The Telecommunications (Interception and Access) Act 1979 (Cth) (as amended in 2015) (TIAA) requires that Australian telecommunication companies retain specific data for a period of at least two years. The purpose of the TIAA is to permit access to retained data by Australian law enforcement and security agencies to assist in national security and serious criminal investigations.
Whilst it is not uncommon for a party in civil proceedings to request a subpoena to compel a Service Provider (SP) to produce documents relating to telephone or internet communications, amendments to the TIAA due to come into effect in April of this year will restrict access of data by subpoena where that data was retained by a SP to soley comply with the ITAA, provided no exclusion applies.
The Federal Attorney-General’s department has recently invited submissions to widen the application of the TIAA to allow access to retained data in civil litigation. The Australian Government’s reasons for this expansion are not immediately apparent as apart from copyright right holders, there appears to be limited support for the proposal when weighed against the compromise to personal privacy.
What Data is Retained under the TIAA?
Retained data under the TIAA includes information such as:
(a) a person’s name, address, contact information and device details;
(b) the source and destination of a communication including a phone number, email address or IP address;
(c) the duration and time of a communication or a session of data transfer; and
(d) the location where the communication took place.
Access to Retained Data for Civil Litigation
Despite not including content of a communication, such as the data transfer or web history, the retained data is by no means minimal and its significance to civil litigation ought not to be underestimated. Such data may and often can substantially assist a litigant to prove elements of their case, and would have wide application matters where defamation or breach of copyright is alleged.
One example which highlights the significance of retained data is the case of Dallas Buyers Club, where a single judge of the Federal Court of Australia found that section 280 of the TIAA authorised an SPs to disclose identifying information of 5000 ISP holders if ordered by a Court. However, the Court was reluctant to order the unconditional release of the identifying information and granted a stay until Dallas Buyer Club LLC satisfied the Court that the contents of a letter to ISP holders was appropriate. Although that litigation appears to have been abandoned by Dallas Buyers Club LLC, given that it was prevented from engaging in speculative invoicing, it shows that Australian Courts can appreciate the ramifications of allowing unrestricted access to vast quantities of otherwise sensitive data.
Further Consultation Needed
It is widely considered that access to retained data, in future civil litigation, may allow aggressive litigators of copyright infringement to commence “fishing expeditions”. Other consequences include that otherwise confidential communications, such as lawyer/client and journalist/source could be compromised.
Given the significance of the proposal to water down the prohibition of access to retained data in civil litigation, a longer period of consultation should take place, as the impact of that decision will likely only become apparent when the regime is formally reviewed in 2019.