The Parliamentary Joint Committee on Intelligence and Security (PJCIS) handed down its report[1] [PDF] of Australia's metadata retention scheme[2] on Wednesday, issuing 22 recommendations that tighten access to data, without introducing any large overhauls, such as needing a warrant[3].
In broad terms, thresholds are recommended to be increased by the committee in an effort to avoid a warrant regime, security and transparency on data held and passed across by telcos and authorised agencies would be boosted, while the period of time Australian telcos need to retain data collected on customers remains at two years.
"The committee is not satisfied that a warrant should be required for data held as part of the [mandatory data retention regime]. However, the committee considers that access should require a higher level of authorisation within each agency as well as more detailed reporting in relation to how, when, and for what reason that access is granted," the report said.
"It is the committee's view that there is a need for more information to be collated about the current functioning of the matter data retention regime. This would assist all relevant oversight and review bodies in undertaking their work as well as affording a higher degree of transparency which the committee believes will give the Parliament and the Australian community greater trust in the use of these powers."
One area to gain a recommended exemption from the committee is the use of Internet of Things devices, which is set to be specifically omitted.
"If the government considers that there are clear benefits in requiring service providers to keep information for particular Internet of Things devices, and that those benefits outweigh the costs, the Telecommunication (Interception and Access) Act 1979 could