The surveillance state in Australia grows apace. This morning, the Attorney-General’s Department slipped out the annual Telecommunications (Interception and Access) Act annual report for 2014-15. If you’re confused, you’re forgiven — AGD only released the 2013-14 report in June this year, in order to ensure it wouldn’t influence the debate about data retention by showing how intensively surveilled Australians already were.

The 2014-15 report shows an 8% rise in the number of requests made by Australian security agencies, regulators, bureaucracies and NGOs for warrantless access to your communications data, with nearly 372,000 requests made over the year. And the number of bodies asking for that data also rose from 77 to 83.

This year, more data is being kept about you than ever before, with communications companies forced to store all your phone and internet data for two years under the government’s data retention scheme. The number of agencies that can access your data has been reduced, but as Josh Taylor points out in Crikey today, over 40 agencies have demanded that they be allowed to get your data under the scheme.

But while AGD has got this year’s TIA report out on time, it has been strangely tardy on the issue of a mandatory data breach notification scheme. The government promised for most of the year that it will legislate such a scheme — so that companies would be required to tell you if your personal data, whether kept under the data retention scheme or for commercial purposes, was stolen or lost. And AGD had already drafted a bill in 2013 that was ready to go. But Parliament rose last night with no bill having been introduced. Instead, late yesterday afternoon, AGD snuck out an “exposure draft”.

Having badly botched both the development and implementation of a data retention scheme, AGD seems determined to delay one of the crucial safeguards on such a scheme. Its contempt for consumers, for industry and the democratic process is profound but, sadly, unsurprising.