Essay: Mandatory Metadata Retention


Write about the Essay for Mandatory Metadata Retention.


Introduction: In the present essay, an attempt has been made to examine the effectiveness of the mandatory metadata retention program of Australia. The data retention scheme of the federal government has been officially in effect for some time now. This means that the metadata of the mobile and online communication in Australia is starting to be collected. Such data will be stored for at least two years. The data can be used for scrutiny by the national security agencies. The data retention legislation has been passed way back in 2015. As a result, the Federal Government can require the Internet service providers and telecommunication companies to retain consistent and reliable data of their customers for a period of two years.

Describe the crime problem: Metadata can be described as the background technical information related with a communication. It includes the time and date of a call, how long the call lasted and what were the IP address of the webpage and also the e-mail addresses. However it does not include the recording of actual contents of the call or the website that was visited by the user. In this regard, controversial legislation has been passed on the government in 2015. As a result of these laws, it became compulsory for the telecommunication service providers to retain metadata from the users for at least two years. In a famous statement, Atty. Gen. George Brandis has compared metadata with a letter in the post. Therefore, he said that metadata can be described as the name and address data as you mention on the envelope, but it does not include the contents of the letter (Brandis, 2015).

As a result of these changes, now the telecommunication companies in Australia will have to fulfill their legal requirement according to which they will have to retain six types of metadata from the usage and information of their customers.. This data can be scrutinized by the national security and law enforcement agencies. The area of data that need to be stored and made available to the government includes any identifying information that is linked with the subscribers of accounts (Brown et al., 2015). This means the names, phone numbers, addresses, e-mail and IP addresses of the persons according to the billing details that are available with the telecommunication companies. It also includes the source of any communication which means user names, telephone numbers, e-mail and IP addresses of persons or the account establishing an SMS message, phone call, voice message or e-mail. Similarly, it also includes the definition of communications. However, it excludes the Internet browsing history of an individual. The companies will be required to provide date, time and the duration of communication, along with the details that can be used for identifying a collection. The companies will be required to store the types of communication and Internet services used. Hence, the government will be in a position to know if a particular SMS message, e-mail, voice messages or any social media usage has been made by a person using services like ADSL connection or WiFi. In the same way, the physical location of the place where the communication has been made, as well as the geographic location of any mobile device and the physical address that is related with the fixed Internet connection (Commonwealth of Australia, 2015).

Overview: Before the enactment of the new legislation, the law enforcement agencies are allowed to use targeted data preservation notices to make a request to Internet service providers and telecommunication companies to store communications related with suspected criminals. On the other hand, according to the news scheme, there are lesser agencies that can access metadata. But many of these agencies have been allowed warrantless access to the private details related with the users of Internet service providers and telecommunication companies. This list of agencies that have the access to metadata can be added by the Attorney General. After 2015, there has been a review of access to retained metadata by the government in case of civil law cases. It has been confirmed by the government that it is not going to allow access to metadata concerning civil cases like proceedings under the family law, which involves violence or the cases involving international child abduction after conducting the recent review. Under the new legislation, the telecommunication companies that use infrastructure in Australia for the purpose of operating any of their services in the country can be subject to the obligations of data retention (Crowe, 2014). Among these service providers are the carriage service providers, licensed carriers and Internet service providers. At the same time, there are certain services that have not been included under the data retention obligations.

According to the obligations related with data retention, there are certain telecommunication service providers that will have to retain particular telecommunications data related with the services that have been offered by them. This data needs to be encrypted and protected from any unauthorized access or intrusion. There is certain information of the subscribers that need to be retained for the life of the account and for two years more after the closure of the account. On the basis of the type of service offered by the company, the service providers may not have to retain all the gay big arrays of data. In this regard, guidelines have been bewildered by the department to support industry in understanding their obligations related with data retention.

Detail the crime prevention principles: Regarding the data retention obligations, that that can be described as the information concerning the communication instead of being the content on these instances of the communication. For example, in case of phone calls, such data includes the phone numbers of persons that are talking to each other and or how long they have talked but not for they have said. Similarly, in case of e-mails, the data includes the information like the relevant e-mail address and when it has been sent but not the content of the e-mail. It is not required under the Telecommunications (Interception and Access) Act, 1979 that the companies should retain data that may include the web browsing history of an individual. At the same time, nearly in case of every serious national security a criminal investigation, data is used (Donohue, 2014). This includes the investigation related with counter-espionage, counter-terrorism, kidnapping, murder, sexual assault etc. in this regard, data is used by the agencies warn quickly ruling out innocent individuals from suspicion and to conduct further investigation. It is also used to identify suspects and discover the network of criminals. Data is used to support applications for warrants for using overinclusive and complex tools like interception. Similarly, data is also used by the agencies as evidence for supporting prosecution. In this regard, there are several safeguards present related with the existing telecommunications data under the Act. Particularly these include the fact that the existing data has been restricted to a list of national security and law enforcement agencies. The agencies that have been providing access to data have to undergo independent oversight by the Commonwealth ombudsman or by Inspector General of Intelligence and Security when the Australian Security Intelligence Organization is involved (Greenwald, 2014). The Atty. Gen. also has the responsibility to give a report to the parliament raid with the operations of data retention scheme each year. Where the enforcement agencies or the ASIO need to access the data of a journalist for identifying a source, the law requires that these agencies will obtain a warrant. Similarly, these agencies are also required to report all the requests to the independent respective oversight body (Guy, 2016).

Similarly it also needs to be mentioned that for the purpose of Privacy Act, 1988, the data that has been retained by the individual companies on Internet service providers under the Act needs to be considered as personal information. In such cases, the Privacy Commissioner can evaluate the compliance by the telecommunication companies with the Australian Privacy Principles in context of the data maintained by them. The commissioner also monitors the nondisclosure obligations of the telecom industry under the Telecommunications Act, 1997.

Analysis: There are different opinions present regarding the way in which the metadata retention scheme can comply with the requirements of privacy and freedom of expression rights. While on one hand, the strongest statements like "necessary and proportionate" principles have been proposed by a coalition of academics, civil rights societies, and technology and privacy experts. In these principles, a complete prohibition has been proposed on indiscriminate collecting of meta-data (Taylor, 2016). A warning is also being given by the United Nations and the Inter-American Special Rapporteurs (2013) have also given a warning that access to metadata should be allowed only in very exceptional circumstances. In the same way, it has been mentioned by the European Court of Justice that in discriminate retention of data obligation goes beyond what is necessary and of course made for the purpose of achieving the objective of fighting serious crime. Therefore, such obligation was not compatible with the fundamental right to privacy and to protect the data. This was held in Digital Rights Ireland v Minister for Communications, 2014. As is the case with the Australian scheme, it is also required by the European Directive 2006/24/EC that the providers of publicly available communication services or the public communication networks have an obligation of retaining the traffic and location data, although they are not required to retain the contents of the communication, for the period of six months to two years. The objective behind such obligation is to make sure that the data is available for investigation, detection and also can be used in prosecution of serious crime which includes the cases of terrorism. But in view of the interference of these obligations, which can be termed as serious and wide-ranging, with the right to privacy, it is likely that the people may start to feel as if there private life is constantly under surveillance. Hence there is a need that the data retention should be proportional, and it should be strictly necessary for achieving the objective.

Under these circumstances, it can be said that as a result of the wide scope of the data retention regime in Australia, there can be a conflict with the human right to privacy. While under the data retention regime it is required that they should be indiscriminate retention of extensive information that can reveal significant details related with private communication, the information that in itself is private. In view of the wide obligations to retain the data, the issue of access to this data becomes important. Under the earlier law, they were a wide range of government agencies that have been allowed to access the data available with the telecommunications providers while enforcing a criminal law or to impose a fine. On the other hand, a new list of criminal law enforcement agencies has been introduced by the Data Retention Act. Then the rest is significantly narrower than the diverse agencies that were earlier allowed to access data.

Conclusion: it can be stated in the end that new data retention law of the government has to face criticism due to several reasons. For instance, the new regime provides warrantless access to the government agencies regarding personal data. Even if these agencies are not strictly the law enforcement agencies. At the same time, still, there is some confusion present regarding the new regime. The reason is that the legislation is still unclear and similarly it does not cover overseas webmail services as well as a number of messaging apps. Similarly, consumer protections like mandatory data breach legislation were missing at the time of the enactment of the law. This significant safeguards should been present in the data retention regime.


Brandis, G. (2015) One more anti-terror tool. The Australian, Retrieved from

Brown, I., Halperin, M. H., Hayes, B., Scott, B., & Vermeulen, M. (2015). Towards Multilateral Standards for Surveillance Reform. Oxford Internet Institute Discussion Paper. Retrieved from

Commonwealth of Australia (2015), Martin Place Siege: Joint Commonwealth-New South Wales review, Canberra, January 2015

Crowe, D. (2014) Tough terror laws target jihadis. The Australian. Retrieved from

Donohue, L. K. (2014). Bulk Metadata Collection: Statutory and Constitutional Considerations. Harvard Journal of Law & Public Policy, 37 (3), 757

Greenwald, G. (2014). No Place to Hide: Edward Snowden, the NSA, and the U.S. Surveillance State. New York: Henry Holt.

Guy, G. (2016) ‘Requests for Access to Telecommunications Metadata under 176A of the TIA’, Right to Know,

Taylor, J. (2016) Over 60 agencies apply to snoop into your metadata. Crikey. Retrieved from Digital Rights Ireland Ltd v Minister for Communications, Marine and Natural Resources [2014] All ER

How to cite this essay: