Communications Minister Malcolm Turnbull has said he's aware of the costs a mandatory detention scheme will place on the telecom industry.
Under legislation introduced by Turnbull yesterday, the Telecommunications (Interception and Access) Amendment (Data Retention) Bill 2014, telcos would have to store customer metadata for two years. The proposal has received mixed reviews from industry.
"Does this impose a regulatory burden on the telco sector? Yes it does," Turnbull said this morning at the Ovum 2020 Telecoms Summit.
"We're determined to do it in the most efficient way possible. For some carriers, they're not going to be asked to do any more than they're currently doing. For others, they will be required to do more. But it will be standard across the industry."
Because of the added cost, the government plans to cover some of the costs of complying with the data retention scheme, he said.
"There is a cost that has to be shouldered, and we recognise the government should bear a substantial part of that."
The government hasn't decided how much it will cover, but Turnbull noted there is already a "long-standing, well understood arrangement for covering the costs of telcos when law enforcement agencies make metadata requests at the present time."
Turnbull promised a careful and measured process to finalising the details of the data retention scheme.
"We are not going to rush the passage of any data retention measure," he said.
"It's not something to dilly-dally with, but nonetheless we said we would wait for the Parliamentary Joint Committee on Intelligence and Security to make recommendations on the details and structure of the new regime."
Also, the government will wait for telcos to develop an implementation plan for compliance over a transition period of up to 18 months, he said.
"In addition, there will be deep consultation with the industry to help refine the cost and effectiveness of the new scheme."
Turnbull acknowledged Orwellian concerns about the government gaining access to citizens' IP addresses and and information on to whom they make phone calls.
"I am always concerned about citizens' privacy, and ensuring the state does not intrude into the citizens' privacy any more than is absolutely necessary to ensure our security," he said.
"I acknowledge that there is a fine line in the balance of maintaining national security and privacy."
He said the Privacy Act will continue to apply and that the data retention proposal adds several privacy protections.
These include limiting the number of agencies with access to metadata; expanding oversight arrangements by the Commonwealth ombudsman, inspector general of national security and the privacy commissioner; requiring that the Joint Committee on Intelligence review the scheme three years after implementation; and requiring the Attorney-General report annually on the operation of the scheme.
While some have criticised a lack of clarity on the government's definition of metadata, Turnbull contested that it couldn't be any more clear.
"In the world of telephony, we are talking about the metadata that has historically been maintained by telcos really for billing purposes."
These include the identity and location of each party and the time and duration of the call, he said.
In terms of Internet data, the government will collect only the customer IP address allocated to a device when it connects to the Internet, he said. The government will not collect data on destination IP addresses or Web browsing history, he said.
"What you do online is not something that we're seeking to have retained."
A if the the data retention scheme covered machine-to-machine (M2M) devices, including sensors and Kindle e-readers. Such a requirement could drive up costs for telcos.
Turnbull said that the IP address of machine-to-machine (M2M) devices are included under the data retention scheme.
However, he added, "I struggle to see what utility it would be to law enforcement," and said telcos could possibly seek an exemption.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.