We have good news and bad news about metadata retention
The bad: Australian readers are now being tracked. The good: Civil litigants won't be able to slurp your metadata... for now
On the same day that Australia's telecommunications metadata retention regime kicked off, the nation's attorney-general also tabled a report quashing the use of that metadata in civil litigation.
The "Review of whether there should be exceptions to the prohibition on civil litigant access to retained telecommunications data" (PDF) emerged on April 13th and finds that while some law enforcement authorities like the idea of wider access to telecommunications metadata and can show it would be useful in some investigations, there's no compelling reason to do so.
On The Register's reading of the Review, its authors feel that the current method of accessing metadata in civil cases – subpoenas, notices of disclosure or court orders – works just fine because they offer lots of safeguards to ensure that parties don't use metadata frivolously or as a way to go fishing for evidence.
The Review also notes that telcos retain some data due to their new metadata retention obligations and also for commercial purposes. Untangling what data is for what purpose, and therefore accessible to civil litigants, would place an unreasonable burden on carriers.
The eight-page Review therefore reaches the following four conclusions:
- Although there is a history of telecommunications data being obtained to support a modest number of civil cases, the review has received insufficient evidence to sustain a recommendation that regulations be made to allow civil litigants to access data retained solely for the purpose of the data retention scheme.
- The prohibition preserves civil litigants' access to data that is not retained for the purpose of the data retention scheme, while restricting access to data accumulated and used solely for the purpose of the scheme.
- Should evidence reveal a need for exceptions in the future, regulations could be considered at that time. This would be subject to consultation and would involve consideration of privacy issues and the impact on telecommunications providers.
- It would be open to the Parliamentary Joint Committee on Intelligence and Security to examine the prohibition and regulation-making power in 2019, when it undertakes its prescribed statutory review of the data retention scheme.
The decision will be welcome as the initial telecommunications metadata retention scheme was advanced as necessary to assist with criminal and national security investigations. Creating an exception to extend the scheme to civil litigation was criticised as scope creep in submissions to the Review.
But the decision doesn't mean the idea is dead: on the Review's web page we learn that "The Government will therefore not be making regulations to increase civil litigant access to retained data at this time." Which leaves open the possibility this idea will be revisited.
There's also some irony in the fact that the Review emerged on the same day that Australia's telecommunications metadata retention scheme went into operation. If your storage vendor isn't answering calls this morning, that commencement may explain why. ®
Sponsored: Becoming a Pragmatic Security Leader