Simon Breheny and I have been arguing the case against data retention since it was first mooted by the Gillard government – it violates the privacy of every Australian just in case they are later accused of criminality, it will be used for more than just anti-terror policies, and there are alternative policies and approaches which better respect individual liberty. You can read the IPA’s submission to the parliament’s data retention inquiry here.
But all the critiques aside, data retention is shaping up to be a case study in poor policy implementation.
Internet service providers have long argued that retaining that amount of data would be prohibitively complex. In fact, one of the most striking things about the whole debate has been the gap between how easily government has suggested implementing data retention would be and how ISPs have said it would be.
No surprise then that Fairfax is reporting that 80 per cent of ISPs are not actually going ‘live’ with data retention compliance today, but have applied for extensions of 18 months. There is widespread confusion about how much data is to be retained, and no transparency on how the ISPs will be compensated for storing masses of information on their customers’ activity.
Implementation was going to always be a problem with data retention. But it is hard not to conclude that the implementation problems ISPs are now experiencing are the direct result of the government’s lack of conceptual and technical clarity about how data retention relates to current ISP practices.