Story by Tom Armstrong
Edited by Edwina Seselja

Telstra has been forced hand over metadata after a Fairfax Journalist won a landmark case against the telecommunications giant.

The Privacy Commissioner has ruled the metadata of customers is their personal information and therefore carries special protection including a right to access.

It comes at the start of Privacy Awareness Week 2015.

Under Australian privacy law, an individual has a right to access the personal information organisations hold about them.

Almost two years ago Fairfax journalist Ben Grubb asked to see all the metadata Telstra stored in relation to his mobile phone service but the communications company argued the information was not personal.

Metadata, which is essentially information about information, does not show the content passed through a phone but it does record when, where and for how long individuals are active and with whom they communicate.

The 22-month legal battle ended yesterday with Privacy Commissioner Tim Pilgrim ruling against Telstra.

Telstra logo

Mr Pilgrim found the data was personal and Telstra had interfered with Mr Grubb’s privacy by failing to disclose.

Telstra has been given 30 business days to handover the data, excluding the phone numbers of inbound callers, free of charge.

Telstra’s chief risk officer Kate Hughes says the decision will be appealed.

Mr Grubb says it is not over yet.

“Even though it’s been something like 669 days of back and forth with Telstra and through this process with the Privacy Commissioner it still goes onwards,” he says.

“There’s still a fight. Telstra does not want to release this information,”

Mr Grubb says the result means greater protection for consumers.

“They didn’t think that it was personal information previously,”

“Now that the privacy commissioner has decided that it is personal information there are certain obligations around what they do with it and how they protect it,” he says.

While many heralded it a win for personal privacy, the primary telecommunications industry body in Australia has condemned the decision.

The Communications Alliance says the finding have “disturbing ramifications for the sector” and called it a “stark example of regulatory overreach”.

The Alliance says it was “without any tangible benefit in terms of protecting privacy”.

Institute of Public Affairs senior fellow, Chris Berg, says this will not be the last companies hear of it.

“This will be the first of, I suspect, many requests about metadata because privacy is something people value,”

“People do want to know how much information is being kept on them by the firms that they do business with.” Mr Berg says.
He says the decision is valuable but agrees there will be ramifications.
“[The] problems that it’s going to have for some firms, I suspect, is that is going to open the flood gates of access to private metadata and that’s going to be very costly,” he says.

Telecommunications bodies are currently required by law to store the metadata information of customers for two years.