This report consists of seven chapters:
- The first chapter sets out the context, scope and conduct of the inquiry,
- Chapter 2 provides an overview of the Committee’s consideration of the case for data retention. The chapter considers whether mandatory data retention can, in principle, be justified as a vital tool for national security and law enforcement investigations, and whether appropriate safeguards and oversight can be put in place. The chapter discusses the adequacy of the current regime, privacy and civil liberties concerns, and the security of the retained data.
- Chapters 3 to 5 discuss the main issues raised in evidence to the inquiry in relation to Schedule 1 to the Bill, and the Committee’s comments and recommendations in regard to those issues. These issues were:
- Chapter 3 – Whether the Government’s proposed data set should be contained in primary legislation, as opposed to being made in regulations; and the scope of the Government’s proposed data set.
- Chapter 4 – The proposed two-year retention period; and whether service providers should be required to destroy telecommunications data retained in accordance with proposed new Division 1 of Part 5-1A at the end of the retention-period.
- Chapter 5 – The range of service providers and services to which data retention obligations are proposed to apply; the implementation arrangements for the proposed data retention regime; and the cost of the proposed data retention scheme.
- Chapter 6 discusses the main issues raised in evidence to the inquiry in relation to Schedule 2 to the Bill, and the Committee’s comments and recommendations in regard to those issues. Schedule 2 contains amendments in respect of restrictions on access to stored communications and telecommunications data.
- Chapter 7 examines specific safeguards and oversight mechanisms set out in the Bill. This includes consideration of the expanded role for the Commonwealth Ombudsman set out in Schedule 3 to the Bill, review mechanisms and reporting requirements. The chapter also examines matters raised in evidence that are outside the scope of the Bill, but which were addressed by the Committee in its 2012–13 inquiry, including a mandatory data breach notification scheme.