Supplementary Submission to Review of the Mandatory Data Retention Regime prescribed by Part 5-1A of the Telecommunications (Interception and Access) Act 1979 (Cth) (‘TIA Act’)
12 Pages Posted: 11 Mar 2020
Date Written: March 11, 2020
Abstract
This submission seeks to respond to the questions on notice taken during our oral evidence on 14 February 2020 and to respond to issues raised in evidence and supplementary submissions. In principle, we agree that some uniformity of the retention periods across various providers may have been required. However, we take specific issue with the failure to address the proportionality of the scheme. The current regime mandates the retention of a broad data set, accessible by a wide range of organisations with a lack of threshold as to serious crime, and contains no mechanism for prior review such as a warrant. This makes the current regime disproportionate — it is not reasonable and necessary to fulfil the societal objectives of tackling serious crime including terrorism and paedophilia. We note the failure of several safeguards enacted in the Telecommunications (Interception and Access) Amendment (Data Retention) Act 2015 (Cth).
Keywords: data protection, data privacy, cookies, General Data Protection Regulation, Court of Justice of European Union, EU, data controller, joint data controllership, consent, data processing, Facebook, marketing, data-driven marketing
Suggested Citation: Suggested Citation