Metadata retention
The Telecommunications (Interception and Access) Amendment (Data Retention) Act 2015 (Cth) requires telecommunications providers to retain, for two years, a defined set of metadata about the circumstances of the communications made through their services.
Metadata consists of information about the circumstances of a communication; not the substance of the communication. For a telephone call, for example, metadata will include the phone numbers used to begin a conversation, but not what was actually said in the conversation. Similarly, for an e-mail correspondence, metadata will consist in the e-mail addresses used, but not what was written in the exchange. Metadata does not consist of web-browsing history.
As such, the set of metadata now required to be retained is of six types:
1. The identity of the subscriber to a communications service;
2. The source of the communication;
3. The destination of the communication;
4. The date, time and duration of the communication;
5. The type of the communication; and
6. The location of the equipment used in the communication.
More information about these types of metadata, including examples of what they consist in, may be accessed here.
Data that is retained by telecommunications providers is protected as “personal information” by the Privacy Act 1988 (Cth), and by the Australian Privacy Principles. Personal information includes information about an identified individual, or an individual who is reasonably identifiable, no matter the form in which the information is kept.
The Commonwealth Attorney-General’s website contains additional information on metadata retention, and its implementing legislation.
Page last updated 01/03/2019