Skip to main content

Anger over Australian ISP data retention plans

Australia's government faces criticism over plans to force ISPs to retain information about users' surfing habits – and sources suggest it may even tie that data to users' passport numbers.

The Australian Attorney-General's Department is believed to be modelling its proposals on the European directive on data retention.

Under European law, ISPs must retain a user's ID, the email addresses of senders and recipients, the dates and times at which users log on and off of online service, and the IP addressed (whether dynamic or static) used.

European ISPs must retain the required information for at least six months. In the case of mobile communications, the directive also requires ISPs to retain details about the user's location.

The issue of data retention has raised fears that the stored information could fall into the wrong hands.

''Once you store that information you increase the risk of abuse,'' an anonymous source who worked for an ISP told the Melbourne Age (opens in new tab) newspaper.

''We can put our hands on our hearts and say we're good guys and we don't do anything wrong, but can we say that of every other player in the market?'' the source said. ''Compliance would be a big question.''

The office of Australian Attorney-General Robert McClelland (pictured) has also hit back at accusations that the data will be used to snoop on users' surfing habits.

"This is not about web browser history," Adam Siddique, McClelland's media advisor, told ZDNet Australia (opens in new tab). "It's purely about being able to identify and verify identities online," Siddique added, referring to the need for data retention to help track criminals.

Not everyone is convinced, however.

One industry source told ZDNet: "I think they're being a little bit cute when they say they want the source and the destination IP addresses for internet sessions [while] saying 'we're not really asking for web browsing history'."

"Carriers don't really use URLs, they use IP addresses," explained the source, "and it's the IP address that translates to a URL and vice versa. They're one and the same."

More worrying, said the source, was the other information the source said the government was asking for.

"They want allied personal information with that account, including, [the department] said, passport numbers."

The government has refused a request to publish consultation documents sent out to Australian ISPs, stating that documents provided "in confidence" were not able to be released. monitors all leading technology stories and rounds them up to help you save time hunting them down.