Cat Barker and Jaan Murphy
After a long and chequered history, legislation to introduce
a mandatory telecommunications data (sometimes called ‘metadata’) retention scheme
was passed by both Houses of Parliament in March 2015.
Several aspects of the scheme have been the subject of extensive debate since
it was first officially proposed by the previous government in May 2012,
including its cost and how much of it should be met by government.
The Abbott Government was criticised for introducing legislation to establish
the scheme before determining its cost, and for its reluctance to disclose certain
information about estimated costs, on which it had commissioned a report from
Pricewaterhouse Coopers (PwC). The 2015–16 Budget
includes $153.8 million over four years to ‘support the implementation and
ongoing management’ of the data retention scheme, including $131.3 million
over three years for telecommunications service providers.
However, important questions remain unanswered, including the basis on which
the Government has estimated the costs of establishing and maintaining the
scheme, and how funding will be distributed across the various service
Estimates of how much the scheme will cost have varied
widely. Initially this was partly due to a lack of clarity around what data was
actually to be retained and what sort of requirements the Government might
impose in terms of the security of the data. As those parameters became
clearer, service providers became less willing to publicly disclose their
estimates, citing commercial sensitivity.
The Government has not publicly released the PwC report. It
has disclosed the estimates it contained, which incorporated advice from service
providers and government agencies. But in the absence of the assumptions
underlying the modelling, it is not possible to determine how reliable they
PwC estimated the upfront capital costs to industry to be
between $188.8 million and $319.1 million, and the Government has
estimated the total upfront and ongoing costs associated with the scheme over
the first ten years to total $738 million. Industry groups say they
are still working with the Government on implementation arrangements, and that
the actual costs are not yet known; the Internet Society is concerned they have
been ‘significantly underestimated’.
Who pays for what
Described by the Government as a ‘substantial contribution’,
the $131.3 million in the Budget for telecommunications service providers
is to help them ‘meet their initial capital costs of retaining a limited set of
metadata for a period of two years’. Based on PwC’s estimate,
this will cover approximately 40–70 per cent of those costs.
In its February 2015 report, the Parliamentary Joint
Committee on Intelligence and Security (PJCIS) generally endorsed the
conclusion of the 2005 Blunn Review that service providers should bear the
capital cost of developing and incorporating capabilities, and government
agencies the costs associated with individual requests for data.
However, in light of concerns about the potential cost impact of the scheme,
particularly on smaller providers, the PJCIS recommended that the Government
make a ‘substantial contribution’ to the upfront capital costs faced by
providers. It also noted that it
expected current arrangements, under which providers can recover the costs of
complying with requests for data from agencies on a ‘no profit, no loss’ basis,
to continue. However, those cost
recovery arrangements relate to the costs of complying with individual access
requests, not those associated with retaining the specified dataset for two
years. On the basis of estimates provided by the Government, that cost would be
somewhere between $418.9 million and $549.2 million over the first
ten years of the scheme. Industry has signalled that costs not met by government
will be passed on to consumers.
Distribution of funding for
telecommunications service providers
Based on evidence to its inquiry, the PJCIS recommended that
the model for the Government’s contribution to upfront costs:
provides sufficient support for smaller service providers, who
may not have sufficient capital budgets or operating cash flow to implement
data retention, and privacy and security controls, without up-front assistance;
minimises any potential anti-competitive impacts or market
accounts for the differentiated impact of data retention across
different segments of the telecommunications industry;
incentivises timely compliance with their data retention
provides appropriate incentives for service providers to
implement efficient solutions to data retention;
does not result in service providers receiving windfall payments
to operate and maintain existing, legacy systems; and
takes into account companies that have recently invested in
compliant data retention capabilities in anticipation of the Bill’s passage.
The Government supported the recommendation, but has not
detailed how it expects to meet those objectives.
Industry has called on the Government to outline how the funding will be
allocated across the hundreds of providers subject to the scheme, stating that how
it is dispersed is just as important as the amount.
The legislation establishing the data retention scheme also
expanded the Commonwealth Ombudsman’s role in overseeing access to
telecommunications data by law enforcement agencies, the additional cost of
which the PJCIS recommended the Government should cover.
The Budget provides additional funding of $6.7 million over four years for
that purpose. It also allocates $4.2 million over four years for the
Privacy Commissioner to monitor the privacy implications of the scheme and
measures in the Counter-Terrorism Legislation Amendment (Foreign Fighters)
Act 2014. However, only $1.1 million of that amount is new funding.
Parliament of Australia, ‘Telecommunications
(Interception and Access) Amendment (Data Retention) Bill 2015 homepage’,
Australian Parliament website; J Murphy and M Biddington, Telecommunications
(Interception and Access) Amendment (Data Retention) Bill 2015, Bills
digest, 89, 2014–15, Parliamentary Library, Canberra, 26 March 2015;
Parliamentary Joint Committee on Intelligence and Security (PJCIS), Report
of the Inquiry into Potential Reforms of Australia’s National Security
Legislation (2013 PJCIS Report), Parliament of Australia,
Canberra, May 2013.
J Murphy and M Biddington, op. cit.; 2013 PJCIS
Report, op. cit.; N Brew, ‘As
long as a piece of string—costing data retention’,
FlagPost, Parliamentary Library weblog, 5 December 2014.
N Brew, op. cit.; A Coyne, ‘AGD
slammed for secrecy on data retention costs’, itnews,
30 January 2015; A Colley, ‘Data
retention costs: government is “treating us like mugs”’, The Age
(online edition), 22 February 2015.
The budget figures in this article have been taken from the following
document unless otherwise sourced: Australian Government, Budget
measures: budget paper no. 2: 2015–16, 2015.
N Brew, op. cit., PJCIS, Advisory
report on the Telecommunications (Interception and Access) Amendment (Data
Retention) Bill 2014 (Advisory report), Parliament of Australia,
Canberra, February 2015, pp. 174–8.
Attorney-General’s Department (AGD), ‘Data
retention’, AGD website; AGD, Annual
deregulation report 2014, AGD, 2015, p. 4.
Internet Society Australian Chapter, Internet
Society calls on Government to guarantee to fund data retention short fall,
media release, 12 May 2015; Communications Alliance, Data
retention—focus needed on efficient compliance arrangements, media
release, 12 May 2015.
G Brandis (Attorney-General), Attorney-General’s
portfolio budget measures 2015–16, media release,
12 May 2015.
Advisory report, op. cit., pp. 182–3; AS Blunn, Report
of the review of the regulation of access to communications,
Commonwealth of Australia, 2005.
Advisory report, op. cit., pp. 174–184.
Ibid., pp. 181–3.
N Brew, op. cit.; Internet Society Australian Chapter, op. cit.; Communications Alliance, op. cit.
Advisory report, op. cit., p. 184.
G Brandis (Attorney-General) and M Turnbull (Minister for
response to committee report on the Telecommunications (Interception and
Access) Amendment (Data Retention) Bill 2014, media release,
3 March 2015.
Internet Society Australian Chapter, op. cit.; Communications
Alliance, op. cit.; D Ramli, ‘Federal
budget 2015: Telecommunications firms seek clarity over data retention funding’,
Australian Financial Review (online edition), 12 May 2015.
(Interception and Access) Amendment (Data Retention) Act 2015,
Schedule 3; Advisory report, op. cit., pp. 264–72.
All online articles accessed May 2015.
For copyright reasons some linked items are only available to members of Parliament.
© Commonwealth of Australia
With the exception of the Commonwealth Coat of Arms, and to the extent that copyright subsists in a third party, this publication, its logo and front page design are licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Australia licence.
In essence, you are free to copy and communicate this work in its current form for all non-commercial purposes, as long as you attribute the work to the author and abide by the other licence terms. The work cannot be adapted or modified in any way. Content from this publication should be attributed in the following way: Author(s), Title of publication, Series Name and No, Publisher, Date.
To the extent that copyright subsists in third party quotes it remains with the original owner and permission may be required to reuse the material.
Inquiries regarding the licence and any use of the publication are welcome to firstname.lastname@example.org.
This work has been prepared to support the work of the Australian Parliament using information available at the time of production. The views expressed do not reflect an official position of the Parliamentary Library, nor do they constitute professional legal opinion.
Any concerns or complaints should be directed to the Parliamentary Librarian. Parliamentary Library staff are available to discuss the contents of publications with Senators and Members and their staff. To access this service, clients may contact the author or the Library‘s Central Entry Point for referral.