Retention and destruction of records

Intercepted material

73.80 Section 79 of the Telecommunications (Interception and Access) Act provides that a record, ‘other than a copy’, obtained by means of an interception must be destroyed if the chief officer of an agency is satisfied that it is unlikely that it will be required for certain permitted purposes. The Blunn Report noted that it was ‘curious’ that the requirement to destroy a record under s 79 did not extend to copies of the record.[102] Section 150 of the Act contains a similar requirement to destroy information or a record obtained by accessing a stored communication. This section, introduced in 2006, does not distinguish between a record and a copy of a record.[103]

73.81 In DP 72, the ALRC expressed the view that the same destruction rules should apply to records and copies of records. The ALRC proposed that s 79 of the Telecommunications (Interception and Access) Act should be amended to provide that the chief officer of an agency must cause a record, including any copy of a record, made by means of an interception to be destroyed when it is no longer needed for a permitted purpose.[104]

Submissions and consultations

73.82 A number of stakeholders supported the proposal.[105] Others, however, opposed the proposal.[106] For example, the AGD submitted that the requirement to destroy copies was excluded from s 79 because of enforcement issues. For example, agencies could not enforce destruction of copies given to other agencies for permitted purposes, or where the information appeared on the public record. The AGD also noted that copies of lawfully intercepted information may be made only in limited circumstances under the Telecommunications (Interception and Access) Act, and that any copies of the information continued to be protected from further use or communication.[107]

73.83 One stakeholder submitted that lawfully intercepted information is often included in operational documents, and that it would be impossible to comply with a requirement that these types of documents be destroyed because they include copies of intercepted material. The stakeholder also submitted that the proposal could create an unjustified administrative burden on interception agencies. A requirement to destroy all copies would mean that very stringent record-keeping measures would need to be in place to ensure that the whereabouts of every copy was logged.[108]

ALRC’s view

73.84 The ALRC recommends that s 79 of the Telecommunications (Interception and Access) Act be amended to provide that the chief officer of an agency must cause a record, including any copy of a record, made by means of an interception to be destroyed when it is no longer needed for a permitted purpose. The ALRC can see no reason why copies of information obtained from a stored communication warrant are required to be destroyed, but that copies of information obtained from an interception warrant are not.

73.85 The covert nature of interception and access to communications requires the safeguard that the intercepted or accessed information is destroyed as soon as it is no longer required. The ‘Data Security’ principle under the UPPs provides that an agency or organisation must destroy or render non-identifiable personal information if it is no longer needed for any purpose for which it can be used or disclosed under the UPPs and retention is not required or authorised by or under law.[109] This rule should apply to records as well as copies of records of intercepted information. Agencies should not be able to retain copies of records indefinitely.

Recommendation 73-1 Section 79 of the Telecommunications (Interception and Access) Act 1979 (Cth) should be amended to provide that the chief officer of an agency must cause a record, including any copy of a record, in the possession of an agency, made by means of an interception to be destroyed when it is no longer needed for a permitted purpose.

Stored communications

73.86 In its submission to the Senate Legal and Constitutional Affairs Committee Inquiry into the Telecommunications (Interception) Amendment Bill 2006, the OPC suggested that s 150 may result in it being ‘lawful for an agency to keep irrelevant information indefinitely’.[110]

73.87 The Senate Legal and Constitutional Affairs Committee recommended that the Bill be amended to specify time limits within which an agency must review their holdings of information accessed via a stored communications warrant and destroy information as required under the proposed s 150. The Committee stated its view that, given the potential to collect vast amounts of irrelevant information under a stored communications warrant, such a safeguard was essential.[111]

73.88 The Australian Government did not accept this recommendation. It noted that the current requirements under s 150 are sufficient and that the Commonwealth Ombudsman is required to inspect an agency’s records to ascertain compliance with the destruction of records and report to the Attorney-General. Additionally, agencies are required to provide a report to the Attorney-General that sets out the extent to which records are destroyed.[112]

73.89 In its submission to the current Inquiry, the OPC reiterated its concerns about s 150, noting that it appeared that, until the chief officer has considered the relevant matters, the agency lawfully may keep the information or record. Without greater specificity, the OPC is concerned that in some circumstances it may be lawful for an agency to keep irrelevant information indefinitely.[113]

73.90 The ALRC does not recommend the amendment of s 150 to specify when information obtained by a stored communication warrant should be destroyed. There is a need for greater guidance, however, about when information should be destroyed under the provision. Below the ALRC recommends that the AGD should provide guidance on when the chief officer of an agency must cause information to be destroyed when it is no longer needed for a permitted purpose under s 150 of the Telecommunications (Interception and Access) Act.

Destruction of non-material content

73.91 The retention and destruction of information obtained by B-Party warrants will be subject to s 79 of the Telecommunications (Interception and Access) Act. In its submission to the Senate Legal and Constitutional Affairs Committee Inquiry into the Telecommunications (Interception) Amendment Bill 2006, the OPC expressed concern about the absence of rules to require the destruction of material outside the scope of the purpose stated in a B-Party warrant. It recommended ‘enforceable, audited requirements that any intercepted material outside the scope of the purpose stated in the warrant be immediately destroyed’.[114]

73.92 The Senate Legal and Constitutional Affairs Committee recommended that there should be strict supervision arrangements introduced to ensure the destruction of non-material content.[115] The Australian Government did not accept this recommendation. It stated that the current rules under the Telecommunications (Interception and Access) Act relating to the destruction of information obtained by a warrant under Part 2.6 already require the destruction of this material.[116]

73.93 In DP 72, the ALRC expressed concerns about the large amount of information that can be obtained under a B-Party warrant and proposed that s 79 of the Telecommunications (Interception and Access) Act be amended to require expressly the destruction of non-material content intercepted under a B-Party warrant.[117]

Submissions and consultations

73.94 A number of stakeholders supported the proposal.[118] The Law Council of Australia submitted that any express requirement to destroy non-material content must be accompanied by guidance as to what constitutes ‘material information’. In the Law Council’s view, whether information is ‘material’ should be determined by reference to the grounds advanced to justify the issuance of the B-Party warrant.[119]

73.95 Other stakeholders opposed the proposal.[120] The AGD submitted that s 79 already requires the destruction of information not likely to be required for a permitted purpose.[121] One stakeholder noted that there is an inherent danger in selectively deleting material. For instance, a defendant may claim that material that was deleted for being non-material had exculpatory value.[122]

ALRC’s view

73.96 The ALRC is concerned that a large amount of information can be obtained about non-suspects under a B-Party warrant, and that copies of records are not currently required to be destroyed under s 79. It is arguable that s 79 already requires the destruction of information that is outside the scope of the permitted purposes of a B-Party warrant. In the interest of clarity, however, the ALRC recommends that s 79 of the Telecommunications (Interception and Access) Act be amended to require expressly the destruction of non-material content intercepted under a B-Party warrant.

73.97 The ALRC recommends below that the AGD should develop and, where appropriate, publish guidance on the interception and access of information under the Telecommunications (Interception and Access) Act. This guidance should address the destruction of non-material content.

Recommendation 73-2 Section 79 of the Telecommunications (Interception and Access) Act 1979 (Cth) should be amended to require the destruction of non-material content intercepted under a B-Party warrant.

Telecommunications data

73.98 There are no provisions under the Telecommunications (Interception and Access) Act that require ASIO or law enforcement agencies to destroy telecommunications data when it is no longer required for a permitted purpose. While the retention of this information by law enforcement agencies may be regulated by the Privacy Act, the acts and practices of ASIO are exempt from the requirements of the Privacy Act.[123] Further, the guidelines issued by the Attorney-General under the Australian Security Intelligence Organisation Act are silent on the destruction of information.[124]

73.99 In DP 72, the ALRC asked whether the Telecommunications (Interception and Access) Amendment Bill 2007 (as it was then known) should be amended to include positive obligations on law enforcement agencies to destroy in a timely manner irrelevant material containing personal information and information which is no longer needed.[125]

Submissions and consultations

73.100 A number of stakeholders supported the proposal.[126] The Law Council of Australia strongly supported the inclusion of provisions which establish positive obligations of this kind. The Law Council also noted that Chapter 4 of the Telecommunications (Interception and Access) Act allows for the employees of telecommunications service providers to disclose voluntarily telecommunications data. The Law Council argued that, in these circumstances, it is important that there is a statutory obligation to review the information disclosed in a timely manner, to make an immediate assessment as to its relevance and to destroy it if it is not relevant.[127]

73.101 Some stakeholders did not think such an amendment was required.[128] For example, the AGD submitted that the destruction of irrelevant material already occurs in practice. The AGD also submitted that:

It is worthwhile noting that investigations may span long periods of time and a law enforcement agency may not necessarily be able to determine whether the material is relevant until the investigation and any subsequent proceedings are completed.[129]

ALRC’s view

73.102 Telecommunications data includes information about when, how and with whom individuals communicate and, in the case of mobile phones, location information. The voluntary disclosure of this information by employees of telecommunications service providers to ASIO and law enforcement agencies is a significant invasion of an individual’s privacy. ASIO and law enforcement agencies, therefore, should be under a clear obligation to destroy telecommunications data when it is no longer needed for a permitted purpose.

73.103 While the retention of this information by law enforcement agencies may be regulated by the Privacy Act, in the interest of clarity and certainty, the Telecommunications (Interception and Access) Act should be amended to provide that ASIO and law enforcement agencies must destroy in a timely manner irrelevant material containing accessed telecommunications data which is no longer needed for a permitted purpose.

Recommendation 73-3 The Telecommunications (Interception and Access) Act 1979 (Cth) should be amended to provide that the Australian Security Intelligence Organisation and enforcement agencies must destroy in a timely manner irrelevant material containing accessed telecommunications data which is no longer needed for a permitted purpose.

Guidance

73.104 In DP 72, the ALRC proposed that, in the interests of transparency, the AGD should provide guidance on when the chief officer of an agency must cause information to be destroyed when it is no longer needed for a permitted purpose under ss 79 and 150 of the Telecommunications (Interception and Access) Act.[130]

Submissions and consultations

73.105 A number of stakeholders supported the proposal.[131] The Law Council submitted that officers should be provided with guidance as to which purposes are ‘permitted purposes’ for their respective agency, and on how to determine the ongoing utility of any record obtained.[132] One stakeholder submitted that any guidance on destruction provided by the AGD would need to take into account the differences in the types of investigations undertaken by interception agencies.[133]

73.106 Other stakeholders provided qualified support for the proposal. One stakeholder supported the proposal, but noted that a legislative amendment is required as recommended by the Senate Legal and Constitutional Affairs Committee Inquiry into the Telecommunications (Interception) Amendment Bill 2006.[134]

73.107 The AGD noted that it provides guidance to all agencies regarding the operation of the Telecommunications (Interception and Access) Act and that further guidance was provided to agencies through the inspection of the General Register relating to the warrant under which the record in question was created.[135]

ALRC’s view

73.108 The ALRC accepts that there are currently no legislative timeframes within which agencies should review holdings of information and destroy information. There should be some broad guidance on timeframes, however, within which agencies should review and destroy information.

73.109 The ALRC accepts that the requirement to destroy information will vary according to the nature of the agency and the investigation. Guidance, rather than legislation, can accommodate these differences and provide flexibility about when information should be destroyed by an agency. This guidance should address the destruction of intercepted material, stored communications and telecommunications data.

73.110 The ALRC recommends below that the AGD should develop and, where appropriate, publish such guidance.[136]

[102] A Blunn, Report of the Review of the Regulation of Access to Communications (2005) Australian Government Attorney-General’s Department, [9.4].

[103] Section 150 is discussed below.

[104]Australian Law Reform Commission, Review of Australian Privacy Law, DP 72 (2007), Proposal 64–1

[105]Australian Privacy Foundation, Submission PR 553, 2 January 2008; Law Council of Australia, Submission PR 527, 21 December 2007; Office of the Privacy Commissioner, Submission PR 499, 20 December 2007; Office of the Victorian Privacy Commissioner, Submission PR 493, 19 December 2007; I Graham, Submission PR 427, 9 December 2007.

[106]Australian Federal Police, Submission PR 545, 24 December 2007.

[107]Australian Government Attorney-General’s Department, Submission PR 546, 24 December 2007. See also Confidential, Submission PR 488, 19 December 2007.

[108]Confidential, Submission PR 488, 19 December 2007.

[109] See discussion in Ch 28.

[110]Office of the Privacy Commissioner, Submission to the Senate Legal and Constitutional Affairs Committee Inquiry into the provisions of the Telecommunications (Interception) Amendment Bill 2006, March 2006.

[111]Parliament of Australia—Senate Legal and Constitutional Legislation Committee, Provisions of the Telecommunications (Interception) Amendment Bill 2006 (2006), [3.79]–[3.80], rec 10.

[112] Australian Government Attorney-General’s Department, Government Response to the Senate Legal and Constitutional Legislation Committee Report on the Provisions of the Telecommunications (Interception) Amendment Bill 2006 (2006), 5.

[113]Office of the Privacy Commissioner, Submission PR 215, 28 February 2007.

[114] Office of the Privacy Commissioner, Submission to the Senate Legal and Constitutional Affairs Committee Inquiry into the provisions of the Telecommunications (Interception) Amendment Bill 2006, March 2006.

[115] Office of the Privacy Commissioner, Submission to the Senate Legal and Constitutional Affairs Committee Inquiry into the provisions of the Telecommunications (Interception) Amendment Bill 2006, March 2006, rec 24.

[116] Australian Government Attorney-General’s Department, Government Response to the Senate Legal and Constitutional Legislation Committee Report on the Provisions of the Telecommunications (Interception) Amendment Bill 2006 (2006), 11.

[117]Australian Law Reform Commission, Review of Australian Privacy Law, DP 72 (2007), Proposal 64–3.

[118]Australian Privacy Foundation, Submission PR 553, 2 January 2008; Office of the Privacy Commissioner, Submission PR 499, 20 December 2007; Office of the Victorian Privacy Commissioner, Submission PR 493, 19 December 2007; I Graham, Submission PR 427, 9 December 2007.

[119] The Law Council noted that the only qualification that it would place on the provision of guidance is that any destruction regime must be careful not to compromise record-keeping obligations that are designed to ensure proper scrutiny of the exercise of covert information-gathering powers: Law Council of Australia, Submission PR 527, 21 December 2007.

[120]Australian Federal Police, Submission PR 545, 24 December 2007; AAPT Ltd, Submission PR 338, 7 November 2007.

[121]Australian Government Attorney-General’s Department, Submission PR 546, 24 December 2007.

[122]Confidential, Submission PR 488, 19 December 2007.

[123]Privacy Act 1988 (Cth) s 7(1)(a)(i)(B), (2)(a). See Ch 34.

[124]Australian Security Intelligence Organisation, Attorney-General’s Guidelines in relation to the Performance by the Australian Security Intelligence Organisation of its Functions relating to Politically Motivated Violence <www.asio.gov.au/About/Content/AttorneyAccountability.aspx> at 21 May 2008.

[125]Australian Law Reform Commission, Review of Australian Privacy Law, DP 72 (2007), Question 63–2.

[126]Australian Privacy Foundation, Submission PR 553, 2 January 2008; Office of the Privacy Commissioner, Submission PR 499, 20 December 2007; I Graham, Submission PR 427, 9 December 2007.

[127]Law Council of Australia, Submission PR 527, 21 December 2007.

[128]Australian Federal Police, Submission PR 545, 24 December 2007.

[129]Australian Government Attorney-General’s Department, Submission PR 546, 24 December 2007.

[130]Australian Law Reform Commission, Review of Australian Privacy Law, DP 72 (2007), Proposal 64–2.

[131]Office of the Privacy Commissioner, Submission PR 499, 20 December 2007; Office of the Victorian Privacy Commissioner, Submission PR 493, 19 December 2007.

[132]Law Council of Australia, Submission PR 527, 21 December 2007.

[133]Confidential, Submission PR 488, 19 December 2007.

[134]I Graham, Submission PR 427, 9 December 2007. See also Australian Privacy Foundation, Submission PR 553, 2 January 2008.

[135]Australian Government Attorney-General’s Department, Submission PR 546, 24 December 2007.

[136] Rec 73–5.