Thank you for the question.
My understanding from the CSE director with respect to the collection and retention of data is that if the data is innocuous, they are obliged by law to terminate or destroy it. Only if it has an intelligence value are they permitted to then take the next steps with respect to considering whether to share it in the retention period.
A necessity component would obviously be helpful in terms of delineating and making more clear to the agencies the circumstances under which the data should be retained.
I think that when we use words like “necessity” in the national security context, they're not viewed in the same way as they are, for instance, in criminal statutes or otherwise. In fact, it's easier for the government to be able to satisfy that threshold in the national security context.
For those critics of using a necessity-type threshold, as you proposed, it's probably not going to be as onerous as it would be in other contexts, and since it provides some degree of protection, it makes sense to ensure that guidance of this type is provided to the agency.
One of the big dangers that we have is that data collection becomes normalized in the current society. When we have all these different sources of data available to intelligence agencies, exactly what's going to happen with the information? How is it going to be stored, and how long is it going to be retained?
If you start on January 1 with a type of information that may be of some intelligence value but is later determined to have no value, in the sense that the person is no longer a suspect, that is the type of situation in which I'd like to see that information destroyed. In other words, just because it seemed to have some value at one point in time doesn't mean that infinite retention of that material is somehow permitted.