Warren Entsch (Leichhardt, Liberal Party) Share this | Hansard source

I rise to speak to the Telecommunications (Interceptions and Access) Amendment (Data Retention) Bill 2014 and indicate that I very much support this bill. There comes a point, when the safety of the Australian people is at stake, that the Australian government is certainly obliged to step in—when the government has no choice but to make firm decisions to help safeguard our country against those who would destroy our free, democratic way of life. We are blessed to have incredible communications technology here—technology that lets us speak instantly with family across the world; technology that lets us download our favourite movies and music in mere minutes; technology that crosses national and cultural boundaries and lets us tweet or blog about our lives to a potential audience of literally billions.

But not everyone is using it for good. There are groups out there who use this same technology to commit crimes—to steal personal information, to distribute child pornography and to plan terrorist attacks. These are not pie-in-the-sky, far-off fantasies; they are happening on our shores and they are certainly happening in our own backyard. Against such faceless attacks, national security becomes everybody's responsibility. Every Australian man, woman and child, every business owner, every company and every agency has to play their part. The resources of our national security agencies, ASIO, ASIS and the AFP, are certainly limited and it would take an obscene amount of money, time and other resources for them to cover every base. We need a whole-of-country effort and, against these threats, we need metadata.

Metadata is the who, when and where—not the content—of communication. It is information such as an email address or telephone number and the time the email was sent or the call was made. It does not include the content of the communication, not even the email subject line. The government already works with our major telcos, Telstra, TPG, Vodafone and the like, to fight crime on an international, electronic level using metadata. In fact, the degree to which metadata is used in investigations already would probably surprise you, Mr Deputy Speaker. Between July and September last year it was used in    92 per cent of counterterrorism investigations, 100 per cent of cybercrime investigations, 87 per cent of child protection investigations and 79 per cent of serious organised crime investigations. I rise here today to say that I support this amendment, I support data retention and we will support our country's fight against those who will use technology to commit crimes against us.

The value of data retention was seen most recently in the Europol child exploitation investigation called Operation Rescue. The perpetrators involved shared much of their information online, and so physical evidence was very hard to get. In the UK, which has data retention laws, authorities were able to identify 240 of 371 suspects, two-thirds of them, using telecommunications data. The police stings that followed led to 121 arrests and convictions. Compare that to Germany, which has no data retention laws. In the very same operation, 377 suspects were believed to be living in Germany but German authorities were only able to positively identify seven, less than two per cent. They also were not able to gather enough evidence to arrest or convict a single person. The same situation was repeated in Austria, Sweden, the Czech Republic and Norway, which, at the time, did not have data retention laws. Had these countries had legislation in place, they would have been able to potentially convict hundreds of child molesters. But, because police were not able to access the metadata they needed, those perpetrators, unfortunately, are still out there.

Do we want to find Australia in a similar situation? I think not. We need to have the foresight to support our law enforcement authorities to fight against crime, espionage, cyberattacks and terrorism. We need to learn from the experience of our European friends, not repeat their mistakes. Our law enforcement heroes depend heavily on data retention and metadata for catching paedophiles. Just last year, the AFP received a tip-off regarding a person suspected of uploading child pornography to an image-sharing website. The AFP sent the IP address to the relevant telco and were able to identify the subscriber and their location. With this information, they gained a search warrant of the individual's home, where they found a large amount of child pornography material and information indicating possible abuse. That man is now behind bars, thanks to our police being able to use metadata.

Now consider this. Again last year, the AFP received information from Interpol about a suspect who had made a statement online that they intended to sexually assault a baby. Interpol provided the IP address details to our police, but, because the Australian carrier only kept their metadata for seven days, the suspect was able to disappear into the dark depths of the web. This is precisely why data retention is a vital asset. It is a front-line defence against criminals and a valuable tool to hunt them down.

If we do not make these amendments to enforce that that metadata be kept for two years, our law enforcement agencies will no longer be able to do their job effectively. The New South Wales police commissioner recently said:

There's not a terrorism investigation since 9/11 that hasn't relied on metadata.

He said:

This information is available right now. All we're saying is keep it for a little longer.

We need to accept that there is a risk out there. We have already seen that, despite our physical distance from other countries, terrorists are targeting Australians. It happened in Bali in 2002 and of course again in 2005. More recently, it is happening on our own soil as well, unfortunately.

We know of at least 90 Australians actively involved in terrorist groups in Iraq and Syria, and another 140 onshore actively supporting them. We cannot afford to stick our heads in the sand and block our ears. We cannot vainly hope that our distance from other countries will always protect us. We cannot continue to believe, when all the evidence indicates otherwise, that 'she'll be right, mate'.

There have been some very specific concerns by the public about our push for data retention. One of my constituents from Cairns, Mr Trent Yarwood, is a member of the organisation Future Wise. He argues that there is:

… no provision for the privacy of the data in the bill, and no provision for the law enforcement agencies to fund storage of this ... data, or to securely delete it once access is no longer required.

Mr Yarwood goes on to say that he and the Future Wise team are concerned about the effectiveness of the proposed regime as well as a number of secondary impacts of the bill, which he said include the impact on personal privacy and the presumption of innocence; warrantless access to personal data; cost implications for internet service providers and end users; and that the length of the retention period is not necessary or proportionate.

I certainly appreciate Mr Yarwood's comments and I have forwarded them to the minister's office but, in the meantime, I want to make a few points in response to his concerns. The government is not asking internet service providers to keep any data that would reveal their web browsing history. We are not asking for the content or substance of emails or social media posts; we are only asking telcos to keep certain specific metadata—the who, when and where of communications—for two years to assist with criminal and national security investigations.

My constituent Mr Yarwood talked about the cost. I can tell you the estimated up-front capital cost of this regime to all business is less than $319.1 million—that is less than one per cent of the $43 billion in revenue generated by the telecommunications industry each year. The government has also constantly said that we will make a reasonable contribution to this.

Mr Yarwood talked about personal privacy. It is our top priority, which is why this bill proposes several safeguards. Firstly, the data will continue to be held by the industry. Secondly, only specific government agencies will be able to request access, and only for specific circumstances. Thirdly, there will be multiple oversight bodies in place to make sure that agencies respect those controls.

We also recognise that the principle of freedom of the press is fundamental to our democracy. That is why the government is open to further measures to protect journalists' sources, and I am aware that these conversations are continuing. We have decided that a further amendment will be moved that will require agencies to obtain a warrant in order to access journalists' metadata for the purposes of identifying a source. Most importantly, this legislation is not about identifying journalists' sources; it is about making sure our security and law enforcement agencies continue to have access to metadata.

The Telecommunications (Interception and Access) Act 1979 also provides a framework that governs who can access the data. But we are actually going much further. We are reducing the number of agencies that can apply to access this data from 80 down to around 20. Our law enforcement officers cannot just trawl through telecommunications data whenever they like—that would be a criminal offence and they could be charged. Data has to be reasonably necessary—not just helpful or expedient—for investigating criminal offences and other permitted purposes.

Our federal law enforcement agencies are subject to ministerial oversight, as you are well aware, Mr Deputy Speaker Vasta—Senate estimates, parliamentary committee inquiries and the Australian Commission for Law Enforcement Integrity. Finally, requests for information by law enforcement agencies from telcos are reported annually, released publicly and subject to oversight by the Commonwealth Ombudsman. Having these layers of independent oversight means that any agency that accesses the data is certainly subject to some very intense scrutiny.

As you can see, we are not taking any risks with this telecommunications metadata. We need it to conduct criminal investigations, but the data will be held behind lock and key and only accessed when absolutely necessary.

Before I finish, I want to acknowledge the recent inquiry into this bill by the Parliamentary Joint Committee on Intelligence and Security. As you know, this committee was bipartisan. Both Liberal and Labor came together to unanimously create a bill that protects Australians from those who would harm us, while also protecting our privacy. The committee's inquiry made 39 recommendations, and I am pleased to say that we will be supporting all of those as we move forward.

In conclusion, this amendment is a string in our law enforcement bow that will require telcos to keep specific metadata for two years. It is a vital measure to help us, as a country, stop online criminals—not the petty pirates who illegally download the Game of Thrones or the latest Hobbit movie but the hard-core criminal organisations who engage in child exploitation, identity theft and terrorism.

We cannot wait for another major crime to occur against an Australian child, against an Australian family or against our nation. We need to put processes in place so that we will have a strategic defence against tech-savvy terrorists so that our law enforcement agencies can respond quickly and effectively against threats to our Australian way of life.

The law has strong safeguards in place to protect our own citizens and measures that will ensure that only those who need access to data for major law enforcement activities can see it. Quite frankly, the only people who need to be concerned about these amendments are those major criminals. To them, I say: 'Australia certainly will be ready.'

See this speech in context