Australian Government’s data retention proposal — statement

The Government’s proposal on data retention raises a number of important issues, and so it is important that there is an opportunity for public consultation and debate on these proposals once the detail is available. At this stage, it is unclear exactly what type of information would be retained. However, there is the potential for the retention of large amounts of data to contain or reveal a great deal of information about people’s private lives, and that this data could be considered ‘personal information’ under the Privacy Act.

The retention of large amounts of personal information for an extended period of time increases the risk of a data breach. Organisations holding this information need to comply with all their obligations under the Privacy Act, including the requirements to protect personal information from misuse, interference, loss, and unauthorised access, modification or disclosure.

Key to this debate will be ensuring the ongoing privacy interests of Australians. It will also be important to consider whether a data retention scheme is effective, proportional, the least privacy invasive option and consistent with community expectations. Any scheme should also be transparent, accountable and have appropriate independent oversight.

Timothy Pilgrim — Australian Privacy Commissioner

Changes to privacy law

Content found in this section or on this page may no longer reflect the current law.

> Read more: Privacy law reform

Share this page

Protecting information rights — advancing information policy