Telecommunications data retention

Budget Review 2015–16 Index

Cat Barker and Jaan Murphy

After a long and chequered history, legislation to introduce a mandatory telecommunications data (sometimes called ‘metadata’) retention scheme was passed by both Houses of Parliament in March 2015.[1] Several aspects of the scheme have been the subject of extensive debate since it was first officially proposed by the previous government in May 2012, including its cost and how much of it should be met by government.[2] The Abbott Government was criticised for introducing legislation to establish the scheme before determining its cost, and for its reluctance to disclose certain information about estimated costs, on which it had commissioned a report from Pricewaterhouse Coopers (PwC).[3] The 2015–16 Budget includes $153.8 million over four years to ‘support the implementation and ongoing management’ of the data retention scheme, including $131.3 million over three years for telecommunications service providers.[4] However, important questions remain unanswered, including the basis on which the Government has estimated the costs of establishing and maintaining the scheme, and how funding will be distributed across the various service providers.

Cost estimates

Estimates of how much the scheme will cost have varied widely. Initially this was partly due to a lack of clarity around what data was actually to be retained and what sort of requirements the Government might impose in terms of the security of the data. As those parameters became clearer, service providers became less willing to publicly disclose their estimates, citing commercial sensitivity.[5]

The Government has not publicly released the PwC report. It has disclosed the estimates it contained, which incorporated advice from service providers and government agencies. But in the absence of the assumptions underlying the modelling, it is not possible to determine how reliable they are.

PwC estimated the upfront capital costs to industry to be between $188.8 million and $319.1 million, and the Government has estimated the total upfront and ongoing costs associated with the scheme over the first ten years to total $738 million.[6] Industry groups say they are still working with the Government on implementation arrangements, and that the actual costs are not yet known; the Internet Society is concerned they have been ‘significantly underestimated’.[7]

Who pays for what

Described by the Government as a ‘substantial contribution’, the $131.3 million in the Budget for telecommunications service providers is to help them ‘meet their initial capital costs of retaining a limited set of metadata for a period of two years’.[8] Based on PwC’s estimate, this will cover approximately 40–70 per cent of those costs.

In its February 2015 report, the Parliamentary Joint Committee on Intelligence and Security (PJCIS) generally endorsed the conclusion of the 2005 Blunn Review that service providers should bear the capital cost of developing and incorporating capabilities, and government agencies the costs associated with individual requests for data.[9] However, in light of concerns about the potential cost impact of the scheme, particularly on smaller providers, the PJCIS recommended that the Government make a ‘substantial contribution’ to the upfront capital costs faced by providers.[10] It also noted that it expected current arrangements, under which providers can recover the costs of complying with requests for data from agencies on a ‘no profit, no loss’ basis, to continue.[11] However, those cost recovery arrangements relate to the costs of complying with individual access requests, not those associated with retaining the specified dataset for two years. On the basis of estimates provided by the Government, that cost would be somewhere between $418.9 million and $549.2 million over the first ten years of the scheme. Industry has signalled that costs not met by government will be passed on to consumers.[12]

Distribution of funding for telecommunications service providers

Based on evidence to its inquiry, the PJCIS recommended that the model for the Government’s contribution to upfront costs:

    • provides sufficient support for smaller service providers, who may not have sufficient capital budgets or operating cash flow to implement data retention, and privacy and security controls, without up-front assistance;
    • minimises any potential anti-competitive impacts or market distortions;
    • accounts for the differentiated impact of data retention across different segments of the telecommunications industry;
    • incentivises timely compliance with their data retention obligations;
    • provides appropriate incentives for service providers to implement efficient solutions to data retention;
    • does not result in service providers receiving windfall payments to operate and maintain existing, legacy systems; and
    • takes into account companies that have recently invested in compliant data retention capabilities in anticipation of the Bill’s passage.[13]

The Government supported the recommendation, but has not detailed how it expects to meet those objectives.[14] Industry has called on the Government to outline how the funding will be allocated across the hundreds of providers subject to the scheme, stating that how it is dispersed is just as important as the amount.[15]

Oversight

The legislation establishing the data retention scheme also expanded the Commonwealth Ombudsman’s role in overseeing access to telecommunications data by law enforcement agencies, the additional cost of which the PJCIS recommended the Government should cover.[16] The Budget provides additional funding of $6.7 million over four years for that purpose. It also allocates $4.2 million over four years for the Privacy Commissioner to monitor the privacy implications of the scheme and measures in the Counter-Terrorism Legislation Amendment (Foreign Fighters) Act 2014. However, only $1.1 million of that amount is new funding.



[1].          Parliament of Australia, ‘Telecommunications (Interception and Access) Amendment (Data Retention) Bill 2015 homepage’, Australian Parliament website; J Murphy and M Biddington, Telecommunications (Interception and Access) Amendment (Data Retention) Bill 2015, Bills digest, 89, 2014–15, Parliamentary Library, Canberra, 26 March 2015; Parliamentary Joint Committee on Intelligence and Security (PJCIS), Report of the Inquiry into Potential Reforms of Australia’s National Security Legislation (2013 PJCIS Report), Parliament of Australia, Canberra, May 2013.

[2].          J Murphy and M Biddington, op. cit.; 2013 PJCIS Report, op. cit.; N Brew, ‘As long as a piece of string—costing data retention’, FlagPost, Parliamentary Library weblog, 5 December 2014.

[3].          N Brew, op. cit.; A Coyne, ‘AGD slammed for secrecy on data retention costs’, itnews, 30 January 2015; A Colley, ‘Data retention costs: government is “treating us like mugs”’, The Age (online edition), 22 February 2015.

[4].          The budget figures in this article have been taken from the following document unless otherwise sourced: Australian Government, Budget measures: budget paper no. 2: 2015–16, 2015.

[5].          N Brew, op. cit., PJCIS, Advisory report on the Telecommunications (Interception and Access) Amendment (Data Retention) Bill 2014 (Advisory report), Parliament of Australia, Canberra, February 2015, pp. 174–8.

[6].          Attorney-General’s Department (AGD), ‘Data retention’, AGD website; AGD, Annual deregulation report 2014, AGD, 2015, p. 4.

[7].          Internet Society Australian Chapter, Internet Society calls on Government to guarantee to fund data retention short fall, media release, 12 May 2015; Communications Alliance, Data retention—focus needed on efficient compliance arrangements, media release, 12 May 2015.

[8].          G Brandis (Attorney-General), Attorney-General’s portfolio budget measures 2015–16, media release, 12 May 2015.

[9].          Advisory report, op. cit., pp. 182–3; AS Blunn, Report of the review of the regulation of access to communications, Commonwealth of Australia, 2005.

[10].       Advisory report, op. cit., pp. 174–184.

[11].       Ibid., pp. 181–3.

[12].       N Brew, op. cit.; Internet Society Australian Chapter, op. cit.; Communications Alliance, op. cit.

[13].       Advisory report, op. cit., p. 184.

[14].       G Brandis (Attorney-General) and M Turnbull (Minister for Communications), Government response to committee report on the Telecommunications (Interception and Access) Amendment (Data Retention) Bill 2014, media release, 3 March 2015.

[15].       Internet Society Australian Chapter, op. cit.; Communications Alliance, op. cit.; D Ramli, ‘Federal budget 2015: Telecommunications firms seek clarity over data retention funding’, Australian Financial Review (online edition), 12 May 2015.

[16].       Telecommunications (Interception and Access) Amendment (Data Retention) Act 2015, Schedule 3; Advisory report, op. cit., pp. 264–72.

 

All online articles accessed May 2015. 

For copyright reasons some linked items are only available to members of Parliament.


© Commonwealth of Australia

Creative commons logo

Creative Commons

With the exception of the Commonwealth Coat of Arms, and to the extent that copyright subsists in a third party, this publication, its logo and front page design are licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Australia licence.

In essence, you are free to copy and communicate this work in its current form for all non-commercial purposes, as long as you attribute the work to the author and abide by the other licence terms. The work cannot be adapted or modified in any way. Content from this publication should be attributed in the following way: Author(s), Title of publication, Series Name and No, Publisher, Date.

To the extent that copyright subsists in third party quotes it remains with the original owner and permission may be required to reuse the material.

Inquiries regarding the licence and any use of the publication are welcome to webmanager@aph.gov.au.

This work has been prepared to support the work of the Australian Parliament using information available at the time of production. The views expressed do not reflect an official position of the Parliamentary Library, nor do they constitute professional legal opinion.

Any concerns or complaints should be directed to the Parliamentary Librarian. Parliamentary Library staff are available to discuss the contents of publications with Senators and Members and their staff. To access this service, clients may contact the author or the Library‘s Central Entry Point for referral.  

Top