Watching the detectives: the case for
restricting access to your social media data


This article is by Bruce Arnold, a lecturer in Law at the University of Canberra. It was first published on The Conversation and is re-published here with permission.

analysis In the “age of the social graph”, it is possible to profile people by tracking their relationships with friends and associates rather than by looking at the content of their communications.

Debate about that tracking will appear in the mass media shortly because of an Australian parliamentary inquiry into proposals for “rationalisation” of the surveillance powers of our national security agencies. That debate tells us something about how Australians and the media conceptualise privacy and business-government relationships in a world where mobile phones and social network services such as Facebook are ubiquitous.

In May this year, the Australian Attorney-General foreshadowed an inquiry into proposals for “telecommunications interception reform, telecommunications sector security reform and Australian intelligence community legislation reform”. That inquiry is now underway, with public submissions on Terms of Reference (associated with a 55-page discussion paper) to be provided by 6 August. If you are interested in civil liberties (or merely in the effective management of public consultation about contentious matters), you might wonder: what’s the rush?

The proposals are contentious for two reasons. Firstly, they re-traverse suggestions that were explored in 2010 as part of moves to align Australian surveillance law with the Council of Europe Cybercrime Convention. That Convention embraces states outside the European Union. Data retention has been increasingly contested in European courts, with a German constitutional court finding that particular provisions violate Germany’s human rights regime. The Convention provides for mandatory retention by telecommunications providers (phone companies, internet service providers, internet content hosts) of traffic information about electronic communications. That information is to be provided on request to a range of law enforcement entities within a broad legal framework.

Storage of information by phone companies and other businesses for potential provision in connection with investigation into terrorism, illegal drugs, child pornography and even copyright infringement, has a cost. It has not been welcomed by those enterprises, which have complained about the regulatory burden.

Similar complaints from Australian businesses have been evident over the past decade when law enforcement agencies have started thinking aloud and the national government has proposed new legislation. Civil liberties advocates have also expressed concerns.

Governments have defended the retention of the information and easier access by a range of law enforcement/intelligence agencies with the claim that it is necessary in an online world, as well as a more substantive argument that changes are not of particular concern because surveillance relates to traffic rather than content.

For many people, that is a crucial distinction. The agencies will have an enhanced ability to readily determine that a communication (for example an SMS message, an email, a download from a server) has taken place, the parties to a communication (who sent, who received) and when the communication took place.

The agencies will not automatically have access to the content of the communication, such as the words in the SMS or email and the audio of a conversation by Skype. The changes will, it is claimed, be appropriate: surveillance-lite rather than a comprehensive digital wiretap of what people say, visit, read and do online. That reassurance has comforted some critics and provoked others to warn about the dangers of regulatory creep.

The agencies have, quite rationally, sought to minimise obstacles to accessing the information. Typically they have called for very broad access; for example, that there be no notification of those people whose traffic is scrutinised and that a single warrant suffice for access. At its most egregious, such a call is equivalent to Australia Post automatically and silently providing details of recipients of every letter and parcel.

The current inquiry will and should attract significant attention from business, civil society advocates, the legal profession and criminologists. Engagement by the academic community is important because of the potential impact of proposals for strengthening of powers available to ASIO and other agencies. The proposals have not been accompanied by strengthened protection for civil liberties and when read in conjunction with the government’s recently announced changes to the national Privacy Act represent one step forwards, three steps backwards.

The justification for that movement is unclear and few people other than Sir Humphrey Appleby will uncritically endorse the discussion paper’s explanation that as Australia advances, so too do threats to our wellbeing:

Meeting the challenges of new technologies and methodologies is a key priority for the Australian government in the national security sphere. Our law enforcement and security capabilities must keep ahead of terrorists, agents of espionage and organised criminals, who threaten our national security and the safety of our citizens. So our law enforcement and intelligence agencies must be equipped with contemporary skills and technologies, and backed by necessary powers – coupled with the appropriate checks and balances and oversight mechanisms society rightly demands.

Let’s hasten slowly in considering calls to free the state from administrative inconveniences such as warrants and rules of evidence.

Bruce Arnold does not work for, consult to, own shares in or receive funding from any company or organisation that would benefit from this article, and has no relevant affiliations. This article was originally published at The Conversation. Read the original article.

The Conversation