Crime Commission wants to fine telcos who refuse to retain data

The chief executive of the Australian Crime Commission or ACC, Paul Jevtovic, has told a Senate inquiry that he would like to see the Telecommunications Act changed to give the government power to penalise providers that don't cooperate with law enforcement.

The issue of data retention reared its head again at yesterday's hearing of the Senate committee investigating the interception of telecommunications data.

A supporter of mandatory retention of customer data, the ACC has added to its wishlist, seeking legislative changes to Section 313 of the Telecommunications Act which sets out providers' obligations to cooperate with government agencies, by introducing unspecified penalties to ensure they comply.

The penalties, Jevtovic told the inquiry, would provide the stick that Section 313 needs to be effective, as the ACC believes cooperation from providers has been inconsistent with some electing not to work with government agencies altogether.

According to Jevtovic, organised crime is turning to technology faster than the authorities can keep up.

Therefore, telcos and providers are "critical partners" in the fight against its spread, he said.

The ACC also wants to force telcos and ISPs to provide what Jevtovic called "access to encrypted products" as these support organised crime activity and frustrate law enforcement.

He told the inquiry that it is the ACC's view that those who manufacture encrypted communications products should have an obligation to assist the country to defend itself against organised crime.

Jevtovic admitted to the inquiry that storing large amounts of information relating to Australians carried privacy and security risks.

Furthermore, it would be expensive, he conceded. 

"There will be an expense, and we need to think about how that will be met," he said.

Despite the concerns, highlighted by the leaks of top secret intelligence services material by former United States National Security Agency contractor Edward Snowden, Jevtovic said they should not stop the government from pressing ahead with requiring telcos and ISPs to retain data.

"I can understand the concerns but I hope people understand why we need it - without it we will be fighting organised crime not with one arm tied behind our backs but with two," Jevtovic told the hearing.

Earlier this month, iiNet slammed the government's proposals to introduce mandatory data retention, saying there was no evidence that they are needed or that they would be effective.

In its submission to the Senate committee reviewing the Telecommunications Act of 1979, iiNet said complying with mandatory data retention requirements would not only increase the risk of privacy and security breaches, but would also cost the provider around $60 million to build a new data centre for storage.

iiNet estimates that it would have to store up to 20,000 terabytes of customer data to comply with the proposed new law.