• Great articles on other sites
  • RSS Great articles on other sites

  • Digital Rights, Featured, News, Security - Written by on Monday, March 17, 2014 15:31 - 15 Comments

    Pandora’s Box: Inquiry opens universal surveillance floodgates

    Businesswoman Looking At Glowing Box In Empty Warehouse

    news A move by the Greens to set up a Senate inquiry into the potential reform of Australia’s surveillance laws appears to have opened a giant Pandora’s Box of debate about the issue, with Australian law enforcement agencies using the process to demand massively increased electronic surveillance rights, including data retention of users’ communications.

    Following a number of major revelations surrounding Australia’s electronic surveillance activities, especially associated with documents released by former NSA contractor and current whistleblower Edward Snowden, the Greens successfully teamed up with Labor in December to establish a formal inquiry into Internet surveillance practices by government agencies in Australia, through a review that will take place into the controversial Telecommunications (Interception and Access) Act.

    The Greens have taken a strong stance against the need for unfettered surveillance of Australians by law enforcement agencies, with Communications Spokesperson Scott Ludlam (who is currently campaigning to save his Senate seat in Western Australia) stating that review of the TIA Act was “well overdue” due to its outdated nature.

    The Greens appear to have taken the view that an inquiry into the potential future reform of the Act would lead to it being modernised and Australians receiving higher levels of privacy in terms of their usage of telecommunications services. However, if submissions to the inquiry so far are any indication, the inquiry itself may act as a Pandora’s Box for the issue of surveillance in Australia. Already, several different groups have used the forum to call for massively increased surveillance powers for Australian government agencies, although others have also used the forum to call for increased privacy rights for individuals.

    Of particular interest to those interested in digital rights in Australia will be the extensive submission put into the review by the Attorney-General’s Department, which contains within its remit most of the Federal Government agencies who make the most use of Internet surveillance — including the Australian Federal Police and the Australian Security Intelligence Organisation.

    The department’s submission (available online in PDF format) acknowledges in its opening pages that the privacy rights contained in the TIA Act are inadequate and that oversight of those agencies using the Act to facilitate telecommunications surveillance is also lacking.

    “With the development of communications technology … the Act is in danger of no longer sufficiently fulfilling either of its key objectives and its oversight arrangements are, in part, fragmented and incomplete,” the department wrote in its submission to the Senate inquiry. “The privacy protections in the Act, although strong, require future-proofing to keep pace with the changes in technology.”

    However, the submission by the Attorney-General’s Department very quickly segues into a discussion of how surveillance powers could be massively expanded through a reform of the TIA Act, to allow government surveillance to penetrate all layers of modern communications.

    Of particular concern to the department and its portfolio agencies is the fact that technological change has meant that it’s no longer easy for government authorities to gain access to individuals’ telecommunications records. When the Act was written, most telecommunications took place over tradition PSTN telephone lines owned and operated by Telecom Australia (now Telstra).

    However, as the submission points out, there are now multiple layers of networks over which Australians can communicate, including different physical network layers (mobile, copper, satellite, HFC cable), different network providers, different Internet access providers, and even different application service providers such as Microsoft, Google, Facebook, Twitter and more.

    In its submission, the department argued that the warrants required to access telecommunications data should be simplified and that all of these layers should be made available through what it described as an “attribute-based” model for access to users’ telecommunications — in short, that warrants would use information such as a time of day or geographic location to target a users’ data, rather than, say, their specific phone number or mobile device.

    The department is also seeking further powers. For example, the submission pointed out that criminals are making increased use of encrypted data in their telecommunications, and argued that law enforcement authorities should be allowed to issue warrants forcing individuals or service providers to, for example, decrypt that data. This is not a current power that law enforcement agencies enjoy.

    In addition, the department again raised the spectre of controversial data retention provisions — largely rejected by a parliamentary committee last year — being added to surveillance legislation. This would require ISPs and telcos to maintain data on their subscribers’ use of telecommunications services for a set period — the department’s submission gives the example of two years.

    Other submissions to the Senate inquiry went even further than that of the Attorney-General’s Department. For example, the Northern Territory Police has called for individuals’ web browsing history to be logged to assist it with investigations and the Australian Federal Police and ASIO both called for significantly expanded data retention and surveillance powers, especially with relation to the power to monitor telecommunications over increasingly popular platforms such as Internet telephony.

    Despite the already high number of warrantless accesses to telecommunications data every year — some 300,000 requests were made in the past financial year — virtually every law enforcement agency also called for simplified systems for obtaining warrants for telecommunications interception.

    Most of the law enforcement agencies acknowledged the need for simultaneous reform of rules protecting Australians’ privacy from abuse of the powers outlined in the TIA Act and the need for additional oversight of use of the powers; however, their submissions tended to focus heavily on the need for increased powers and only in a minor fashion on the need to protect individuals’ rights.

    Only a handful of submissions out of the 35 currently filed — including digital rights groups Electronic Frontiers Australia and the Pirate Party Australia (both tiny organisations) — focused on the need for stronger privacy rights and oversight of telecommunications surveillance.

    Wow. I think Greens Senator Scott Ludlam may have bitten off more than he — or anyone else — can chew here. I recommend you read some of the submissions published here, especially those from the Attorney-General’s Department, ASIO and the Australian Federal Police. These are mammoth submissions calling for huge increases in surveillance powers and drastically simplified warrant systems, but generally without producing significant evidence that such powers are required.

    Australia’s digital rights community hailed the formation of this inquiry as a victory for transparency and accountability in terms of our national telecommunications surveillance regime, in the context of massive government use of that regime.

    In response, our extremely well-funded and resourced law enforcement agencies have hit back with the nuclear option, making giant ambit claims for massively expanded electronic surveillance powers, and re-heating demands for comprehensive and universal data retention, even stretching to individuals’ web browsing history logs.

    What we’re seeing here is the war for Internet privacy being definitely lost, right in front of our faces. Let us not forget that both sides of politics — Labor and the Coalition — have a strong track record of attempting to give Australia’s law enforcement authorities whatever they want in this area. Data retention, Internet filtering, universal telecommunications surveillance — it’s all been discussed before and is coming up again in this context.

    The tiny submissions made by digital rights groups such as the EFA and the Pirate Party Australia, in comparison to these huge law enforcement documents, look like twigs blowing in the wind of a giant hurricane. And in the face of bi-partisan major party support, the Greens’ efforts here will also look quite miniscule. If you’re interested in digital rights and privacy in Australia at all, I encourage you to share information about what’s happening here. It may well be our last chance to escape a society based on universal law enforcement access to all telecommunications.

    submit to reddit


    You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.

    1. Brandon P
      Posted 17/03/2014 at 4:48 pm | Permalink | Reply

      Sure thing, ASIO/ADF/GG. Please have more surveillance powers. We totally trust you…


    2. Daniel
      Posted 17/03/2014 at 5:14 pm | Permalink | Reply

      Peter Sunde’s comments detailed in this article are highly applicable to this debate:

      I, and I’d say a non-trivial percentage of Delimiters readers, would tend to lean towards technical solutions to bypassing or rendering moot such surveillance legislation. The point of Peter Sunde’s speech, to my mind, is that technical solutions don’t equate to the progress of society. We may get hot under the collar about the issue, and we may go so far as to take technical measures to ensure that “it doesn’t apply to us” but that doesn’t help anyone else, and therefore it’s an apathetic approach.

      One way or another, we need to involve ourselves in the decision making process.

    3. Goddy
      Posted 17/03/2014 at 9:20 pm | Permalink | Reply

      “Give us more reasons to keep our jobs!” – Law Enforcement agencies

      This inquiry ultimately doesn’t matter, in my opinion. Whichever side of government starts adhering to these ridiculous demands is going to find themselves on the other end of an election belting and the pollies know it. Conroy’s filter and the backlash to it was the end of the line for extreme internet surveillance and censorship.

      • Posted 17/03/2014 at 9:58 pm | Permalink | Reply

        Personally I don’t think this topic has become a huge election issue yet :(

        • Goddy
          Posted 17/03/2014 at 10:04 pm | Permalink | Reply

          It will be, but I guess that all depends on how much noise the Greens make about it, and how much attention the media choose to pay to it.

          • Graham
            Posted 18/03/2014 at 2:31 am | Permalink | Reply

            “and how much attention the media choose to pay to it.”

            This would be the same media that somehow hasn’t yet noticed that Turnbull is full of crap.

            The same media dominated by News Limited.

            That media.

            Good luck with that.

            • Stephen
              Posted 18/03/2014 at 9:31 am | Permalink | Reply

              The same media with diminishing and aging readers who are decreasing through natural attrition.

              There’s a reason they call it the old media.

              This is increasingly an issue no matter how much the marginalised old media and politicians like to pretend otherwise. It’s not a Right/Left issue but rather an Authority vs Liberty one. The Australian Governments (all of them) are very pro unthinking following of their authority and old media backs this to the hilt.

              It’s a philosophical change that we need – and I think it’s still coming no matter how hard they set themselves against it.

    4. Orville
      Posted 18/03/2014 at 9:17 am | Permalink | Reply

      What I found amusing in the AGD’s submission was the AGD serially agreeing with its own proposals. (See Attachment A in their submission.)

      So the AGD made a Proposal, the PJCIS rubberstamps it with a matching Recommendation and then the AGD solemnly records its agreement with the Recommendation – all while keeping a straight face.

      • Stephen
        Posted 18/03/2014 at 9:32 am | Permalink | Reply

        Actually in Government and Business you’ve just described what commonly passes for a rigorous independent review system.

    5. Orville
      Posted 18/03/2014 at 9:25 am | Permalink | Reply

      On the politics of it: Both sides of politics will most likely support most aspects of this massive expansion of the surveillance regime. For this reason there will be limited political backlash.

      @Daniel: Every person who is technically capable of protecting their own privacy has a moral obligation to help everyone else get the same level of protection. Privacy is not the right only of a technical elite.

      You are right we do need to involve ourselves more in the political process.

    6. rick
      Posted 18/03/2014 at 10:03 am | Permalink | Reply

      “Despite the already high number of warrantless accesses to telecommunications data every year — some 300,000 requests were made in the past financial year — virtually every law enforcement agency also called for simplified systems for obtaining warrants for telecommunications interception.”

      this is the important part. Law enforcement agencies DO need a streamlined process for getting warrants. As it stands now, they need to get a warrant or a court order for every single type of communication medium that a suspect may use.

      but it must be balanced by strict controls and serious penalties for warrantless access. We need a new law enforcement agency tasked with investigating and prosecuting law enforcement agencies for breaching the law, with appropriate compensation sought for and on behalf of those who have been affected by their breaches, even if they do not know it!

      • Brandon P
        Posted 18/03/2014 at 11:25 am | Permalink | Reply

        I think this is a more prudent approach. Off course law enforcement needs to change with the times, but as we’ve seen with PRISM, they also need significant oversight.

      • Orville
        Posted 18/03/2014 at 11:27 am | Permalink | Reply

        1. The egency to investigate breaking of the law by ASIO theoretically already exists. The agency to investigate breaking of the law by law enforcement agencies already exists.

        2. However that misses the point somewhat – if the law is changed so that there is a massive expansion of the powers of ASIO / law enforcement agencies then they don’t have to break the law in order to do wrong – to a greater and greater extent. This debate is about what the law should be i.e. what powers the law should grant them.

        For example, the NSA claims that US law grants them the power to intercept 100% of network traffic coming from overseas without any kind of warrant. If that’s correct then as far as *your* traffic or *my* traffic is concerned, there is absolutely no risk that the NSA will break the law because the law doesn’t place any restrictions on them in the first place ! (or so they claim)

        3. I’m not sure what you mean by “every single type of communication medium”. Agencies can get a named person warrant. Such a warrant covers a creative suspect who uses services that the agencies don’t even know about and would presumably cover interception of every type of communication medium provided that that medium uses electromagnetic energy.

        4. There are no penalties for warrantless access to telecommunications data because the law does not currently require agencies to get a warrant at all for that !

        Some people think that that should change.

    7. Russell Stuart
      Posted 18/03/2014 at 12:03 pm | Permalink | Reply

      There was a time, not so long ago, when everything on the web was unencrypted. If the police wanted to intercept somebodies connection they could get a warrant and watch everything that passed through the ISP.

      But we gave them and inch, and now they try to take a mile. They now want ISP’s to store all data – and pay for the exercise. In response the big players like Google and Microsoft encrypt their connections by default. There is a proposal to make http2 encrypt all connections by default.

      So in their zeal they’ve turned the internet into a privacy war zone. They demand more access, and in response everyone encrypts their data to deny it.

      In the long run it’s not a battle they will win. Everything will be encrypted by default with perfect forward secrecy. Not only won’t they get their meta data, they won’t even be able to ask ISP’s to spy on connections even if they have a suitable warrant.

      And in the process they have destroyed useful optimisations – like proxies. Idiots.

    8. Asmodai
      Posted 18/03/2014 at 3:19 pm | Permalink | Reply

      The pro-NBN lobby cannot muster the electoral support from the masses to even curb the ridiculous trajectory MT seems to be plotting. And most of the names that bob up frequently in Delimiter articles about the NBN can’t even be bothered making a token appearance here.

      Does that adequately detail just how unlikely broad support against these measures is likely to be?

      The majority vote their party unless there is an issue near and dear to them. In terms of brutality and totalitarianism, both parties are trying to race each other to the bottom. And few care to stand against it.

      If we get the government we deserve, what does that say about the electorate in Australia…

    Leave a Comment


  • Get our 'Best of the Week' newsletter on Fridays

    Just the most important stories, one email a week.

    Email address:

    Follow us on social media

    Use your RSS reader to subscribe to our articles feed or to our comments feed.

  • Most Popular Content

  • Enterprise IT stories

    • Super funds close to dumping $250m IT revamp facepalm2

      If you have even a skin deep awareness of the structure of Australia’s superannuation industry, you’ll be aware that much of the underlying infrastructure used by many of the nation’s major funds is provided by a centralised group, Superpartners. One of the group’s main projects in recent years has been to dramatically update and modernise its IT platform — its version of a core banking platform overhaul. Unfortunately, the $250 million project has not precisely been going well.

    • Qld’s Grant joins analyst firm IBRS peter-grant

      This week it emerged that Peter Grant, the two-time former Queensland Whole of Government CIO (pictured), has joined well-regarded analyst firm Intelligent Business Research Services (IBRS). We’ve long had a high regard for IBRS, and so it’s fantastic to see such an experienced executive join its ranks.

    • Westpac dumps desk phones for Samsung Android mobiles samsung-galaxy-ace-3

      The era of troublesome desk phones tied to physical locations is gradually coming to an end in many workplaces, with mobile phones becoming increasingly popular as organisations’ main method of voice telecommunications. But some groups are more advanced than others when it comes to adoption of the trend. One of those is Westpac.

    • Ministers’ cloud approval lasted just a year reverse

      Remember how twelve months ago, the Federal Government released a new cloud computing security and privacy directive which required departments and agencies to explicitly acquire the approval of the Attorney-General and the relevant portfolio minister before government data containing private information could be stored in offshore facilities? Remember how the policy was strongly criticised by Microsoft, Government CIOs and Delimiter? Well, it looks like the policy is about to be reversed.

    • WA Govt can’t fund school IT upgrades oops key

      In news from The Department of Disturbing Facts, iTNews revealed late last week that Western Australia’s Department of Education has run out of money halfway through the deployment of new fundamental IT infrastructure to the state’s schools.

    • Turnbull outlines Govt ICT vision turnbull-5

      Communications Minister Malcolm Turnbull has published an extensive article arguing that the Federal Government needed to do a better job of connecting with Australians via digital channels and that public sector IT projects needn’t cost the huge amounts that some have in the past.

    • NZ Govt pushes hard into cloud zealand

      New Zealand’s national Government announced a whole of government contract this morning for what it terms ‘Office Productivity as a Service’ services. This includes email and calendaring services, as well as file-sharing, mobility, instant messaging and collaboration services. The contract complements two existing contracts — Desktop as a Service and Enterprise Content Management as a Service.

    • CommBank reveals Harte’s replacement whiteing

      The Commonwealth Bank of Australia has promoted an internal executive who joined the bank in September after a lengthy career at petroleum giant VP and IT services group Accenture to replace its outgoing chief information officer Michael Harte, who announced in early May that he would leave the bank.

    • Jeff Smith quits Suncorp for IBM jeffsmith4

      Second-tier Australian bank and financial services group Suncorp today announced that its long-serving top technology executive Jeff Smith would leave to take up a senior role with IBM in the United States, in an announcement which marks the end of an era for the nation’s banking IT sector.

    • Small business missing the mobile, social, cloud revolution iphone-stock

      Most companies that live and breathe the online revolution are not tech startups, but smart smaller firms that use online tools to run their core business better: to cut costs, reach customers and suppliers, innovate and get more control. Many others, however, are falling behind, according to a new Grattan Institute discussion paper.

  • Blog, Enterprise IT - Jul 5, 2014 13:53 - 0 Comments

    Super funds close to dumping $250m IT revamp

    More In Enterprise IT

    Blog, Telecommunications - Jul 5, 2014 12:12 - 0 Comments

    What should the ACCC’s role be in guiding infrastructure spending?

    More In Telecommunications

    Analysis, Industry, Internet - Jun 23, 2014 10:33 - 0 Comments

    ‘Google Schmoogle’ – how Yellow Pages got it so wrong

    More In Industry

    Blog, Digital Rights - Jun 30, 2014 22:24 - 0 Comments

    Will Netflix launch in Australia, or not?

    More In Digital Rights