Here is Australia the federal government is trying to roll out data retention laws so that telecommunications companies, and especially internet service providers, will need to retain data on their customers usage for 2 years. I wasn't going to post about this due to possible conflict of interest, but I just got sick of hearing so much misinformation about this topic, I just had to set the record straight.
The bill itself uses the term "metadata", possibly the most mis-used term I have seen in a very long time. However the bill itself does not define what this metadata is. Instead the Attorney General, who has already demonstrated his inability to get a grip on this subject, has provided a list of the data they want to start with when this bill goes live.
This proposal includes the following text when discussing what is kept about the destination of a communication over the internet.
"The Bill explicitly excludes anything that is web-browsing history or could amount to web-browsing history, such as a URL or IP address to which a person has browsed."
I imagine this was added to aleviate the greatest concern they were hearing from the public. But there are a number of issues with this.
The most significant being, they already capture this data, the data they say they are not retaining. If you send a message out on the internet, then all they need to do is attach a device to any intervening network and they get that data for free. The only bit of information they are missing is who is behind each IP address. And that's what this bill is all about, at least in respect to internet traffic. It's so they can get their hands on the information they can't get any other way.
We know, courtesy of the Snowden leaks that the US is already doing this. The only point of contention the US has from a legal perspective is whether they can do that for their domestic traffic.
You really have to think of the internet as a great big public place. Once your message hits the wire, it can be publically scrutinised on it's journey, just as cameras in public places can monitor your travel in the real world. The only issue is that all the internet cameras can see is the IP address and are left to wonder who that IP address is being used by. With the data retention act, they can answer that question.
The second issue is, how does the ISP decide your traffic is web browsing or a call to a service. If it's a service, then the ISP is obliged to capture the destination IP. Not all web browsing is done on ports 80 and 443. They are going to have to open up your message and make a judgement call.
The third issue is that because the definition of the data that must be captured is not defined in the bill, it can be changed on a moments notice. If they decvide to capture more, it doesn't have to go back to parliment, they can just change it.
Also there is nothing to stop them from extending the time the data has to be retained. Once the bill is enacted, they have 2 years to just change the rules to extend it, and during the review, they were already talking about extending it to 5 years.
It seems to me that it is hypocritcal on one hand to say, "No, we can't go through judical authorisation because it will cost too much" but then go ahead an impose the additional cost of capturing and storing this data on the ISPs.
And we have seen the extent and ruthlessness that government leaks are investigated, chased down and prosecuted for matters such as the "boat people" issue, that has nothing to do with national security or terrorism and all to do with trying to stop embaressment for the government."
Make no mistake, this is serious step towards a big brother society. They can dress it up as a "We have to do this or the terrorists are going to kill us all" but they have already shown they are quite prepared to abuse this, and I'm talking about both sides of politics here, not just the current bunch.
Tuesday, March 3, 2015
Subscribe to:
Posts (Atom)