Data Retention, Careless Leaks and the Public Interest

Melbourne, Australia.

The Telecommunications (Interception and Access) Amendment (Data Retention) Bill 2014 is now Australian law. Despite a few loud voices, the police state consensus barged its way through the lower house and senate. An act that is poor in terms of scope, uncertain in terms of cost ($400 billion is but a figure), and dangerous in creating unnecessary pools of data, is now part of the surveillance furniture of the Australian landscape.

While Australia forges ahead into the barren scape of policy that is data retention, other countries and institutions are finding little to merit it. The Court of Justice of the EU (CJEU) ruled in April 2014 that European Union laws requiring telecommunication providers to retain metadata for up to six months, and a maximum of twenty-four months were, in their scope and purpose, invalid as a breach of fundamental privacy rights.

Austrian and Irish applicants challenged the respective transpositions of the directive into domestic law, uncomfortable with the fact that the retained data could be used to identify the person with whom a subscriber or registered user has communicated with, and by what means; identify the time and place of the communication; and know the frequency of the communications of the subscriber or registered user with certain persons over a periods of time.

The central law in question was the EU’s Data Retention Directive 2006/24(EC), which replicated, in a sense, the language of the Australian bill. Retaining traffic and location data including material necessary to identify the subscriber or user would amount to a breach of privacy and the right to protection of personal data under the Charter of Fundamental Rights of the EU.

In the Court’s view, the data, “taken as a whole, may provide very precise information on the private lives of the persons whose data are retained, such as the habits of everyday life, permanent or temporary places of residence, daily or other movements, activities carried out, social relationships and the social environments frequented.”[1] In bold emphasis, the Court argued that the data retention directive, which also enabled access by national authorities, “interferes in a particularly serious manner with the fundamental rights to respect and private life and the protection of personal data.”

We could all be in some agreement, suggested the Court, about the fact that retaining data might satisfy an “objective of general interest” – the “fight against serious crime and, ultimately, public security.” But notwithstanding this interest, the EU legislature had still exceeded its powers. Limits must be provided on attaining such data. The principle of “strict necessity,” a point that has totally escaped officials in Canberra, is what is required. The directive, for instance, made no “differentiation, limitation or exception” to the traffic data in question.

In the United States, an eclectic grouping ranging from the American Civil Liberties Union to the World Press Freedom Committee urged the White House, Congress and the various officials in an open letter (Mar 25) to stop bulk collection as permitted by the USA PATRIOT Act section 215, including records retained under the provision and similarly section 214 covering “pen registers and trap & trace devices.” In the event that these should occur, “appropriate safeguards” were to be put in place.[2]

The gods certainly do have a sense of humour. With the Australian bill still freshly passed through the upper house, it was reported that a high profile data breach had taken place before the G20 Summit in Brisbane. Passport and visa details, including date of birth of 31 international leaders were mistakenly emailed by an official in the Immigration Department office to a member of the Asian Cup Local Organising Committee November 7th last year.[3] The Guardian Australia, after obtaining an email sent from the Immigration Department to the privacy commissioner under Freedom of Information, revealed that the breach was noted 10 minutes after the incident.[4] The Asian Cup Local Organising committee claimed to have no access to the email, or have it stored anywhere in its system.

Stunning indifference accompanied the response to what was deemed an “isolated example of human error,” with minimal consequences. The then immigration minister Scott Morrison was notified, but department officials, in their wisdom, decided to stay numb on the subject. The G20 leaders would be kept in the dark.

Even by Australia’s own paltry standards, this posed a serious breach. In the words the Information Commissioner, a data breach occurs “when personal information held by an agency or organisation is lost or subjected to authorised access, modification, disclosure or other misuse or interference.” Australian Privacy Principle 11 imposes an obligation on agencies and organisations to take reasonable steps to protect the personal information they hold from such misuse, interference or loss, not to mention unauthorised access, modification or disclosure. With rather cheeky disdain, the Australian immigration department decided to conveniently sidestep the relevant provisions, wishing the matter to assume the form of an ostrich and vanish deep beneath the sand.

Such attitudes bode ill for the data retention program. Modification and unauthorised disclosures are genuine risks that only increase as the burdens on agencies increase. If officials of the agency dismiss the disclosure of personal details of world leaders on a summit attendance list as minor aberrations, we can only imagine how contemptuously private citizens will be treated.

Dr. Binoy Kampmark was a Commonwealth Scholar at Selwyn College, Cambridge. He lectures at RMIT University, Melbourne. Email: bkampmark@gmail.com


[1] http://curia.europa.eu/jcms/upload/docs/application/pdf/2014-04/cp140054en.pdf

[2] https://static.newamerica.org/attachments/2579-nsa-coalition-letter/NSA_coalition_letter_032515.pdf

[3] https://www.documentcloud.org/documents/1697616-g20-world-leaders-data-breach.html

[4] http://www.theguardian.com/world/2015/mar/30/personal-details-of-world-leaders-accidentally-revealed-by-g20-organisers

More articles by:

Binoy Kampmark was a Commonwealth Scholar at Selwyn College, Cambridge. He lectures at RMIT University, Melbourne. Email: bkampmark@gmail.com

September 25, 2018
Kenneth Surin
Fact-Finding Labour’s “Anti-Semitism” Crisis
Charles Pierson
Destroying Yemen as Humanely as Possible
James Rothenberg
Why Not Socialism?
Patrick Cockburn
How Putin Came Out on Top in Syria
John Grant
“Awesome Uncontrollable Male Passion” Meets Its Match
Guy Horton
Burma: Complicity With Evil?
Steve Stallone
Jujitsu Comms
William Blum
Bombing Libya: the Origins of Europe’s Immigration Crisis
John Feffer
There’s a New Crash Coming
Martha Pskowski
“The Emergency Isn’t Over”: the Homeless Commemorate a Year Since the Mexico City Earthquake
Fred Baumgarten
Ten Ways of Looking at Civility
Dean Baker
The Great Financial Crisis: Bernanke and the Bubble
Binoy Kampmark
Parasitic and Irrelevant: The University Vice Chancellor
September 24, 2018
Jonathan Cook
Hiding in Plain Sight: Why We Cannot See the System Destroying Us
Gary Leupp
All the Good News (Ignored by the Trump-Obsessed Media)
Robert Fisk
I Don’t See How a Palestinian State Can Ever Happen
Barry Brown
Pot as Political Speech
Lara Merling
Puerto Rico’s Colonial Legacy and Its Continuing Economic Troubles
Patrick Cockburn
Iraq’s Prime Ministers Come and Go, But the Stalemate Remains
William Blum
The New Iraq WMD: Russian Interference in US Elections
Julian Vigo
The UK’s Snoopers’ Charter Has Been Dealt a Serious Blow
Joseph Matten
Why Did Global Economic Performance Deteriorate in the 1970s?
Zhivko Illeieff
The Millennial Label: Distinguishing Facts from Fiction
Thomas Hon Wing Polin – Gerry Brown
Xinjiang : The New Great Game
Binoy Kampmark
Casting Kavanaugh: The Trump Supreme Court Drama
Max Wilbert
Blue Angels: the Naked Face of Empire
Weekend Edition
September 21, 2018
Friday - Sunday
Alexandra Isfahani-Hammond
Hurricane Florence and 9.7 Million Pigs
Andrew Levine
Israel’s Anti-Semitism Smear Campaign
Paul Street
Laquan McDonald is Being Tried for His Own Racist Murder
Brad Evans
What Does It Mean to Celebrate International Peace Day?
Nick Pemberton
With or Without Kavanaugh, The United States Is Anti-Choice
Jim Kavanagh
“Taxpayer Money” Threatens Medicare-for-All (And Every Other Social Program)
Jonathan Cook
Palestine: The Testbed for Trump’s Plan to Tear up the Rules-Based International Order
Jeffrey St. Clair
Roaming Charges: the Chickenhawks Have Finally Come Back Home to Roost!
David Rosen
As the Capitalist World Turns: From Empire to Imperialism to Globalization?
Jonah Raskin
Green Capitalism Rears Its Head at Global Climate Action Summit
James Munson
On Climate, the Centrists are the Deplorables
Robert Hunziker
Is Paris 2015 Already Underwater?
Arshad Khan
Will There Ever be Justice for Rohingya Muslims?
Jill Richardson
Why Women Don’t Report Sexual Assault
Dave Clennon
A Victory for Historical Accuracy and the Peace Movement: Not One Emmy for Ken Burns and “The Vietnam War”
W. T. Whitney
US Harasses Cuba Amid Mysterious Circumstances
Nathan Kalman-Lamb
Things That Make Sports Fans Uncomfortable
George Capaccio
Iran: “Snapping Back” Sanctions and the Threat of War
Kenneth Surin
Brexit is Coming, But Which Will It Be?