Clare O'Neil (Hotham, Australian Labor Party) Share this | Hansard source

It is a pleasure today to make a contribution to the debate about the Telecommunications (Interception and Access) Amendment (Data Retention) Bill 2014, known in the community as the data retention legislation. What I want to do today with this opportunity is explain why I am supporting the legislation. I am doing so with a great deal of thought and reflection because the truth is that legislation like this raises some very difficult and important questions for us, as a parliament, and for the Australian community. We are being asked constantly, as technology improves and as our world changes, to make difficult trade-offs between privacy and civil liberties and the use of data, which is now routinely collected about us and our online activities. For those who are listening in the gallery and for those who are watching at home, I would just ask all of you to greet with a degree of caution anyone who is putting the debate about this legislation forward as a kind of ridiculously obvious point or question on one side or the other, because the truth is that I think anyone who shares broadly Australian values, who has looked at this legislation, who has understood the issues and who has read the parliamentary report that looked into the detail of the legislation would agree that it is complex. But I believe the legislation before us does strike the right balance, and I will explain in detail why I have that view.

I want to start this conversation where it ought to begin, not with wildly overstated claims but with an understanding of the situation about data retention today. The first important point to note here is what data is under this legislation that we are debating today. It is not detailed information about emails that you send and the content of those emails. The data that is being defined under this legislation is quite tightly defined. It is about the fact of communications and the fact that they occurred. It is not about the data that was contained in those communications. Of the confusion about this bill, this is really where we have seen a lot of discussion and debate, and I want people to be clear about that. For example, with mobile phone communications, the data that will be retained under this legislation, should it pass the parliament, is the fact that a person made a call, who the call was to and the time of that call. There is no audio recording or text recording of the call. For online communications, for example, email content will not be kept, but the time that you logged on to the internet and logged off is the sort of data that will be retained.

There is a second important point to note about this: is this data being retained at the moment? What we know is that such data—and, in fact, volumes of data and more detailed elements of data—is being retained by some telecommunications companies but not by others. What we see with the current regulatory regime around data retention is that both the retention of data and the access to the data are not being well regulated. We do not have a law which has kept up to date with the ability of telecommunications companies to keep this data. For example, some telecommunications companies in Australia are keeping this data for seven years and others are saying that they do not want to keep it for longer than a few weeks. The purpose of this law is to clarify what the obligations are on telecommunications companies to retain data. I think when you understand the situation as it is today—the very hazy and quite poorly regulated or unregulated, in other respects, nature of this environment—you see that the best thing we can do is have a discussion, as a community, about what principles we should apply to these decisions and then create a new regulatory environment for it.

Something that I think is important to note is the access. I have talked a little bit about the retaining of the data by different telecommunications companies, but what we also have learned through this process is that the access to this data is not well regulated. There are some 80 bodies that are able to request access to telecommunications data. This includes organisations like local councils and the RSPCA who are using this data for reasons that this parliament has come to view as not appropriate for this type of monitoring of people's online behaviour. What we also know is that over the financial year 2012-2013 there were 331,000 authorisations for different organisations to use telecommunications data, which resulted in almost 550,000 disclosures of telecommunications data. In this kind of broadly unregulated or poorly regulated environment, half a million records were accessed. Just that fact alone illustrates a very clear need for us to tighten up what is going on out there in the world of data retention.

It is also an important place to start, in this conversation, talking about the other values. Obviously, there are these issues of being an unregulated environment. But what we have heard from the Australian community, I think quite rightly, is that there are concerns, from a civil liberties perspective, with how the data is being regulated and accessed at the moment. We know that privacy is an important right of ordinary Australians, and, as a starting point, we should say that no-one should have access to anything that anyone does in their personal lives unless there is some other countervailing principle that we are weighing against it. Privacy is not just important because it is a private right. We know that privacy is critical to the functioning of our democracy. Journalists need to be able to protect themselves and protect their sources. We know that activists and dissidents are perfectly entitled to organise to criticise security agencies and other sorts of things, and I very much respect those things and they must be protected. This is what we are balancing against the need to potentially access this data. From that starting point, we have got these very valuable private rights and civil liberties. We need to understand whether there is a clear need, in that case, for those types of principles to be balanced against another need.

Should the right to privacy be modified in this instance? I think that the PJCIS, which looked at this bill in an incredible amount of detail, had an excellent chapter on this very question, and I would really encourage those in the community who have shown an interest in this issue to have a look at the chapter.

What we know is that telecommunications are creating new types of crimes and they are also creating a means for us to resolve very old types of crimes. We have seen that very much in criminal investigations and criminal activity of recent years. We know, for example, that data retention can be an essential tool in fighting online paedophilia and online sex crimes. We know that terrorism is often organised online, so there is obviously going to be an element of metadata being used to resolve those crimes. The member for Melbourne Ports raised the issue of Jill Meagher, the woman who was tragically killed in Melbourne. We know metadata was essential in tracking down the person who committed that crime. The member for Blaxland said in his speech on this subject that one of the first things police want to do when someone is found to have committed a crime is work out who the person has recently spoken to and try to piece together the elements. So for anyone who knows anything about how police pursue crimes these days, there is a very clear and obvious need here.

In the submissions to the inquiry into the bill we saw very clearly that a wide range of people acknowledge the need to curtail the right to privacy in order to assist us in fighting crime. I do not want to overstate that; a lot of people do not believe there is any need to take any interventions, but there are a lot of people who do. For example, Gillian Triggs, the President of the Australian Human Rights Commission, in her submission spoke about the need to update the law to reflect the fact that there is an obvious new tool to fight crime and that it is a good reason in some instances to curtail the right to privacy. Even Timothy Pilgrim, the Australian Privacy Commissioner, in his submission said the right to privacy is not absolute and there are some clear needs to curtail that right given what we know about the importance of metadata in fighting crime. Reading some of these submissions has helped me come to the view that it is very important that we try to better regulate this area and that access to metadata does need to be allowed under some conditions.

Other speakers have talked about the role Labor has played in making this legislation into what we believe is a good and decent piece of legislation. There has been broad acknowledgement that where we started with this bill was not a great place to start. I think even the people who proposed the bill acknowledged that there was a real need for the parliament to look closely at the legislation and improve on it. I am very proud of the work Labor has done through the parliamentary process. There are some in the community who would have liked to see a stand-up fight on this. But we see this as a serious issue that needs serious consideration and that is why we have used the parliament to make this bill into something that we feel strikes the appropriate balance.

I would like to explain briefly some of the things that Labor has pushed to change in this bill that I believe have allowed it to strike that right balance. The first thing is that, under the legislation we are debating now, the definition of 'data' is included in the substantive legislation itself. That sounds very technical, but what it really means is that, under the previous version of this legislation, the Attorney-General could through legislation change the definition of 'data'. This is important because, as I have explained, the definition does not include things such as the websites you have visited or the text of emails. We believe that should be enshrined in legislation. If anyone in Australia wants to have a discussion about whether that should change, we believe that discussion should take place here in this chamber and that we should all get to have a say in it rather than allowing the Attorney-General to make that change on his own.

The second thing is limiting the list of agencies who can access that data. Again, under the previous version, this was not in the substantive bill. What we have said is that, if the government of the day wishes to make a change to the agencies that are allowed to access metadata under the legislation, they will now have to come back into the parliament to do that and the Attorney-General is not going to be allowed to add agencies as he or she sees fit.

The third thing we have done, which I think is tremendously important, is to allow a provision in the legislation so that individuals can now access their own metadata. If we are going to infringe on the right to privacy to a degree, I think it is only fair that people understand what it is that other agencies might have access to. So we have made sure that is enshrined in the legislation.

Another thing is how this data is protected. Because of Labor's actions, the data that is being retained by telecommunications companies will now be encrypted. We have added an oversight mechanism into the bill so that after two years of operation the PJCIS, which is the committee that considered this legislation in detail, will have the chance to go through and look at how it has been operating and consider how the data has been accessed and whether the use of such data is appropriate. To all of those in the Australian community who have a strong view about how this legislation has panned out and the version that has gone to the parliament, I say that you will get another chance to talk about this when we see how in practice the legislation is used and whether there are any improvements to it.

Through the committee process Labor was able to ensure that metadata can now only be accessed for criminal matters. This is quite important because, as I have said, it has been difficult to strike the right balance between the right to privacy and the benefits to crime fighting that we see in the use of metadata. We believe that the right to privacy should only be infringed to this degree when there are criminal matters at stake. For example, there is the Game of Thrones problem; people were concerned that through this process they might be apprehended for online piracy. Because of Labor's intervention, that is not what this this legislation is about; we are not trying to oversee people's activities to that degree. But where there is a criminal matter to be answered and a criminal matter to be considered, we believe it is fair that the right to privacy be curtailed in this instance.

I do not want to state that this is a perfect piece of legislation, and I hope that the remarks I have made give the indication that we have thought about it and there are remaining issues. The way the legislation treats journalists is a remaining issue. That was not an issue on which the committee process could reach an agreement. Labor has pushed this very hard, and we are continuing to push very hard on this. Those who have been following the debate closely will know that Bill Shorten, the member for Maribyrnong and Leader of the Opposition, is continuing to push this with the Prime Minister—and I hope to see that matter resolved.

We should not see this piece of legislation in isolation. Something else that the Labor Party is interested in pursuing, as we give security agencies more powers, is how we can ensure that there is appropriate parliamentary oversight for those different agencies. That is something Labor will be pursuing in the coming months. I am pleased to support the bill which I believe strikes the right balance.

See this speech in context