Last Friday, the Australian Attorney-General’s Department sent internet service providers (ISPs) a confidential discussion paper — subsequently leaked to Fairfax Media — that attempts to clarify exactly what metadata they’ll be required to store under the government’s proposed mandatory data-retention scheme. The detailed requirements are presumably designed to feed into the
statutory specification of metadata that will be included in legislation to be introduced to parliament in coming weeks.
Until now, the only official government description of metadata we’d seen — apart from that breathtakingly confused TV performance by Australia’s favourite Attorney-General Senator George Brandis QC — was the hilariously inadequate one-pager (PDF) that the Attorney-General’s Department (AGD) tabled in Senate Estimates on October 15, 2012, after much prodding by Greens Senator Scott Ludlam.
You might therefore think that the description of the government’s metadata needs in Friday’s document was a recent development.
You’d be wrong.
A confidential document obtained by ZDNet shows that even more detailed descriptions of the government’s data-collection ambitions had been discussed with ISPs as far back as early 2010.
The document, Carrier-Carriage Service Provider Data Set Consultation Paper version 1.0 (PDF), is a 16-page PDF file created on 9 March 2010, at 14:49. Its core sections are similar in structure to the nine-page document obtained by Fairfax Media this week, with the addition of tables of
sample data to further illustrate the expected type of data to be retained for each specific retention requirement from the data set, discussion questions for industry to answer, and an introductory background section rather than an executive summary.
The 2010 version of the document was quite specific about the data to be collected. For mobile calls, for example, the data would include the IMSI and IMEI of both the calling party’s and called party’s devices, whereas the current version simply specifies the
identifier(s) of the devices. This is in line with the government’s intention to make the legislation technology neutral.
References to web-browser sessions and file transfers that were in the 2010 version have vanished, too, in line with such ideas being dropped as the data-retention debate has evolved — via redwolf.newsvine.com