Senate passes 'lite' data retention laws

Australia gets closer to European treaty.

Law enforcement agencies will be able to force internet service providers to store data on subscribers under new legislation approved by the Senate today.

The Cybercrime Legislation Amendment Bill 2011 amends the Mutual Assistance in Criminal Matters Act 1987, the Criminal Code Act 1995, the Telecommunications (Interception and Access) Act 1979 and the Telecommunications Act 1997.

The changes allow police to force telcos to retain data on persons of interest for a set period while a warrant is sought.

Such data may have been previously jettisoned by ISPs, which generally retain only enough subscriber information for customer service and billing.

Greens Senator Scott Ludlam described the reforms as a targeted, 'lite' version of the Federal Government's proposed data retention laws, and with more oversight.

Ludlam fiercely opposed the proposed data retention laws, but said he backed this reform to police power.

“It is a narrow and targeted form of data retention that allows law enforcement to target, for instance, persons suspected of serious crime and ask ISPs to retain their data,” Ludlam said.

The changes were couched as necessary for Australia to accede to the 2004 Council of Europe Convention on Cybercrime, designed to assist with international cybercrime investigations through sharing of information on persons of interest, among other avenues.

The Federal Government said in May 2010 that it intended to accede to the treaty, which calls for procedures that allow authorities to force service providers to surrender information about subscribers, and intercept and record traffic.

The legal changes have been lauded by law enforcement and intelligence agencies as key to cracking down on international cybercrime.

Should Australia accede, it would join 34 other nations, including the US, that were already party to the convention.

Ludlam said the sharing of data between overseas agencies was troubling due to an increase in the number of requests within Australia for subscriber data by law enforcement and intelligence agencies.  

“There were a quarter of a million requests to telcos for people’s data and metadata [between 2010 and 2011],” he said.

“This will be shared all over the world and I don’t think the safeguards are there.”

Attorney-General Nicola Roxon said the reforms were necessary to help curb cybercrime.

“Cybercrime is a growing threat that touches all aspects of modern life.  It poses complex policy and law enforcement challenges, partly due to the transnational nature of the internet,” Roxon said in a statement.

“The convention promotes a coordinated approach to cybercrime by requiring countries to criminalise these computer related offences.

"The convention also establishes procedures to make investigations more efficient to improve international cooperation.

In May last year, Australia's Joint Standing Committee on Treaties recommended that “binding treaty action be taken” on the accession plans. 

The recommendation came despite concerns raised in a separate Senate Inquiry into online privacy and opposition from civil liberties groups.

While that Committee was aware that surveillance raised “fears about the invasion of privacy, with potential threat to human rights and civil liberties”, it expected sufficient safeguards to be in place.