Access to and retention of internet 'metadata'

Parliament house flag post

Access to and retention of internet 'metadata'

Posted 18/08/2014 by Jaan Murphy

Access to and retention of internet ‘metadata’

On 5 August 2014, the Government announced its intention to update Australia’s telecommunication interception laws. This is part of broader efforts to enhance powers available to security agencies ‘to combat home-grown terrorism and Australians who participate in terrorist activities overseas’. This includes developing a mandatory ‘metadata’ retention system.

Whilst having a period of mandatory metadata retention would be new, the collection of metadata by telecommunications companies and government access to it is not new and is governed by the Telecommunications (Interception and Access) Act 1979 (TIA).  Whilst the need for such a scheme was linked to combating terrorism, it is worth noting that Australian and European experience suggests that the most common law enforcement use of metadata will be in non-terrorism criminal cases.

How does Australian law define metadata?​

The TIA does not contain a specific, positive definition of metadata (referred to as ‘telecommunications data’). Instead, metadata is negatively defined in section 172 as excluding any:

  • information that is the contents or substance of a communication, or
  • documents (to the extent they contain the contents or substance of a communication).

Put simply, metadata (in the context of web browsing) is what remains of a communication or document after its contents and substance is excluded. As a result, the legal definition of metadata is ambiguous; an oversight commentators suggest is surprising.

In part, the ambiguity arises from conflicting views on what constitutes ‘the content’ of a communication. For example, one of the most contentious issues of the current Australian regime is whether Uniform Resource Locators (URLs) are metadata. If they are, then warrantless governmental access to individuals’ web browsing history is possible.

One view is that as URLs are user-generated, they are content. Another view – expressed by the Attorney-General’s Department - is that metadata is ‘information that allows a communication to occur’. As that is what URLs do, consequently they are not content. The issue is that that some URLs can identify the substance of a communication.

For example, the URL of the FlagPost article on oversight of the Australian Intelligence Community includes the text ‘Maintaining_oversight_of_the_AIC’ which arguably identifies the ‘substance’ of the communication. Other URLs however, do not allow the substance of a communication to be identified.

The Communications Minister indicated that the Government was developing a definition of metadata in consultation with telecommunications providers, which may remove the ambiguity.

Disclosure of metadata

While sections 276-278 of the Telecommunications Act 1997 prohibit the disclosure or use of information or documents, Chapter 4 of the TIA outlines two circumstances where metadata (as negatively defined by s 172 of the TIA) can be lawfully disclosed to ASIO and enforcement agencies. Voluntary disclosure is permitted where an employee of a telecommunications provider encounters information they regard as being 'in connection with' ASIO's functions or 'reasonably necessary' for enforcing criminal law. Alternatively, ASIO and enforcement agencies can themselves authorise disclosure of metadata from telecommunications service providers, without a warrant.

Differing views

The current access scheme hinges on the meaning of ‘metadata’. Some submissions to the Senate Committee on the Bill that created the current scheme expressed concern at the lack of a definition of metadata and suggested there was 'unacceptable ambiguity and uncertainty about the "reach" of the various powers' it confers on national security and law enforcement agencies.

Similar observations were made in submissions to the Australian Law Reform Commission review of privacy laws. However, the ALRC expressed the view that definitions should remain ‘technology neutral’, and hence metadata should not be defined. Likewise, the Attorney-General's Department considered that attempts to define metadata risked redundancy.

Since then, conflicting views of what constitutes metadata have emerged. For example, the Replacement Explanatory Memorandum to the 2007 Bill states that metadata:

does not include content such as the subject line of an email, the message sent by email or instant message or the details of Internet sessions, such as the Uniform Resource Locator/Identifier  (URL/URI).

This interpretation was reiterated by the Attorney-General’s Department in evidence to Senate Estimates hearings, where it was stated that a warrant would be required to obtain a URL from a person’s Internet records.

However, it would appear that as a matter of statutory interpretation, the URLs of websites visited by Internet users may be considered metadata if they do not identify the substance or content of a communication. This view is supported by current industry practice.

Industry practice

During the 2012 PJCIS inquiry into potential reforms of national security legislation, Telstra indicated the type of data it is prepared to disclose to law enforcement and national security agencies included ‘…(URLs) to the extent they do not identify the content of the communication’.

Industry practice therefore illustrates that URLs may be provided to law enforcement and national security agencies without a warrant.

Other jurisdictions

US legislation allows government access to metadata with or without a warrant, depending, in part, on the type of service provider holding the information.  The circumstances in which metadata can be disclosed to various government agencies is linked to highly technical definitions of ‘electronic communications service’ (ECS) and ‘remote computing service’ (RCS) providers. This complex, technically driven regime has been the subject of substantial criticism.

In contrast to the US and Australia, Canada has adopted a technology neutral approach to defining metadata. Under the Canadian Criminal Code unauthorised access to ‘private communications’ is prohibited. The Canadian Supreme Court has ruled that certain types of metadata are ‘private communications’, stating that:

It is not just the communication itself that is protected, but any derivative of that communication that would convey its substance or meaning.


The current regime for access to metadata arguably allows law enforcement and intelligence agencies to access URLs under the umbrella of ‘metadata’ (provided the URL does not identify the content of the communication) despite stakeholders holding contradictory perspectives. This ambiguity indicates that the proposed mandatory metadata retention scheme, if modelled on existing laws, may exacerbate the confusion surrounding the definition of metadata.

Note: the 'Industry Practice' section of this Flagpost was updated on 19 August 2014, to reflect the use of the word 'may' in Telstra's submission to the PJCIS.


Thank you for your comment. If it does not require moderation, it will appear shortly.
Facebook LinkedIn Twitter Add | Email Print


Flagpost is a blog on current issues of interest to members of the Australian Parliament

Parliamentary Library Logo showing Information Analysis & Advice




refugees asylum immigration Australian foreign policy Parliament climate change elections women social security Indigenous Australians Australian Bureau of Statistics Employment taxation Sport illicit drugs Medicare welfare reform Australian Defence Force welfare policy Asia income management Middle East criminal law disability Australian Sports Anti-Doping Agency World Anti-Doping Agency United States higher education people trafficking school education aid statistics Australian Electoral Commission WADA United Nations federal budget health financing emissions trading gambling Australia in the Asian Century steroids detention Private health insurance OECD ASADA labour force transport Law Enforcement Australian Federal Police Industrial Relations dental health National Disability Insurance Scheme forced labour Senate election results Papua New Guinea Australian Public Service International Women's Day corruption Fair Work Act child protection people smuggling debt federal election 2013 parliamentary procedure ALP New Zealand Australian Crime Commission Newstart Parenting Payment 43rd Parliament slavery by-election political parties Census constitution High Court skilled migration voting Federal Court terrorist groups Afghanistan Higher Education Loan Program HECS youth Aviation environment foreign debt gross debt net debt defence capability customs poker machines doping health crime health risks multiculturalism aged care Gonski Review of Funding for Schooling sex slavery sea farers leadership United Kingdom UK Parliament Electoral reform politics banking firearms public policy mental health China ADRV terrorism social media pensions welfare ASIO intelligence community Australian Security Intelligence Organisation governance public service reform Carbon Pricing Mechanism carbon tax mining military history employer employee fishing paid parental leave European Union same sex relationships international relations coal seam gas planning United Nations Security Council Australian economy food vocational education and training Drugs Indonesia children codes of conduct terrorist financing election timetable citizenship Productivity asylum seekers early childhood education Canada Population Financial sector national security fuel violence against women domestic violence disability employment Tasmania integrity science research and development Australian Secret Intelligence Service sexual abuse federal state relations World Trade Organization Australia accountability housing affordability bulk billing water renewable energy children's health health policy Governor-General US economy export liquefied natural gas foreign bribery question time speaker superannuation family assistance expertise Senators and Members climate Intergovernmental Panel on Climate Change Department of Agriculture Fisheries and Forestry food labelling Pacific Islands reserved seats new psychoactive substances synthetic drugs UNODC carbon markets health reform Indigenous constitutional recognition of local government local government consumer laws PISA royal commission US politics language education Leaders of the Opposition Parliamentary remuneration health system Australia Greens money laundering servitude Special Rapporteur Trafficking Protocol energy forced marriage rural and regional Northern Territory Emergency Response ministries social citizenship China; Economic policy; Southeast Asia; Africa housing Speaker; House of Representatives; Parliament Defence High Court; Indigenous; Indigenous Australians; Native Title ACT Indigenous education Norfolk Island External Territories emissions reduction fund; climate change child care funding refugees immigration asylum procurement Indigenous health e-voting internet voting nsw state elections 44th Parliament 2015 ABS Age Pension Death penalty capital punishment execution Bali nine Bali bombings Trade EU China soft power education Fiji India Disability Support Pension Antarctica Diplomacy by-elections state and territories workers Bills anti-corruption fraud bribery transparency corporate ownership whistleblower G20 economic reform innovation standards NATO Members of Parliament Scottish referendum Middle East; national security; terrorism social services Criminal Code Amendment (Misrepresentation of Age to a Minor) Bill 2013 online grooming sexual assault of minors ACT Assembly public health smoking plain packaging tobacco cigarettes Asia; Japan; international relations Work Health and Safety Migration; asylum seekers; regional processing China; United States; international relations fiscal policy Racial Discrimination Act; social policy; human rights; indigenous Australians Foreign policy Southeast Asia Israel Palestine regional unemployment asylum refugees immigration political finance donations foreign aid Economics efficiency human rights; Racial Discrimination Act employment law bullying Animal law; food copyright Australian Law Reform Commission industry peace keeping contracts workplace policies trade unions same-sex marriage disorderly conduct retirement Parliament House standing orders public housing prime ministers sitting days First speech defence budget submarines Somalia GDP forestry world heritage political engagement leave loading Trade; tariffs; safeguards; Anti-dumping public interest disclosure whistleblowing Productivity Commission regulation limitation period universities Ireland cancer gene patents genetic testing suspension of standing and sessional orders animal health live exports welfare systems infant mortality middle class welfare honorary citizen railways disciplinary tribunals standard of proof World Health Organisation arts international students skilled graduate visas temporary employment visas apologies roads Italy national heritage NHMRC nutrition anti-dumping Constitutional reform referendum Rent Assistance competition policy pharmaceutical benefits scheme obesity evidence law sacrament of confession US presidential election international days baby bonus DFAT UN General Assembly deregulation Regulation Impact Statements administrative law small business Breaker Morant homelessness regional engagement social determinants of health abortion Youth Allowance Members suspension citizen engagement policymaking federal election 2010 workplace health and safety Trafficking in Persons Report marine reserves hearing TAFE Victoria astronomy resources sector YMCA youth parliament alcohol Korea rebate Australian Greens presidential nomination Racial Discrimination Act entitlements political parties preselection solar hot water Financial Action Taskforce Horn of Africa peacekeeping piracy Great Barrier Reef Stronger futures political financing Hung Parliament political education social inclusion Social Inclusion Board maritime early childhood National Quality Framework for Early Childhood Education and Care Murray-Darling Basin Iran sanctions

Show all
Show less
Back to top