ISP data retention still an issue, Ludlam warns

news Greens Senator Scott Ludlam has warned that a secretive proposal — known as ‘data retention’ — by the Attorney-General’s Department to force internet service providers to store a wealth of information pertaining to Australians’ emails and telephone calls is still an issue, with the public needing to remain vigilant on how the Government handles Internet surveillance.

The proposal — known popularly as ‘OzLog’ — first came to light in June 2010, when AGD confirmed it had been examining the European Directive on Data Retention (PDF) to consider whether it would be beneficial for Australia to adopt a similar regime. The directive requires telcos to record data such as the source, destination and timing of all emails and telephone calls – even including internet telephony.

In August the Attorney-General’s Department confirmed to iTNews that it was still considering the introduction of a data retention regime separately from the sort of watered down data ‘preservation’ rules being introduced in new cybercrime legislation. Delimiter has this week filed a Freedom of Information request with the Attorney-General’s Department in an effort to ascertain the precise current state of the data retention proposal.

Speaking at Electronic Frontiers Australia’s ‘War on the Internet’ event on Saturday in Melbourne (full video available online here), Ludlam, who is the Communications Spokesperson for the Greens, said much of the thinking around the data retention proposal had been integrated into new cybercrime legislation introduced in mid-2011.

Ludlam said the proposal had been narrowed down to a degree to which most people would find ‘reasonable’, in that law enforcement agencies could, for example, request ISPs to keep all available data on people suspected of committing major crimes such as terrorism — a technique he described as “hold that person’s everything, until we tell you not to any more”.

However, the Greens Senator warned, that cybercrime legislation could “mutate” into something completely different. “Maybe let’s trap all the data of these categories of people,” he said, appearing to refer to the political activist community, many members of whom had gathered at the Melbourne event. “Or these postcodes of people.”

“We know that that agenda is there,” Ludlam said, referring to the potential to “broaden out” the applications of the data retention system. “And it’s going to take sustained work to prevent that from happening. Once these systems and structures are in place, they are abused, almost by definition.”

Ludlam highlighted a Sydney Morning Herald article published several weeks ago which revealed that the Federal Resources and Energy Minister, Martin Ferguson, had secretly pushed for increased surveillance by police of environmental activists who had been protesting peacefully at coal-fired power stations and coal export facilities, with some of the work being carried out by a private contractor, the National Open Source Intelligence Centre (NOSIC).

The Greens Senator said his party would be filing freedom of information requests with the Government to find out why it thought it was appropriate, “at taxpayer’s expense, to surveil” activists who were legitimately drumming up interest in the environment. Ludlam said he presumed the Government was also tracking animal rights and anti-nuclear campaigners as well.

Hacker luminary Jacob Appelbaum, who also spoke at the event, said data retention weakened the whole of society as such systems would eventually be compromised by criminals both in Australia and internationally. With data retention, authorities could “retroactively police the population,” he acknowledged.

However, once a database like that existed, he said, that database would be stolen, leading to a point where criminals would find it very easy to commit crimes because they would be able to generate a precise pattern of people’s personal movements from the data — for example, “knowing where a car is regularly parked so you can steal it”.

Appelbaum encouraged Australian telecommunications engineers to find the points in their networks where law enforcement officials were able to connect to conduct surveillance such as wire tapping and disclose those points to the public. “Find those, and expose them. Tell journalists. Tell MPs like this guy over here,” he said, pointing at Ludlam. Ludlam highlighted the fact that it was only through the efforts of such public spirited individuals — which leaked the proposal to the media — that the data retention proposal had come to light in the first place.

Ludlam also warned of the potential for a reshuffle of cybercrime resources within the Federal Government to lead to dangerous outcomes in the area. In late December, a new cybersecurity unit was quietly formed within the Prime Minister’s Department, although the Government has not yet clarified what its responsibilities will be.

“We have a major restructure that just occurred in the commonwealth — a super-portfolio, drawn together in the Prime Minister’s office from fragments in Defence, Foreign Affairs, Communications, some presumably copyright stuff and commercial stuff that has all come together,” Ludlam said. “… really most of that sat in the former Attorney-General’s Office … [it was] picked up and moved to the PM’s office. And that’s important. We are getting a cyber-safety strategy at some point this year. That’s going to be very important to watchdog to watch how they’re thinking and what they’re doing, because all kinds of sneaky and nasty agendas are going to creep into that thing.”

Image credit: Still taken from EFA video broadcast of the War on the Internet event