing substantive is left uncensored. Even the glossary of terms is heavily elided. One can only imagine the officer responsible for the editing must have made a few trips to the stationery cupboard for a fresh texta.

Based on previous reporting, we know that the idea that the ISPs would be forced to log even the actual web browsing history of their customers has been canvassed. Basically, if it’s logged (or could be logged), the A-G wants it saved.

Apart from the fact that it treats everybody like a possible criminal, there are several concerns with this. Firstly, the privacy implications are enormous. Anybody would have natural concerns about how much data about their personal communications was being stored. Managing all this data would create a lot of work and expense for ISPs, which disadvantage smaller players and would have to be passed on to consumers. And there mere fact that large databases of personal data are being stored at every ISP makes data security a big issue. The consequences of any data breach would be magnified.

Public consultation is therefore paramount. The more sensitive the data being retained, the more the public needs to be informed about the process. The onus is on the Government to explain why they need this data, and why the process has to be a secret one. Otherwise, we must assume the worst – that they want everything, and will be aggressive about accessing it, too.

The proposal is alarming enough, but, again, the secrecy of the process is just as worrying. If you aren’t a criminal, you should have nothing to hide, the Government might argue. We might ask the same question. If you’re not doing anything we should be concerned about, why so much secrecy?

The document can be viewed here along with the decision here.